@Andy Ful I think you can add the GPO tweak to disable on-access scan.
ConfigureDefender utility for Windows 10/11
- Thread starter Andy Ful
- Start date
Andy Ful
From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
- Dec 23, 2014
- 8,484
I could do it if I would work for MS to persuade people to use WD.
For some reason, MS does not want to apply this tweak by default in Windows Home and they know exactly how it works (but maybe they are just lazy).
This tweak can only solve the problem of some people with opening folders with many executables. This problem can be easily solved by using subfolders, without compromising the security. Most people do not store many executables in one folder and do not have such a problem. Other performance problems (copying files, installing/uninstalling applications, etc.) will be still present. Furthermore, it is not clear if the WD BAFS feature will work properly (it can be tested). The last problem is that MS could flag ConfigureDefender as a hack-tool, because of such an option that decreases the default security.
So, there are some pros and cons. I will investigate it in the feature.
Last edited:
- Mar 16, 2019
- 3,862
Hi, Andy Ful, few days ago in another thread I showed you that on my PC, WD was making connection to smartscreen even for files without MOTW. I forgot to mention that my Cloud protection level is set to Block mode and max time to 60 secs via Configure_Defender. Did it make the difference?
Andy Ful
From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
- Dec 23, 2014
- 8,484
It should not. It can probably depend on the privacy settings. SmartScreen events can be logged, and then it is evident that it can collect some data on the execution of any supported file (even without MOTW).
But, on my computer, the outgoing connections to SmartScreen servers are done only for files with MOTW. It is probable that I have more restrictive privacy settings.
- Mar 16, 2019
- 3,862
My Privacy settings are pretty restrictive too. Uninstalled almost every preinstalled app via Windows10Debloater script, hardened many settings via Windows Privacy Dashboard and O&O ShutUP10 too. You're in Europe and I'm in Asia so maybe it's a region thing, maybe WD collects more stuff from here
My Privacy settings are pretty restrictive too. Uninstalled almost every preinstalled app via Windows10Debloater script, hardened many settings via Windows Privacy Dashboard and O&O ShutUP10 too. You're in Europe and I'm in Asia so maybe it's a region thing, maybe WD collects more stuff from here
Maybe you both guys can make some posts on Tutorial - Protect your privacy in Windows 10 ? <3
- Mar 16, 2019
- 3,862
There's already another fantastic thread. Check this: Tutorial - How to slim Windows 10 and make it superfast
Thanks but that remove too much important stuff and these tools are always do some strange things. At least I hope to archive that manually if possible
Anyway it help me some
But still hope that Andy and SeriousHoax post some nice stuff :3
Last edited by a moderator:
Andy Ful
From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
- Dec 23, 2014
- 8,484
Who knows ...?My Privacy settings are pretty restrictive too. Uninstalled almost every preinstalled app via Windows10Debloater script, hardened many settings via Windows Privacy Dashboard and O&O ShutUP10 too. You're in Europe and I'm in Asia so maybe it's a region thing, maybe WD collects more stuff from here
- Jul 3, 2015
- 8,153
I got a series of blocks as shown in screenshot.
Andy, can you make any sense out of this?
Andy, can you make any sense out of this?
using some office browser tools?
- Jul 3, 2015
- 8,153
Bingo!
I remember unsuccessfully trying to log in to OneDrive for Business. Now I tried it again, and yeah, the same security event is logged by Windows Security.
I just tried logging in while using Microsoft Chromium, and the login fails, but the event is not logged.
Windows security is driving me buggers.
Andy Ful
From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
- Dec 23, 2014
- 8,484
One of your Office applications tried to inject code to Chrome and was blocked by ASR rule. You can get more information from the ConfigureDefender Log. You can use ASR exclusions to allow injections or disable this ASR rule.
Chromium Edge has got probably some anti-exploit mitigations that can block such injections without ASR.
Last edited:
It would be interesting to know now that the latest version of microsoft edge gives you the option to "block unwanted apps" does this mean the tweak for windows defender should be the same? do they run from the same databases/cloud? Would tweaking defender by the utility still serve a purpose?
From their documentation, it seems like there's no difference in how Microsoft classifies PUAs between Edge or Defender so I'd be confident in assuming they use the same database.
It would still serve the purpose of protecting against PUAs that are downloaded by other applications.
Andy Ful
From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
- Dec 23, 2014
- 8,484
The Edge Chromium features ("Microsoft Defender SmartScreen" and "Block potentially unwanted apps") work even if WD real-time protection is disabled and SmartScreen for
If one disables "Microsoft Defender SmartScreen" in Edge Chromium then also "Block potentially unwanted apps" is automatically disabled. So, it seems that "Block potentially unwanted apps" is a part of SmartScreen protection.
It is not clear if "Block potentially unwanted apps" in Edge Chromium works exactly as WD PUA protection. From the description, this feature blocks downloading applications that have a low reputation. But, low reputation applications are blocked by SmartScreen App Rep.
Last edited:
Andy Ful
From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
- Dec 23, 2014
- 8,484
After some digging, I found the extended description of policies related to Edge:
"SmartScreenPuaEnabled
Configure Microsoft Defender SmartScreen to block potentially unwanted apps
Supported versions:
- On Windows and macOS since 80 or later
This policy setting lets you configure whether to turn on blocking for potentially unwanted apps with Microsoft Defender SmartScreen. Potentially unwanted app blocking with Microsoft Defender SmartScreen provides warning messages to help protect users from adware, coin miners, bundleware, and other low-reputation apps that are hosted by websites. Potentially unwanted app blocking with Microsoft Defender SmartScreen is turned off by default.
..."
Microsoft Edge Browser Policy Documentation
Windows and Mac documentation for all policies supported by the Microsoft Edge Browser
docs.microsoft.com
It seems that without this setting SmartScreen in Edge will allow downloading popular applications bundled with PUA.
Last edited:
Maybe you can give a answer to my (related?) question: Microsoft Edge - Chromium-Edge Flags
I don't know if Edge flags can be added from outside, but that would then be a nice feature for your ConfigureDefender?
- Mar 29, 2018
- 7,595
It would only be bloat and it's already in Edge. Just block PUAs by enabling the setting in "Privacy and services." > Block potentially unwanted apps.
Edit: PUA settings is already in CD.
Last edited:
- Mar 16, 2019
- 3,862
So they're enabling PUA protection in edge but it's still not on by default in WD. I don't understand this stupid thing of Microsoft 
Similar threads
-
- Sticky
