No option to 'Always Allow' in Action field

[Guest]

In the Windows Defender Help Text there is an instruction "If you trust
software that Windows Defender has detected, you can stop Windows Defender
from alerting you to risks that the software might pose to your privacy or
your computer. The next time Windows Defender alerts you about the software,
on the Action menu, select Always Allow.". I do not have an 'Always Allow'
option.

I use OnSpeed to boost my dial-up connection (no broadband available where I
live), and every time I connect to the Windows Defender reports the OnSpeed
connection, so it's a real nuisance not being able to permanently allow.

Have I missed something or is the Always Allow option missing?

 

[Tom Emmelot]

Hi,

go to tools/general settings/scroll to advanced, there click on ADD and
browse to OnSpeed.EXE it will not be seen or thatch by WD!
Hopes it works

Regards >*< TOM >*<

Earthdoctor schreef:

 

[Guest]

Thanks Tom, that was (almost) the answer - I hadn't noticed that the advanced
screen was scrollable, and I'd missed the options in the lower half - duh!

The file that needs to be allowed seems to be OnSpeed/gui-resource.dll

 

[Tom Emmelot]

Hello,

and if you ADD that .dll it wont work?

Regards >*< TOM >*<

Earthdoctor schreef:

 

[Guest]

I've added only that .dll, and it's sorted the problem - this was the file
named in the WD alert.

There isn't actually a program named OnSpeed.exe in the version I'm using -
ONSPEED_en_GB_BTA release201

 

[Guest]

Hi, Tom. I have tried entering the McAfee task scheduler in the exceptions
option, but it seems to make no difference. Nor for SSDMI2.sys, which is part
of Dell Support. I do not see that the exceptions remove anything from
alerts from Defender's RTP. How do you get that to work?

 

[Guest]

Plus, I have NEVER been able to find the ALWAYS ALLOW option anywhere after a
Defender RTP alert. Are we even using the same program??? What do I have to
do to find it - use the dumbed down version? I am serious, where is ALWAYS
ALLOW???

 

[Tom Emmelot]

Hello Old Rebel,

i only got it when Spysweeper was attacking the Host file and i got a
RED alert! Then there was by surprise the ALWAYS ALLOW at the button!
I give a screenshot from it if you like but your not working with a
newsreader so you cant see it, can send it to you personal if you send
me a mail.

Regards >*< TOM >*<

Old Rebel schreef:

 

[Guest]

No need for a picture; I'll take your work for it. But I cannot duplicate it
and get the always allow option. I know you tinker with your settings. Are
you set as advanced user when this option occurs or basic member of Spynet?
That might make a difference. I guess I will just continue with my workaround
unless I see that option available.

 

[Tom Emmelot]

Ok Old Rebel,

Old Tom shall do the whole experiment over again an write down my
settings of WD.
You here from me later!

Regards >*< TOM >*<

Old Rebel schreef:

 

[Guest]

Thanks. Let me know. There must be something different in whay we are doing.
It would be good to know what it is.

 

[Tom Emmelot]

Hello Oldrebel,

i did it again (like Mr Magoo )
so after install Spysweeper and take over command of the hostfile i got
the Orange (Middle) Alert of WD than you can ask to see what the trouble
is and i got the options and also ALWAYS ALLOW!!
My settings are in WD:
In tools: everything is ON
i have Low Alerts on Ignore, rest on Signature Default.
In Spynet it is on Become a advanced member of Spynet.

So i get rid of Spysweeper again and Install WD fresh after a full
cleaning because i keep update problems and have a lot of Friends that
have no problem it all with updates!

Hope you can reproduce the trick!

Regards >*< TOM >*<

Old Rebel schreef:

 

[Guest]

OK. I have everything set to ON in alerts but I have all set to signture
defaults. I do NOT have Defender set to automatically apply actions or to
auto update before a scan. I do have Windows updates on auto however. I
always get Defender updates with NO problems, install goes as expected. When
I get a host file alert, it is only "allow" or " block" and it does not tell
me the progtram causing the host file change. If it does not tell the
program making the change, how can could anyone safely say "always allow?"
Wouldn't that mean that any program anytime could alter the host file?
Something does not seem right here. I will have to test again later. My
testing does not involve any installing/uninstallling, just a lot of jumping
between programs at each step. I'll let you know later. I still wonder how
Defender would handle an always allow option if it does not specify which
program is making the host file change? Seomthing strange here!

 

[Guest]

Hi Tom! I finally redid my experiment. i finally got a quick midscreed alert
from Defender about Spysweeper altering the host file and always allow was
one of the options. I did not choose to use it, however, because in checking
further Defender did not specify what software was changing the host file. I
do not know the future ramifications of "always allowing" changes to the host
file. I am more comfortable using Hoster to create a stable host file. That
way, if I get a Defender alert, I will know that it is not because of
Spysweeper or Spybot S&D and can take protective action quickly. The
Spysweeper common ad sites shield is not stable and must reapply itself from
time to time, maybe after reboots. I want to avoid any possible conufsion
regarding my host file.

 

[Tom Emmelot]

Hello Old Rebel,

nice you work it out and you are right not to use it, i dont now what
happen to. I use Trend AS and Trend AV/Firewall/AS/AF and every change
in the host file is also reported by Trend AS.
So no worry here.

Regards >*< TOM >*<

Old Rebel schreef: