Advanced Plus Security DeepWeb's Security Config

Last updated
Dec 17, 2018
Windows Edition
Enterprise
Security updates
Allow security updates and latest features
User Access Control
Always notify
Real-time security
Kaspersky Total Security (GDPR)
Firewall security
Periodic malware scanners
Norton Power Eraser
Run PE Detector
VT Hash Checker
Root Certificate Check
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
Browsers:
Chrome
Firefox Nightly
Edge

Extensions:
Nano Adblocker & Defender
HTTPS Everywhere
Privacy Possum
Searchonymous
Temporary Container (FF)
Maintenance tools
None - They break more than they fix
File and Photo backup
Windows Backup using File History
System recovery
Macrium Reflect

DeepWeb

Level 25
Thread author
Verified
Top Poster
Well-known
Jul 1, 2017
1,396
HP released Microcode BIOS updates for Haswell computers yesterday. Just flashed it.

HPSBHF03573 rev. 13 - Side-Channel Analysis Method | HP® Customer Support

Warning: If you install it, it won't boot (caps lock blinks 2 times or 3 times), turn your PC off, remove battery for a minute or remove CMOS battery for a few seconds. Put battery back in, boot and try to install again. Strange bug.

After that it installed smoothly.
CCVaZHO.png

KP5cRsT.png


eU4l7ZT.png


Spectre and Meltdown protection are on, Microcode is 24 (latest one), computer is stable and just as fast as before so I guess they use the retpoline trick to avoid slowing PCs down which is fine with me.
 

DeepWeb

Level 25
Thread author
Verified
Top Poster
Well-known
Jul 1, 2017
1,396
Installed Windows Defender Browser Protection Extension for Chrome. This extension brings Microsoft Smartscreen to Chrome web browsing.
Windows Defender Browser Protection

At only 295 KB, it can't hurt to have another layer of protection since Microsoft's phishing lists are better than Google Safebrowsing.

Once installed you can test it here:
Windows Defender SmartScreen Demo

Most essential things work (Malware, Phishing, Blocked Download), but not all like malicious iFrames or Exploit pages and I can see why. You would need more access deep into Chrome to implement those.

Removed:
Steven Black's Hosts File
Added:
Dan Pollock's Hosts File

Steven Black's Hosts file has begun to be too big for me and it blocks domains that I really need to connect to that might be in the grey area but still safe to browse. Dan Pollock's Hosts file will block most adware and Microsoft tracking which is fine with me.

http://someonewhocares.org/hosts/zero/hosts
 
Last edited:

DeepWeb

Level 25
Thread author
Verified
Top Poster
Well-known
Jul 1, 2017
1,396
I went back to 1709. 1803 has too many bugs, feels very beta stage, many VPN connectivity issues (no IKEv2)S. Avoid 1803 April/Spring Creators Update (17133 and 17134) for now. Wait a month to upgrade after initial release, better to have other people be Microsoft's guinea pigs.
 
  • Like
Reactions: harlan4096

DeepWeb

Level 25
Thread author
Verified
Top Poster
Well-known
Jul 1, 2017
1,396
Owners of HP laptops, there is a new BIOS Update available that is not shown on the Support/Driver pages of your device:

Oct 27, 2018

HPSBHF03584 rev. 7 - Derivative Side-Channel Analysis Method
Derivatives of speculative execution side-channel analysis methods publicly disclosed in January 2018 can be exploited to facilitate the unauthorized exposure of privileged data from memory.
More information is available at the following links:
Download here:
HPSBHF03584 rev. 7 - Derivative Side-Channel Analysis Method | HP® Customer Support

tl:dr It will update your Intel microcode to the one released in June 2018 which is more efficient, stable and more secure.
 
Last edited:

Vasudev

Level 33
Verified
Nov 8, 2014
2,224
Owners of HP laptops, there is a new BIOS Update available that is not shown on the Support/Driver pages of your device:


Download here:
HPSBHF03584 rev. 7 - Derivative Side-Channel Analysis Method | HP® Customer Support

tl:dr It will update your Intel microcode to the one released in June 2018 which is more efficient, stable and more secure.
Let others test HP BIOS first and if everyone says its okay to install then go ahead. Keep a HP BIOS recovery USB in hand before updating BIOS.
 

DeepWeb

Level 25
Thread author
Verified
Top Poster
Well-known
Jul 1, 2017
1,396
+Updated to Windows 10 1809

The new update has all the fixes that I needed.

They fixed IPv4 so Windows Store and other important programs work when you disabled IPv6. I did an in-place upgrade and ran into the following issue: "We couldn’t update system reserved partition"

Microsoft provided a solution on their support page but it didn't do enough so I revised them for anyone who might see this on the wild Internet:

  1. First of all backup backup backup even if you think you won't ever go back to the older version this will save you. Make sure to back up all partitions no matter how small, especially the SYSTEM partition.
  2. Right click Start. Choose Windows Powershell (Admin).
  3. In Powershell, type mountvol y: /s and then hit Enter. This will add the Y: drive letter to access the System Partition.
  4. Switch to the Y drive by typing Y: and press Enter. Then, navigate to the Boot folder by typing cd EFI\Microsoft\Boot. Once there, type ls to list the folders available. You will see a lot of language packs (en-US, es-ES, de-DE, en-GB, etc). Delete them one by one with the command del *folder-name* for example del en-US. The system may ask you if you are sure to continue, press Y and then Enter to continue. Delete a handful of these language pack folders or more. Then click on setup.exe in your iso file and try to install again. If you still run into this issue, continue deleting language packs other than yours.
I had to delete like 10 folders before I finally had enough space to install Windows.
 
Last edited:

Vasudev

Level 33
Verified
Nov 8, 2014
2,224
+Updated to Windows 10 1809

The new update has all the fixes that I needed.

They fixed IPv4 so Windows Store and other important programs work when you disabled IPv6. I did an in-place upgrade and ran into the following issue: "We couldn’t update system reserved partition"

Microsoft provided a solution on their support page but it didn't do enough so I revised them for anyone who might see this on the wild Internet:

  1. First of all backup backup backup even if you think you won't ever go back to the older version this will save you. Make sure to back up all partitions no matter how small, especially the SYSTEM partition.
  2. Right click Start. Choose Windows Powershell (Admin).
  3. In Powershell, type mountvol y: /s and then hit Enter. This will add the Y: drive letter to access the System Partition.
  4. Switch to the Y drive by typing Y: and press Enter. Then, navigate to the Boot folder by typing cd EFI\Microsoft\Boot. Once there, type ls to list the folders available. You will see a lot of language packs (en-US, es-ES, de-DE, en-GB, etc). Delete them one by one with the command del *folder-name* for example del en-US. The system may ask you if you are sure to continue, press Y and then Enter to continue. Delete a handful of these language pack folders or more. Then click on setup.exe in your iso file and try to install again. If you still run into this issue, continue deleting language packs other than yours.
I had to delete like 10 folders before I finally had enough space to install Windows.
Nice. Any reasons why you updated to v1809?
I always used Boot repair ISO or Linux to delete them manually, Win PE asks too many questions.
 

DeepWeb

Level 25
Thread author
Verified
Top Poster
Well-known
Jul 1, 2017
1,396
I won't upgrade for 2 years. I don't have time for incremental updates.
Oh I see what you mean now. Well while their new features are meh and buggy, the new builds also make various improvements to security out of the box that they don't really mention and I think it works a little better at recognizing 3rd party security software.
 

Attachments

  • 2.png
    2.png
    188.8 KB · Views: 257
  • 3.png
    3.png
    165 KB · Views: 269
  • windowssecurity.png
    windowssecurity.png
    75.9 KB · Views: 277

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top