I decided to do a test, based on my 2 teenagers using WSA. What I thought would happen, did. The few times my son actually got a hit, he clicked Allow instead of Block. When it ask to run a scan to do a removal, he passed on that and kept surfing. Still ok, because the tray icon was showing a infection that still needed to be dealt with. Both computers are set to scan once a week. On rebooting his, I was a little shocked to say the least because the tray icon came up as normal. No scan had been performed. So it to me looked as if everything was ok, when in reality I knew it wasnt. I ran a scan with MBAM and the trojan file was still there and also in memory. Now WSA would eventually re-discover this infection and clean it on a subsequent scan, but in my case that would be a week later based on my choice and the choice WSA offers. To me, that isnt good. The other thing is, no where in WSA did it retain a record of the detection before the reboot. So even if I were to check his computer, and no scan had been run, there still should be some evidence of a detection being previously made and in reality, that it still needed to be cleaned. Of course none of this would happen to any of you because, for one, you are not a mindless teenager. But there are quite a few owners of this product that might have this happen. WSA needs to ensure it is dummiefide. Meaning it has the brain, not the user. It needs to make the choice and act on it just as all AV products do if you choose for them to. WSA is a great product but I look at it like, in the above scenario, who is going to get the blame from me. Correct, WSA because it didnt do what I thought it should do, but the reality is, it is my son I should be blaming for not having some common sense.