Hard_Configurator - Windows Hardening Configurator

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,591
I cannot recommend any protection (including H_C) without the installed popular AV.
The exception could be a scenario when you do not install new applications and use H_C in the lockdown mode on SUA (no RunBySmartscreen). But, such a setup is user-unfriendly.
The known (older) methods of disabling Microsoft Defender do not work. The only method is installing another AV.(y)
 

pxxb1

Level 10
Verified
Well-known
Jan 17, 2018
483
I cannot recommend any protection (including H_C) without the installed popular AV.
The exception could be a scenario when you do not install new applications and use H_C in the lockdown mode on SUA (no RunBySmartscreen). But, such a setup is user-unfriendly.
The known (older) methods of disabling Microsoft Defender do not work. The only method is installing another AV.(y)

Not only, Andy.
Defender Control by Sordum can accomplish a disabling.
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,591
Not only, Andy.
Defender Control by Sordum can accomplish a disabling.
It cannot do it permanently, but only for some time (usually until the Windows restart).
Here is also an important note from the developer:
Microsoft does not want Defender to be turned off completely. Therefore, when defender is turned off, windows update or windows component is trying to repair Defender and as a result Defender may become corrupt. Of course a malicious program may also corrupt Defender completely. (If there is no different security software in windows, when Defender is turned off)
Microsoft is constantly taking new measures because it does not want Defender to be turned off. There is a possibility that Windows Defender may be corrupted among these measures. Therefore We will no longer update this program
Sordum.org Team

I use sometimes Defender Control to clean the corrupted Defender's Protection History.
 
Last edited:

pxxb1

Level 10
Verified
Well-known
Jan 17, 2018
483
It cannot do it permanently, but only for some time (usually until the Windows restart).
Here is also an important note from the developer:


I use sometimes Defender Control to clean the corrupted Defender's Protection History.

I remember that info and situation from the past, but as far as i know they continued the development later on. Looking at their site now, i can not find the info you posted.

I use it without problems on a pc.
 

skiper

Level 1
Apr 6, 2021
16
Thank you very much! It was an option to make the laptop a bit faster.

Windows Defender on MAX has excellent embedded code protection for mail and office documents. Windows Defender on Max uses less CPU than WD on High or High+ and acts as a cloud whitelist for executable's. The weak point of (the very strong cloud whitelist) is that it is a huge and massive whitelist (a smaller whitelist is a more secure whitelist) and it has a very limited (only the ASR part) parent-child process monitor to deal with staged attacks.
If this is true and I use WD on MAX is H_C Recommended Settings still needed or is Windows_10_Basic_Recommended_Settings enough? Is any option in Firewall Hardening required?
 
F

ForgottenSeer 107474

Thank you very much! It was an option to make the laptop a bit faster.


If this is true and I use WD on MAX is H_C Recommended Settings still needed or is Windows_10_Basic_Recommended_Settings enough? Is any option in Firewall Hardening required?
I don't know these H_C config's by head. sorry
I use WD on Max with H_C in SWH mode (allowing EXE, TMP and MSI to run) with Sponsors "blocking scriptors" and blocking all Lolbins with firewall hardening. This config runs problem free since end of 2019, but I am not a very risky surfer.
 

oldschool

Level 85
Verified
Top Poster
Well-known
Mar 29, 2018
7,697
If this is true and I use WD on MAX is H_C Recommended Settings still needed or is Windows_10_Basic_Recommended_Settings enough?
This provides plenty of protection.
Is any option in Firewall Hardening required?
Not necessarily, unless you want to really lock down protection further. Frankly, I use Defender with maximum settings and firewall hardening rules and nothing else. No SWH or H_C here.
You can see here Hard Configurator - may 2019 report and other tests in the Malware Hub.
Hard Configurator Malware Hub Tests
 
Last edited:

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,591
If this is true and I use WD on MAX is H_C Recommended Settings still needed or is Windows_10_Basic_Recommended_Settings enough? Is any option in Firewall Hardening required?

There is no good answer to which config is enough for a particular user. The config is always a compromise between your habits, expectations, and security.
How much time do I spend on risky activities?
Do I plan to install new software?
Do I know which file types I open, after downloading them from the internet, flash drives, or from the sources shared with others?
Do I know how to open safely the documents downloaded from the internet, flash drives, or from the sources shared with others?
Am I a scam-prone person?
Am I a happy clicker?
Am I irritated when sometimes there are 1 sec slowdowns?

The person who answers:
close to 0, very rarely, yes, yes, no, no, yes
can simply use Microsoft Defender or another AV on default settings. :)
 

skiper

Level 1
Apr 6, 2021
16
I don't know these H_C config's by head. sorry
I use WD on Max with H_C in SWH mode (allowing EXE, TMP and MSI to run) with Sponsors "blocking scriptors" and blocking all Lolbins with firewall hardening. This config runs problem free since end of 2019, but I am not a very risky surfer.
I installed H_C because I thought default-deny without WD might be a solution, Andy Ful said better not. :)
I uninstalled H_C and opened SWH but I don't know where to go and what to change to get to your configuration.

Frankly, I use Defender with maximum settings and firewall hardening rules and nothing else. No SWH or H_C here.
By "firewall hardening rules" do you mean only FirewallHardening ADD LOLBins?
I noticed that LOLBins includes everything. Am I wrong? After I put LOLBins and put MS Office or Recommanded H_C it doesn't add anything at the end of the line.


In my search for ideas I found the link above. It got me thinking, because I have Windows 10 Home on my laptop. Seems a bit faster than Pro, but from what Andy Ful wrote it seems like the wrong choice. Is it worth swapping it for Pro?
 
  • Like
Reactions: oldschool
F

ForgottenSeer 107474

There is no good answer to which config is enough for a particular user. The config is always a compromise between your habits, expectations, and security.
How much time do I spend on risky activities?
Do I plan to install new software?
Do I know which file types I open, after downloading them from the internet, flash drives, or from the sources shared with others?
Do I know how to open safely the documents downloaded from the internet, flash drives, or from the sources shared with others?
Am I a scam-prone person?
Am I a happy clicker?
Am I irritated when sometimes there are 1 sec slowdowns?

The person who answers:
close to 0, very rarely, yes, yes, no, no, yes
can simply use Microsoft Defender or another AV on default settings. :)
Although true, that is a rational answer, but security (and insecuritty) is an emotion. Although I may have installed only two or three new prgrams in the last four years and am not a risky surfer, it feels better using CD on MAX and blocking risky file textension and scriptors execution for standards users and blocking all LilBins going outbound :rolleyes:;)(y)
 

skiper

Level 1
Apr 6, 2021
16
No I used Hard_Configurator. In the allow by path section, you can allow EXE, TMP and MSI (these are standard options) to put H_C in SWH mode.
SWH Manual: "Generally, SWH applies the Windows_10_Basic_Recommended_Settings"
This profile, WD on Max and FirewallHardening ADD LOLBins, anything else I need to add to have a similar config as yours?

I feel like a little kid who got a new toy. :D
 
  • Like
Reactions: oldschool

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,591
Although true, that is a rational answer, but security (and insecuritty) is an emotion. Although I may have installed only two or three new prgrams in the last four years and am not a risky surfer, it feels better using CD on MAX and blocking risky file textension and scriptors execution for standards users and blocking all LilBins going outbound :rolleyes:;)(y)
Yes, the emotions can matter. :)
 
F

ForgottenSeer 107474

SWH Manual: "Generally, SWH applies the Windows_10_Basic_Recommended_Settings"
This profile, WD on Max and FirewallHardening ADD LOLBins, anything else I need to add to have a similar config as yours?

I feel like a little kid who got a new toy. :D
I think your are good to go (y)
You might consider signing up NextDNS for a free account.
 

oldschool

Level 85
Verified
Top Poster
Well-known
Mar 29, 2018
7,697
In my search for ideas I found the link above. It got me thinking, because I have Windows 10 Home on my laptop. Seems a bit faster than Pro, but from what Andy Ful wrote it seems like the wrong choice. Is it worth swapping it for Pro?
It's a matter of preference, but I prefer Pro as I setup Defender advanced settings via Group Policy. My config is set and forget, no conflicts, etc.
 

skiper

Level 1
Apr 6, 2021
16
I don't know if I've got it right and I want to be sure. If I add Windows_10_Basic_Recommended_Settings and Switch OFF/ON SRP along with Switch OFF/ON Restrictions are set to blue, does the Windows_10_Basic_Recommended_Settings profile completely cancel and I am left with ConfigureDefender and FirewallHardening or am I left with nothing?

Because I want to start like oldschool with just CD MAX and FirewallHardening ADD LOLBins and over time add selectively if needed.
 
  • Like
Reactions: simmerskool

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,591
I don't know if I've got it right and I want to be sure. If I add Windows_10_Basic_Recommended_Settings and Switch OFF/ON SRP along with Switch OFF/ON Restrictions are set to blue, does the Windows_10_Basic_Recommended_Settings profile completely cancel and I am left with ConfigureDefender and FirewallHardening or am I left with nothing?

Yes and No, depending on what you mean by "completely cancel". The settings are deactivated (except ConfigureDefender and FirewallHardening), but they are remembered and stored in the Registry. Run ConfigureDefender and FirewallHardening to see which settings are currently applied.
 

skiper

Level 1
Apr 6, 2021
16
Yes and No, depending on what you mean by "completely cancel". The settings are deactivated (except ConfigureDefender and FirewallHardening), but they are remembered and stored in the Registry. Run ConfigureDefender and FirewallHardening to see which settings are currently applied.
That's what I'm interested in, if the profile is disabled, if it stays in the registy there is no problem.

I noticed that there are also separate ConfigureDefender and FirewallHardening. But it seems easier via H_C because they are all together and there is also RunBySmartscreen. If you want to be more cautious besides CD MAX and FirewallHardening ADD LOLBins.

Thanks
 
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top