Ransomeware Protection Needs To Tell The Location Of The File Creating The Problem
The other day I got an alert that Runtimebroker is trying to access my pictures folder. I have a windows 10 x64 pro edition.
Now I know that runtimebroker.exe is a genuine windows file. What i didn't know, is to allow or disallow the access.
1) because, being a windows file, BD should have whitelisted it.
2) I didn't know the location from which runtimebroker was running. So that I can determine if its a genuine windows file or not.
The request is that Ransomware protection should show the full file path of the application trying to access the protected folders.
Eventually, I didn't make a choice and just rebooted the system and the question was not asked again. So should i assume runtimebroker was blocked or allowed by default?