Suggestions for an office network.
I currently have...

Windows Firewall
A-Squared (Paid version)
Sandboxie
Paragon Disc Backup


Anything else?

assuming you are already using fully patched machine, disabled scripting in the browser (except trusted sites) & common sense, that combo is good enough

The main problem which bothers me is the USB drives. We do actually need to use them, also in other companies too. Usually they come back with trojans or worms.

I was just wondering if Returnil or something similar would be any use to us?

You should consider using a Limited User Account.

Also you should disable AutoRun, e.g. with Panda USB Vaccine (http://download.cnet.com/Panda-USB-Vaccine/3000-2239_4-10909938.html?part=dl-55967&subj=dl&tag=button).

-{ Quote: "You should consider using a Limited User Account.

Also you should disable AutoRun, e.g. with Panda USB Vaccine (http://download.cnet.com/Panda-USB-Vaccine/3000-2239_4-10909938.html?part=dl-55967&subj=dl&tag=button)." }-

Agree, better lua than a sandbox, for steady state of C, I would prefer Returnil (I asume you have programs partition and data partition all split on every PC).

Syncback for intellligent backup of data partition

Make sure you select intelligent false positive reduction in IDS of A2

-{ Quote: "for steady state of C, I would prefer Returnil" }-
I think there's also Windows SteadyState (http://www.microsoft.com/windows/products/winfamily/sharedaccess/default.mspx)? Don't know much about it though. :-\

-{ Quote: "Syncback for intellligent backup of data partition" }-
Agreed.:thumb: It's a great program.

windows accounts are limited.

i cannot use returnil as there are issues regarding network keys.

how do i protect againt someone who opens a 0day trojanand presses allow in a2? do i not need hips to backup to malware scanner?

-{ Quote: "Suggestions for an office network.
I currently have...

Windows Firewall
A-Squared (Paid version)
Sandboxie
Paragon Disc Backup


Anything else?" }-
Shadow Defender (virtualizer that allows you to exclude/commit important files) or DeepFreeze (virtualizer that doesn't allow anything whatsoever to be written to disk in protected state, ideal when one doesn't trust users). They both can be passworded.

wouldnt these also stop the network keys from being saved like returnil

-{ Quote: "wouldnt these also stop the network keys from being saved like returnil" }-
With Shadow Defender you can exclude files or folders.
So if they are stored at drivers\etc\networks this shouldn't be a problem.
Only if they are stored in the registry this could be unfeasible, as it makes not much sense to exclude the registry completely.

Cheers

Will HIPs be necessary with limited accounts? I was thinking of adding Comodo Firewall Defense +.

-{ Quote: "You should consider using a Limited User Account.

Also you should disable AutoRun, e.g. with Panda USB Vaccine (http://download.cnet.com/Panda-USB-Vaccine/3000-2239_4-10909938.html?part=dl-55967&subj=dl&tag=button)." }-

Can you explain about the need for disabling autorun. When I plug in my USB with PortableApps, I'll get a pop up to open PA among others. If my USB becomes infected from another machine will my my laptop become infected as soon as I plug it in, or once I open it?

How does Panda vaccine prevent infection?

-{ Quote: "Can you explain about the need for disabling autorun. When I plug in my USB with PortableApps, I'll get a pop up to open PA among others. If my USB becomes infected from another machine will my my laptop become infected as soon as I plug it in, or once I open it?

How does Panda vaccine prevent infection?" }-
If you click on the pop up that appears, you'll get infected. At least that was the case with Conficker, I'm not sure about all cases. And I think when you double click on the drive in Windows Explorer you can also get infected.

Also Panda USB Vaccine "immunizes" USBs by placing an empty autorun.inf file to prevent your USBs from becoming infected.

you are ok

Guys, is it just me or the latest version of Panda USB Vaccine isn't work properly?

No matter which USB drive I try to immunize, it will hang and hang... I actually need to end it with Task Manager.

-{ Quote: "Guys, is it just me or the latest version of Panda USB Vaccine isn't work properly?

No matter which USB drive I try to immunize, it will hang and hang... I actually need to end it with Task Manager." }-

Be careful with killing the vaccination process while its running, specially under NTFS which takes a lot longer than under FAT32 drives. If you do kill it while its "doing its thing" you may end up with some corrupted data and have to run chkdsk /f on the drive to fix it.

Simply let it run until its finished vaccinating. It takes time, specially with bigger NTFS drives, but it will eventually finish its task.

rising pc doctor has usb immunization, it halts the drive loading and scans it before allowing it onto your computer, that should be quite effective and its a great free program...

-{ Quote: "rising pc doctor has usb immunization, it halts the drive loading and scans it before allowing it onto your computer, that should be quite effective and its a great free program..." }-

Good point, and a big reason I use it in conjunction. ;)