Jump to content

JWilliams

Members
  • Content Count

    4
  • Joined

  • Last visited

Profile Information

  • Location
    USA
  1. While Powershell 2.0 compatibility can be removed via add/remove Windows components, Powershell 5.0 is integral to Windows 10. I've searched for solutions, and it doesn't seem that it can be removed. Uh yes it can be, use NTLite. It can remove more than just Powershell... hxxp://www.ntlite.com Having done some looking into NTLite, it does seem to be able to remove Powershell functionality (no idea whether a system is stable this way, as it's generally described as a core element of the operating system these days). ​However, with Microsoft replacing the command prompt with Powershell (hxxp://www.networkworld.com/article/3143196/windows/microsoft-is-replacing-the-cmd-prompt-with-powershell.html), it would be more helpful to not have to reinstall the function when it is needed. Greater control through AMSI, it seems to me, would allow users to easily or selectively disable all Powershell execution, but quickly re-enable it when needed. ​Since ESET SS is hooked into AMSI anyway and can thus make "go/no-go decisions" for script execution, it's a feature I'd like to see.
  2. While Powershell 2.0 compatibility can be removed via add/remove Windows components, Powershell 5.0 is integral to Windows 10. I've searched for solutions, and it doesn't seem that it can be removed.
  3. I have a request regarding Eset Smart Security 10 and Microsoft's AMSI. Is it possible to add options such as "block all in-memory Powershell scripts" or "ask before running any Java scripts"? Many of us never or only rarely and deliberately use Powershell scripts, Java scripts, etc. For those of us in that situation, it would be nice to block things by default, to catch zero-day stuff. Is this possible?
×
×
  • Create New...