SECURITY: Complete Roboman's Security Config 2019

Last updated
Sep 5, 2019
Windows Edition
Pro
Sign-in identity
Sign-in with Microsoft account
Log-in security
Permissions
Administrator user account
Security updates
Automatic - allow all types of updates
Windows UAC
Maximum - always notify
Malware samples
No - malware is not downloaded
Firewall protection
Provided by a third-party security vendor - see details below.
Real-time malware protection
WINDOWS 10:
  • Kaspersky Internet Security (tweaked for maximum security)
  • SysHardener

UBUNTU:
  • Sophos Antivirus for on-access scanning
RTP & OS hardening settings
Kaspersky: Discuss - RoboMan's Light Kaspersky Settings

Ubuntu: Sophos configured for on-access scanning only
Periodic scanning
ESET Online Scanner
Emsisoft Emergency Kit
Malwarebytes Free
Browsers
Canvas Defender
Bitwarden Password Manager
Universal Bypass
uBlock Origin
Optimisation apps
PatchMyPC - software managing and updating
ThrottleStop - undervolt my hardware to stop temperatures
MSI AfterBurner - in-game data analysis
AutoRuns & Process Explorer - analyze processes
SysHardener - lock down Windows vulnerable areas
Bleachbit
My Files & Photos backup
Macrium
My Files backup schedule
Manual - every month to the cloud, or local attached storage
Device recovery & settings
Macrium
Device backup schedule
Manual - backups are made in my own time to local attached storage
Computer specifications
Processor: Intel Core i7 7700HQ
RAM: 16GB DDR4
Graphics: Nvidia GTX 1060 6GB
Device activity usage
  1. Computer games
  2. Generic web browsing
  3. Streaming audio and video content from the Internet
  4. Working from home
  5. Video and photo editing

Raiden

Level 18
Verified
Content Creator
May 7, 2018
879
But when the stable version of 1903 is released, you will have to reinstall Windows if you want to return to the stable channel, correct?
I have no idea :)

I believe there is a small window (no pun intended:p) where you can opt out of the insider program when the next version is officially released. Usually when they release the RTM version (which usually goes to insiders first before going to Windows Update), you can at that point opt out of the insider program and keep going with the current version without having to reinstall. Usually the RTM version will remove the small watermark at the bottom right of the screen (insider preview build....). At that point you can turn off the insider updates and it should keep working without any issues, well at least that's how it use to work with past releases. If I am not mistaken the RTM version is typically released 1-2 weeks before it's available to the public (again watch for the watermark to disappear), after that you usually have 1 week or so to stop the insider builds before it continues on. If you miss the time period to stop the insider builds and it downloads the next insider version, at that point you will have to reinstall unfortunately.
 

rockstarrocks

Level 22
Verified
Apr 16, 2017
1,105
But when the stable version of 1903 is released, you will have to reinstall Windows if you want to return to the stable channel, correct?
Just select this option and it will automatically stop getting insider builds when you get the RTM/Release/Final build.
212112
 
Last edited:

RoboMan

Level 32
Verified
Content Creator
Malware Tester
Jun 24, 2016
2,118
My main system is dead :D

Just a quick tip: when 1903 reaches, be sure not to be using Comodo... just in case. I'm 80% sure that's what killed my OS (I was insider on my secondary PC with no problems). I cleaned installed 1809.

Anyways, I am back to basics. Removed CFW.

Combo:
  • Windows Defender (Hard_Configurator at HIGH SETTINGS)
  • VoodooShield.
Also, I'm off malware testing, I'm off virtualizing, I'm off beta testing, being Insider, I'm off TROUBLE.

Peace, quiet, and harmless. See you, nerds.
 

Azure

Level 26
Verified
Content Creator
Oct 23, 2014
1,536
My main system is dead :D

Just a quick tip: when 1903 reaches, be sure not to be using Comodo... just in case. I'm 80% sure that's what killed my OS (I was insider on my secondary PC with no problems). I cleaned installed 1809.

Anyways, I am back to basics. Removed CFW.

Combo:
  • Windows Defender (Hard_Configurator at HIGH SETTINGS)
  • VoodooShield.
Also, I'm off malware testing, I'm off virtualizing, I'm off beta testing, being Insider, I'm off TROUBLE.

Peace, quiet, and harmless. See you, nerds.
I assume you had the autosandbox enabled?
 

Azure

Level 26
Verified
Content Creator
Oct 23, 2014
1,536
Indeed! CS configuration, viruscope ON, auto sandbox ON, firewall at SAFE MODE
Not completely sure if this was the case here. But I'm going to make the assumption that because the autosandbox deals with unknown files when you upgraded perhaps some of those were sandboxed and ended up breaking your system.

In my opinion, for anyone using Comodo autosandbox, disable it if you are going to update/upgrade. Then use the file scan feature to see if there are any unknown files. If you find one simply add it to trust.
 
Top