Defense+ log

hotasy2k · February 15, 2008, 7:27pm

Version CFP V3.0.17.304
Network set to Custom Policy mode and Defense+ set to paranoid mode

Can i know in Defense+ log, those entries is blocked item or allowed item, for example wordpad alway install hook each time i execute it, in defense+ rule, i set it to block hook installation, then in defense+
log, it show wordpad with action install hook, so does that mean defense+ successfully block it from installing hook or does it not?
Thanks

goodbrazer · February 15, 2008, 10:24pm

Hi,

Yes Defense+ successfuly blocks hook in your case. Dunno for sure, but i guess only blocked actions appear in the D+ log… At least in my case.