oldschool

Level 34
Verified
Mr. Ful to update to new version just delete the old version, download new, set protection level, good to go?
Just download, copy and replace the old one wherever you keep it normally. Set protection level to your liking and good to go.

Also. does running this in High setting make OSA redundant?
I'd say to some degree. modified Max to some degree. OSA is really a post-exploit software, not an outright prevention app. Windows Defender has anti-exploit features as does Windows, e.g. app and browser control, etc. The Wiindows features don't depend on WD. Many users prefer to harden with SysHardener, Hard_Configurator or VoodooShield. Just don't use OSA with H_C as Andy warns against it - unless you really know your way around Windows processes. It can conflict and is just not needed.


Edit: And be aware you can customize your settings in WD with ConfigureDefender. The three profiles are there but can be modified any way you like via individual features, e.g. modified Max with a couple of changes.

@Digmor Crusher I see you use MBAM paid. If you like it then just pair it with WD. No muss, no fuss. (y)
 
Last edited:
Just download, copy and replace the old one wherever you keep it normally. Set protection level to your liking and good to go.



I'd say to some degree. modified Max to some degree. OSA is really a post-exploit software, not an outright prevention app. Windows Defender has anti-exploit features as does Windows, e.g. app and browser control, etc. The Wiindows features don't depend on WD. Many users prefer to harden with SysHardener, Hard_Configurator or VoodooShield. Just don't use OSA with H_C as Andy warns against it - unless you really know your way around Windows processes. It can conflict and is just not needed.


Edit: And be aware you can customize your settings in WD with ConfigureDefender. The three profiles are there but can be modified any way you like via individual features, e.g. modified Max with a couple of changes.

@Digmor Crusher I see you use MBAM paid. If you like it then just pair it with WD. No muss, no fuss. (y)

Yah, my go to softs I usually play around with are: WD, Emsisoft, OSA, VS, Malwarebytes, Sandboxie, and sometimes Appguard, my setup consists of some combination of these.
 

Andy Ful

Level 46
Verified
Trusted
Content Creator
Is there a description of this mitigation other than by inference from the name?
I read some malware analysis and articles about this method, for example:
 

oldschool

Level 34
Verified
I read some malware analysis and articles about this method, for example:
I get the general drift but otherwise the technical details are beyond me. Thanks again.
 

Gandalf_The_Grey

Level 21
Verified
Are all settings in Configure Defender redundant in OSArmor. If not, which one(s) OSArmor doesn't cover?
Configure Defender is for configuring the best protection possible in Windows Defender. OSArmor helps the protection of Windows Defender by:
Monitor and block suspicious processes behaviors to prevent infections by malware, ransomware, and other threats. This tool analyzes parent processes and prevents, for example, MS Word from running cmd.exe or powershell.exe, it prevents ransomware from deleting shadow copies of files via vssadmin.exe, it blocks processes with double file extensions (i.e invoice.pdf.exe), it blocks USB-spreading malware, and much more. It is lightweight, zero-configuration and runs in the background protecting your system.
 

Andy Ful

Level 46
Verified
Trusted
Content Creator
Are all settings in Configure Defender redundant in OSArmor. If not, which one(s) OSArmor doesn't cover?
OSArmor does not configure any Windows Defender settings.
OSArmor settings are not documented and WD ASR rules are poorly documented. So, It is often hard to say which rules are covered by OSArmor. But, it seems that most of WD ASR rules can be covered by OSArmor settings, for example, those related to scripting and Office applications.
Generally, OSA on default settings does not overlap much with ConfigureDefender. (y)

Post edited.
 
Last edited:

paulderdash

Level 4
ConfigureDefender + OSArmor sounds like a 'nice' combo, light, simple, with GUIs.

But H_C would be more comprehensive, all settings under the control of one dev - potentially more complex to configure, but with full documentation available.
 

Gangelo

Level 1
First of all, apologies if the question has been answered before but I searched the thread and could not find something similar.
If a system has been hardened with SysHardener (suggested tweaks) would it be ok to run Configure Defender in High settings or do they overlap / conflict with each other?
 

oldschool

Level 34
Verified
First of all, apologies if the question has been answered before but I searched the thread and could not find something similar.
If a system has been hardened with SysHardener (suggested tweaks) would it be ok to run Configure Defender in High settings or do they overlap / conflict with each other?
No problem. ConfigureDefender is simply a GUI for easy access to WD's advanced settings. SH is for OS hardening and will not interfere with WD. (y)
 

Gangelo

Level 1
Thanks for the reply oldschool.
I understand that both apps are just GUI's for easy access to various system settings.
I was only wondering if the hardening changes made by SysHardener are being overlapped by ConfigureDefender settings related to ASR.
 
  • Like
Reactions: oldschool