Hello,
I use KTS 20.0.14.1085(d) (database 2 Oct. 2019) on MS Windows 8.1 x64 Pro EN.
Today when OS booted, as usual, KTS started and completed quick scan, vulnerability scan and rootkit scan. Pop-up message window of KTS stated that there were detected objects by Quick Scan of which all of them are neutralized. Also Vulnerability Scan pop-up stated there were detected objects.
However when I perform the following monitoring actions, I can not see any entries, no so called detected and processed/neutralized objects are listed:
1- Detailed Reports window, Quick Scan entry shows "Objects detected: 7, neutralized: 7, not disinfected: 0".
1a- Neither viewing via event details (All Events) of latest Quick Scan entry nor exporting this entry's entities, did not show/display any list of detected or processed files, filenames or lists. Neither of these approaches succeded in displaying list of detected/processed files.
MainScreen*MoreTools*Reports*DetailedReports
MainScreen*MoreTools*Reports*Neutralized(entry): Strangely this shows 3 objects as Neutralized.
MainScreen*Details*RecommendationsSection: No evidence of detection is displayed in Recommendations area or other areas of Notification Center window.
2- Detailed Reports window, Vulnerablity Scan entry shows "Objects detected: 16, neutralized: 8, not disinfected: 0".
2a- Here the 8 unprocessed objects are non up-to-date installations of software/programs which Vulnerability Scan always warns me, but I prevent it to process or update them. No problem here.
2b- The reason of my post happened minutes ago today, last night I updated Windows and it updated Adobe Flash componet. Here you go... MainScreen*MoreTools*Reports*DetailedReports of Vulnerability Scan lists the processed files:
Vulnerable object (file) detected
C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_192.dll
Vulnerable object (file) detected
C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_32_0_0_192.dll
Vulnerable object (file) detected
C:\Windows\System32\Macromed\Flash\pepflashplayer64_32_0_0_192.dll
Vulnerable object (file) detected
C:\Windows\System32\Macromed\Flash\NPSWF64_32_0_0_192.dll
Vulnerable object (file) detected
C:\Program Files\Mozilla Firefox\firefox.exe
Vulnerable object (file) detected
C:\Program Files\iTunes\iTunes.exe
Vulnerable object (file) detected
C:\Program Files\BIN\vlc-3.0.3\vlc.exe
Vulnerable object (file) detected
C:\Program Files\BIN\vlc-3.0.3\vlc-cache-gen.exe
My questions:
1- What is going on?
2- How can I correctly display the list of objects and files which are;
a- detected
b- processed
3- How can I display the list of objects and files in reports files or via exporting reports which are;
a- detected
b- processed
???
Edit 20191013:1321
Quarantine info: There are no files, objects in quarantine area though I allow 1 GB of space for it.
Addendum to questions:
4- Is only one engine/function is performing all kinds of processing of detected objects? Do, say, QuickScan and Vulnerability Scan have their own separate cleaning assigned/designated engines for processing of detected objects?