Jump to content

Some Quarantined Files Do Not Appear in GUI Quarantine List + Occasional Duplicate Forensic Log Line Items


Recommended Posts

EAM *.7838

Windows 10 Pro 1703 OS Build 15063.540 x64

1. Extract malware pack

2. Files are detected by File Guard real-time protection

3. Detected files are auto-quarantined and added to the Quarantine folder with .EIQF extension

4. Not all detected and auto-quarantine files appear in the GUI Quarantine list

5. Also some event logging quirks appeared in the Forensic Log during the process of detection and auto-quarantine

There are occasional duplicate entries.  The Component\Action sequences are OK.

In the image below, take note of duplicate, identical line items for:

  • xls.xls (there is a duplicate "infection quarantined")
  • JbhbUsFs.exe (there is a double behavior blocker detection and Core notification)

Minor GUI stuff; the applicable protections themselves are working.



Link to comment
Share on other sites

  • 3 months later...
This topic is now closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...