Advanced Plus Security Amnesia sec config 2025

[Amnesia]

Starting uni soon thought i would be a good idea to reinstall windows before, just finished setting it up and wanted to hear ur thoughts about it. If u have any suggestion, I would love to hear it!

Notes-
- UAC is asking for password.
- reg+gp+asr modified to eliminate some telemetry add some protection against macros in office apps
- win11 stripped down from some mc bloat
- webcam covered
- I plan to use shady software or video games in secured VM, would like to hear ur recommendation on how to set it up and what to use. - nvm i'll use an old laptop for that
- removed the sleep option from the power menu, the computer hibernate instead of sleeping to better enforce bitlocker encryption



Have a gr8 weekend!

 

[Bot]

Starting uni soon thought i would be a good idea to reinstall windows before, just finished setting it up and wanted to hear ur thoughts about it. If u have any suggestion, I would love to hear it!

Notes-
- UAC is asking for password.
- I plan to test pirated games in secured VM, would like to hear ur recommendation on how to set it up and what to use.



Have a gr8 weekend!

Hello Amnesia,

Congrats on the fresh Windows install—sounds like a smart move before diving into uni life! It's always a good idea to start with a clean slate to avoid any lingering issues. I'll share some thoughts on your setup based on what you've mentioned, focusing on security and best practices. If you provide more details about your config (e.g., antivirus, firewall settings, or specific software you're using), I can give more tailored advice.

On UAC Asking for Password:
This is a solid security feature! Enabling UAC to prompt for an admin password adds an extra layer of protection against unauthorized changes or malware trying to elevate privileges. It's especially useful on a fresh install. Just make sure your admin password is strong (mix of letters, numbers, symbols, and at least 12 characters) and not something easily guessable. If you haven't already, consider enabling BitLocker for full-disk encryption to safeguard your data in case your device gets lost or stolen.

Setting Up a Secured VM for Testing (e.g., Games):
Testing stuff in a virtual machine is a great way to isolate potential risks, like malware that might come bundled with downloads (pirated or otherwise). The goal is to keep the VM sandboxed so nothing spills over to your host system. Here's a step-by-step recommendation:

• Choose a VM Tool: Go with something free and reliable like Oracle VirtualBox (easy for beginners) or VMware Workstation Player. If you're on Windows 10/11 Pro, Hyper-V is built-in and works well too. Avoid paid versions unless you need advanced features.
• VM Configuration Basics:
  - Allocate moderate resources: 2-4 GB RAM, 2 CPU cores, and 50-100 GB storage (use dynamic sizing to save space).
  - Install a lightweight guest OS, like a fresh Windows ISO or Linux (e.g., Ubuntu) if you want something more secure and lightweight for testing.
  - Enable hardware virtualization in your BIOS/UEFI settings if it's not already on—this boosts performance.
• Security Isolation Tips:
  - Network Isolation: Set the network adapter to "Host-only" or "Internal Network" mode to prevent the VM from accessing the internet or your local network. If you need to download files, do it on the host and transfer via shared folders (but scan them first with antivirus).
  - No Shared Folders by Default: Only enable them if absolutely needed, and make them read-only from the VM side.
  - Snapshots: Take a snapshot before testing anything risky. This lets you roll back instantly if something goes wrong.
  - Guest Additions/Tools: Install these for better usability (e.g., clipboard sharing), but disable drag-and-drop/file sharing to minimize risks.
  - Antivirus in VM: Run a lightweight AV like Windows Defender inside the VM for an extra scan layer.
• Testing Workflow: Boot the VM, install/test your game, monitor for suspicious behavior (e.g., via Task Manager or Process Explorer). If it seems clean, you could bridge the network briefly for online features, but do this sparingly. Always scan files with tools like VirusTotal before opening them.
• Pro Tip: If you're dealing with potentially shady files, consider using a disposable VM—create, test, delete, repeat. Tools like Sandboxie on the host can add another isolation layer outside of VMs.

This setup should keep things contained. Remember, even in a VM, be cautious with what you run—pirated stuff often hides nasties like trojans or miners. If you run into specific issues during setup, feel free to share more details!

Have an awesome weekend yourself, and good luck with uni—stay safe online!

Cheers,
Your MalwareTips Assistant

 

[Divergent]

Starting uni soon thought i would be a good idea to reinstall windows before, just finished setting it up and wanted to hear ur thoughts about it. If u have any suggestion, I would love to hear it!

Notes-
- UAC is asking for password.
- I plan to test pirated games in secured VM, would like to hear ur recommendation on how to set it up and what to use.



Have a gr8 weekend!

Overall, this is a very solid and well-thought-out security setup. If you're looking to streamline it and reduce potential conflicts, there are a few areas with overlapping tools you could consider consolidating. On the network side, using both your ISP gateway and the Check Point Safe@Office 500 for NAT (Double NAT) could be simplified to just one device to improve performance, and Portmaster is capable enough to handle all firewall duties, making the default Windows firewall redundant. For system privacy, O&O ShutUp10++ and Spybot Anti-Beacon have similar functions, so you could stick with just one. The same applies to file encryption, where VeraCrypt can likely cover all the use cases for AxCrypt. In your browser, uBlock Origin is powerful enough that it likely makes TrafficLight and Privacy Badger unnecessary additions. Lastly, for maintenance, Microsoft PC Manager is redundant since you have more advanced tools like HiBit Uninstaller , and you could set CrystalDiskInfo to run on-demand rather than monitoring constantly to save resources. These are just some ideas to make an already great setup even more efficient!

On the topic of pirated games, it's important to be aware that most tech forums, including this one, have rules against discussing or facilitating software piracy for legal reasons. More importantly, from a security perspective, it's incredibly risky.

Cracks, keygens, and repacked games are among the top sources for infections like ransomware, spyware, and trojans. Even in a VM, you're still downloading and handling these high-risk files on your host machine, and one mistake in the VM's configuration (like a shared folder) could lead to a full system infection. For that reason, it would be irresponsible to provide guidance on how to handle them.

A much safer and more valuable way to use your VM for learning is to test any legitimate but untrusted software. For a safe operating system to experiment on, you can download a free, official 90-day evaluation copy of Windows directly from Microsoft's website. It's the perfect tool for this kind of sandboxing.

Stick to that, and you'll learn a ton about security without the risk. Stay safe!

 

[stonjean633]

VM is not designed for gaming. It can cause compatibility issues resulting to lag/poor performance no matter how good your gaming hardware are. I would suggest to totally isolate it on a seperate HDD/SSD.

 

[Amnesia]

VM is not designed for gaming. It can cause compatibility issues resulting to lag/poor performance no matter how good your gaming hardware are. I would suggest to totally isolate it on a seperate HDD/SSD.

Overall, this is a very solid and well-thought-out security setup. If you're looking to streamline it and reduce potential conflicts, there are a few areas with overlapping tools you could consider consolidating. On the network side, using both your ISP gateway and the Check Point Safe@Office 500 for NAT (Double NAT) could be simplified to just one device to improve performance, and Portmaster is capable enough to handle all firewall duties, making the default Windows firewall redundant. For system privacy, O&O ShutUp10++ and Spybot Anti-Beacon have similar functions, so you could stick with just one. The same applies to file encryption, where VeraCrypt can likely cover all the use cases for AxCrypt. In your browser, uBlock Origin is powerful enough that it likely makes TrafficLight and Privacy Badger unnecessary additions. Lastly, for maintenance, Microsoft PC Manager is redundant since you have more advanced tools like HiBit Uninstaller , and you could set CrystalDiskInfo to run on-demand rather than monitoring constantly to save resources. These are just some ideas to make an already great setup even more efficient!

On the topic of pirated games, it's important to be aware that most tech forums, including this one, have rules against discussing or facilitating software piracy for legal reasons. More importantly, from a security perspective, it's incredibly risky.

Cracks, keygens, and repacked games are among the top sources for infections like ransomware, spyware, and trojans. Even in a VM, you're still downloading and handling these high-risk files on your host machine, and one mistake in the VM's configuration (like a shared folder) could lead to a full system infection. For that reason, it would be irresponsible to provide guidance on how to handle them.

A much safer and more valuable way to use your VM for learning is to test any legitimate but untrusted software. For a safe operating system to experiment on, you can download a free, official 90-day evaluation copy of Windows directly from Microsoft's website. It's the perfect tool for this kind of sandboxing.

Stick to that, and you'll learn a ton about security without the risk. Stay safe!

EDIT - nvr mind i'll use my old thinkpad for that

btw crystaldisk saved my lifu back in the day using that method i'll keep it for now

 

[Parkinsond]

I can see the latest two security configurations use MSD; hard times for 3rd party AVs.

 

[Amnesia]

I can see the latest two security configurations use MSD; hard times for 3rd party AVs.

there are some great 3rd party avs i'm just cheap and only use freeware/freemium

 

[Parkinsond]

there are some great 3rd party avs i'm just cheap and only use freeware/freemium

Me too

 

[Kongo]

there are some great 3rd party avs i'm just cheap and only use freeware/freemium

There is absolutely nothing wrong with Microsoft Defender. Just stick with it.

You can still check out those two free tools to complement Microsoft Defender:

1. DefenderUI - Unlocks the full power of Windows Defender with an intuitive, streamlined interface.

2. SiriusLLM is a malware detection engine and portable application that leverages artificial intelligence and ChatGPT-like Large Language Models to assess the potential maliciousness of various digital assets (e.g., executables, scripts, documents).

 

[oldschool]

You could use ConfigureDefender to strengthen MS Defender.

And it looks like too many browser extensions to me.

 

[RoboMan]

Pretty solid security & privacy config.

My two cents:

• Technitium MAC Address Changer: remove and use Windscribe's MAC spoofing module
• Windows Defender: Tweak for maximum security with ConfigureDefender or DefenderUI since you pirate games and visit shady websites
• Add a complement for WD that uses Windows's built-in policies for hardening (Hard_Configurator, SWH, WHHLight, or similar)

 

[Amnesia]

18.10 -added CyberLock/VoodooShield, smart&aggressiv

After playing with it a bit on free trial I decided to buy CyberLock.
I was amazed by its performance and utility, it reminds me of COMODO Firewall HIPS alerts but better!