To find out if the Windows Scripting Host is enabled on your PC:
- Click Start | Run | cmd
- Type wscript in the command shell
You can protect yourself from these malicious programs if you have up-to-date antivirus code resident. This is becoming an absolute requirement in corporate environments. If you don't have that level of protection, you might want to block the vbscripting threat by disabling the Windows Scripting Host which is the agent that executes the .vbs files. There are several methods which are compatible for Windows NT / Windows 2000 and Windows XP:
- Rename or delete the WSH executable : wscript.exe
Its normally found in the system32 folder.
- Block WSH from executing .vbs files by removing the file association
- Right-click My Computer
- Select Open from the menu
- Select the View tab
- Select Options
- Open the File Types tab
- Select VBScript Script File from the list of file types
If its not there, then WSH is not installed or has been disabled. If its there
- Click on the Remove button to remove the ability of WSH to run .vbs scripts.
- Another alternative if you want to know when a script has been activated, you can use the Edit button to change the default action for .vbs files from Open (running) them to Edit . That is open script in Notepad.
- Dynamically disable / enable WSH using Symantec's Noscript.exe freeware program.
- Disable scripts using freeware AnalogX Script Defender program. AnalogX Script Defender will intercept any request to execute the most common scripting types used in virus attacks, such as Visual Basic Scripting (.VBS) and Java Script (.JS). It can even be configured to intercept new script extensions as needed! It's very simple to use and helps to ensure that you do not inadvertently run a script no matter what email program you use, or even if you get it via another method.