This is a complex issue and without a greater understanding of how scripts/programs are executed would take a bit more explanation. I will try to explain it better.
There is only one file (test.vbs for example), one that has an extension that script defender intercepts or rather it intercepts the command (your double click is a form of but not the only command) to execute/open/run the file.
The analogx test.vbs file is simply a file with an extension (file type) that it checks that it’s ok to execute, e.g. you iniatiated the execution/opening or running of the file and not some other program/person/malicious code, etc.
Test it yourself, create a notepad .txt file with some lines of text and save it, change the file type from .txt to .vbs; now double click on the file and analogx script will ask do you want to ‘Execute the Script’ or ‘Abort’.
[QUOTE]As I understand it, Avast email monitor read the test file when attached to the email and warned me before I was able to open/run it on my computer.
[/quote]
Avast doesn’t read the test file (attachment) when you receive it. Avast simply points out the attachment’s file type could be suspicious/dangerous; so unless you are expecting it and know who it’s from it is a warning not to open the email/attachment.
[QUOTE]AnalogX cannot read the test file until it is open on my computer and an attempt is made to run the test script.
[/quote]
Script defender doesn’t read/examine/look inside of the file at any time, all it does is confirm that you give permission, to execute the script or deny, abort (because you probably didn’t initiate the script). Script defender is a simple intercept and confirmation program, it doesn’t attempt to check the code for malicious code/intention, that would be far to complex.
[QUOTE]So if I have got this right, Avast will protect me from email attachments containing scripts, but as I am currently running the Home Edition will not detect other scripts downloaded directly from the Net … for this I need AnalogX, yes?
[/quote]
No, avast home doesn’t protect against scripts (pro version only), if the script is contained inside and attachment with a suspicious fyle type it will warn about the suspicious attachment, not its content.
Yes to a degree. Script defender intercepts the call/command to run the script, scripts are usually no more than text files, they require an other program to compile and execute the instructions, without that other program running the test.vbs file it is just a text file, but when executed/run dangerous.
Check in file association in windows for .vbs and you will see that it is associated with script defender and not the program that would usually run the .vbs file (CScript.exe )