Prayag's free security config

Status
Not open for further replies.
E

Evjl's Rain

Level 47
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
hi, did you have windows script host disabled? If you use avast settings exactly the same as your config in your video, I recommend you to disable windows script host and enable it when you really need it for certain tasks
Also, I recommend to have Hardened mode -> aggressive. If you can handle the rate of false positive

Disable WSH: save it as disable WSH.reg
Code: 
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Script Host\Settings]
"Enabled"=dword:00000000

enable WSH
Code: 
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Script Host\Settings]
"Enabled"=dword:00000001
 
  • Like
Reactions: silversurfer
Prayag

Prayag

Level 4
Thread author
Verified
Well-known
Mar 27, 2017
160
Evjl's Rain said:
hi, did you have windows script host disabled? If you use avast settings exactly the same as your config in your video, I recommend you to disable windows script host and enable it when you really need it for certain tasks
Also, I recommend to have Hardened mode -> aggressive. If you can handle the rate of false positive

Disable WSH: save it as disable WSH.reg
Code: 
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Script Host\Settings]
"Enabled"=dword:00000000

enable WSH
Code: 
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Script Host\Settings]
"Enabled"=dword:00000001
Click to expand...
thank you for the suggestion. Can you tell me by enabling which settings in avast i do not need to disable wsh.
 
brod56

brod56

Level 15
Verified
Top Poster
Well-known
Feb 13, 2017
737
Prayag said:
Hey friend,I have already used voodooshield but as i mostly remains offline, I don't find it any good as it needs internet connection to identify threats.As i have said,I want such a config that doesn't popup frequently.But in the case of VS i. offline system,it popups a warning for just near any file. By the way, kaspersky anti ransomware tool improved greatly in the new version 1.31 and has almost redd the real system watcher's full functionality.Hope this explains. Thank you for elaborating your statement.
Click to expand...

Did you use Voodoshield in Smart (Default) mode? If so, you could try AutoPilot, which is less intrusive.
Nothing against Kaspersky Anti Ransomware afterall. Still wouldn't use it, but I like the product.
 
E

Evjl's Rain

Level 47
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
Prayag said:
thank you for the suggestion. Can you tell me by enabling which settings in avast i do not need to disable wsh.
Click to expand...
sorry I don't understand your question
I meant your setup will be much safer if you disable WSH. The reason is hardened mode will not work if the file is downloaded by WSH. If you disable WSH, wscript.exe and cscript.exe will be blocked and they won't be able to download any malware to infect your PC (avast with hardened mode has been usually bypassed by this kind of attack). Disabling WSH means almost everything has to go through hardened mode and you will be safer
I don't think there is any setting in avast that you can enable to cover the vulnerability of WSH
 
  • Like
Reactions: Cats-4_Owners-2 and brambedkar59
brambedkar59

brambedkar59

Level 32
Verified
Top Poster
Well-known
Apr 16, 2017
2,101
Evjl's Rain said:
sorry I don't understand your question
I meant your setup will be much safer if you disable WSH. The reason is hardened mode will not work if the file is downloaded by WSH. If you disable WSH, wscript.exe and cscript.exe will be blocked and they won't be able to download any malware to infect your PC (avast with hardened mode has been usually bypassed by this kind of attack). Disabling WSH means almost everything has to go through hardened mode and you will be safer
I don't think there is any setting in avast that you can enable to cover the vulnerability of WSH
Click to expand...
I think he meant, "is there any setting in Avast, enabling which he wouldn't need to disable the wsh?" At least that's what i think he meant.
 
Prayag

Prayag

Level 4
Thread author
Verified
Well-known
Mar 27, 2017
160
Evjl's Rain said:
sorry I don't understand your question
I meant your setup will be much safer if you disable WSH. The reason is hardened mode will not work if the file is downloaded by WSH. If you disable WSH, wscript.exe and cscript.exe will be blocked and they won't be able to download any malware to infect your PC (avast with hardened mode has been usually bypassed by this kind of attack). Disabling WSH means almost everything has to go through hardened mode and you will be safer
I don't think there is any setting in avast that you can enable to cover the vulnerability of WSH
Click to expand...
thanks, but i have already disabled it.
 
Status
Not open for further replies.

Similar threads

Divine_Barakah
    • Like
    • Applause
Advanced Security Divine Barakah's PC Security Config 2024
Replies
97
Views
4,145
PC Setup Configuration Help & Showcase
Divine_Barakah
Divine_Barakah
Allego
    • Like
    • Applause
Basic Security Allego's Laptop Security Config 2024
Replies
11
Views
1,076
PC Setup Configuration Help & Showcase
Allego
Allego
enaph
    • Like
    • +Reputation
Security News Default iOS Settings Make Locked iPhones Vulnerable to Attacks
Replies
0
Views
311
Security News
enaph
enaph

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top