What is your security setup these days?

I believe the only thing it does is delete the script extensions registry entries.
Perhaps some program you have needs to use scripts?

In any case, it's a matter of re-running NS and restoring the registry entries. IME, it's flawless, but as they say, ymmv.

 

see my signiture for most of my security setup.
i have made the following changes.
disabled the bultin administrator account.
added my own account with admin rights called Root.
lowered my user account i use everyday to standard user.
denied users all access to my folders containing backups of C:
now just trying to find out how to sort it so i can read my documents but need admin rights to delete any folders or files within that folder.

 

use an app like freecommander and give that full permiossions and accesses : >
gotta luv that when running lua

 

XP:
Avira Premium
PCtools Firewall - Free
SUPERAntispyware - Free
Blue Coat K9 - Free

Vista:
Avira Premium Security Suite
SUPERAntispyware Pro
Blue Coat K9 - Free
My Wife watching my every move - Free

 

Agree again with Erik. All those Avs can easily bypassed.
Security set ups are useful no question but against targeted attacks you can throw most of them to dustbin..

 

Along with an occasonal scan of DrWeb CureIt and Malwarebytes Anti-Malware.

 

Went back to "old school" with a fresh install of XP 32 on my tower. ProcessGuard, Wormguard, Regproteact. Threw in ZA free, Avast free (Standard and Web Shield), SAS free on demand, Sandboxie for when I take a walk on the wild side, and Firefox 3 with various add-ons.

As yet undecided what will go on the new lap top to be purchased. Will be decided when the final specs. of the lap top are decided.

 

Ditched LUA due to way too much restrictions. EQS (HIPS) with Alcon's Rules offer a much more flexible experience, very STRONG monitoring as well as tightly controlled environment in comparison without restraining the system to a static condition like DEEP FREEZE, although Returnil, Power Shadow can offer on-the-fly virtualization when needed as well as SandboxIE. CyberHawk (Early Version) compliments the rest as a reliable behavioral blocker without the issues of a TF and it's bloat. Also, since i have "ALL" Doug Knox's file association fixes, i also use ScriptDefender!! just in case i decide to uninstall and need to return associations back to normal defaults which SD lacks in some of those.

If i really want to seal down potential Ring0 penetration by drivers, Samurai rests comfortably in System32 and it can be engaged at will with a simple reboot, although thats only for extreme situations.

It's been mentioned HIPS interferes with SuRun, but thats simply not true, it's just that it requires wasting time to "start as admin" manually every reboot and that's a annoyance.

Running Admin is no big deal where EQS and some other hardening techniques are in place.

No AV, No AS. No problems.

 

Firewall
Linksys Router RT31P2
Outpost Firewall Pro 6.5.2355.316.0597
Harden-It 1.2
Windows Worms Doors Cleaner 1.4.1

Anti-Virus/Anti-Spyware
Kaspersky Anti-Virus Personal 8.0.0.357 (extended data bases enabled)
Malwarebytes (Anti-Malware 1.19 and RogueRemover Pro 1.20 (immunized enabled))

HIPS
Ghost Security Suite 1.420 (AppDefend 2.000 and RegDefend 3.000)
WinPatrol Plus 15.0.2008.0
DiamondCS WormGuard 3

Block Lists
MVPS hosts file 6/5/08 + hpHosts host file 7/2/08 (with HostsXpert 4.2)

Resident On Demand Scanners
SUPERAntispyware 4.15.1000
Kephyr Bazooka 1.13.03
Dr. Web CureIt Anti-Virus 4.44.5
Mischel TrojanHunter 5.0 (962)
A-squared scanner 3.5.0.15
Ewido (AVG) Micro 4.0
UnHackMe 4.7
AVG Anti-Rootkit 1.1.0.42
F-Secure BlackLight 2.2.1070
Gmer 1.0.14.14536 (Catchme 0.2)
Resplendence Rootkit Hook Analyzer 3.02
Trend Micro Rootkit Buster 2.2.0.1014
Trend Micro HijackThis 2.0.2

Online Scanners
HijackThis log file analysis & Networktechs HJT log analysis (HijackThis log analyzers)
VirusTotal
Jotti's malware scan
McAfee Freescan

 

FULL LIST: 4th of July Edition

NETWORK
Two Linksys Wrt54g Routers (DD-WRT Flashed) in WDS Mode
SPI Firewall Enabled, MAC Filtering Enabled for Wi-Fi
Static IP and OpenDNS Setups for all Users

RESIDENT - XP MCE 2005 SP3
Online Armor AV+ v3 Beta (2.1.0.1xx)
- Custom Bluetach Blacklists Enabled (For Global and P2P Dependent)
- RunSafer Enabled for all Browsers, Email Clients, Messengers, Media Players, P2P Applications, Text & Photo Viewers
Sandboxie 3.28 (Paid)
- ForcedProcess Enabled for Email Client and all Browsers
- Automatic Delete Enabled for all Sandboxes
- Restricted Executable Settings for Firefox and Opera
ShadowDefender (1.1.0.265)
- Shadow Mode Enabled on C: (only when needed)
Script Sentry 2.7.1 (All Extensions Associated)
Process Explorer 11.13 (Task Manager Replacement Enabled)

HARDENING
Harden-It (All Default Recommended), Bugoff (All Enabled),
SeconfigXP (Configured for Home), Security & Privacy Complete (Custom), Spyware Blaster (Immunized), Sybot Search & Destroy (Immunized), Advanced System Optimizer (Custom), WinXP Manager (Custom)

OTHER
A-Squared Anti-Malware (Free), KeyScrambler (Firefox Plugin), AI RoboForm (FF Plugin), Malwarebytes Anti-Malware (Free), Avira Antivir Personal (Free), CCleaner, ATF-Cleaner, RunScanner,

BROWSERS
Firefox 3.0 (Adblock Plus, Adblock Updater, PhishTank & WOT), Opera 9.51, Internet Explorer 8 Beta 1 (IE Pro)

BACKUP & PARTITIONING
Acronis True Image 10 & Disk Director Suite 10

RESIDENT - VISTA ULTIMATE SP1 <--- REMOVED

dja2k

 

For laptop security on XP Pro SP3:

Online Armor AV+
Using D-link wired router at home
Firefox 3 as primary browser, w/ NoScript, KeyScrambler, AdBlock Plus & IE tab; Opera 9.51 as secondary
Thunderbird 2.x w/ javascript turned off as main email browser (I have Outlook 2003, along with all of Office 2003, but prefer T-bird)
SuperAntispyware on-demand
MVPS hosts file, plus supplementals
Default Services trimmed and adjusted, using various recommendations, plus trial and error

Backup images stored offline.

I could make it more complicated. But why??

SamSpade

|||

 

Vista Ultimate SP1:

Windows Firewall
Windows U.A.C.
Hardware D.E.P.
DeepFreeze
Executable Lockdown (trial)
Firefox NoScript
First Defense ISR Rescue
ShadowProtect Desktop

Alas I couldn't even get the new AntiExecutable from Faronics to install on my computer! So I'm testing Executable Lockdown from Horizon DataSys, and so far so good. I like to think this is my final security set up for Vista.

 

With that kind of software, I think so too.

 

Eset Smart Security
Comodo BoClean
Firefox 3 + spywareblaster

 

Just now everybody starts (at least talking) using naked (no AV) setups, I could not resist and installed on our family XP box:

First layer: Rising FW (with image execution check, silent mode)

Second layer: DefenseWall (with extra HKCU registry protection and Mail directory uniquely allowed to OutlookExpress implemented with Resource Protection and block of nagscreen, see pic)

Third Layer: Avira free, with smart file check at write only

This setup follows the most ancient scheme of all: FW - AV and a LUA/SRP through DefenseWall (the easy XP home way )

 

to me naked means naked and not 3 layers. I have no problem with 3 layers. It is simply that it fails to meet my idea of naked.

 

COMODO Firewall Pro 3. With SUPERAntispyware & MBAM on-demand.

However, I like the layered Security Approach:
Prevention
Detection
Cure

I also browse with Firefox, I never download off any unknown resources. I am not a PC gamer or anything. Just simple computer needs (Firefox, MSN) Thats about it. Ohh and Microsoft Office.

Josh

 

I changed the excellent Look'n'Stop firewall for the SUPERB Outpost Firewall Pro 2009. OFP2009 and EQS together look like a PERFECT match. Agnitum did a Marvelous job this time.

If you haven't tried OFP2009 yet, do it

 

Now that is interesting. I had BSOD's when I tried to install OFP which I put down to conflict with EQS. Your setup is almost identical to mine so I'll have to have another look. From the brief time I had with OFP, browsing seemed to be a bit slower than OA.

 

That is what I have done also.
Only a few days on, but everything here is getting along just fine with one another.
I was happy with L'n'S but had to try the new Outpost and glad I did.

 

He longview, I was mentioning it ironical, not running naked, but using a very old fashioned setup (that is why I included triple ), kind of counter movement

 

Nice Setup Kees.
Later today I'll try to get that registry protection with SBIE.

 

Nice setup Alcyon too and new choice.

You have the very best prevention against ever being permanantly detached from your work or the internet if you're like me. I have stockpiled over these past months "several" not new, but abandoned or discounted as disabled hard drives. All i done was first confirm the BIOS would allow them to post, only 1% didn't, then proceeded to wipe the devil out of them with either the makers Zero Tool or Dban or WhiteCanyon's Wipe Drive Pro, plus even wiped a second round with Paragon's Drive BackUp which also does those duties. Then done a quick check that no bad sectors were showing up, and then proceed to install XP Pro which since i own a volume license i create additional local units without issue. (They remain always in-house).

With this armada of hardware (HD's) and some boxes with good mobos, i can take on anything anyone or group devises in their efforts to compromise Windows and learn from these activities whether the security softwares are up to the challenge or not.

I got tired of taking chances or losing time resetting Windows from either research or drive-by sites and to top it off, along came the likes of Returnil, SandboxIE, Power Shadow, Deep Freeze, Anti-Executable, SAS, DefenseWall, so on and so forth, all seemingly bombarding us users in a short stretch of time and throwing malware makers into a literal panic of confusion.

Theres always strength in numbers

 

Windows XP Pro
Netgear Router

Realtime: NOD32 v2.70.39
ZoneAlarm Pro v7.0.473.000
Ad Muncher 4.72
KeyScrambler Pro
MJ Registry Watcher Version 1.2.6.2

On Demand: Superantispyware Pro v4.15.1000
a-squared Anti-Malware 3.5
Spy Emergency 2008 5.0.305
Malwarebytes' Anti-Malware 1.19
Ewido Micro Scanner
AVG 7.5 FREE AntiVirus
Dr.Web CureIt_ Version 4.44
Norman Malware Cleaner 2008.06.19
Prevx CSI

Anti Rootkit Tools: F-Secure BlackLight 2.2.1070
GMER rootkit detector
Rootkit Detective_ McAfee
Trend Micro Rootkit Buster


Backup: Acronis workstation v9.1.3854
Acronis Disk Director Suite v10.0.2160


Miscellaneous: InstallWatch Pro 2.5c
SystemTracer 1.6.0.16
What's Running 2.2
DtaskManager 1.51
VMWare Workstation V6.0.4-93057