https://community.sophos.com/on-premise-endpoint/f/sophos-endpoint-software/76910/malicious-traffic-detectionI followed these directions&hellip;.. www.sophos.com/.../121665.aspx and was told the detected components of the virus/spyware is &quot;wscript.exe&quot;. Why doesn&rsquo;t it tell me the problem is with &ldquo;mtd.vbs&rdquo; ?en-USTelligent Community 12https://community.sophos.com/thread/295521?ContentTypeID=1Wed, 04 May 2016 09:55:43 GMT4be5eb7d-caa4-4ff5-8e60-8f9463545a35:799300d5-4573-4dc8-812b-f76b70ee3da9CraigJones<p>Ok, that&#39;s &nbsp;disappointing - &nbsp;PM me your case no, I&#39;ll follow it up with the engineer who dealt with it.&nbsp;</p><div style="clear:both;"></div>https://community.sophos.com/thread/295517?ContentTypeID=1Wed, 04 May 2016 09:48:58 GMT4be5eb7d-caa4-4ff5-8e60-8f9463545a35:620d4058-a15f-4dd0-93f5-0f59965e6da8DavidL<p>Thanks.... I asked that question to <a href="mailto:support@sophos.com">support@sophos.com</a>.&nbsp;&nbsp; 2 weeks and a few Emails later, no answer. They even asked me to send them a sample.....&nbsp; I should probably come here more often.</p><div style="clear:both;"></div>https://community.sophos.com/thread/295514?ContentTypeID=1Wed, 04 May 2016 09:45:24 GMT4be5eb7d-caa4-4ff5-8e60-8f9463545a35:cf6279d6-693a-4c69-b0bd-8f5f6b6588b8CraigJones<p>It&#39;s because mtd.vbs uses wscript.exe (Windows-Based Script Host)&nbsp;to execute, this means the actual running application is wscript.exe and the detection quite rightly is against this. In a real world scenario the detection would be against an actual piece of Malware rather than a vbs script.</p> <p></p> <p>Hope this helps.</p> <p></p> <p>Craig</p><div style="clear:both;"></div>