Springer

YouTube Review Emsisoft AntiMalware vs Worms

Recommended Posts

I have a VBS script which I wrote, whose sole purpose is to open a File Explorer view of a folder, which it does using a windows api call.    It's called from another script I wrote, written in a different language, and is used because the only way that one can open a folder view from the latter script is by issuing an "explorer.exe" command directly... and doing that leaves multiple copies of explorer.exe running which wastes memory.   Using the api call means that the copy of explorer that's always running is used to open the folder view.

Anyway, depending on which folder is to be opened, the VBS script either executes silently or there's a BB alert.  It's been a while since I asked it to open a view of a 'system' folder - but I just tried it again, in this case for  C:\Program Data ... and it produced an alert.  Clearly the BB /is/ looking at what's being done inside specific VBS scripts.

 

Share this post


Link to post
Share on other sites

I closed the review when they opened MSCONFIG...

I'm going to try not to be critical of the review (at least no more so than my opening statement). The reality is that without access to the samples, I can't even know if they should have been detected. If the reviewer can upload them to VirusTotal, and post links to them, then we'd have a better idea of what they were and whether or not our protection actually failed (assuming it did, since I didn't watch the rest of the video).

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.