Advanced Plus Security DeepWeb's Security Config

Last updated
Dec 17, 2018
Windows Edition
Enterprise
Security updates
Allow security updates and latest features
User Access Control
Always notify
Real-time security
Kaspersky Total Security (GDPR)
Firewall security
Periodic malware scanners
Norton Power Eraser
Run PE Detector
VT Hash Checker
Root Certificate Check
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
Browsers:
Chrome
Firefox Nightly
Edge

Extensions:
Nano Adblocker & Defender
HTTPS Everywhere
Privacy Possum
Searchonymous
Temporary Container (FF)
Maintenance tools
None - They break more than they fix
File and Photo backup
Windows Backup using File History
System recovery
Macrium Reflect

Glashouse

Level 4
Verified
Well-known
Jun 4, 2017
174
@DeepWeb this looks like a nice combination. I would be afraid that there are some hidden conflicts which might lead to a decrease of your security level...
 
  • Like
Reactions: DeepWeb

outlawxtorn

Level 6
Verified
Content Creator
May 29, 2017
264
Installed Voodooshield and Crystal Security. Extremely happy with my setup. Very light-weight. In addition to that, I made sure to disable Windows Defender by Group Policy, Windows Firewall and that annoying Windows Defender Security Center.

Yes I use a lot of programs, but they don't conflict with each other as long as you whitelist all of them in Comodo Firewall. :p There is some overlap between Voodooshield and Comodo Auto-containment, but other than that they all complete one another. My goal was layered & light-weight security solution and I think I achieved that surprisingly not by having one internet security solution, but by having many. Almost no CPU usage at all. RAM?
Voodooshield 20 MB
Crystal Security 20 MB
CFW 10 MB
GhostPress 6 MB
MBAE 6 MB
AppCheck 2 MB
0patch 2 MB

64 MB RAM consumed. Yes I included the services as well. :)
The other goal I was trying to achieve using this is that if something compromised one of the modules, it wouldn't take down the entire security. E.g. if Voodooshield goes down, I still have the firewall, antivirus, anti-exploits, anti-keylogger and anti-ransomware running.
How's it working still? Kind of interested in a set-up like this. Something strong, yet light at the same time. I love to game so lighter is always better to me!
 

HarborFront

Level 71
Verified
Top Poster
Content Creator
Oct 9, 2016
6,010
So, which of your software can protect against infected USB devices automatically when you are online/offline?

And how about against Bad USB devices?
 
Last edited:

DeepWeb

Level 25
Thread author
Verified
Top Poster
Well-known
Jul 1, 2017
1,396
How's it working still? Kind of interested in a set-up like this. Something strong, yet light at the same time. I love to game so lighter is always better to me!
It's working well. I have not tested real malware against it yet but I have never been in a situation where one was conflicting with the other. Just using test files, Crystal Security and VoodooShield are the first to respond. Even if I decide to whitelist those, the file gets blocked and quarantined by Comodo Firewall. :)

If you want to do gaming, VoodooShield and Comodo Firewall's HIPS module will give you a lot of trouble if you don't whitelist the game folders and they don't recognize the game you are playing.
So, which of your software can protect against infected USB devices automatically when you are online/offline?

And how about against Bad USB devices?
If CrystalSecurity does not detect malicious files right away, VoodooShield and Comodo Firewall with cruelsister's settings both act as anti-exe's that will quarantine any unknown program automatically unless I explicitly whitelist the program in both. :)

Any potential conflict would probably be caused by Comodo because it has so many modules. I disabled all of them except for Auto-Containment and the Firewall itself. In Crystal Security, I disabled dynamic engine because it doesn't like the updaters of the others. I whitelisted all security products in AppCheck just in case they delete a malicious file and AppCheck thinks a ransomware did it and mistakenly restores the file. But, other than that, none have stepped on the other foot yet because one always reacts before the other does. :) I know my setup looks overkill but it really is not.

These protect me before intrusion:
1 Antivirus: Crystal Security
1 Anti-Exe: VoodooShield
1 Firewall/Sandbox: Comodo
+Hosts file, Smartscreen, uBlock Origin, Google Safebrowsing, whitelisting Javascript (.com,.edu,.org,.mil,.net,.secure only), DNSSEC resolver

These protect me during/after intrusion (damage control):
2 Anti-Exploits: MBAE, 0patch
1 Anti-ransomware: AppCheck
1 Anti-keylogger: Ghostpress
+MBR Filter, Backup
 
Last edited:

HarborFront

Level 71
Verified
Top Poster
Content Creator
Oct 9, 2016
6,010
If CrystalSecurity does not detect malicious files right away, VoodooShield and Comodo Firewall with cruelsister's settings both act as anti-exe's that will quarantine any unknown program automatically unless I explicitly whitelist the program in both. :)

FYI, none of the said software protect against Bad USB devices. Also, the said software don't scan your USB devices when they are inserted.
 
  • Like
Reactions: DeepWeb

DeepWeb

Level 25
Thread author
Verified
Top Poster
Well-known
Jul 1, 2017
1,396
FYI, none of the said software protect against Bad USB devices. Also, the said software don't scan your USB devices when they are inserted.
What programs do you recommend? :)

edit: went ahead and install Panda USB Vaccine. Thank you!
 
Last edited:

HarborFront

Level 71
Verified
Top Poster
Content Creator
Oct 9, 2016
6,010
What programs do you recommend? :)
One other thing.

I'm not sure how effective are VS and Comodo against malware when your system is offline. I know Crystal Security download signatures into your PC for demand scanning only, if I'm not wrong. Crystal Security also has anti-exe feature.

That leaves a security hole in your system. When offline you'll need something(like a BB, heuristics, anti-exe etc) to be able to detect malware in real-time and auto kickstart your AV/AM software to scan. You cannot do this with different software. The most is the particular software detects and auto quarantinee/delete(depending on the setting) the malware, and, as for kickstarting its AV/AM engine to scan I'm not sure of this. Someone maybe can confirm the latter.

However, software for detecting infected USB devices can do the aforementioned. When you insert an infected USB device it, using heuristics, auto detect and quarantinee/delete/prompt the user for action. Well, although not as good as a system AV/AM software it's better than nothing.

Against Bad USB devices I can only think of HitmanPro Alert and G Data products which provide such a feature. You can also get the standalone G Data USB Keyboard Guard for free, here

USB Keyboard Guard | Reliable protection against manipulated USB stick
 
Last edited:
  • Like
Reactions: DeepWeb

Vasudev

Level 33
Verified
Nov 8, 2014
2,224
One other thing.

I'm not sure how effective are VS and Comodo against malware when your system is offline. I know Crystal Security download signatures into your PC for demand scanning only, if I'm not wrong. Crystal Security also has anti-exe feature.

That leaves a security hole in your system. When offline you'll need something(like a BB, heuristics, anti-exe etc) to be able to detect malware in real-time and auto kickstart your AV/AM software to scan. You cannot do this wih different software. The most is the particular software detects and auto quarantinee/delete(depending on the setting) the malware, and, as for kickstarting its AV/AM engine to scan I'm not sure of this. Someone maybe can confirm the latter.

However, software for detecting infected USB devices can do the aforementioned. When you insert an infected USB device it, using heuristics, auto detect and quarantinee/delete/prompt the user for action. Well, although not as good as a system AV/AM software it's better than nothing.

Against Bad USB devices I can only think of HitmanPro Alert and G Data products which provide such a feature. You can also get the standalone G Data USB Keyboard Guard for free, here

USB Keyboard Guard | Reliable protection against manipulated USB stick
Why not disable Autoplay entirely? If you disable Autoplay, make sure you set Shell Hardware Detection service is set to manual in services.msc
 

HarborFront

Level 71
Verified
Top Poster
Content Creator
Oct 9, 2016
6,010
Why not disable Autoplay entirely? If you disable Autoplay, make sure you set Shell Hardware Detection service is set to manual in services.msc
If you are copying a file(with worm, trojan etc) from the USB device over to your PC is Autoplay effective agianst it?
 

Vasudev

Level 33
Verified
Nov 8, 2014
2,224
Can you read his post #21 above regarding Windows Defender?
Sorry, my memory is very bad, i took a look at first page so I assumed he's using WD. Since his/her PC is connected to the internet all the time, crystal security could block trojans and other stuffs.
 

HarborFront

Level 71
Verified
Top Poster
Content Creator
Oct 9, 2016
6,010
Sorry, my memory is very bad, i took a look at first page so I assumed he's using WD. Since his/her PC is connected to the internet all the time, crystal security could block trojans and other stuffs.
Yes, that's when you are connected to the net. How about when he's offline and using USB devices?
 

DeepWeb

Level 25
Thread author
Verified
Top Poster
Well-known
Jul 1, 2017
1,396
Please read the use of Panda USB Vaccine

If you need to undo its vaccination of USB devices you'll have to go through the below procedure otherwise you'll need to format the whole USB device

Removing Panda USB Vaccination Without Formatting USB Disk

Tedious, right?
Oh good thing I immediately uninstalled it. :) This is horrible.
Regarding offline protection I use brain.exe and default-deny. Comodo Auto-containment is set up to contain anything that is not signed. VoodooShield will also default-deny until I connect to the Internet. But do you have some suggestions for offline real time antiviruses?
 
  • Like
Reactions: Vasudev

HarborFront

Level 71
Verified
Top Poster
Content Creator
Oct 9, 2016
6,010
Oh good thing I immediately uninstalled it. :) This is horrible.
Regarding offline protection I use brain.exe and default-deny. Comodo Auto-containment is set up to contain anything that is not signed. VoodooShield will also default-deny until I connect to the Internet. But do you have some suggestions for offline real time antiviruses?
If you are talking to protect against infected USB devices then there are some like MCShield, USB Disk Security etc

They are sig-less and use heuristics for scanning
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top