Hard_Configurator - Windows Hardening Configurator

[Sunshine-boy]

Thnx for the update!this free tool is more effective than some paid software's lol

 

[Deleted member 178]

Not in this case. The 64-bit version is detected as clean:
malware.exe Details. Is this file safe? Check the directory
Antivirus scan for fb5443d482c98f02a343fb0c50bf86aed5ac7a4aaea00e818ff1ef96771602d3 at 2017-08-03 09:32:06 UTC - VirusTotal

Edit.
The SHA-1 and MD5 hashes are identical for VirusTotal and "isthisfilesafe.com" .

And that is weird...

Maybe because it is unsigned, or in VT maybe they use only one of the engines and the other flag it.

 

[Andy Ful]

And that is weird...

Maybe because it is unsigned, or in VT maybe they use only one of the engines and the other flag it.

I am going to install Emsisoft Antimalware, and check it.

 

[Andy Ful]

Emsisoft Antimalware installed. Checked nircmd.exe, nircmdc.exe (both 32 and 64.bit), all Hard_Configurator executables, and all installers (beta 3.0.1.0, 3.0.0.1, both 32 and 64.bit). No problems at all.
Emsisoft Behavior Blocker alerted twice: first time after running Hard_Configurator (System Policies), and the second time when applying recommended settings. Good work Emsisoft.
I did not notice any incompatibilities between Emsisoft and Hard_Configurator.

It seems that detection problems are related to "http://www.isthisfilesafe.com" website.

 

[Andy Ful]

It seems, that form some time, Hard_Configurator v. 3.0.0.1 installers are accepted by SmartScreen (no SmartScreen prompt when downloading or running). So, thanks guys, for testing it. With your help, Hard_Configurator managed to get sufficient reputation.

 

[509322]

Emsisoft Antimalware installed. Checked nircmd.exe, nircmdc.exe (both 32 and 64.bit), all Hard_Configurator executables, and all installers (beta 3.0.1.0, 3.0.0.1, both 32 and 64.bit). No problems at all.
Emsisoft Behavior Blocker alerted twice: first time after running Hard_Configurator (System Policies), and the second time when applying recommended settings. Good work Emsisoft.
I did not notice any incompatibilities between Emsisoft and Hard_Configurator.

It seems that detection problems are related to "http://www.isthisfilesafe.com" website.

You can contact them via email. Explain that you are the publisher, provide your GitHub link, and they will reply. fp@emsisoft.com

 

[Andy Ful]

You can contact them via email. Explain that you are the publisher, provide your GitHub link, and they will reply. fp@emsisoft.com

Thanks. This is a strange situation, because Emsisoft AntiMalware has no problem with those files - I installed the trial version, and checked the files locally on my computer. I already submitted the files with short explanations, using the link:
Emsisoft | Submit a Suspicious File
If this will not help, I will contact them via mail from your post.

 

[509322]

Thanks. This is a strange situation, because Emsisoft AntiMalware has no problem with those files - I installed the trial version, and checked the files locally on my computer. I already submitted the files with short explanations, using the link:
Emsisoft | Submit a Suspicious File
If this will not help, I will contact them via mail from your post.

If there are idiots that download and attempt to install your product, and it triggers a BB alert, and they quarantine your files, then those block and quarantine decisions will create a negative reputation in the AMN. The community of Emsi users does influence how the product will treat files.

Did you see an alert that the AMN query returned malicious or bad reputation ? If yes, then its the community-based rating\reputation. If the query returned unknown and then a BB alert appeared with the 4 options, then it isn't the AMN.

There was already one guy here at MT telling others not to use HC because it was a virus.

In your situation you should submit it via fp@emsisoft.com.

 

[Andy Ful]

If there are idiots that download and attempt to install your product, and it triggers a BB alert, and they quarantine your files, then those block and quarantine decisions will create a negative reputation in the AMN. The community of Emsi users does influence how the product will treat files.

Did you see an alert that the AMN query returned malicious or bad reputation ? If yes, then its the community-based rating\reputation. If the query returned unknown and then a BB alert appeared with the 4 options, then it isn't the AMN.

There was already one guy here at MT telling others not to use HC because it was a virus.

In your situation you should submit it via fp@emsisoft.com.

Yes, this can be true. Behavior blocker alerted twice, when running Hard_Configurator and applying recommended settings. I will submit the final version via fp@emsisoft.com . Thanks for the help.

 

[509322]

Yes, this can be true. Behavior blocker alerted twice, when running Hard_Configurator and applying recommended settings. I will submit the final version via fp@emsisoft.com . Thanks for the help.

With each new version you will likely have to re-submit unless you get a cert. I've seen on other forums where someone has stated HC is a virus. Not sure if it is the same guy who keeps saying it over-and-over, but there it is.

 

[Andy Ful]

With each new version you will likely have to re-submit unless you get a cert. I've seen on other forums where someone has stated HC is a virus. Not sure if it is the same guy who keeps saying it over-and-over, but there it is.

Hard_Configurator needs time and some improvements to get reputation. I am glad, that installers v. 3.0.0.1 are now accepted by SmartScreen.

 

[Sunshine-boy]

If there are idiots

if this tool was paid and even if it had 40/68detecion ppl like it! but because of its free
Ungrateful nation

 

[Andy Ful]

if this tool was paid and even if it had 40/68detecion ppl like it! but because of its free
Ungrateful nation

I hope, that your post is not a prophecy.

 

[Sunshine-boy]

lol no its not!

 

[Andy Ful]

Hard_Configurator_beta_3.0.1.0 is ready to download from GitHub:
For 64-bit Windows: https://github.com/AndyFul/Hard_Con...Hard_Configurator_setup(x64)_beta_3.0.1.0.exe
For 32-bit Windows: https://github.com/AndyFul/Hard_Con...Hard_Configurator_setup(x86)_beta_3.0.1.0.exe

Edit.
There were problems with verifying the 32-bit version. The non signature part of Defender protection, still detected it as a trojan. I send an e-mail to Microsoft, but security guys could not reproduce my problems. After a few days they found the solution, now it is OK. Furthermore, the 32-bit new beta version seems to be accepted by SmartScreen ???

 

[Andy Ful]

You can contact them via email. Explain that you are the publisher, provide your GitHub link, and they will reply. fp@emsisoft.com

That was really fast. Yesterday, I sent a mail to Emsisoft about correcting the wrong detection of Hard_Configurator installers. Today, I checked:
What is this exe file? Is this file safe? Check here
Now, all files are Trusted!
Thanks again @Locdown. Good work Emsisoft.

 

[AlainS]

I'd like to report a possible bug.

On windows 8.1 x64, enabling "don't run exec from removable drives" blocked all programs that were installed on my secondary internal hard drive. I tried to revert the setting but it didn't worked, even after a full reboot. I finally had to use a system restore point to get things working again. I didn't enable any of the SRPs, I just used restrictions.

 

[Andy Ful]

I'd like to report a possible bug.

On windows 8.1 x64, enabling "don't run exec from removable drives" blocked all programs that were installed on my secondary internal hard drive. I tried to revert the setting but it didn't worked, even after a full reboot. I finally had to use a system restore point to get things working again. I didn't enable any of the SRPs, I just used restrictions.

It seems, that Windows OS recognized your secondary internal hard drive as a removable drive. This happens rarely, so thanks for posting it. Reverting <No Removable Disk Exec.> setting is explained in the help file:

"The removable disks have to be removed (use Safely Remove Hardware in the System Tray) and connected again to make this option work."

So, the drive has to be disconnected and connected again.
I am curious what kind of drive you have? Is this a flash drive FAT32?

 

[AlainS]

All my internal drives are formatted with NTFS.

I tried to use the "safely remove hardware" as instructed for the secondary drive, but windows refused stubbornly to unmount it.
My system drive is an SSD. I know the doc says SSD are untested, but I have macrium backups if worse comes to worst.
The secondary drive is a standard magnetic disk.

 

[Andy Ful]

All my internal drives are formatted with NTFS.

I tried to use the "safely remove hardware" as instructed for the secondary drive, but windows refused stubbornly to unmount it.
My system drive is an SSD. I know the doc says SSD are untested, but I have macrium backups if worse comes to worst.
The secondary drive is a standard magnetic disk.

Thanks. So, in some hardware configurations, this setting can be dangerous. I do not think, that it is related to SSD, because I have a similar config on two computers: SSD (system) + secondary magnetic disk. Anyway, this issue has to be investigated, because this could be the system disk, and then Windows would hang completely.