Andy Ful

Level 60
Verified
Trusted
Content Creator
The admin author gives Microsoft's very reason for implementing SRP back in 2002. SRP is soooo amazing that it is the most robust protection to this very day on Windows with Microsoft working on new iterations.


" Right now is usually when I get the most push back on the strategy. You see, vendors of security software have for years positioned their products as “Smart Enough” to catch this behavior. Don’t worry which ones either—they are all guilty of it. Email Anti-Spam, Anti-Virus, Firewalls, you name it. Put “Next-Gen” in front of the name and they’ll go on about how many times their solution stopped such behaviors. They conveniently leave out that no matter who they are or the technique they use they don’t work 100% of the time. So, let’s talk about the times they don’t: because that’s when the software restriction policy is going to save you. "
Thanks. It is a nice article that is close to my understanding of the preventive role of SRP nowadays. Many people prefer it for usability over AppLocker (which uses the same APIs but has got a stronger design).
 
Last edited:

sepik

Level 7
@Andy Ful
HC does not work with LTSC? Tried also syshardener and webroot's free script blocker. With and without any other security software installed.
Its only works, if i block them via local group policy editor. Blocking wscript, cscript causes, for example, installing MS Office to fail. So i have to disable those temporarily.

Kind regards,
-sepik
 

Andy Ful

Level 60
Verified
Trusted
Content Creator
@Andy Ful
HC does not work with LTSC? Tried also syshardener and webroot's free script blocker. With and without any other security software installed.
Its only works, if i block them via local group policy editor. Blocking wscript, cscript causes, for example, installing MS Office to fail. So i have to disable those temporarily.

Kind regards,
-sepik
Tried LTSC ver. 1809.
SRP did not work, both via GPO or H_C. The LTSC is not a complete Windows Enterprise edition.
SRP works well on Windows Home, Pro, Enterprise.
 
Last edited:

john2334

New Member
I cant find any info about this... but is this program safe to use? Virustotal detects a trojan (Ikarus;Trojan-Spy.Agent.Zum)


Please moderators, don't remove my post again, I want to try this software, all I'm asking is if it's safe to use... thanks.

Sorry if this question has been answered, but I want to make sure, because Ive had problems in the past with software where people claimed virustotal was just detecting "false postives" but when I installed it, it messed up my computer, I ended up having to reinstall my operating system.
 

security123

Level 21
I cant find any info about this... but is this program safe to use? Virustotal detects a trojan (Ikarus;Trojan-Spy.Agent.Zum)


Please moderators, don't remove my post again, I want to try this software, all I'm asking is if it's safe to use... thanks.

Sorry if this question has been answered, but I want to make sure, because Ive had problems in the past with software where people claimed virustotal was just detecting "false postives" but when I installed it, it messed up my computer, I ended up having to reinstall my operating system.
Yes it's safe.
Also take a look at the re-test as your link was 4 days old. Now only 1 false positive exist. 1 from a unknown AV.
 

oldschool

Level 53
Verified
@john2334 Please see this video for a better understanding of VT results. It's a very good explanation of how to understand results.

 

Andy Ful

Level 60
Verified
Trusted
Content Creator
...
Sorry if this question has been answered, but I want to make sure, because Ive had problems in the past with software where people claimed virustotal was just detecting "false postives" but when I installed it, it messed up my computer, I ended up having to reinstall my operating system.
H_C is safe for advanced users. VirusTotal cannot save you against clean applications that can mess up your computer. From your post it follows that you are not an advanced user, so you should not use Hard_Configurator.
If you want to try hardening, then first start from a simpler application like for example SimpleWindowsHardening:

Version 1.0.0.2 works well.
 
Last edited:

aldist

Level 1
@Andy Ful
Users of high-resolution monitors increase the system fonts. I am using 11pt instead of the default 9pt, and this is the problem. The screenshots show how this can be checked. Can you fix this nuance? This is version independent, I use v5.1.1.2.
11.png
 
Last edited:

Andy Ful

Level 60
Verified
Trusted
Content Creator
@Andy Ful
Users of high-resolution monitors increase the system fonts. I am using 11pt instead of the default 9pt, and this is the problem. The screenshots show how this can be checked. Can you fix this nuance? This is version independent, I use v5.1.1.2.
View attachment 244515
I am afraid that it is not possible. You have used an application that can change fonts only for some window controls, and the rest of controls have the unchanged fonts.
 
Last edited:

Andy Ful

Level 60
Verified
Trusted
Content Creator
Generally, changing the size of the system fonts can be troublesome. It is better to change Display settings (Scale and layout).
If you will have problems with custom Scale and layout (log off the account is required), then look into the H_C manual (Font rescaling issue):

"Some display drivers and DPI settings are not fully compatible with AutoIt
when the fonts are rescaled by the user. Sometimes the fonts are rescaled but
not the buttons and controls. This issue should disappear after using the default
font scale (100%) or default DPI settings.
In many cases, the rescaling issue can be solved by adjusting DPI settings for
the concrete executable.
As an example we can take the Hard_Configurator executable:
Right-click on H_C shortcut > Properties > Compatibility > Change high DPI
settings. Tick "Override high DPI scaling behavior".
Choosing the "Application" (or another) option can often solve the rescaling
issues (important: Log off the account is required to apply the new DPI settings)."
 
Last edited:

aldist

Level 1
I make a configuration backup for transferring to another computer or for a clean install. I save the profile with the <Save Profile> button, I see the file and the save path. I save WhiteList with the <Save Load> button, but I do not see the file and save path. Where is the WhiteList backup saved, in which file?
 

security123

Level 21
I make a configuration backup for transferring to another computer or for a clean install. I save the profile with the <Save Profile> button, I see the file and the save path. I save WhiteList with the <Save Load> button, but I do not see the file and save path. Where is the WhiteList backup saved, in which file?
I would say it's in the same folder, H_C is installed ;)
 
Top