Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Microsoft Defender
How to prevent efficiently Defender from considering a given VBS script as containing a threat
Message
<blockquote data-quote="Andy Ful" data-source="post: 935125" data-attributes="member: 32260"><p>You are not obliged to use scripting when managing files in the protected folders. If you cannot skip scripts for that then you can use Windows built-in solutions like ASR rules or SRP-based (Applocker or Defender Application Control) solutions to block/whitelist scripts. Of course, you can also use another AV or dedicated 3-rd party anti-ransomware solution.</p><p></p><p></p><p></p><p>It seems that AMSI-paired ML detections are just like other behavior-based detections. Excluding one script should not exclude the modified script. I will try to test it to be sure.</p><p></p><p></p><p>I do not know. For me, it would not be a problem.</p></blockquote><p></p>
[QUOTE="Andy Ful, post: 935125, member: 32260"] You are not obliged to use scripting when managing files in the protected folders. If you cannot skip scripts for that then you can use Windows built-in solutions like ASR rules or SRP-based (Applocker or Defender Application Control) solutions to block/whitelist scripts. Of course, you can also use another AV or dedicated 3-rd party anti-ransomware solution. It seems that AMSI-paired ML detections are just like other behavior-based detections. Excluding one script should not exclude the modified script. I will try to test it to be sure. I do not know. For me, it would not be a problem. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
