Hi
when I visit this link https://www.virustotal.com/gui/file/4364a60cc5f7039a24528452680648850d7b3f434c25892d1b3b5e5aa14898fb/detection/f-4364a60cc5f7039a24528452680648850d7b3f434c25892d1b3b5e5aa14898fb-1688041704
it’s infected with PowerShell/TrojanDownloader I’m not sure if its real or false but in my settings, I choose for every automatic action to ask the end user (real time, web access, manual scan, etc.…) for web access scan usually there two option to disconnect or ignore and this should happen in this case because its downloading malware.
But what really happened is that the malware downloaded and real time protection catches this malware and ask to clean or ignore and it pass the web protection.
I tested this link in edge, chrome, firefox.
In edge and chrome the same issue, but in firefox the malware downloaded with no alert at all but when you scan firefox cash folder you can find it there.
Why the web access it's not strict in this case and pass the malware?
Thanks