When this message appears, it usually tells me that 12 files are affected. After I block the attempt to modify, and then recover the files from temporary files, I often get another message telling me that another 15 files are affected. I have always blocked the attempts to modify.
The problem occurred again today. I have attached the MBAM and FRST logs which were produced before I blocked the attempts to modify. Does anyone see any signs of ransomware in these logs? If not, is it possible these messages are false positives as a result of Windows 10 legitimate updates, and if so, should I allow the changes to be made?