Does Windows Defender automatically quarantine threats?


  1. paperangel220
    Posts : 3
    Windows
       New #1

    Does Windows Defender automatically quarantine threats?


    I am using Windows Version 22H2 (OS Build 19045.3930).

    I recently ran Windows Defender and it found threats due to a Kali Linux .iso I had on my computer. On the Virus & threat protection page in Windows Security, there are action options for each threat:
    Does Windows Defender automatically quarantine threats?-defender.jpg

    I did some googling about Windows Defender, and some posts say that it automatically quarantines threats (for example: Blocked), while other posts say it does not (example: New to Windows Defender: How to have it take action automatically?).

    Based on the results of my Windows Defender Scan, I think that my Windows Defender is not automatically quarantining the threats. Additionally, my Kali Linux .iso is still in its original location (Windows Defender did not remove it). Protection history is also empty.

    Why isn't Windows Defender automatically quarantining the Kali Linux .iso? Is it because Windows Defender does not automatically quarantine at all? If so, why are there posts online which talk about Defender automatically quarantining?

    Thanks for taking the time to read my question!
      My Computer
    Quote Quote

  3. bro67
    Posts : 9,790
    Mac OS Catalina
       New #2

    Do you even know what Kali is used for? Of course defender is going to flag it as a threat.
      My Computer
    Quote Quote

  4. Try3
    Posts : 16,950
    Windows 10 Home x64 Version 22H2 Build 19045.4170
       New #3

    I have seen both automatic quarantines & the choice you saw.
    I assume Defender does one or the other action depending on what it thinks of the potential threat in question.
    You might well find that if you do nothing at that choice, Defender will go ahead and quarantine the potential threat anyway. I have seen that happen.


    Denis
      My Computer
    Quote Quote

  6. Callender
    Posts : 6,853
    22H2 64 Bit Pro
       New #4

    Default actions will apply unless you've configured it differently.

    DefenderUI

    You can try:

    Turn off Automatic Remediation:
    REG ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" /v DisableRoutinelyTakingAction /t REG_DWORD /d 1 /f


    Turn on Automatic Remediation:
    REG DELETE "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" /v DisableRoutinelyTakingAction /f
      My Computer
    Quote Quote

  7. paperangel220
    Posts : 3
    Windows
    Thread Starter
       New #5

    bro67 said:
    Do you even know what Kali is used for? Of course defender is going to flag it as a threat.
    Yes lol. I forgot to clarify in my post that I don't want Windows Defender to quarantine the .iso. I just happened to run a Windows Defender full scan and was surprised that it didn't automatically quarantine the .iso, and was wondering why. I posted this question out of curiosity.
      My Computer
    Quote Quote

  8. Try3
    Posts : 16,950
    Windows 10 Home x64 Version 22H2 Build 19045.4170
       New #6

    If you intend to keep that file stored on your computer, you can add an exclusion.
    Add or Remove Windows Defender Exclusions - TenForumsTutorials
    - The Exclusion applies just to its current location.
    - You'll have to add an exclusion for any other location you intend to put it on.


    Best of luck,
    And thanks for the rep,
    Denis
      My Computer
    Quote Quote

  9. paperangel220
    Posts : 3
    Windows
    Thread Starter
       New #7

    I see, thank you!
      My Computer
    Quote Quote

 

  Related Discussions
Threats detected by Windows Defender
in AntiVirus, Firewalls and System Security

Hi all, Windows Defender detected several infections on my computer including Ransom:Win32/StopCrypt.MAPK! MTB. However, to get rid of these infections, I scanned my computer with Eset Online Scanner, MalwareBytes, and RogueKiller, but it...
Can I configure windows defender to never quarantine files
in AntiVirus, Firewalls and System Security

Hello, I am using w10 1903 x64 - I was wondering if there is a way without setting up exclusions to configure Windows defender to never quarantine any file and only block access and just prompt the user how to proceed? I am all for active...
Disabling Windows Defender auto quarantine
in AntiVirus, Firewalls and System Security

Is there an option to disable the auto quarantine? I'd rather have a dialog box asking me every time what to do rather than seeing my files go into quarantine automatically.
No Quarantine in Windows Defender?
in AntiVirus, Firewalls and System Security

I installed Windows 10 1903 and noticed in the Windows Defender settings that the Quarantine section has been removed. Where would I find the Quarantine within Windows Defender in 1903?
WD: How do I keep threats in quarantine indefinitely?
in AntiVirus, Firewalls and System Security

Sorry for all the unsolved threads, but I noticed that Windows Defender has a feature that it periodically empties the quarantine: Quarantined threats have been isolated and prevented from running on your device. They will be periodically removed....
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 06:25.
Find Us




Windows 10 Forums