Hard_Configurator - Windows Hardening Configurator

Sunshine-boy

Level 28
Verified
Top Poster
Well-known
Apr 1, 2017
1,782
When I turn off the recommendeSRP and refresh the explorer the disk usage goes high(99%) and my FPS drop in the game so I have to restart the pc and everything back to normal again.
For every disabling and enabling rules, i have to restart the pc or the disk usage break my works:) I'm not sure why but this happen only when I chose refresh explorer from the GUI.
 
Last edited:

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,598
When I turn off the recommendeSRP settings and refresh the explorer the disk usage goes high(99%) and my FPS drop in the game so I have to restart the pc and everything back to normal again.
For every disabling and enabling rules, i have to restart the pc or the disk usage break my works:) I'm not sure why but this happen only when I chose refresh explorer from the GUI.
I noticed this behavior with some games which do not like refreshing Explorer. :(
You have to choose "LOG OFF" to apply changes.(y)
 
  • Like
Reactions: Sunshine-boy

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,598
So this is not about your tool right? it's about the win and the game itself :)
Thnx for the answer.
Yes. Refresh Explorer = close all Explorer threads and next start Explorer. The new Explorer reads again some changed Registry settings (for example related to SRP). Some applications (rarely) can be fooled by this, and do not work properly.
.
Edit
My advice, close applications and then configure Hard_Configurator settings.
 
Last edited:

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,598
The new Hard_Configurator beta 3.1.0.0 is available on GitHub:
For Windows 64-bit:
Hard_Configurator/Hard_Configurator_setup(x64)_beta_3.1.0.0.exe at master · AndyFul/Hard_Configurator · GitHub
For Windows 32-bit:
Hard_Configurator/Hard_Configurator_setup(x86)_beta_3.1.0.0.exe at master · AndyFul/Hard_Configurator · GitHub
The installers were uploaded to Microsoft, Emsisoft and Norton, as false positives and should be whitelisted with yesterday signatures.They are not included in SmartScreen signatures (it will take some months).
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
The new Hard_Configurator beta 3.1.0.0 is available on GitHub:
For Windows 64-bit:
Hard_Configurator/Hard_Configurator_setup(x64)_beta_3.1.0.0.exe at master · AndyFul/Hard_Configurator · GitHub
For Windows 32-bit:
Hard_Configurator/Hard_Configurator_setup(x86)_beta_3.1.0.0.exe at master · AndyFul/Hard_Configurator · GitHub
The installers were uploaded to Microsoft, Emsisoft and Norton, as false positives and should be whitelisted with yesterday signatures.They are not included in SmartScreen signatures (it will take some months).
Any notable changes that we might want to know about?
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,598
Any notable changes that we might want to know about?
  1. Blocked external utilities (Nirsoft FullEventLogView, Sysinternals Autoruns, 7-Zip) as standard user, in '%SystemRoot%\Hard_Configurator' folder.
  2. Hard_Configurator does not use NirSoft NirCmd.
  3. Added <Disable Cached Logons> and <UAC CTRL_ALT_DEL> buttons to harden credentials protection outside the home network.
  4. Added backup management for Profile Base (whitelist profiles and setting profiles can be 'exported to'/'imported from' one compressed file).
  5. Removed the option <No Removable Disks Exec.>.
  6. Corrected the bug related to Maximum Shadow Copy Storage space.
  7. Corrected the <Disable SMB> displaying '?' when SMB 1.0 is not installed (as in Windows 10 Fall Creators Update).
  8. Added 'Restart Computer' possibility after <APPLY CHANGES>, when the changed settings are related to drivers (SMB protocol).
  9. Updated Hard_Configurator manual (with some corrections).
Hard_Configurator uses Nirsoft FullEventLogView, Sysinternals Autoruns, and 7-Zip with administrative rights, so they can be safely blocked as standard user in Hard_Configurator folder.
The new options <Disable Cached Logons> and <UAC CTRL_ALT_DEL> can be relevant outside the home network. The option <Disable Cached Logons> can be the useful hardening, when using Active Directory.
Some AVs did not like NirCmd, so I skipped it in the new version.
Hard_Configurator uses Profile Base where the actual settings and actual SRP White List can be stored and quickly restored if required. In the new version, the Profile Base can be archived to file with the password. It can be useful when someone is planning to make the fresh Windows installation.
The option <No Removable Disks Exec.> was removed because it was reported to falsely recognize
fixed disks. This Windows feature is not necessary for Hard_Configurator, because from Windows Vista SP2, the AutoRun is active only for CD/DVD drives (when pressing the drive icon).
 

Av Gurus

Level 29
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Sep 22, 2014
1,767
When FCU is ON I got this error when try to install:

hc.png hc2.png
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,598
Try to install VS with "Run As SmartScreen" and got this error:

View attachment 171052
Something blocks write access to: 'c:\Users\ \Desktop\InstallVoodooShield409beta.exe' .
'Run As SmartScreen' must add an alternate stream to file (as web browsers do with downloaded files) to force SmartScreen check.
Have you restricted write access to Desktop?
Edit.
It is related to your Controlled Folder Access settings. It will block most installers and applications from making changes on the Desktop. If you like such Desktop restrictions, then you will have to make application shortcuts manually - in the case of Hard_Configurator, make the shortcut to C:\Windows\Hard_Configurator\Hard_Configurator(x64).exe
With Controlled Folder Access you have 2 solutions related to "Run As SmartScreen:
  • Add C:\Windows\Hard_Configurator\RunAsSmartscreen(x64).exe to exclusion list
  • do not "Run As SmartScreen" from protected folders.
 
Last edited:

Sunshine-boy

Level 28
Verified
Top Poster
Well-known
Apr 1, 2017
1,782
:notworthy:I just installed the new version! thanks for the new tweaks.
P.S:
I scared to enable the protect windows folders.what if my game wants to start smth from c: windows?
According to your explanations if the program starts with admin rights then your tool will not stop it right?!
How can I know the program started with admin right?
If I'm using the admin acc so I already ran my tools under the admin right?

Also is there any alert or error if smth got blocks?
 
Last edited by a moderator:
  • Like
Reactions: Andy Ful

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,598
:notworthy:I just installed the new version! thanks for the new tweaks.
P.S:
I scared to enable the protect windows folders.what if my game wants to start smth from c: windows?
According to your explanations if the program starts with admin rights then your tool will not stop it right?! How can i know the program started with admin right?
You should turn ON <Protect Windows Folder>. It closes the loophole in Windows protection. This feature protects only some Windows subfolders that have no executables, but are writable, so the malware can use it to drop executables and bypass whitelisting. Games are not using those folders to execute anything.:)

Also is there any alert or error if smth got blocks?
Mostly, yes. Sometimes not. If you are curious, use the <Tools> - <Run SRP/Scripts EventLogView> to view blocked entries.
 
Last edited by a moderator:

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,598
It seems that the Attack Surface Reduction introduced in Windows 10 Fall Creators Update works also in Windows Home version. It can be configured when using PowerShell.
The bad news is that the rule 'Block Office applications from creating child processes' does not work with Microsoft Office 2007 and Open Office. It works well with Microsoft Office 2016.
So it is possible, that the below ASR features:
  • Block Office applications from creating child processes
  • Block Office applications from creating executable content
  • Block Office applications from injecting into other processes
  • Block Win32 imports from Macro code in Office
will work only with the office software still supported by Microsoft (MS Office 2010, 2013, 2016).
Unfortunately, I cannot test it for MS Office 2010 and MS Office 2013. I someone can then please let me know.
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,598

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top