Hard_Configurator - Windows Hardening Configurator

Moonhorse

Level 38
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,728
I have bit issues, but i can still manage H_C without problems

Example:
Chrome is whitelisted by default , i can run it without prompt from smartscreen. Wich are whitelisted SWS and are there any list for this/ possible to use some av vendor trusted vendor list and add it to H_C?

Spotify & whatsapp both causes smartscreen to block them. I whitelist both same way.
-Spotify runs normally

-whatsapp doesnt run, nothing happens. ;
>but when i run it with ''Run with smartscreen'' > works

I also have java client, wich has GPU plugin. Without H_C installed i can run that and have GPU plugin enabled
But when i install H_C, i cant use the GPU plugin at all when i whitelist this client, and run it. But when i run it with adming rights, GPU plugin starts to work

So basically i can run any software i like to & get them to work, but i think im not very familiar with H_C yet
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,598
...
Example:
Chrome is whitelisted by default , i can run it without prompt from smartscreen. Wich are whitelisted SWS and are there any list for this/ possible to use some av vendor trusted vendor list and add it to H_C?
What does it mean SWS?
H_C does not use trusted vendor list. Usually it is not required because when installing programs the user can apply 'Run As SmartScreen', which is much safer. Next, If the application is installed safely in Program Files, then it is automatically whitelisted. Installing in other locations is not especially safe, but if required, then application can be whitelisted by pat or hash.
Spotify & whatsapp both causes smartscreen to block them. I whitelist both same way.
-Spotify runs normally

-whatsapp doesnt run, nothing happens. ;
>but when i run it with ''Run with smartscreen'' > works

I also have java client, wich has GPU plugin. Without H_C installed i can run that and have GPU plugin enabled
But when i install H_C, i cant use the GPU plugin at all when i whitelist this client, and run it. But when i run it with adming rights, GPU plugin starts to work

So basically i can run any software i like to & get them to work, but i think im not very familiar with H_C yet
WhatsUp application is executed in the unusual way. But, it can be whitelisted by the folder path. Add to the whitelist the path (replace xxx with the UserName):
C:\Users\xxx\AppData\Local\WhatsApp

If you give me links to the Java client and GPU plugin, then I can look at this issue. Generally, you can use <Tools><Blocked Events / Security Logs> feature to identify what was blocked, and whitelist it by path (executable file or folder).
 
Last edited:

Moonhorse

Level 38
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,728
What does it mean SWS?
H_C does not use trusted vendor list. Usually it is not required because when installing programs the user can apply 'Run As SmartScreen', which is much safer. Next, If the application is installed safely in Program Files, then it is automatically whitelisted. Installing in other locations is not especially safe, but if required, then application can be whitelisted by pat or hash.

WhatsUp application is executed in the unusual way. But, it can be whitelisted by the folder path. Add to the whitelist the path (replace xxx with the UserName):
C:\Users\xxx\AppData\Local\WhatsApp

If you give me links to the Java client and GPU plugin, then I can look at this issue. Generally, you can use <Tools><Blocked Events / Security Logs> feature to identify what was blocked, and whitelist it by path (executable file or folder).
Well that makes sense, the java client is on desktop, but is installed on user > appdata and i cant find way to whitelist the folder, just exe. but it seems thats not enough

This is the client
RuneLite - Open Source Old School RuneScape Client
Just enable GPU- plugin from settings, and see if it turns on.
I did clean install yesterday, installed this client and ran it normally GPU plugin worked without having to run it as admin
But after installing H_C i can run it without admin, but that causes GPU - plugin to stay off- and you cant enable it unless you run the file as admin

And if possible i always try to avoid running software with full admin rights


By the way SWS = Software, i just learned it from here mt....or was it SFS
 

Moonhorse

Level 38
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,728
@Moonhorse - Can't you run this app via RunAsSmartscreen?

And have you checked Blocked Events in Tools?
Runassmartscreen = unable to turn gpu plugin on
Runasmartscreen + admin rights gave from options = Gpu plugin works

I just checked block events in tools, i can see the blocked files indeed, but is there way to whitelist from tools tho
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,598
Runassmartscreen = unable to turn gpu plugin on
Runasmartscreen + admin rights gave from options = Gpu plugin works

I just checked block events in tools, i can see the blocked files indeed, but is there way to whitelist from tools tho
After running the plugin, use <Tools><Blocked Events / Security Logs> feature to identify what was blocked:
FullEventLogVIew.png


So, the executable path:
c:\Users\......\jagexcache\jagexlauncher\bin\JagexLauncher.exe
has to be whitelisted.


whitelist.png

Finally I have the below whitelisted paths:
c:\Users\......\AppData\Local\RuneLite
c:\Users\......\jagexcache\jagexlauncher\bin\JagexLauncher.exe
 
Last edited:

oldschool

Level 85
Verified
Top Poster
Well-known
Mar 29, 2018
7,701
After running the plugin, use <Tools><Blocked Events / Security Logs> feature to identify what was blocked:
View attachment 207069

So, the executable path: c:\Users\......\jagexcache\jagexlauncher\bin\JagexLauncher.exe
has to be whitelisted.


View attachment 207067
Finally I have the below whitelisted paths:
c:\Users\......\AppData\Local\RuneLite
c:\Users\......\jagexcache\jagexlauncher\bin\JagexLauncher.exe

So you:

1. viewed Blocked Events
2. manually whitelisted via Whitelist By Hash

Correct?
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,598
So you:

1. viewed Blocked Events
2. manually whitelisted via Whitelist By Hash

Correct?
  1. After something is blocked, run H_C and use <Tools><Blocked Events / Security Logs>.
  2. Identify the blocked executable path.
  3. Whitelist it by path, using <Whitelist By Path><Add File>. If the file is rarely updated, then it can be whitelisted by hash (<Whitelist By Hash><Add File>).
  4. If the application folder/subfolders contain more EXE files, then it is necessary to whitelist all of them or whitelist the application folder (<Whitelist By Path><Add Folder>).
 

oldschool

Level 85
Verified
Top Poster
Well-known
Mar 29, 2018
7,701
  1. After something is blocked, run H_C and use <Tools><Blocked Events / Security Logs>.
  2. Identify the blocked executable path.
  3. Whitelist it by path, using <Whitelist By Path><Add File>. If the file is rarely updated, then it can be whitelisted by hash (<Whitelist By Hash><Add File>).
  4. If the application folder/subfolders contain more EXE files, then it is necessary to whitelist all of them or whitelist the application folder (<Whitelist By Path><Add Folder>).


OK, my education continues. Thank you Professor! (y)
 
F

ForgottenSeer 72227

  1. After something is blocked, run H_C and use <Tools><Blocked Events / Security Logs>.
  2. Identify the blocked executable path.
  3. Whitelist it by path, using <Whitelist By Path><Add File>. If the file is rarely updated, then it can be whitelisted by hash (<Whitelist By Hash><Add File>).
  4. If the application folder/subfolders contain more EXE files, then it is necessary to whitelist all of them or whitelist the application folder (<Whitelist By Path><Add Folder>).
Awsome thanks @Andy Ful, this was the main thing I wanted to know. Will be installing H_C tonight and will start playing around with it. :)
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,598
Awsome thanks @Andy Ful, this was the main thing I wanted to know. Will be installing H_C tonight and will start playing around with it. :)
I made H_C for the advanced users to configure/adjust/lock the computers of inexperienced users (family, friends, etc.). I did not suspect that advanced or medium advanced users, would be interested in configuring their own computers.
Yet, using H_C can be a lesson, for many people, about Windows built-in security and default-deny protection. So, you are welcome.:giggle:
 

paulderdash

Level 6
Verified
Well-known
Apr 28, 2015
271
Installed H_C on a very old HP Intel Atom netbook (remember those?), which incidentally is running W10 v1803 (albeit very slowly :)), just to check it out and play with it.

Nice Andy (y) ... recommended settings, no problems so far - just whitelisted my C:\PortableApps folder.
 
Last edited:

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,598
I had no problem with H_C on W7. But my question would be: Which Sponsors are the most convenient to Block.:giggle:
On Windows 7, the recommended settings block Windows Script Host and PowerShell. You can use the predefined profile Windows_7_Recommended_Enhanced.hdc . If everything works well then you can add HH.exe and Mshta.exe . In this way you have blocked the most dangerous script interpreters. Keep an eye on blocked items, because some printers and other hardware, can sometimes use interpreters to configure settings.
 

paulderdash

Level 6
Verified
Well-known
Apr 28, 2015
271
Yup, if you want zero impact on system performance, H_C is about as close as you can get. No running processes, no drivers, nothing added to the system.
I have to confess, I even have CFW (with CS settings) running on there - though I have disabled Auto-Containment now while playing with H_C.
Most likely will just keep H_C. Oh, and OSA (some overlap, I know). :rolleyes:
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top