Hard_Configurator - Windows Hardening Configurator

5

509322

All Hard_Configurator reviews, even in the popular printed magazine, were about portable (non existent) program. Autors gave it good marks, but complained that help files did not work, etc. Now I know, that if the program is in a compressed archive, everyone will assume that it is portable.o_O

Add "YOU MUST READ ME!!!!!!!!!!!!.txt" inside the compressed archive. They don't read it, and complain, then you can't point back to >>> YOU MUST READ ME!!!!!!!!!!.txt...

It is like this...

I'll use combat vest for example:

1. Your product suxx ! It did not stop bullet !
2. Where you wearing the vest ?
3. Yes
4. Did you put armor plates in it - front & back
5. No... I forgot... or... I didn't know I needed to do that...
6. Did you read directions ?
7. No...
8. That's why bullet went through your chest, so stop complaining.

You would not believe it, but Mickey Mouse things like this happen.
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
Good joke.:)
I am happy that I do not have to earn money as a software maker. I would get depressed.:D
On the other side, the software is for people, so it should be adjusted to the average user.
It will be a hard task to do with Hard_Configurator (as the software description suggest).:)
 
Last edited:

Arequire

Level 29
Verified
Top Poster
Content Creator
Feb 10, 2017
1,814
Agree with @Lockdown. I've had zero problems with the semi-portable version sat in my Windows directory but a version that's allowed a full installation would be preferable. :)
 
Last edited:

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
The simple solution to make Hard_Configurator an Easy_Configurator, is forget about SRP. The program could be fully portable and easy to understand. Maybe some day I give up, and will make it so.:rolleyes:
 

HarborFront

Level 71
Verified
Top Poster
Content Creator
Oct 9, 2016
6,014
Yes, I replaced the old file. The only difference is in the file Installation.txt . The file Hard_Configurator_3.0.0.0_(semiportable).zip is not in official Hard_Configurator folder, because it is a special version for MalwareTips members.
Thank a lot. Just read it. Now it makes installation easier.

A video would be nicer
 
  • Like
Reactions: Andy Ful

HarborFront

Level 71
Verified
Top Poster
Content Creator
Oct 9, 2016
6,014
Hi @Andy Ful

Just to check. I have ALL my portable software in C:\Users\My Name

I would like to find out if ALL the portables need to be whitelisted or some not required. Any guideline on this?

Also, in future, if there's a new update do I need to completely remove the current version and reinstall the new update or just update over the current version while keeping the whitelist? Re-whitelisting 20 to 30 apps is no joke.

Thanks
 
  • Like
Reactions: Andy Ful
D

Deleted member 178

The simple solution to make Hard_Configurator an Easy_Configurator, is forget about SRP. The program could be fully portable and easy to understand. Maybe some day I give up, and will make it so.:rolleyes:
and i won't even be interested anymore :p
 
  • Like
Reactions: Andy Ful

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
Hi @Andy Ful

Just to check. I have ALL my portable software in C:\Users\My Name

I would like to find out if ALL the portables need to be whitelisted or some not required. Any guideline on this?

Also, in future, if there's a new update do I need to completely remove the current version and reinstall the new update or just update over the current version while keeping the whitelist? Re-whitelisting 20 to 30 apps is no joke.

Thanks

If the portable application is in C:\Windows, C:\Program Files or C:\Program Files (x86) (for 64-bit Windows), then it does not have to be whitelisted. Those folders are already whitelisted by default. All other programs have to be whitelisted when running as standard user. There are some fixed standard locations that should not be whitelisted in the folder C:\Users\UserName: Appdata\Local\Temp, Desktop, Documents, Music, Pictures, Videos, etc. They are present on all computers so can be used by malware in the wild.

If you rarely use some applications, consider to use 'Run As SmartScreen', it can bypass SRP restrictions - the application is checked by SmartScreen, and then (if recognized as safe) run with administrative rights. If, so then it does not have to be whitelisted. Yet, this solution is not recommended for vulnerable applications like Web Browsers or any applications that are known targets for exploits.

The White List is stored in Windows Registry, so it can survive the program update. You can simply install the new version over the old one or, if you do not like possible leftovers, follow the instructions from the file Installation.txt.

The only way to wipe out the White List is using the <Restore Windows Defaults> option in <Tools>, or recover the system from the restore point.

I hope it will help.:)
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
Hard_Configurator version 3.0.0.1 has been released (installer version).
Hard_Configurator_3.0.0.1.zip


Program Web Page:
GitHub - AndyFul/Hard_Configurator: GUI to Manage Software Restriction Policies and harden Windows Home OS

INSTALLATION
0. Please do not use Hard_Configurator on laptops with the system installed on eMMC flash memory, because the program was not fully tested on this hardware.
  1. Uninstall the previous version of Hard_Configurator (see DEINSTALLATION before program update).
  2. Open the Zip archive Hard_Configurator_3.0.0.1.zip .
  3. Run Hard_Configurator_setup(x86)_3.0.0.1.exe for 32Bit Windows version or Hard_Configurator_setup(x64)_3.0.0.1.exe for 64Bit Windows version.
  4. The program will be installed in 'Windows\Hard_Configurator' folder. It can be run, using a shortcut from the Desktop.

Please read Installation.txt (included in the archive) for detailed information.
As compared to version 3.0.0.0, the autoruns checking has been corrected, and this version is the first English version with installer.
 
Last edited:

HarborFront

Level 71
Verified
Top Poster
Content Creator
Oct 9, 2016
6,014
Hard_Configurator version 3.0.0.1 has been released (installer version).
Hard_Configurator_3.0.0.1.zip


Program Web Page:
GitHub - AndyFul/Hard_Configurator: GUI to Manage Software Restriction Policies and harden Windows Home OS

INSTALLATION
0. Please do not use Hard_Configurator on laptops with the system installed on eMMC flash memory, because the program was not fully tested on this hardware.
  1. Uninstall the previous version of Hard_Configurator (see DEINSTALLATION before program update).
  2. Open the Zip archive Hard_Configurator_3.0.0.1.zip .
  3. Run Hard_Configurator_setup(x86)_3.0.0.1.exe for 32Bit Windows version or Hard_Configurator_setup(x64)_3.0.0.1.exe for 64Bit Windows version.
  4. The program will be installed in 'Windows\Hard_Configurator' folder. It can be run, using a shortcut from the Desktop.

Please read Installation.txt (included in the archive) for detailed information.
As compared to version 3.0.0.0, the autoruns checking has been corrected, and this version is the first English version with installer.
So where's the portable version?

Thanks
 
  • Like
Reactions: Andy Ful

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
Here is the semiportable version ('Hard_Configurator' folder must be copied to 'C:\Windows'):
Hard_Configurator_3.0.0.1_(semiportable).zip
:)
It is recommended to read the Install.txt included in 'Hard_Configurator' folder.

The version with installer can be easily made semiportable (after installing):
1. Change the name of the program folder temporarily (for example Hard_Configurator -> aHard_Configurator).
2. Uninstall Hard_Configurator using the standard Windows procedure.
3. Restore the initial folder name (aHard_Configurator -> Hard_Configurator).
 
Last edited:

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
So where's the portable version?

Thanks

I have just uploaded semiportable version, too.:)
See the previous post to consider
Hi @Andy Ful

I'm not seeing the version number on the GUI of Hard Configurator. Do you think you can add that in future?

Thanks
It is somewhat hidden. Press <Minimize>. Navigate to Windows notification area and right-click Hard_Configurator icon, next choose 'About'.:)
I think that your suggestion is better, the label with the version number will be added soon.:)
 

HarborFront

Level 71
Verified
Top Poster
Content Creator
Oct 9, 2016
6,014
I have just uploaded semiportable version, too.:)
See the previous post to consider

It is somewhat hidden. Press <Minimize>. Navigate to Windows notification area and right-click Hard_Configurator icon, next choose 'About'.:)
I think that your suggestion is better, the label with the version number will be added soon.:)
Thanks. I have downloaded and installed the portable version.
 
  • Like
Reactions: Andy Ful

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
In the new version, under "more restrictions", there is an option for "disable elevation on SUA".
There seem to be two different off settings: off1 and off3.
Could you explain?
 

Daniel Keller

Level 2
Verified
Dec 28, 2016
86
Thank you Andy for this great tool. I really love it and already recommend it to others as well.

Until today I used SSRP instead (Software Policy :: Software Policy user manual).
I think your tool is more powerful an offers more features. Please keep up the great support.

Also thank you for the very good and complete documentation. This is much work but is highly appreciated as well!
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
Thank you Andy for this great tool. I really love it and already recommend it to others as well.

Until today I used SSRP instead (Software Policy :: Software Policy user manual).
I think your tool is more powerful an offers more features. Please keep up the great support.

Also thank you for the very good and complete documentation. This is much work but is highly appreciated as well!
Thanks.:)
The documentation is a real pain in the neck for me, because English is not my native language.

Edit.
SSRP is a very good program. It was also SRP starter for me.
 

Daniel Keller

Level 2
Verified
Dec 28, 2016
86
Hi everybody,

I´m curios. Does SRP / Hard Configurator prevent infection with WannaCry if you work on an unpatched machine and WannaCry tries to infect you from another PC in the same network using the network file service? Anybody tried?
 
  • Like
Reactions: askmark

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
zerosum0x0: DoublePulsar Initial SMB Backdoor Ring 0 Shellcode Analysis
NSA’s DoublePulsar Kernel Exploit In Use Internet-Wide

From the above articles, I learned that:
  1. Wannacry uses SMB1 vulnerability based on EternalBlue exploit and DoublePulsar memory backdoor (persistent due to changing the Registry).
  2. The DoublePulsar lives in memory, until the machine is rebooted.
  3. If the machine is infected, DoublePulsar can load and execute a payload.
So, it seems that Wannacry can be stopped by Default Deny SRP/Hard_Configurator (with blocking DLLs setting). But, DoublePulsar backdoor cannot be stopped.

EDIT
I reedited the above text, because Wannacry uses also the persistence mechanism (EternalBlue exploit).
Ransomware Infographic: An Anatomy of the WannaCry Cyberattack
 
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top