Prayag's free security config

[Evjl's Rain]

hi, did you have windows script host disabled? If you use avast settings exactly the same as your config in your video, I recommend you to disable windows script host and enable it when you really need it for certain tasks
Also, I recommend to have Hardened mode -> aggressive. If you can handle the rate of false positive

Disable WSH: save it as disable WSH.reg

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Script Host\Settings]
"Enabled"=dword:00000000

enable WSH

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Script Host\Settings]
"Enabled"=dword:00000001

 

[Prayag]

hi, did you have windows script host disabled? If you use avast settings exactly the same as your config in your video, I recommend you to disable windows script host and enable it when you really need it for certain tasks
Also, I recommend to have Hardened mode -> aggressive. If you can handle the rate of false positive

Disable WSH: save it as disable WSH.reg

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Script Host\Settings]
"Enabled"=dword:00000000

enable WSH

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Script Host\Settings]
"Enabled"=dword:00000001

thank you for the suggestion. Can you tell me by enabling which settings in avast i do not need to disable wsh.

 

[brod56]

Hey friend,I have already used voodooshield but as i mostly remains offline, I don't find it any good as it needs internet connection to identify threats.As i have said,I want such a config that doesn't popup frequently.But in the case of VS i. offline system,it popups a warning for just near any file. By the way, kaspersky anti ransomware tool improved greatly in the new version 1.31 and has almost redd the real system watcher's full functionality.Hope this explains. Thank you for elaborating your statement.

Did you use Voodoshield in Smart (Default) mode? If so, you could try AutoPilot, which is less intrusive.
Nothing against Kaspersky Anti Ransomware afterall. Still wouldn't use it, but I like the product.

 

[Evjl's Rain]

thank you for the suggestion. Can you tell me by enabling which settings in avast i do not need to disable wsh.

sorry I don't understand your question
I meant your setup will be much safer if you disable WSH. The reason is hardened mode will not work if the file is downloaded by WSH. If you disable WSH, wscript.exe and cscript.exe will be blocked and they won't be able to download any malware to infect your PC (avast with hardened mode has been usually bypassed by this kind of attack). Disabling WSH means almost everything has to go through hardened mode and you will be safer
I don't think there is any setting in avast that you can enable to cover the vulnerability of WSH

 

[brambedkar59]

sorry I don't understand your question
I meant your setup will be much safer if you disable WSH. The reason is hardened mode will not work if the file is downloaded by WSH. If you disable WSH, wscript.exe and cscript.exe will be blocked and they won't be able to download any malware to infect your PC (avast with hardened mode has been usually bypassed by this kind of attack). Disabling WSH means almost everything has to go through hardened mode and you will be safer
I don't think there is any setting in avast that you can enable to cover the vulnerability of WSH

I think he meant, "is there any setting in Avast, enabling which he wouldn't need to disable the wsh?" At least that's what i think he meant.

 

[Prayag]

sorry I don't understand your question
I meant your setup will be much safer if you disable WSH. The reason is hardened mode will not work if the file is downloaded by WSH. If you disable WSH, wscript.exe and cscript.exe will be blocked and they won't be able to download any malware to infect your PC (avast with hardened mode has been usually bypassed by this kind of attack). Disabling WSH means almost everything has to go through hardened mode and you will be safer
I don't think there is any setting in avast that you can enable to cover the vulnerability of WSH

thanks, but i have already disabled it.