First post, by eddman
This is a bit of an odd one. I'll try my best to explain it properly.
I mounted a CD image from an old PC magazine and it just happened to have an infected file on it. Defender flagged the file, threw up an alert, and presented the typical quarantine, clean, remove and allow options.
The first three don't work because a file on a CD (or image) cannot be modified, so as soon as I select any of them, the alert comes back up again. It also throws a taskbar pop-up, and the defender icon now has a red cross.
The only "solution" is to allow that type of malware, but I don't want to have such a thing whitelisted. I don't intend to use that image anymore, so I don't even need that stupid file to be allowed.
Microsoft in its massive wisdom did not include a simple "dismiss alert" option just for such occasions.
Now my question is, is there a way to delete defender alerts, perhaps by deleting system files somewhere, or maybe to reset defender completely to its original state?
I found a guide online for deleting the protection history, but that has no effect on alerts.
EDIT:
Found a solution:
Navigate to "C:\ProgramData\Microsoft\Windows Defender\Scans\history\Service" and delete everything inside.
If windows doesn't allow it, boot into the Recovery Environment and delete it there.