ConfigureDefender utility for Windows 10

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
Care to be more specific about what - child protection - is?
And also, what does - WAM - mean, that is an option under Admin:Smartscreen?
WAM = Warn = W a r n :)
Child protection setup can be seen in the attachments below.
 

Attachments

  • 1.png
    1.png
    54.6 KB · Views: 779
  • 2.png
    2.png
    54.9 KB · Views: 660
  • 3.png
    3.png
    55.9 KB · Views: 693

Daniel Keller

Level 2
Verified
Dec 28, 2016
86
New link to ConfigureDefender ver. 1.0.0.1
ConfigureDefender/ConfigureDefender_1.0.0.1.zip at master · AndyFul/ConfigureDefender · GitHub
The file contains the ConfigureDefender_x32.exe (Windows 32-bit) and ConfigureDefender_x64.exe (Windows 64-bit).

Hi Andy,
great great tool - as usual. Just want to mention, that my WD deleted the zip file right after download because of a heavy threat: Trojan:Win32/Fuerboos.C!cl.
I know, that your tools are safe but it seems WD does not like your configuration efforts ;)
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
Hi Andy,
great great tool - as usual. Just want to mention, that my WD deleted the zip file right after download because of a heavy threat: Trojan:Win32/Fuerboos.C!cl.
I know, that your tools are safe but it seems WD does not like your configuration efforts ;)
That's interesting, because I just scanned the file now with WD manual scan, and it came out clean. Maybe it is whitelisted by now? On Virus Total it has a detection rate of 1/67 and the false positive is not coming from Microsoft. It is from Antiy-AVL, whatever that is. (I never heard of them.)
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
Hi Andy,
great great tool - as usual. Just want to mention, that my WD deleted the zip file right after download because of a heavy threat: Trojan:Win32/Fuerboos.C!cl.
I know, that your tools are safe but it seems WD does not like your configuration efforts ;)
Thanks. :)
.
That's interesting, because I just scanned the file now with WD manual scan, and it came out clean. Maybe it is whitelisted by now? On Virus Total it has a detection rate of 1/67 and the false positive is not coming from Microsoft. It is from Antiy-AVL, whatever that is. (I never heard of them.)
It is normal. Hard_Configurator and ConfigureDefender change Windows security settings. So, if I do not upload the executables to Microsoft for manual analysis, they are recognized as dangerous. I will send the ConfigureDefender files to Microsoft today.
For now, it seems to be a local AI intervention, because I can download the program without issues, yet.
 
Last edited:

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
By the way, the local Defender AI is an interesting feature, because it works differently on different computers. I noticed this while testing script trojan downloaders, and Defender caught the script on @Av Gurus computer, but not on mine computer.
The analysis of ConfigureDefender_1.0.0.1.zip is partially finished by Cloud and Client, and waits for final determination.
 

Attachments

  • Submission.png
    Submission.png
    129.3 KB · Views: 647

Av Gurus

Level 29
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Sep 22, 2014
1,767
Comodo Firewall definitely has powershell protection, under the advanced tab or whatever they call it. I am surprised you got no alert, but try disabling Comodo and see what happens?

You are right.
Comodo have block file, now i set to Trusted and disable Sandbox and is working

Clipboard01.jpg Clipboard02.jpg
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
Try to run it but got error:

View attachment 178231
I added this alert, because some security software can block or restrict PowerShell. Hard_Configurator allows ConfigureDefender to work, but it is possible to configure SRP in such a way that will block PowerShell actions in ConfigureDefender. OSArmor in default settings does not block PowerShell actions in ConfigureDefender, so they can work together.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top