Hard_Configurator - Windows Hardening Configurator

[Moonhorse]

I have bit issues, but i can still manage H_C without problems

Example:
Chrome is whitelisted by default , i can run it without prompt from smartscreen. Wich are whitelisted SWS and are there any list for this/ possible to use some av vendor trusted vendor list and add it to H_C?

Spotify & whatsapp both causes smartscreen to block them. I whitelist both same way.
-Spotify runs normally

-whatsapp doesnt run, nothing happens. ;
>but when i run it with ''Run with smartscreen'' > works

I also have java client, wich has GPU plugin. Without H_C installed i can run that and have GPU plugin enabled
But when i install H_C, i cant use the GPU plugin at all when i whitelist this client, and run it. But when i run it with adming rights, GPU plugin starts to work

So basically i can run any software i like to & get them to work, but i think im not very familiar with H_C yet

 

[Andy Ful]

...
Example:
Chrome is whitelisted by default , i can run it without prompt from smartscreen. Wich are whitelisted SWS and are there any list for this/ possible to use some av vendor trusted vendor list and add it to H_C?

What does it mean SWS?
H_C does not use trusted vendor list. Usually it is not required because when installing programs the user can apply 'Run As SmartScreen', which is much safer. Next, If the application is installed safely in Program Files, then it is automatically whitelisted. Installing in other locations is not especially safe, but if required, then application can be whitelisted by pat or hash.

Spotify & whatsapp both causes smartscreen to block them. I whitelist both same way.
-Spotify runs normally

-whatsapp doesnt run, nothing happens. ;
>but when i run it with ''Run with smartscreen'' > works

I also have java client, wich has GPU plugin. Without H_C installed i can run that and have GPU plugin enabled
But when i install H_C, i cant use the GPU plugin at all when i whitelist this client, and run it. But when i run it with adming rights, GPU plugin starts to work

So basically i can run any software i like to & get them to work, but i think im not very familiar with H_C yet

WhatsUp application is executed in the unusual way. But, it can be whitelisted by the folder path. Add to the whitelist the path (replace xxx with the UserName):
C:\Users\xxx\AppData\Local\WhatsApp

If you give me links to the Java client and GPU plugin, then I can look at this issue. Generally, you can use <Tools><Blocked Events / Security Logs> feature to identify what was blocked, and whitelist it by path (executable file or folder).

 

[Moonhorse]

What does it mean SWS?
H_C does not use trusted vendor list. Usually it is not required because when installing programs the user can apply 'Run As SmartScreen', which is much safer. Next, If the application is installed safely in Program Files, then it is automatically whitelisted. Installing in other locations is not especially safe, but if required, then application can be whitelisted by pat or hash.

WhatsUp application is executed in the unusual way. But, it can be whitelisted by the folder path. Add to the whitelist the path (replace xxx with the UserName):
C:\Users\xxx\AppData\Local\WhatsApp

If you give me links to the Java client and GPU plugin, then I can look at this issue. Generally, you can use <Tools><Blocked Events / Security Logs> feature to identify what was blocked, and whitelist it by path (executable file or folder).

Well that makes sense, the java client is on desktop, but is installed on user > appdata and i cant find way to whitelist the folder, just exe. but it seems thats not enough

This is the client
RuneLite - Open Source Old School RuneScape Client
Just enable GPU- plugin from settings, and see if it turns on.
I did clean install yesterday, installed this client and ran it normally GPU plugin worked without having to run it as admin
But after installing H_C i can run it without admin, but that causes GPU - plugin to stay off- and you cant enable it unless you run the file as admin

And if possible i always try to avoid running software with full admin rights


By the way SWS = Software, i just learned it from here mt....or was it SFS

 

[oldschool]

@Moonhorse - Can't you run this app via RunAsSmartscreen?

And have you checked Blocked Events in Tools?

 

[Moonhorse]

@Moonhorse - Can't you run this app via RunAsSmartscreen?

And have you checked Blocked Events in Tools?

Runassmartscreen = unable to turn gpu plugin on
Runasmartscreen + admin rights gave from options = Gpu plugin works

I just checked block events in tools, i can see the blocked files indeed, but is there way to whitelist from tools tho

 

[oldschool]

@Andy Ful - may find a solution for you.

 

[Andy Ful]

Runassmartscreen = unable to turn gpu plugin on
Runasmartscreen + admin rights gave from options = Gpu plugin works

I just checked block events in tools, i can see the blocked files indeed, but is there way to whitelist from tools tho

After running the plugin, use <Tools><Blocked Events / Security Logs> feature to identify what was blocked:

So, the executable path:
c:\Users\......\jagexcache\jagexlauncher\bin\JagexLauncher.exe
has to be whitelisted.

Finally I have the below whitelisted paths:
c:\Users\......\AppData\Local\RuneLite
c:\Users\......\jagexcache\jagexlauncher\bin\JagexLauncher.exe

 

[oldschool]

After running the plugin, use <Tools><Blocked Events / Security Logs> feature to identify what was blocked:
View attachment 207069

So, the executable path: c:\Users\......\jagexcache\jagexlauncher\bin\JagexLauncher.exe
has to be whitelisted.


View attachment 207067
Finally I have the below whitelisted paths:
c:\Users\......\AppData\Local\RuneLite
c:\Users\......\jagexcache\jagexlauncher\bin\JagexLauncher.exe

So you:

1. viewed Blocked Events
2. manually whitelisted via Whitelist By Hash

Correct?

 

[Andy Ful]

So you:

1. viewed Blocked Events
2. manually whitelisted via Whitelist By Hash

Correct?

1. After something is blocked, run H_C and use <Tools><Blocked Events / Security Logs>.
2. Identify the blocked executable path.
3. Whitelist it by path, using <Whitelist By Path><Add File>. If the file is rarely updated, then it can be whitelisted by hash (<Whitelist By Hash><Add File>).
4. If the application folder/subfolders contain more EXE files, then it is necessary to whitelist all of them or whitelist the application folder (<Whitelist By Path><Add Folder>).

 

[oldschool]

1. After something is blocked, run H_C and use <Tools><Blocked Events / Security Logs>.
2. Identify the blocked executable path.
3. Whitelist it by path, using <Whitelist By Path><Add File>. If the file is rarely updated, then it can be whitelisted by hash (<Whitelist By Hash><Add File>).
4. If the application folder/subfolders contain more EXE files, then it is necessary to whitelist all of them or whitelist the application folder (<Whitelist By Path><Add Folder>).

OK, my education continues. Thank you Professor!

 

[shmu26]

I would add to the above that if you see random characters or version numbers in the path, it is often very helpful to wildcard them with * in order to avoid blocks in the future.

 

[ForgottenSeer 72227]

1. After something is blocked, run H_C and use <Tools><Blocked Events / Security Logs>.
2. Identify the blocked executable path.
3. Whitelist it by path, using <Whitelist By Path><Add File>. If the file is rarely updated, then it can be whitelisted by hash (<Whitelist By Hash><Add File>).
4. If the application folder/subfolders contain more EXE files, then it is necessary to whitelist all of them or whitelist the application folder (<Whitelist By Path><Add Folder>).

Awsome thanks @Andy Ful, this was the main thing I wanted to know. Will be installing H_C tonight and will start playing around with it.

 

[Andy Ful]

Awsome thanks @Andy Ful, this was the main thing I wanted to know. Will be installing H_C tonight and will start playing around with it.

I made H_C for the advanced users to configure/adjust/lock the computers of inexperienced users (family, friends, etc.). I did not suspect that advanced or medium advanced users, would be interested in configuring their own computers.
Yet, using H_C can be a lesson, for many people, about Windows built-in security and default-deny protection. So, you are welcome.

 

[paulderdash]

Installed H_C on a very old HP Intel Atom netbook (remember those?), which incidentally is running W10 v1803 (albeit very slowly ), just to check it out and play with it.

Nice Andy ... recommended settings, no problems so far - just whitelisted my C:\PortableApps folder.

 

[shmu26]

Yup, if you want zero impact on system performance, H_C is about as close as you can get. No running processes, no drivers, nothing added to the system.

 

[Andy Ful]

Installed H_C on a very old HP Intel Atom netbook (remember those?)...

I have got one, too (Acer Aspire 7 years old).:emoji_pray:

 

[bribon77]

I had no problem with H_C on W7. But my question would be: Which Sponsors are the most convenient to Block.

 

[Sunshine-boy]

Which Sponsors

https://excubits.com/content/files/blacklist.txt
api0cradle/UltimateAppLockerByPassList

 

[Andy Ful]

I had no problem with H_C on W7. But my question would be: Which Sponsors are the most convenient to Block.

On Windows 7, the recommended settings block Windows Script Host and PowerShell. You can use the predefined profile Windows_7_Recommended_Enhanced.hdc . If everything works well then you can add HH.exe and Mshta.exe . In this way you have blocked the most dangerous script interpreters. Keep an eye on blocked items, because some printers and other hardware, can sometimes use interpreters to configure settings.

 

[paulderdash]

Yup, if you want zero impact on system performance, H_C is about as close as you can get. No running processes, no drivers, nothing added to the system.

I have to confess, I even have CFW (with CS settings) running on there - though I have disabled Auto-Containment now while playing with H_C.
Most likely will just keep H_C. Oh, and OSA (some overlap, I know).