I'm interested in what others are using to bolster their Windows defences?
Not in terms of 3rd party software like anti-viral/malware or removal programs like GMER, cwshedder etc but what one can do to help stop things happening that are inbuilt but maybe not well known.
For example, the HOSTS file and the SYSKEY (Win8) program.
What have others 'turned on' or tweaked in Windows?
Disabled NetBIOS, along with Printer File Sharing (using Windows Worms Doors Cleaner). I wonder if people even have to mess with doing this in Win7 or newer anymore? It was seen by many as a very critical thing to do in WinXP.
Disabled RAW Sockets (using GRC SocketLock - seems to be completely discontinued with no download available anymore? maybe it was only ever valid on WinXP?)
Set unnecessary services to Disabled or Manual - I've always leaned towards using the Manual option just in case something is actually needed.
Other things I've done:
Refuse to use Internet Explorer if possible, I will only use it on Microsoft.com sites - this I've done since about the year 2000 and have avoided any infections.
And there's probably a magnitude of other little things I've done but forgotten all about.
I turned on the hardware firewall in my DSL modem, I can only use the Low setting otherwise it completely disrupts all sorts of things from certain software to little portable gadgets used in the house. As for "extra rules" enabled in it I've inputted some widely used adservers to block such as DoubleClick, etc.
Also the only way to access my WiFi is if I've already manually inputted a device MAC address.
I do find it interesting when looking for a network with a WiFi device how so many neighbors have their network SSID broadcasting in plain view.