Hard_Configurator - Windows Hardening Configurator

Andy Ful

Level 81
Thread author
Verified
Helper
Top poster
Developer
Well-known
Dec 23, 2014
7,006
The only logical explanation is they surely worked with Microsoft for this. Creating backup images takes a lot of time and resources so they did this to speed up the process in PCs running WD.
From excluding the Acronis driver it does not follow that WD will not check the files while creating the backup.
Would you like a backup with malware inside?
 
Last edited:

SeriousHoax

Level 42
Verified
Top poster
Well-known
Mar 16, 2019
3,196
From excluding the Acronis driver it does not follow that WD will not check the files while creating the backup.
Would you like a backup with malware inside?
One service is excluded so there must be a logial reason for that otherwise it won't happen and it doesn't look like there's any other reason except performance improvement as WD is slow and resource intensive in such case.
 

Andy Ful

Level 81
Thread author
Verified
Helper
Top poster
Developer
Well-known
Dec 23, 2014
7,006
One service is excluded so there must be a logial reason for that otherwise it won't happen and it doesn't look like there's any other reason except performance improvement as WD is slow and resource intensive in such case.
There is a reason. After the software update, the Acronis driver could be blocked by WD. This would break backups and make some other problems in the system.
But of course, there may be another reason, too.
 

Andy Ful

Level 81
Thread author
Verified
Helper
Top poster
Developer
Well-known
Dec 23, 2014
7,006
H_C ~ SSRP + WYSYWIG GUI + predefined profiles + autoruns whitelisting + ForcedSmartScreen + ConfigureDefender + FirewallHardening + Windows Hardening + PADC + extensive help and manual + diagnostic features + backup.

WYSYWIG GUI - you can see anytime what are the current settings.
PADC - Protection Against Dangerous Configurations.

Some H_C predefined profiles will require hundreds of rules and many registry tweaks. But, the cautious user who has advanced knowledge about built-in Windows Security features, much time and very good memory, could get most of the H_C abilities (except ForcedSmartScreen) by using SSRP, good registry editor, PowerShell, Windows Firewall, and Windows Event Viewer.

I used SSRP some years ago - it is good software. It was a starting point for H_C, together with some insightful posts on WildersSecurity and MalwareTips forums.
 

paulderdash

Level 6
Verified
Well-known
Apr 28, 2015
277
... + WYSYWIG GUI + predefined profiles + autoruns whitelisting + ForcedSmartScreen + ConfigureDefender + FirewallHardening + Windows Hardening + PADC + extensive help and manual + diagnostic features + backup
So just those few features, Andy? Is that all?
🤣🤣

Thanks for the elucidation.
 

Andy Ful

Level 81
Thread author
Verified
Helper
Top poster
Developer
Well-known
Dec 23, 2014
7,006
Andy? Is that all?
...
Yes, for now.;)
There are a few things that can be done by SSRP and cannot be done (intentionally) in H_C, like:
blocking applications on the High Integrity Level, blocking any chosen program, etc. Using them could be sometimes dangerous for the users, and they do not add much security in the home environment protected with H_C.
 
Last edited:

Protomartyr

Level 7
Verified
Well-known
Sep 23, 2019
318
On the main H_C panel, start with the Recommended Settings settings option and tweak from there.
On the ConfigureDefender panel, set the Protection Level to High.

That's a good baseline in my opinion.

Another popular config is discussed here with a downloadable config file that you can import and load via the Load Profile button.
 

Andy Ful

Level 81
Thread author
Verified
Helper
Top poster
Developer
Well-known
Dec 23, 2014
7,006
Hi Just installed H_C. May I know if there's a config i can use?
Did you allow applying the Recommended Settins during the installation of H_C?
If so, then H_C is already configured. Please, read the <General Help> from the H_C main window. You can use Recommended Settings for some weeks to see if they are appropriate to your needs.
Post here or PM if you encounter any problem. After this period you can adjust some setting if you want.
There are many help files in H_C - any option has an additional help file that can be helpful to you.
 

AlanOstaszewski

Level 16
Verified
Top poster
Malware Hunter
Jul 27, 2017
779
Hey to all MalwareTips users! I just took the latest samples and tried them out. As usual I tested the Hard_Configurator with the recommended settings but with Windows Defender disabled.

I decided for the Crysis_Roger Ransomware not to follow the recommendation of Hard_Configurator and SmartScreen. The result was that the files were encrypted.


Summary: The implementation of SmartScreen in Hard_Configurator is very important. It is advisable to use a real-time virus scanner (like Windows Defender) if you often do not follow the advice of SmartScreen.

And of course, last but not least, a backup is very important. It only took a moment for the files to be encrypted. If you do not have a backup strategy yet, you should think about it as soon as possible.
 

Andy Ful

Level 81
Thread author
Verified
Helper
Top poster
Developer
Well-known
Dec 23, 2014
7,006
I finished the H_C test on the Windows Insider build 19035. All protection works well. But, after the fresh & default installation (no upgrade), I noticed that the path to the user Desktop was changed from "%UserProfile%\Desktop" to "%UserProfile%\OneDrive\Desktop". So, many applications will create shortcuts in the second location which is not whitelisted in H_C. This will be corrected in the new version of H_C.
 

Gandalf_The_Grey

Level 61
Verified
Helper
Top poster
Content Creator
Well-known
Apr 24, 2016
5,048
I finished the H_C test on the Windows Insider build 19035. All protection works well. But, after the fresh & default installation (no upgrade), I noticed that the path to the user Desktop was changed from "%UserProfile%\Desktop" to "%UserProfile%\OneDrive\Desktop". So, many applications will create shortcuts in the second location which is not whitelisted in H_C. This will be corrected in the new version of H_C.
If you use OneDrive to backup/sync your files Desktop, Documents and Pictures get a new path.
 

Andy Ful

Level 81
Thread author
Verified
Helper
Top poster
Developer
Well-known
Dec 23, 2014
7,006
If you use OneDrive to backup/sync your files Desktop, Documents and Pictures get a new path.
On Windows 1903 (even upgraded to 1909), the standard user folders have standard locations. I can still use the standard Desktop from the location "%UserProfile%\Desktop" on the fresh installed Windows 1903 (in the virtual machine) and sync files via OneDrive. On Windows Insider build 19035 there is no "%UserProfile%\Desktop" folder at all.
On Windows ver. 1903 the Desktop location is not redirected to "%UserProfile%\OneDrive\Desktop" even when you sync files via OneDrive. This happens on Windows Insider build 19035.
 

ErzCrz

Level 12
Verified
Top poster
Well-known
Aug 19, 2019
559
On Windows 1903 (even upgraded to 1909), the standard user folders have standard locations. I can still use the standard Desktop from the location "%UserProfile%\Desktop" on the fresh installed Windows 1903 (in the virtual machine) and sync files via OneDrive. On Windows Insider build 19035 there is no "%UserProfile%\Desktop" folder at all.
On Windows ver. 1903 the Desktop location is not redirected to "%UserProfile%\OneDrive\Desktop" even when you sync files via OneDrive. This happens on Windows Insider build 19035.
Thanks for providing a fantastic product and adapting to these M$ updates:D
 

Andy Ful

Level 81
Thread author
Verified
Helper
Top poster
Developer
Well-known
Dec 23, 2014
7,006
On Windows 1903 (even upgraded to 1909), the standard user folders have standard locations. I can still use the standard Desktop from the location "%UserProfile%\Desktop" on the fresh installed Windows 1903 (in the virtual machine) and sync files via OneDrive. On Windows Insider build 19035 there is no "%UserProfile%\Desktop" folder at all.
On Windows ver. 1903 the Desktop location is not redirected to "%UserProfile%\OneDrive\Desktop" even when you sync files via OneDrive. This happens on Windows Insider build 19035.
I investigated this problem, and on Windows 1909 my folders are synced in such a way that they are visible/accessible in the Explorer, but only some files are stored both on disk and online - the rest is stored only online (although visible in Explorer). If I choose to backup the folder (for example Desktop) by using OneDrive application, then it is moved to the OneDrive folder. So, it is possible to move the Desktop folder in this way to OneDrive ("%UserProfile%\Desktop" ---> "%UserProfile%\OneDrive\Desktop") on Windows 10. The difference with Windows Insider build 19035 is that this backup was done somehow during the fresh installation. This can be probably prevented by choosing other settings.
 
Last edited:

Gandalf_The_Grey

Level 61
Verified
Helper
Top poster
Content Creator
Well-known
Apr 24, 2016
5,048
I had a problem with my backups (through file history) that there were almost no files. Solved by disabling Files On-Demand in OneDrive settings: