ConfigureDefender utility for Windows 10/11

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,538
Thanks and yeah, hence why they can be over ruled by WFC. I did and one point make and try and manually add them into WFC but it was tedious and gave up half way through. Might have another go at some point but we'll see. Just questioning if WFC is needed.
If you did 1/2 then it is worth finishing your work. Maintaining one app is simpler than two.:)
 

sypqys

Level 5
Apr 18, 2022
228
Hi !

@Andy Ful

Since ransomware protection is recommended to be disabled in CD, do you recommend using OSArmor to overcome this?
Since I don't use H_C but the ConfigureDefender and FirewallHardening tools...
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,538
Hi !

@Andy Ful

Since ransomware protection is recommended to be disabled in CD,

That is not what I wrote in the ConfigureDefender help: :)
CFA can be very useful as anti-ransomware protection, but only after excluding the applications that need to access protected folders and applications that need to access protected disk sectors. The second group can include backup applications, disk management applications, disk optimization programs, etc. It is recommended to set initially this rule to Audit.

I recommend disabling CFA when users want to avoid exclusions and false positive alerts (which is true for most users). Anyway, ConfigureDefender HIGH settings include some anti-ransomware prevention by increasing the Cloud Protection Level and applying ASR rules.

... do you recommend using OSArmor to overcome this?

I cannot recommend OSA for the same reasons as for CFA.
Of course, if one can accept false positives, then CFA or OSA can be used. However, OSA is not software for everyone (similarly to H_C) and might require special configuration to help prevent ransomware.

Edit.
I moved your post from the H_C thread to the ConfigureDefender thread because you do not use H_C. (y)
 
Last edited:

sypqys

Level 5
Apr 18, 2022
228
That is not what I wrote in the ConfigureDefender help: :)


I recommend disabling CFA when users want to avoid exclusions and false positive alerts (which is true for most users). Anyway, ConfigureDefender HIGH settings include some anti-ransomware prevention by increasing the Cloud Protection Level and applying ASR rules.



I cannot recommend OSA for the same reasons as for CFA.
Of course, if one can accept false positives, then CFA or OSA can be used. However, OSA is not software for everyone (similarly to H_C) and might require special configuration to help prevent ransomware.

Edit.
I moved your post from the H_C thread to the ConfigureDefender thread because you do not use H_C. (y)
Sorry again, and many thanks for the help here
 

ErzCrz

Level 23
Verified
Top Poster
Well-known
Aug 19, 2019
1,206
You can copy those executables anywhere you like, pin them to Start, Taskbar, etc. You can delete the rest of the HC folder's contents if you're not planning on using them. Users can also download CD and FWH executables separately from @Andy Ful's GitHub page.
I've tried it, no problems.
I like that the Hard_Configurator UI has buttons in it for CD and FWH. I'm guessing I can install H_C without setting the recommended settings and just use it's UI for CD and FWH? @Andy Ful Just wanting to avoid overkill with CL running.
 

oldschool

Level 85
Verified
Top Poster
Well-known
Mar 29, 2018
7,664
I like that the Hard_Configurator UI has buttons in it for CD and FWH. I'm guessing I can install H_C without setting the recommended settings and just use it's UI for CD and FWH? @Andy Ful Just wanting to avoid overkill with CL running.
Then just use the CD solo executable and pin it to Start or your taskbar.
 
Last edited:

ErzCrz

Level 23
Verified
Top Poster
Well-known
Aug 19, 2019
1,206
Then just use the CD solo executable and pin it to Start or your taskbar.
Okay. Just trying to work out where to copy it to apart from my downloads folder I guess I could make a Program Files x86 folder though from memory H_C installs as a windows sub-folder though maybe it doesn't matter where it goes?
 
  • Like
Reactions: simmerskool

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,538
Okay. Just trying to work out where to copy it to apart from my downloads folder I guess I could make a Program Files x86 folder though from memory H_C installs as a windows sub-folder though maybe it doesn't matter where it goes?
Copy the standalone version of ConfigureDefender or FirewallHardening to the C:\Program Files, and make shortcuts using the right-click Explorer context menu.
 

ErzCrz

Level 23
Verified
Top Poster
Well-known
Aug 19, 2019
1,206
@ErzCrz... It's not overkill if it's just the right amount of overkill! 😊
:D though @oldschool and many others have a point. I like to find a balance just slightly over the line. I mean if you have those WFH rules in place, you won't get a pop-up, they'll not leak from legitimate software and just be blocked by default ;) WFC is good though you have to add the LOLBin rules manually and CF is quite a ways over the line. I'm trying to find what works best. CL at least allows you to create firewall block rules automatically so I wonder of the need for anything other than WF as is.

1732907453745.png


Sorry for being OT. I'll copied the H_C_Hardening Tools folder into Program Files and created shortcuts for start menu. CD working well without issue. I never had Tamper Protection disabled for DefenderUI so not sure how much of it was affected.

Edit: Found that post. (see next post)
 
Last edited:

ErzCrz

Level 23
Verified
Top Poster
Well-known
Aug 19, 2019
1,206
I apologize, I should have been more clear.

You only need to disable Tamper Protection in DefenderUI if you want to use the following features. Disabling Tamper Protection is not a DefenderUI requirement, it is a Microsoft requirement, and applies to ALL software that manages, controls or configures Microsoft Defender.

Real-time Protection
Behavior Monitoring
Scan all downloaded files and attachments
Script scanning
Threat Default Actions.

Otherwise, you can leave Tamper Protection enabled.
 

oldschool

Level 85
Verified
Top Poster
Well-known
Mar 29, 2018
7,664
So having CL would also make the likes of WFC redundant or is that something different entirely?
The two programs are completely different, so it depends on what you're trying to accomplish.
CL at least allows you to create firewall block rules automatically so I wonder of the need for anything other than WF as is.
That may suit your needs. You'll have to decide.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top