ConfigureDefender utility for Windows 10/11

Digmor Crusher said:
Mr. Ful to update to new version just delete the old version, download new, set protection level, good to go?
Click to expand...

Just download, copy and replace the old one wherever you keep it normally. Set protection level to your liking and good to go.

Digmor Crusher said:
Also. does running this in High setting make OSA redundant?
Click to expand...

I'd say to some degree. modified Max to some degree. OSA is really a post-exploit software, not an outright prevention app. Windows Defender has anti-exploit features as does Windows, e.g. app and browser control, etc. The Wiindows features don't depend on WD. Many users prefer to harden with SysHardener, Hard_Configurator or VoodooShield. Just don't use OSA with H_C as Andy warns against it - unless you really know your way around Windows processes. It can conflict and is just not needed.


Edit: And be aware you can customize your settings in WD with ConfigureDefender. The three profiles are there but can be modified any way you like via individual features, e.g. modified Max with a couple of changes.

@Digmor Crusher I see you use MBAM paid. If you like it then just pair it with WD. No muss, no fuss. (y)
 
Last edited:
  • Like
Reactions: [correlate], blackice, SeriousHoax and 4 others
  • Like
Reactions: [correlate], simmerskool, oldschool and 1 other person
oldschool said:
Just download, copy and replace the old one wherever you keep it normally. Set protection level to your liking and good to go.



I'd say to some degree. modified Max to some degree. OSA is really a post-exploit software, not an outright prevention app. Windows Defender has anti-exploit features as does Windows, e.g. app and browser control, etc. The Wiindows features don't depend on WD. Many users prefer to harden with SysHardener, Hard_Configurator or VoodooShield. Just don't use OSA with H_C as Andy warns against it - unless you really know your way around Windows processes. It can conflict and is just not needed.


Edit: And be aware you can customize your settings in WD with ConfigureDefender. The three profiles are there but can be modified any way you like via individual features, e.g. modified Max with a couple of changes.

@Digmor Crusher I see you use MBAM paid. If you like it then just pair it with WD. No muss, no fuss. (y)
Click to expand...


Yah, my go to softs I usually play around with are: WD, Emsisoft, OSA, VS, Malwarebytes, Sandboxie, and sometimes Appguard, my setup consists of some combination of these.
 
  • Like
Reactions: [correlate], bjm_, simmerskool and 3 others
oldschool said:
Is there a description of this mitigation other than by inference from the name?
Click to expand...
I read some malware analysis and articles about this method, for example:
medium.com

Detecting & Removing WMI Persistence

Windows Management Instrumentation (WMI) Event Subscription is a popular technique to establish persistence on an endpoint. I decided to…
medium.com medium.com
 
  • Like
  • Thanks
Reactions: [correlate], simmerskool, blackice and 6 others
Andy Ful said:
I read some malware analysis and articles about this method, for example:
medium.com

Detecting & Removing WMI Persistence

Windows Management Instrumentation (WMI) Event Subscription is a popular technique to establish persistence on an endpoint. I decided to…
medium.com medium.com
Click to expand...

I get the general drift but otherwise the technical details are beyond me. Thanks again.
 
  • Like
Reactions: [correlate], Vasudev, simmerskool and 4 others
paulderdash said:
Just confirming ... so OSA + ConfigureDefender is OK, just OSA + H_C could be problematic?
Click to expand...
OSA (default settings) + ConfigureDefender should be OK. The combo OSA + H_C may be problematic and requires the cautious and advanced user.
 
  • Like
  • +Reputation
Reactions: xSploit, [correlate], Vasudev and 5 others
Azure said:
Are all settings in Configure Defender redundant in OSArmor. If not, which one(s) OSArmor doesn't cover?
Click to expand...
Configure Defender is for configuring the best protection possible in Windows Defender. OSArmor helps the protection of Windows Defender by:
Monitor and block suspicious processes behaviors to prevent infections by malware, ransomware, and other threats. This tool analyzes parent processes and prevents, for example, MS Word from running cmd.exe or powershell.exe, it prevents ransomware from deleting shadow copies of files via vssadmin.exe, it blocks processes with double file extensions (i.e invoice.pdf.exe), it blocks USB-spreading malware, and much more. It is lightweight, zero-configuration and runs in the background protecting your system.
Click to expand...
www.novirusthanks.org

Prevent Malware & Ransomware Infections on Windows PC | OSArmor

OSArmor is a Windows application that focuses on preventing malware and ransomware infections by blocking malware delivery methods and suspicious processes behaviors.
www.novirusthanks.org
 
  • Like
  • +Reputation
Reactions: [correlate], simmerskool, harlan4096 and 4 others
Azure said:
Are all settings in Configure Defender redundant in OSArmor. If not, which one(s) OSArmor doesn't cover?
Click to expand...
OSArmor does not configure any Windows Defender settings.
OSArmor settings are not documented and WD ASR rules are poorly documented. So, It is often hard to say which rules are covered by OSArmor. But, it seems that most of WD ASR rules can be covered by OSArmor settings, for example, those related to scripting and Office applications.
Generally, OSA on default settings does not overlap much with ConfigureDefender. (y)

Post edited.
 
Last edited:
  • Like
Reactions: simmerskool, Gandalf_The_Grey, harlan4096 and 2 others
First of all, apologies if the question has been answered before but I searched the thread and could not find something similar.
If a system has been hardened with SysHardener (suggested tweaks) would it be ok to run Configure Defender in High settings or do they overlap / conflict with each other?
 
  • Like
Reactions: xSploit, Andy Ful and oldschool
Gangelo said:
First of all, apologies if the question has been answered before but I searched the thread and could not find something similar.
If a system has been hardened with SysHardener (suggested tweaks) would it be ok to run Configure Defender in High settings or do they overlap / conflict with each other?
Click to expand...

No problem. ConfigureDefender is simply a GUI for easy access to WD's advanced settings. SH is for OS hardening and will not interfere with WD. (y)
 
  • Like
Reactions: xSploit, Gangelo, simmerskool and 3 others
Thanks for the reply oldschool.
I understand that both apps are just GUI's for easy access to various system settings.
I was only wondering if the hardening changes made by SysHardener are being overlapped by ConfigureDefender settings related to ASR.
 
  • Like
Reactions: oldschool
Gangelo said:
Thanks for the reply oldschool.
I understand that both apps are just GUI's for easy access to various system settings.
I was only wondering if the hardening changes made by SysHardener are being overlapped by ConfigureDefender settings related to ASR.
Click to expand...

No they don't overlap. Apples & oranges. (y)
 
  • Like
Reactions: simmerskool, stefanos, Andy Ful and 1 other person

You may also like...