Springer 0 Report post Posted April 14 by cruelsister1 Share this post Link to post Share on other sites
stapp 101 Report post Posted April 14 Some comments here https://malwaretips.com/threads/emsisoft-antimalware-vs-worms.81879/ Share this post Link to post Share on other sites
JeremyNicoll 30 Report post Posted April 14 I have a VBS script which I wrote, whose sole purpose is to open a File Explorer view of a folder, which it does using a windows api call. It's called from another script I wrote, written in a different language, and is used because the only way that one can open a folder view from the latter script is by issuing an "explorer.exe" command directly... and doing that leaves multiple copies of explorer.exe running which wastes memory. Using the api call means that the copy of explorer that's always running is used to open the folder view. Anyway, depending on which folder is to be opened, the VBS script either executes silently or there's a BB alert. It's been a while since I asked it to open a view of a 'system' folder - but I just tried it again, in this case for C:\Program Data ... and it produced an alert. Clearly the BB /is/ looking at what's being done inside specific VBS scripts. Share this post Link to post Share on other sites
GT500 438 Report post Posted April 16 I closed the review when they opened MSCONFIG... I'm going to try not to be critical of the review (at least no more so than my opening statement). The reality is that without access to the samples, I can't even know if they should have been detected. If the reviewer can upload them to VirusTotal, and post links to them, then we'd have a better idea of what they were and whether or not our protection actually failed (assuming it did, since I didn't watch the rest of the video). Share this post Link to post Share on other sites