Andy Ful

Level 63
Verified
Trusted
Content Creator
Care to be more specific about what - child protection - is?
And also, what does - WAM - mean, that is an option under Admin:Smartscreen?
WAM = Warn = W a r n :)
Child protection setup can be seen in the attachments below.
 

Attachments

  • 1.png
    1.png
    54.6 KB · Views: 564
  • 2.png
    2.png
    54.9 KB · Views: 441
  • 3.png
    3.png
    55.9 KB · Views: 473
New link to ConfigureDefender ver. 1.0.0.1
ConfigureDefender/ConfigureDefender_1.0.0.1.zip at master · AndyFul/ConfigureDefender · GitHub
The file contains the ConfigureDefender_x32.exe (Windows 32-bit) and ConfigureDefender_x64.exe (Windows 64-bit).

Hi Andy,
great great tool - as usual. Just want to mention, that my WD deleted the zip file right after download because of a heavy threat: Trojan:Win32/Fuerboos.C!cl.
I know, that your tools are safe but it seems WD does not like your configuration efforts ;)
 

shmu26

Level 85
Verified
Trusted
Content Creator
Hi Andy,
great great tool - as usual. Just want to mention, that my WD deleted the zip file right after download because of a heavy threat: Trojan:Win32/Fuerboos.C!cl.
I know, that your tools are safe but it seems WD does not like your configuration efforts ;)
That's interesting, because I just scanned the file now with WD manual scan, and it came out clean. Maybe it is whitelisted by now? On Virus Total it has a detection rate of 1/67 and the false positive is not coming from Microsoft. It is from Antiy-AVL, whatever that is. (I never heard of them.)
 

Andy Ful

Level 63
Verified
Trusted
Content Creator
Hi Andy,
great great tool - as usual. Just want to mention, that my WD deleted the zip file right after download because of a heavy threat: Trojan:Win32/Fuerboos.C!cl.
I know, that your tools are safe but it seems WD does not like your configuration efforts ;)
Thanks. :)
.
That's interesting, because I just scanned the file now with WD manual scan, and it came out clean. Maybe it is whitelisted by now? On Virus Total it has a detection rate of 1/67 and the false positive is not coming from Microsoft. It is from Antiy-AVL, whatever that is. (I never heard of them.)
It is normal. Hard_Configurator and ConfigureDefender change Windows security settings. So, if I do not upload the executables to Microsoft for manual analysis, they are recognized as dangerous. I will send the ConfigureDefender files to Microsoft today.
For now, it seems to be a local AI intervention, because I can download the program without issues, yet.
 
Last edited:

Andy Ful

Level 63
Verified
Trusted
Content Creator
By the way, the local Defender AI is an interesting feature, because it works differently on different computers. I noticed this while testing script trojan downloaders, and Defender caught the script on @Av Gurus computer, but not on mine computer.
The analysis of ConfigureDefender_1.0.0.1.zip is partially finished by Cloud and Client, and waits for final determination.
 

Attachments

  • Submission.png
    Submission.png
    129.3 KB · Views: 432

Andy Ful

Level 63
Verified
Trusted
Content Creator
Try to run it but got error:

View attachment 178231
I added this alert, because some security software can block or restrict PowerShell. Hard_Configurator allows ConfigureDefender to work, but it is possible to configure SRP in such a way that will block PowerShell actions in ConfigureDefender. OSArmor in default settings does not block PowerShell actions in ConfigureDefender, so they can work together.
 
Top