Advanced Plus Security DeepWeb's Security Config 2019

Last updated
Sep 3, 2019
Windows Edition
Enterprise
Log-in security
Security updates
Allow security updates
User Access Control
Always notify
Real-time security
Panda Dome Advanced
Firewall security
About custom security
ForgottenSeer 58943's settings
Periodic malware scanners
Norton Power Eraser
Run PE Detector
Root Certificate Check
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
Firefox Nightly:
Nano Adblocker & Defender
HTTPS Everywhere
Privacy Possum
Searchonymous
Maintenance tools
Tweaking.com Windows Repair
File and Photo backup
Windows File History
System recovery
Macrium Reflect
Risk factors
    • Gaming
    • Logging into my bank account
    • Browsing to popular websites
    • Streaming audio/video content from shady sites
    • Browsing to unknown / untrusted / shady sites
    • Streaming audio/video content from trusted sites or paid subscriptions
Computer specs
CPU: Intel Core i7 4700MQ
RAM: 16 GB
GPU: Nvidia
Storage: SATA SSDs (3 TB)
DeepWeb

DeepWeb

Level 25
Thread author
Verified
Top Poster
Well-known
Jul 1, 2017
1,396
6qe4mGW.png

I put a heavy emphasis on Group Policy hardening because changes there carry over to future versions of Windows 10 without having to set everything up again. I get most of my Group policy tweaks from these guides:
Penetration Testers’ Guide to Windows 10 Privacy & Security
EUD Guidance: Windows 10 (1803) with Mobile Device Management - NCSC Site
Preventing Mimikatz Attacks – Blue Team – Medium
Manage Windows Defender Credential Guard (Windows 10)

I use Exploit Protection to provide additional protection to older driver software and 7-Zip.

I also keep an eye out for the latest CPU microcode, BIOS and UEFI updates on my OEM's website to fend off Spectre and Meltdown related vulnerabilities:
HPSBHF03573 rev. 15 - Side-Channel Analysis Method | HP® Customer Support
 

Attachments

  • Tb8GvFJ.png
    Tb8GvFJ.png
    232.2 KB · Views: 204
  • AE9ysju.png
    AE9ysju.png
    210.2 KB · Views: 258
Last edited:
  • Like
Reactions: Dave Russo, Venustus, Solarquest and 7 others
DeepWeb

DeepWeb

Level 25
Thread author
Verified
Top Poster
Well-known
Jul 1, 2017
1,396
-Kaspersky Total Security 2020

+Eset Smart Security Premium 2019

Let me start by saying that Kaspersky is an A+ product. There was absolutely nothing wrong it. Protection was excellent. I just wanted something lighter on resources with an equal detection rate. Eset is definitely the lightest AV solution out there. That being said I don't even use my Windows laptop anymore. I browse on my Chromebook 99% of the time now and I highly recommend it. The peace of mind while browsing is priceless! The learning curve is exactly zero.
 
  • Like
Reactions: Dave Russo, elquenunca, Nevi and 8 others
DeepWeb

DeepWeb

Level 25
Thread author
Verified
Top Poster
Well-known
Jul 1, 2017
1,396
After using Eset Smart Security Premium for a while I have to give you guys a warning. Eset in its default settings very allergic to torrenting. It will block your entire network until reboot sometimes. The way I went around this is disabling IDS and Botnet protection in its firewall. Kaspersky is far more mature in this area.

But other than that, it does feel lighter and I can finally enable Memory Integrity without breaking the AV.
 
  • Like
Reactions: Jack, Dave Russo, Nevi and 3 others
DeepWeb

DeepWeb

Level 25
Thread author
Verified
Top Poster
Well-known
Jul 1, 2017
1,396
SeriousHoax said:
Weird, I torrent all the time even doing right now and never had any issue with ESET.
Click to expand...
I know. It most likely isn't due to Eset. I tested again with Kaspersky... I think I just never noticed how buggy Windows 10 was until now. :D
It's a very fascinating bug. You will not run into the bug unless you have your PC on running idle for 4 hours. It seems Windows 10 is spitting the wifi driver out and not letting it back.
 
Last edited:
  • Like
  • HaHa
Reactions: Venustus, Dave Russo, harlan4096 and 2 others
DeepWeb

DeepWeb

Level 25
Thread author
Verified
Top Poster
Well-known
Jul 1, 2017
1,396
@L0ckJaw @SeriousHoax Geez! I finally figured it out after uninstalling/reinstalling the drivers, uninstalling my VPN!!, resetting the BIOS, even restored my copy of Windows 10 to earlier this year when I upgraded to 1903, everything. I tested the components in HP's UEFI menu and the Wireless Module could not be found. So I opened my laptop and replaced the small Intel 7260AC WiFi card with another one. Viola! Problem solved. The WiFi card was dying that's all.

Just a heads up if you guys ever see a notice in Event Viewer that your Wifi card is being reset multiple times, and you cannot reconnect, it's failing. Laptop is about 4-5 years old but the i7 CPU is still beating most of the things in the market so I stuck with it. :emoji_v::D
 
  • Like
Reactions: Venustus, Dave Russo, oldschool and 2 others
DeepWeb

DeepWeb

Level 25
Thread author
Verified
Top Poster
Well-known
Jul 1, 2017
1,396
-Kaspersky Total Security

+Panda Dome Advanced
+Malwarebytes Anti-Exploit beta

edit: I've learned a few tricks from Gryphon about my security and performance. I decided to return it, uninstall Kaspersky, buy a new network adapter and tweak the Group Policy to harden everything further. I'm happy with the result. :D

I'm also doing monthly full backups from now on instead of weekly incremental backups. Full backups are more reliable and less prone to corrupt.
 
Last edited:
  • Like
  • Wow
Reactions: harlan4096, Venustus, Handsome Recluse and 3 others
blackice

blackice

Level 39
Verified
Top Poster
Well-known
Apr 1, 2019
2,868
DeepWeb said:
-Kaspersky Total Security

+Windows Defender Antivirus
+HitmanPro.Alert
+Gryphon Router
+Macrium Reflect Home

I'm not crazy. My aim is to enable as many of Windows exploit protections as possible and I was not able to do so before. Now that Gryphon's excellent malware protection prevents driveby downloads, malicious sites and malware in the first place, I can shift my focus back to more exploit protection and less aggressive real time scanning. :D
Click to expand...
Just keep in mind the Gryphon doesn’t scan https, just blocks known bad IPs.
 
  • Like
  • +Reputation
Reactions: DeepWeb, harlan4096, Venustus and 2 others
You must log in or register to reply here.

Similar threads

oldschool
    • Like
    • +Reputation
    • Thanks
New Update Enhanced Phishing Protection in Microsoft Defender SmartScreen
Replies
11
Views
911
Windows 11
simmerskool
simmerskool
M
    • Like
Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials
Replies
0
Views
702
Microsoft Defender
Microsoft Threat Intelligence
M
SpyNetGirl
    • Like
    • +Reputation
    • Hundred Points
Harden Windows Security | Only with official documented methods | Always up to date
Replies
75
Views
13,895
Other security for Windows, Mac, Linux
Warencom
W

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top