ConfigureDefender utility for Windows 10/11

SeriousHoax

Level 49
Verified
Top Poster
Well-known
Mar 16, 2019
3,873
Tried to run the latest version of WiseVector and got this notification.
p.png

Which is alright I guess because WD probably didn't see this file before and the timeout is 60 sec because that's how I set it. Before when I had this timeout notification for other new files, the file always ran after few seconds but not this time. Now even after 30 mins WiseVector is still not running and getting this notification instead.
p2.png

Maybe a restart will fix it but I'm working on something now so can't do it at the moment. Found a log in temp regarding that timeout notification which is normal I think.
p3.PNG

I was wondering if anyone's familiar with this behavior?
 

oldschool

Level 85
Verified
Top Poster
Well-known
Mar 29, 2018
7,704
Tried to run the latest version of WiseVector and got this notification.
p.png
This seems to be a new notification type from M$. I get it with every Brave Nightly update.

Now even after 30 mins WiseVector is still not running and getting this notification instead.
p2.png
Is WD set to "Block"? That looks like an ASR or H_C block maybe? 🤔
 

CyberTech

Level 44
Verified
Top Poster
Well-known
Nov 10, 2017
3,250

Wow i cant believe this! we MT are proud of you! congrats @Andy Ful @oldschool @shmu26 you made it 👏

 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,599
Tried to run the latest version of WiseVector and got this notification.
View attachment 240292
Which is alright I guess because WD probably didn't see this file before and the timeout is 60 sec because that's how I set it. Before when I had this timeout notification for other new files, the file always ran after few seconds but not this time. Now even after 30 mins WiseVector is still not running and getting this notification instead.
View attachment 240293
Maybe a restart will fix it but I'm working on something now so can't do it at the moment. Found a log in temp regarding that timeout notification which is normal I think.
View attachment 240296
I was wondering if anyone's familiar with this behavior?
Works well on my machine: H_C (ConfigureDefender HIGH + all ASR rules ON, CFA is ON).
WiseVector.png

I have got an alert from CFA which blocked WiseVector to access the Documents folder.
Are there any blocks in ConfigureDefender <Defender Security Log>?
 

SeriousHoax

Level 49
Verified
Top Poster
Well-known
Mar 16, 2019
3,873
Works well on my machine: H_C (ConfigureDefender HIGH + all ASR rules ON, CFA is ON).
View attachment 240298
I have got an alert from CFA which blocked WiseVector to access the Documents folder.
Are there any blocks in ConfigureDefender <Defender Security Log>?
No, nothing is CD log. I'll restart the system later. Probably that will fix the issue.
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,599
No, nothing is CD log. I'll restart the system later. Probably that will fix the issue.
After looking into ConfigureDefender <Defender Security Log>, I noticed many ASR blocks from Lsass ASR rule. But, WiseVector seems to work without issues and detected some false positives on my machine.
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,599
what is the difference?

Cloud Protection level= highest or block ?=
i dont get it
The second should be more aggressive. But, there are no details available (no documentation). From the tests on MH and my tests, the Block level does not block all unknown executables. It probably can block sufficiently suspicious & unknown files.
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,599

oldschool

Level 85
Verified
Top Poster
Well-known
Mar 29, 2018
7,704

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,599
Yes, but also somewhere it mentioned more FPs and is not advised.
It can be deduced from the description = block unknown executables.:)
It is also obvious when one looks at the sequence:
Default >> High >> High+ >> Block.
I am trying to find something more informative for 2 years without any success.:(
 
Last edited:

Vitali Ortzi

Level 26
Verified
Top Poster
Well-known
Dec 12, 2016
1,596
It can be deduced from the description = block unknown executables.:)
It is also obvious when one looks at the sequence:
Default >> High >> High+ >> Block.
I am trying to find something more informative for 2 years without any success.:(
Configure Defender is a very great tool made me come back to built in protection in some Configuration.
Unfortunately it's not up to Andy to lower the false positive rate .
Even default has false positives for some Users ,me as well(used to have in a few programs in my USB but replaced them with powershell/Bat scripts Wich fixed the issue and saved me space as well).
 

simmerskool

Level 38
Verified
Top Poster
Well-known
Apr 16, 2017
2,792
Tried to run the latest version of WiseVector and got this notification.
View attachment 240292
Which is alright I guess because WD probably didn't see this file before and the timeout is 60 sec because that's how I set it. Before when I had this timeout notification for other new files, the file always ran after few seconds but not this time. Now even after 30 mins WiseVector is still not running and getting this notification instead.
View attachment 240293
Maybe a restart will fix it but I'm working on something now so can't do it at the moment. Found a log in temp regarding that timeout notification which is normal I think.
View attachment 240296
I was wondering if anyone's familiar with this behavior?

Yes I saw this or very similar the other day, when I was bored and tried to run an eset online scan of win10. H_C using default recommended settings for SRP, CD & firewall. Running as SUA. I assumed the block was H_C related, but I didn't really care about running eset scan, so I forgot about it.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top