Latest Changes
Dec 17, 2018
Operating System
  • Windows 10
  • Windows Edition
    Enterprise
    Version or Build no.
    1809
    System type
    64-bit operating system; x64-based processor
    Security Updates
    Automatic Updates (recommended)
    User Access Control
    Always Notify
    Network Security (Firewall)
    3rd-party Firewall app by a trusted vendor
    Device Security
  • Windows Defender SmartScreen (Windows 10)
  • User Account
    Standard
    Sign-in Accounts
    Malware Testing
    I do not participate in downloading malware samples
    Real-time Web & Malware Protection
    Kaspersky Total Security (GDPR)
    RTP - Custom security settings
  • Minor changes for Increased security
  • Virus and Malware Removal Tools
    Norton Power Eraser
    Run PE Detector
    VT Hash Checker
    Root Certificate Check
    Browsers and Extensions
    Browsers:
    Chrome
    Firefox Nightly
    Edge

    Extensions:
    Nano Adblocker & Defender
    HTTPS Everywhere
    Privacy Possum
    Searchonymous
    Temporary Container (FF)
    Privacy-focused Apps and Extensions
    modzero fix privacy
    Steven Black's hosts file
    Windscribe Pro
    Password Managers
  • LastPass
  • Web Search
  • DuckDuckGo
  • System Utilities
    None - They break more than they fix
    Data Backup
    Windows Backup using File History
    Frequency of Data backups
    Always-on Sync
    System Backup
    Macrium Reflect
    Frequency of System backups
    Regularly

    DeepWeb

    Level 25
    Verified
    screen.png


    My setup is aiming to be as lightweight and as conflict free as possible.

    My priorities:
    • Hardware health > Software health. This setup has low CPU, low RAM, low disk and low bandwidth usage. Fast boot speed. Security software should not run at the cost of hardware. There's no need to compromise.

    • Something that will work with all types of software (translate: great for gaming even with mods). Software that is very old, software that is brand new, mods, apps, tools, and tweaks, signed or unsigned. Good security software should be able to tell what is good and what isn't.
    How I achieve it:

    1. Only using my standard user account and being smart and careful about what I download and where it's from.

    2. Group policy settings and software/OS/driver updates are my #1 way to harden Windows.

    3. Anti-Malware with a great behavior blocker and Exploit mitigations block unwanted/malicious software.

    4. Hardware firewall and HOSTs file block unwanted connections system wide, and browser extensions and tweaks block all unwanted connections in their browsers.
     
    Last edited:

    FrFc1908

    Level 18
    nice config , nothing to ad really , although I would like to suggest that you moght want to switch to a more safer / realiable backup program like macrium reflect free or aomei backupper standard. both are free and reliable backup solutions. but that is entirely up to you if you want to make that change, thanks for sharing your config with us! ;)
     

    BugCode

    Level 10
    Verified
    Good, good, good!

    Yes, if you got DA on your setup, very nice. Solid host-file pick ;) . Tweaking is hard job! That's why i do some tweaks that i can just click and done, of course they every M$ UPDATE WORK, BUT I GOT BACKUP OF COURSE AND THEY ARE PRETTY FAST DONE.

    Damn! Sorry caps-lock, lazy bastard like me doesn't bother correct those, so be it!

    If i may some suggestion, it's Sbie. Maybe WFC, Tinywall, or even CFW.

    Okay your good, thank you very much sharing your config dude!

    E: DAMN! @public enemy lazy ass dude! You want everything is served front of you? :p
    I have tweaking and tested those so long time that they work correctly like it should be....so you think i give you a "so high priced homework" like that! I already give you POT "tweaks" today, so here you are...will see :)
     
    Last edited:

    DeepWeb

    Level 25
    Verified
    nice config , nothing to ad really , although I would like to suggest that you moght want to switch to a more safer / realiable backup program like macrium reflect free or aomei backupper standard. both are free and reliable backup solutions. but that is entirely up to you if you want to make that change, thanks for sharing your config with us! ;)
    Question. If you use Macrium Reflect to backup, do you use Macrium to restore your files or can you use the Windows utility to do so?
     

    liubomirwm

    Level 5
    I've talked with 0patch's developer about some issues and about the need of 0patch on a fully updated Windows 10 home machine. 0patch is a product targeted towards either unsupported OSes or a corporate environment where full patches are delayed by sysadmins. If you are using a fully updated Windows 10 you might not need it and It can cause some issues with the way it injects inself.
     

    Dave Russo

    Level 9
    Verified
    Interesting,where did you ever find the programs 0patch and RunPEDetector? Never heard of either but googled and look pretty good. What was your thought process in choosing them? Thanks nice set up
     

    DeepWeb

    Level 25
    Verified
    Interesting,where did you ever find the programs 0patch and RunPEDetector? Never heard of either but googled and look pretty good. What was your thought process in choosing them? Thanks nice set up
    The EternalBlue debacle really made me wake up to the idea of exploits, what they are and how real of an issue they might be. So I followed infosec people on Twitter and they kept referring to 0patch so I downloaded it.
    RunPEDetector and most of that stuff I found here on MT in the "Other security for Windows" section.

    I said it in my intro. "Other security for Windows" on MT and "Other anti-malware" on Wilders are the most interesting sections IMO. :)
     

    DeepWeb

    Level 25
    Verified
    How do you like f-secure? I'm waiting for an invite still so I can pair it with VS pro.
    Well if you want F-Secure Ultralight 64 bit, you can get it through here
    F-Secure Ultralight Anti-Virus Beta

    I like it. Definitely better detection than Windows Defender. Just a headsup, it does not look like the regular F-Secure and it has a strange way of installing itself. Very little visual feedback during installation, and no entry in Start Menu. Not a lot of choices, no whitelist you can navigate to but you can whitelist but I don't have any conflicts (nvm might have conflicts with Origin). :)

    Edit: So it does actually have a whitelist called "Marked as safe". I just have to get used to the different UI.
     
    Last edited:

    DeepWeb

    Level 25
    Verified
    Converted to Avast Free Antivirus after seeing that it has some excellent 0 day detection and even fares better than some paid mainstream antiviruses.

    Edit: Nevermind. Uninstalling this crap. Call me when there is a 3rd party antivirus that doesn't employ ugly hooks that break everything. For now I just use WD and other bells and whistles to enhance it.
     
    Last edited:

    DeepWeb

    Level 25
    Verified
    Installed Voodooshield and Crystal Security. Extremely happy with my setup. Very light-weight. In addition to that, I made sure to disable Windows Defender by Group Policy, Windows Firewall and that annoying Windows Defender Security Center.

    Yes I use a lot of programs, but they don't conflict with each other as long as you whitelist all of them in Comodo Firewall. :p There is some overlap between Voodooshield and Comodo Auto-containment, but other than that they all complete one another. My goal was layered & light-weight security solution and I think I achieved that surprisingly not by having one internet security solution, but by having many. Almost no CPU usage at all. RAM?
    Voodooshield 20 MB
    Crystal Security 20 MB
    CFW 10 MB
    GhostPress 6 MB
    MBAE 6 MB
    AppCheck 2 MB
    0patch 2 MB

    64 MB RAM consumed. Yes I included the services as well. :)
    The other goal I was trying to achieve using this is that if something compromised one of the modules, it wouldn't take down the entire security. E.g. if Voodooshield goes down, I still have the firewall, antivirus, anti-exploits, anti-keylogger and anti-ransomware running.