So in VM I tend to test protection capabilities. Now, I have password protected archive with malware inside and as soon as I extract it, FS deleted 3 files right away.
Original archive contents: http://snag.gy/EsL6U.jpg
It leaves 4 files as shown here:
Now, the Recent events shows only 1 file detected
After running remaining files, they are blocked and it's visible from the UI
Am I doing something wrong? Where are 2 files that were supposed to be blocked (but not shown in log)?
I have the archive ready if you need it (I won't post here as it may be prohibited to distribute malware).
Sorry for my reply.
Maybe if I normally understand your situation.... it's can be related with my next "experience about explanation... why it's work like that" and maybe situation not as design (?!).
About part of "Many detections per moment."
Thanks, seems to be the same issue. Mine is a bit different since from extraction, some files that are deleted are visible from the Events but some are not. Even thou I Close that window :)
This topic has been closed due to inactivity. If you would like to discuss this topic further, please start a new post.
You can reference this topic in your post by adding this link:
Visit the Community
Check our Forums or How-to & FAQs for advice or answers
View User Guides
Refer to our getting started guides and product manuals
Talk to our Support and get answers to your questions