Best choice between real-time protection options

I have no problems with FF and DEP initialized. Check out for aboutlugins information- maybe, this is the reason.

 

I don't understand anything of this, but I assume that this is a part of protecting your system against EXPLOITS.

This is the actual contents of my boot.ini :

[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptOut

Simple newbie question : is this boot.ini OK as protection against EXPLOITS ?

 

What i can answer at this moment is that part " /NoExecute=OptOut ". This is the setting you chose by the method you said earlier. By editing this file and writing this, is the same as choosing from that dialogue. OptIn is the Windows default (the other option). AlwaysOn and AlwaysOff you can only select here in boot.ini , by simply replacing "OptOut" for "AlwaysOn" or "AlwaysOff".

I can't access it from FF obviously, but i checked Mozila - Firefox - Plugins folder, but it seems normal. QuickTime plugin, RealPlayer, Adobe Flash Player Helper, Shockwave...
Is this supposed to be here on install? I did delete the folder in Documents and settings prior to reinstall, but not the program files one.

I'm now checking Process Monitor, and filtered "firefox.exe", and i do see some "name not found" in the Result column (regarding registry parts), and some other stuff... (i'm surprised i got this much, i'm usually clueless).

Now i remember why i hate IE, it's slow, so slow..

 

My actual boot.ini is now :

[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=AlwaysOn

Is that all to protect my system against exploits or do I have to do more ?

 

I abstain form answering if it's enough, there's the ASLR part i have to read, i'd probably make a mistake.
Do note my headaches above, but also that this is not supposed to happen. From all the beta installs, tweaking programs i tried, registry cleaning, etc i cannot honestly say where's the problem. You probably won't have any, from your FD-ISR + ATI method

Changing the boot.ini , you have to save it , and "OK" it, then reboot to apply the changes. That i know

 

Well after AlwaysOn, I booted back in my on-line snapshot and Anti-Executable was gone. After changing AlwaysOn into OptOut and rebooting, Anti-Executable was back to normal.

 

Heh, we're certainly entering a place not very talked about. Explorer has been crashing, i'm buffer overflowing myself? lol
This week i'm going to at least reinstall Windows, if i find the time that is.

 

I tried KIS 7.0.120(special version, most people not tried yet), it much quicker than previous 7 version. Even faster than 6. My computer is Celeron 900, 256M Ram.

 

I forgot to report back: the talkback extension is the culprit for FF not loading. Disabling it or uninstalling it solves the problem. Looking back, i don't even know why i went with it.
Reinstalling XP has taught me some lessons, by having to do things all over. "noexecute=AlwaysOn" is it for me. Thank you Grand Master Ilya

 

I'd like to know what you've removed in order to use the AlwaysOn switch. For the moment, I'm using OptiOut.

 

Izarc is gone. To install JRE 6 update 2, i had to use the offline install from here.
The other(s) pop DEP.
IE6 didn't open, i upgraded to 7, but haven't tried since.

There were other examples, i think a whole thread would be needed so people report them.
PC Tools FW (lol..), now i remember, didn't open the GUI. But no warning, so i can't be sure, to be honest.
Avast!'s splash pops the warning and is closed.
If i remember more, i'll post. Right now i'm digging netfilter/iptables, and happy

 

Sounds like a good idea
3 years of hardware DEP and AlwaysOn isn't usable in most cases

 

Ah, i was wondering that. So you did try it. What kept you from using it?

 

At that time, I was using Firefox 1.5 (I think) and I experimented random crashes which disappeared switching to OptiOut.
But, some Firefox extension could have been the culprit and not Firefox itself.
My Windows installation is so stable (looks like Debian ) that I'm afraid to touch it. Hopefully, the security apps will catch all the nasty threats (fingers crossed )

 

It was probably an extension, the talkback extension (from Mozilla ) sure violates DEP.
One simple thing to try is: run ff in safemode (the other exe; in programs - firefox - FF safemode). It will run fine, it tells you what was disabled, and if you want it disabled for good. I was going nuts with that, but it's surprisingly simple to solve.

PS: Debian is too cool for XP!

 

Nice tip Pedro

 

Thanks to this topic and ALL the replies i finally found the right line in my Boot.INI file to get XP Pro's bootstrapper to Multi-Boot for me. You're gonna laugh when you see how simple the solution was. I tore thru countless Google Searches but a lot of what i read made me hesitate because a single flaw/incorrect placement in the Boot.INI file can make the PC unreachable.
I been content with letting PARAGON'S bootloader set the stage all this time when all that was needed was changing the rdisk(0) on the other drive to (1)......Drive 0,1 DUH Me and keeping both Boot.INI files exact.
It takes me ages sometimes just to remedy a 1 second solution when it comes to some of these $M Windows configs.