Advice Request How to prevent efficiently Defender from considering a given VBS script as containing a threat

Please provide comments and solutions that are helpful to the author of this topic.

L

LaurentG

Level 1
Thread author
Mar 15, 2021
26
I have just discovered incidently that cURL is now available in WIN10.
It is not the latest version, but rev 7.55.1 (November 2017), and this quite old version do not manage as many protocols as the latest version, but is 100% enough to download a file in http/https

I have then replaced usage of Msxml2.ServerXMLHTTP and ADODB.Stream by call of cURL.
The script is more "simple" (and everything can be in the same script), and the result is exactly the same... but Defender do not detect the script any more as TrojanDownloader:HTML/Adodb.gen!A :)(y)
 
  • Like
  • Applause
Reactions: oldschool, Gandalf_The_Grey and Andy Ful
Andy Ful

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,591
LaurentG said:
...
I have then replaced usage of Msxml2.ServerXMLHTTP and ADODB.Stream by call of cURL.
The script is more "simple" (and everything can be in the same script), and the result is exactly the same... but Defender do not detect the script any more as TrojanDownloader:HTML/Adodb.gen!A :)(y)
Click to expand...
Yes. And there are some more possibilities, too. I use FirewallHardening tool to block curl and several LOLBins.:)
 
  • Like
Reactions: oldschool, mkoundo and Gandalf_The_Grey

Similar threads

S
    • Like
Serious Discussion Microsoft Defender in 2024
Replies
13
Views
995
Microsoft Defender
Studynxx
S
simmerskool
    • Like
    • Applause
Advice Request Manjaro & vpn
Replies
38
Views
1,120
ChromeOS & Linux
lokamoka820
lokamoka820
Shadowra
    • Like
    • +Reputation
    • Thanks
App Review MS Defender Antivirus + DefenderUI Pro
Replies
29
Views
1,847
Video Reviews - Security and Privacy
simmerskool
simmerskool

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top