Advanced Plus Security DeepWeb's Security Config

[Evjl's Rain]

exactly, I also noticed EAM does inject something to other programs, especially the ones using hardware virtualization, and somehow makes them a bit malfunctional

explorer.exe and task manager crashed as soon as I installed EAM and so did chrome/slimjet appcontainer feature. I couldn't perform a reboot but a forced shutdown and reboot. After a reboot, most of them worked again and I had to sacrifice chrome appcontainer to suit EAM.

 

[DeepWeb]

exactly, I also noticed EAM does inject something to other programs, especially the ones using hardware virtualization, and somehow makes them a bit malfunctional

explorer.exe and task manager crashed as soon as I installed EAM and so did chrome/slimjet appcontainer feature. I couldn't perform a reboot but a forced shutdown and reboot. After a reboot, most of them worked again and I had to sacrifice chrome appcontainer to suit EAM.

That seems to be the general trend. Microsoft has ramped up kernel security and anything that attempts to get near it gets rejected. I will keep on searching for the right AV that just works. I'm no longer accepting that any AV can break normal functioning apps.

 

[Evjl's Rain]

That seems to be the general trend. Microsoft has ramped up kernel security and anything that attempts to get near it gets rejected. I will keep on searching for the right AV that just works. I'm no longer accepting that any AV can break normal functioning apps.

how is fsecure ultralight? Is it updated or still stuck at the old version? can you take a few screenshots of it. Thank you

 

[DeepWeb]

how is fsecure ultralight? Is it updated or still stuck at the old version? can you take a few screenshots of it. Thank you

It's all updated back to using Emsisoft since I am running into the same issues with Ultralight... Opening Windows Defender Security Center during a particular moment appears to crash Windows Explorer when you use 3rd part AVs. Very strange behavior.

 

[Evjl's Rain]

It's all updated back to using Emsisoft since I am running into the same issues with Ultralight... Opening Windows Defender Security Center during a particular moment appears to crash Windows Explorer when you use 3rd part AVs. Very strange behavior.

perhaps, your settings prevented AVs to inject context menu dll to explorer.exe so they crashed? Maybe this feature is dedicated for windows defender or it has to be enabled after the AV finishes installing

I mean virtual based security

 

[DeepWeb]

perhaps, your settings prevented AVs to inject context menu dll to explorer.exe so they crashed? Maybe this feature is dedicated for windows defender or it has to be enabled after the AV finishes installing

I mean virtual based security

Probably.

Update: Decided to just go with Windows Defender Antivirus since it has no conflict with virtualization-based security.

 

[DeepWeb]

how is fsecure ultralight? Is it updated or still stuck at the old version? can you take a few screenshots of it. Thank you

Btw

All engines are up to date from today (Dec 8, 2017). Ultralight Antivirus is alive and well.

 

[DeepWeb]

I enabled Smartscreen Network Protection, ASR and Exploit Guard through Group policy.

Use Windows Defender Exploit Guard to protect your network

Once again it puzzles me why Microsoft has these powerful features well hidden and as complicated as possible for regular users but oh well. There is also no real way to test if they are actually working other than the samples from Microsoft which isn't saying much.

Disabled automatic file submission. No need. Microsoft has enough guiney pigs. Windows Defender Antivirus won't update definitions normally on my setup so I had to change it to get definition updates from Windows Update...

 

[DeepWeb]

-Windows Defender Antivirus
-F-Secure Ultralight Antivirus
-G DATA USB Keyboard Guard

+Emsisoft Anti-Malware

 

[DeepWeb]

I managed to resolve a lot of issues with EAM after finding some of Umbra's EAM/Comodo settings here but MOST OF ALL, make sure to whitelist Synaptics processes (there are two)... who could have known that these two can cause so much trouble. The difference in performance cannot be understated. CPU usage has gone from 5-7% when all I do is move the cursor to ~0-1%.

-Comodo Firewall

It's been a quite a ride. We are down to two. EAM and Keyscrambler. While I strongly believe that EAM can detect keyloggers, I opt to my anti-government spying tinfoil hat. My focus is on anti-exploit and exploit mitigation by hardening Windows

 

[DeepWeb]

Upgraded my Chrome and Firefox extensions as well as adding some additional lists to my adblocker while removing others that I find too big and just not necessary. I've been running into a few performance issues since the Emergency Update. AOMEI Backupper crashed the OS for the first time. Never had any issues. I'm not sure if they are because of the Intel fix or because Microsoft added new bugs through other updates.

Update:
-Keyscrambler Free

 

[DeepWeb]

My 3rd backup attempt since the Emergency Patch. AOMEI is running into issues during the backup process.
-Occassional freeze
-Much much slower backup

Whatever Microsoft changed about the Windows kernel is severely slowing it down (VSS perhaps?).

Update: It is indeed VSS. I switched to using AOMEI's built-in backup utility and I no longer have slowdowns.

 

[DeepWeb]

Steven Black Hosts file was blocking Windows update. I could not determine which URL in particular was being blocked. But, just in case someone experiences the same thing, disable/delete your Hosts file under "\Windows\System32\drivers\etc\hosts" and try to update again.

 

[DeepWeb]

Added Chrome/Firefox Extension:
IDN Safe

How to protect your browser from Unicode domain phishing attacks

It helps detect and block domains that fake being other domains by using unicode tricks. Invaluable IMO.

 

[DeepWeb]

-Added to Firefox:
mozilla/policy-templates

Firefox 60+ now supports Group policy templates! Great news. Less configuring between accounts.

Also upgraded from Windows 10 Pro to Enterprise. Almost no difference to Pro if you're not part of a big company that takes full advantage of all the tools to centralize and standardize desktop environments across multiple devices. I'm still exploring what I can do more. Initially only purchased for Credential Guard and App-V. It didn't even download anything extra. It appears all an upgrade from Pro to Enterprise does is flip some internal switches to unlock features that are already there. For comparison, when I upgraded from Home to Pro, I got a big Windows update that brought in all the Pro features, restart was required. But since Microsoft designs Windows with enterprise in mind, might as well get their gold standard.

Once the new Intel microcode is available as BIOS or Windows update, I will re-enable virtualization-based security (HVCI and Credential Guard) and take full advantage of Windows Defender Application Guard as well as App-V. Currently not possible because Hyper-V and VMware CPU Microcode Update Driver are not compatible. But the hardware benefits of the Microcode update driver far outweigh the need for security of VBS.
Hardware health > Software health

 

[DeepWeb]

Updated to Windows 10 1803 through in-place upgrade (Download Media Creation Tool, download Windows.iso, mount iso, click setup.exe). Went smooth. Your System Reserved Partition may give you problems. Just follow this if you run into an error: https://support.microsoft.com/en-us...m-reserved-partition-error-installing-windows

It was also stuck at 88% for a while (1-2 hours perhaps). Don't sweat it as long as Task Manager shows that it is doing something.

Update: I'm very confused. I allotted time expecting to fix bugs, reinstall drivers and all but this upgrade left me with nothing to do. It just runs extremely well out of the box and this time it kept almost all of the settings except wiping the registry which I am actually thankful for.

 

[DeepWeb]

I gave DNS over HTTPS in Firefox a try using Cloudfare's new DNS resolver. It works. It's FAST!! But, it bypasses your AV's web protection. So I had to revert back.

 

[Klappis]

What nice config? He doesn't even list his basic setup.

 

[harlan4096]

@Klappis: this is becasue the recent forum migration to new version, all the data in fields have been lost, so @DeepWeb should edit it and re-type all the data

 

[Ink]

What nice config? He doesn't even list his basic setup.

Read the latest post here: Guidelines - Posting under the PC Security Configuration Wizard (2018)