Locating a detected threat or blocked file by CatchPulse

Last updated: August 02, 2022

CatchPulse makes it easy to locate a file that has either been blocked by Application Allowlisting or detected by any of the engines from Cloud AV.

Knowing the location of the file will help users make an informed decision on whether the file is trustworthy or a threat on top of the diagnosis provided by the Cloud AV engines.

This feature is also useful when consulting 2nd opinion scanners that need the file to be uploaded for scanning.

From the Application Allowlisting Notification

The file name of the file that is trying to launch and is currently blocked by CatchPulse can be found in the first section of the notification.

Hovering the mouse on the file name will briefly show the location of the file.

Left-click the triple dot button and select Open process location to view the process that launched this untrusted file.

Left-click the triple dot button and select Open file location to view this untrusted file.

From the CatchPulse AntiVirus Notification

When a threat is detected by any of the engines, there are two ways to locate the file.

The most obvious method is immediately visible under the File Location section. If the file path is too long to display fully, hovering the mouse will reveal the full file path. Clicking on the triple dot button will open a notification that says Open File Location. Click on it.

Similar to the Application Allowlisting Notification, the file name of the threat detected is also displayed in the first section of the notification. Hovering the mouse on the file name will briefly show the location of the file.

 


Leave a feedback