How can I identify if a Defense Log Item is actionable or not?

How can I identify if a Defense Log Item is actionable or not?

Hi, I’m a new user so glad to be here and excuse me if I do anything wrong on my first post :slight_smile:

I have Farstone Restoreit7 application which is coming up as an Intrusion with Flag - Modify File - and referencing c:\Windows\TEMP\VFsCheck.log

I am not sure if I should Flag this as a Trusted File or No as I am not sure what VFsCheck.log does

Can anyone help - I am showing 72 Intrusions so far and climbing…

All applications you are using are trusted, so set them to trusted to avoid future notifications. :a0

You should only be wary of unknown stuff.

Thanks ‘AnotherLife’ - I had done that already but I forgot to check the box to ‘create rule for allowed applications’ so it kept coming up (as explained in the guidelines for the various Defense options.

Thanks again,
K