ConfigureDefender utility for Windows 10/11

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,593
I am installing now the Windows 10 upgrade and will try to reproduce your problems. Yet, your problem with Edge should not be related to Hard_Configurator or ConfigureDefender, except if you have set SRP to check DLLs. If you have done this, then the problem will remain, because Edge and this SRP setting were incompatible also in the older Windows 10 versions. We will see, I will come back after some hours.(y)
 

HarborFront

Level 72
Verified
Top Poster
Content Creator
Oct 9, 2016
6,158
I am installing now the Windows 10 upgrade and will try to reproduce your problems. Yet, your problem with Edge should not be related to Hard_Configurator or ConfigureDefender, except if you have set SRP to check DLLs. If you have done this, then the problem will remain, because Edge and this SRP setting were incompatible also in the older Windows 10 versions. We will see, I will come back after some hours.(y)
FYI, I'm not using Edge so it isn't an issue to me
 

Reldel1

Level 2
Verified
Jun 12, 2017
50
I am installing now the Windows 10 upgrade and will try to reproduce your problems. Yet, your problem with Edge should not be related to Hard_Configurator or ConfigureDefender, except if you have set SRP to check DLLs. If you have done this, then the problem will remain, because Edge and this SRP setting were incompatible also in the older Windows 10 versions. We will see, I will come back after some hours.(y)

I finally was able to uninstall Hard_Configurator by turning off Windows Defender protection plus turning off protected folders, I then could go into GUI without triggering Windows Defender. I turned off H_C SRP and Protections and logged off WITHOUT entering Config/Defender GUI. I then logged back into the Account and used H_C tools to uninstall H_C. After prompted reboot I was able to get an internet connection with Edge.

Andy, curious if the process of uninstall returned Defender to default settings?

I will run without Hard_Configurator on two machines and not touch the other two until the issues with Microsoft get resolved. Thanks again.
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,593
I am back, after upgrading to Windows 10 ver. 1609.
  1. Installed Hard_Configurator ver. 4.0.0.0 - WD quarantined ConfigureDefender, but allowed to install Hard_Configurator.
  2. Applied the recommended settings.
  3. Opened Edge.
  4. Opened Task Manager (some people reported problems).
  5. Uninstalled Hard_Configurator and installed again without problems.
  6. Activated DLL checking and blocked all available sponsors.
  7. Opened Edge again.
So far, no issues. Even the CPU problem with Task Manager is absent on my system (Windows Pro).

Turned off WD real time protection. Ran ConfigureDefender - High Defender Settings were activated and additionally all ASR rules were set to ON and Network Protection was set to ON. Controlled Folder Access was set to OFF.
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,593
...
Andy, curious if the process of uninstall returned Defender to default settings?
...
Yes. Uninstalling Hard_Configurator changes the WD settings to default values. It seems that one of ConfigureDefender settings (probably 'Network Protection') could cause some problems with the Internet connection on your machine.
The other problem is blocking Hard_Configurator on your machine. You probably used it to run ConfigureDefender and the local WD AI connected this with malware chain and next time also Hard_Configurator was blocked (but not quarantined). When you clear the WD threat history, then you should use H_C without problems.(y)
 

Reldel1

Level 2
Verified
Jun 12, 2017
50
Yes. Uninstalling Hard_Configurator changes the WD settings to default values. It seems that one of ConfigureDefender settings (probably 'Network Protection') could cause some problems with the Internet connection on your machine.
The other problem is blocking Hard_Configurator on your machine. You probably used it to run ConfigureDefender and the local WD AI connected this with malware chain and next time also Hard_Configurator was blocked (but not quarantined). When you clear the WD threat history, then you should use H_C without problems.(y)
Thanks, will give it a go in a bit. Yes, I am inclined to believe it was the network protection that blocked Edge.
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,593
The simplest way to avoid problems with Hard_Configurator blocking is opening the Hard_Configurator folder and let WD quarantine ConfigureDefender.
If someone likes to use ConfigureDefender then two things should be done from WD Security Center:
  1. Recover ConfigureDefender from quarantine.
  2. Add ConfigureDefender executable to WD exclusions.
I am trying to fulfill the new Microsoft requirements in the new ConfigureDefender version which is now analyzed by Microsoft.
 
Last edited:

oldschool

Level 85
Verified
Top Poster
Well-known
Mar 29, 2018
7,698
I have not upgraded to 1809 yet. I already had H_C and ConfigureDefender excluded in CFA. I just opened CD, WD quarantined it, recovered from quarantine. Seems to work. Also, looking forward to next H_C. :)(y)

Edit: I should add that Hard_Configurator was not flagged by WD, only ConfigureDefender.
 
Last edited:

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,593
Thanks, will give it a go in a bit. Yes, I am inclined to believe it was the network protection that blocked Edge.
It could be also that the local WD AI did some actions to prevent (imaginary) infection. Sometimes the AV actions can be like allergy, not adequate to the danger.
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,593
Microsoft Analyst was kind to accept the new version of ConfigureDefender - I submitted the ver. 1.1.1.1 as an incorrect detection. Here is the full answer:
"Analyst comments:

Hello Andy Ful,
Thank you for your inquiry.
We have reviewed the file and we have removed the detection. Please try the following steps to clear cached detections and obtain the latest malware definitions.

  1. Open command prompt as administrator and change directory to c:\Program Files\Windows Defender
  2. Run MpCmdRun.exe -removedefinitions -dynamicsignatures
The latest definition is available for download here: Latest definition updates for Windows Defender Antivirus and other Microsoft antimalware - Windows Defender Security Intelligence
Best regards,
Windows Defender Response
"

The new ConfigureDefender version 1.1.1.1 will be pushed on GitHub today in the night.
The commandline noted by the analyst will be helpful if the local WD AI blocked something by dynamic local signatures (not quarantined) that is actual whitelisted (like Hard_Configurator in the Reldel1 post).
 
Last edited:

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
Microsoft Analyst was kind to accept the new version of ConfigureDefender - I submitted the ver. 1.1.1.1 as an incorrect detection. Here is the full answer:
"Analyst comments:

Hello Andy Ful,
Thank you for your inquiry.
We have reviewed the file and we have removed the detection. Please try the following steps to clear cached detections and obtain the latest malware definitions.

  1. Open command prompt as administrator and change directory to c:\Program Files\Windows Defender
  2. Run MpCmdRun.exe -removedefinitions -dynamicsignatures
The latest definition is available for download here: Latest definition updates for Windows Defender Antivirus and other Microsoft antimalware - Windows Defender Security Intelligence
Best regards,
Windows Defender Response
"

The new ConfigureDefender version 1.1.1.1 will be pushed on GitHub today in the night.
The commandline noted by the analyst will be helpful if the local WD AI blocked something by dynamic local signatures (not quarantined) that is actual whitelisted (like Hard_Configurator in the Reldel1 post).
Thanks, Andy.
Aside from the disable Defender option that you removed, are there any other significant changes/improvements in the new build?
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,593
Thanks, Andy.
Aside from the disable Defender option that you removed, are there any other significant changes/improvements in the new build?
Not at this moment. I am finishing the new version of Hard_Configurator which will include also the new version of ConfigureDefender. I am going to add the new ASR rules available on Windows 10 ver. 1809.
 

Reldel1

Level 2
Verified
Jun 12, 2017
50
Just tried to download Hard_Configurator and latest Microsoft definition 1.227.552.0 is blocking and deleting the download even if MpCmdRun.exe -removedefinitions -dynamicsignatures has been run.

It does allow download of for Windows 64-bit: AndyFul/ConfigureDefender. Note: Using Edge

Okay, I cleared Windows Defender threat of Hard_Config download. I turned off Windows Defender protection, downloaded and installed Hard_Config, added C/Windows/Hard_Config exclusion to Defender. Loaded Config_Defender 1.1.1.1 to C/Windows/Hard_Config, opened Hard_Config GUI and applied protections, logged out. Logged back in re- activated Windows Defender protections. Bit of a dance but all good.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top