What is your security setup these days?

Will either of these tricks prevent Windows Update from working on XP? Namely 1806, since that's the one I used, but either. Because even though official support ended I might look for hardware updates some time when installing new hardware, among other reasons. So I'd still like it to be possible to use WU.

 

The advantage (when using IE or Chrome) is that 1806 allows you to download files, but blocks executables (the ones included with SRP), while 1803 stops all files from being downloaded. Also 1806 should allow windows update to work properly (because it is considered a safe source).

You can always remove the block from a downloaded to allow execution (after being downloaded, with right click properties).

1803 Downloads: File Download

1806 Miscellaneous: Launching applications and unsafe files

Create two registry files: one which switches sets it to warn (default value 1) and one that sets it to block (3). This way you can easily switch between modes. After having closed and re-opened your browser.

 

Things done been shook up. Running Sandboxie, NOD32, and AppGuard.

 

Sounds like WU may seem to work properly at first, but if this tweak blocks the executables in SRP that would include msi... which is what the installers for the updates use. So the updates would download just fine but then fail to install, right? Seems like it could be a problem.

 

just added NoVirusThanks EXE Radar Pro again and now is here to stay

 

I got the perfect combo

 

Good Afternoon! jmonge...good to hear from you...I was worried that you got caught in a downdraft from the afternoon Chinook Winds...and landed in Saskatchewan. Nice Combo by the way! Sincerely...Securon

 

Im using WSA+Comodo Firewall(only firewall).

 

Hold it, are they the same settings in the Internet Options?

 

Are those values the same for Trick 1803 as well?

Also... how do I create a second registry value (one for warn, and one for block)? I mean it doesn't allow you to name them both the same thing (1806)... and wouldn't that be necessary?

This subject is not one of my strongpoints as an end user, so forgive my ignorance to what probably seems like an insult to your intelligence (and certainly mine, even moreso : ) But could you hand hold me here and tell me exactly how to go about doing it? Acting as if you're talking to a person that has no clue as how to manually manage the registry... because you in fact are.

Much appreciated : )

 

You can change value of the key and then export it (right-click -- Export). You do the same for other value also. That way you get two exported keys - one for warn, other for block. Then you can double-click on appropriate exported registry key and import those settings as needed.

 

My office PC setup
Core i5, RAM 6 Gb
Win-7 x64 Prof

SUA
UAC - Max

Paragon image with bootable CD

CTM 2.8

CIS 7.0:
- AV stateful
- FW custom ruleset, Web Filter On
- AutoSandbox Off
- HIPS: Safe Mode
Raiting Scans after updates and sporadic Qick Scans.

EMET 4.1 - covers all office and internet apps
- DEP Opt Out
- SEHOP Opt Out
- ASLR Opt In
- Deep Hooks off
- Anti Detours On
- Banned Functions On

MBAE 0.10.0.1000

Zemana AntiLogger - lic

The set-up is rather overloaded but anyway the PC runs smooth.

 

back to avira

 

Running smooth with

Windows 7 Professional SP1 x64

Firewall:
Router NAT/SPI (Password Protected)
LooknStop Firewall 2.07 (Phant0m Ruleset)

Anti-Virus:
Emsisoft Anti-Malware 8.1.0.40

Blocking/Hardening:
VoodooShield 1.30
Malwarebytes Anti-Exploit 0.10.0.1000 Beta
Norton ConnectSafe DNS (Malware, Phishing)

 

Changed HTTPSB policies again...

Whitelist:
- CSS
- IMG

Greylist:
- Cookie
- Plugin
- Script
- XHR

Blacklist:
- Frame
- Other

HOSTS files are still the same. Also, enabled user agent spoofing.

 

* Windows built-in Firewall
* on-demand scanners (VirusTotal + Hitman Pro)
* IE 11 with 64 bits Enhanced Protected Mode + built-in Tracking Protection + SmartScreen Filter

 

1. Copy these two text blocks to notepad and save then as two separate files with .REG file extension (use All Files option to save)
2. Move them somewhere into a Program Files folder
3. Create a shortcut and move these to start menu
4. Click "Set Internet Zone to BLOCK.reg" to enable block
5. Click "Set Internet Zone to WARN.reg" to set back to default warn
6. Clicking one of the above (4 or 5) acts as switch through registry chang


---------------------Give this one the name -----> Set Internet Zone to WARN.reg
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3]
"1806"=dword:00000001

---------------------Give this one the name -----> Set Internet Zone to BLOCK.reg
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3]
"1806"=dword:00000003

---------------------Give this one the name -----> Set Download to WARN.reg
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3]
"1803"=dword:00000001

---------------------Give this one the name -----> Set Download to BLOCK.reg
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3]
"1803"=dword:00000003

All explained here : http://support.microsoft.com/kb/182569

 

@WS
Thanks. I might be playing with this some time.

 

Good Evening! Trjam...has the Boot-Up problem been taken care of with this update? Sincerely...Securon

 

I'm now running Emsisoft Anti-Malware. It seems to always be improving, it might be staying on this time.

 

I'm using what's in my sig.

 

I am still running Windows 8.1 Update 1 x64 with Windows Defender, Windows Firewall, HitmanPro and UAC set to max.
I have stopped using IE and switched back to latest stable Google Chrome with Disconnect, AdGuard, Webutation and ZenMate.

 

Default (trick 1803) is 0.

 

XP Home SP3
Windows Firewall
DropMyRights
Norton Connect Safe
System Recovery Off
24 Services Modified (Black Viper)
EMET 4.1 Update 1
SBIE
MBAE

No Silverlight installed
Only NET 4 installed
No JAVA Installed

FIREFOX (ABP,Ghostery,WOT,Noscript,HTTPS EveryWhere,Toggle Referer)

Comodo Dragon Portable (HTTP Switchboard)

I.E.8 (Occasional Use )

KB 2964358
Trick 1803
Script off (Press F12)
No Flash installed for I.E.8

On Demand

Hitman Pro
HiJackthis portable

 

Dropped Sandboxie. I kept on getting problems with flash and other various issues. Really, I don't think it's "needed". Going for a knowledge, lightweight, and quick recovery focused setup. And actually, I may even drop EMET. It interfere's with some older games.