It is mostly redundant, when using H_C default-deny settings.So what would be the benefit of using SysHardener with H_C?or is redundant
It is mostly redundant, when using H_C default-deny settings.So what would be the benefit of using SysHardener with H_C?or is redundant
The firewall rules for Sponsors are used in SysHardener, because it cannot block the execution of Sponsors via shortcuts, CHM files and some other files with dangerous extensions. Those vectors of attack are covered by H_C default-deny settings even without blocking Sponsors.
There is no need to use firewall rules or block Sponsors in H_C default-deny settings, when using Windows 10 with updated system/software. Simply, access to the command line will be blocked, and the Sponsor will not be executed. You can see that also from Malware Hub tests. See the sample in the wild:
![]()
Shifty new variant of Qbot banking trojan spreads
An active malware campaign primarily targeting U.S. corporations with a new polymorphic variant of the Qbot banking trojan has been compromising thousands of victims around the world, researchers have reported. The worm-like malware, whose original version is roughly a decade old, allows...malwaretips.com
I tried to explain in the FAQ when the user should block Sponsors, especially Interpreters. In rare situations, the user could also use firewall rules instead, when some special software cannot work with blocked Sponsor. This would not be especially effective, but better than nothing. The similar idea would be blocking some special executables by the firewall (like rundll32.exe), which cannot be blocked in H_C, because they are often used in Windows. I am not sure it this help much, but can be done.
If you are a big fan of Sandboxie (paid version), then you do not need H_C. Just use two Explorer instances. One standard Explorer, and the second Sandboxed Explorer. The Sandboxed Explorer should be run via the special shortcut.I'm tempted to try Hard Configurator again. What type of software would be good to add? (If any is needed).
I think about HardConfigurator + Sandboxie (mandatory for me) + X What should X be? System Hardener, Voodoo Shield or...
Would be glad for any helpful input![]()
Be careful! Do not choose to automatically sandbox the executable explorer.exe, because Sandboxie will sandbox all instances of Windows Explorer. Just make a shortcut that can run Explorer in the sandbox, then you can manually run one instance of explorer.exe in the sandbox.@Andy Ful Guilty as charged, i really like Sandboxie (paid). Thanks for your helpful suggestion to use a sandboxed explorer.
I sandboxed browsers, pdf reader, mediaplayer... but never really thought about the explorer![]()
I wouldn't do it either, to tell you the truth. It would be more of a hobby than a practical security setup. But it's fun to talk about it.Sadly i don't think my knowledge is good enough to use sandboxie alone.
I would like to advise you using first H_C (Recommended settings) on Admin account with Windows 10. You will have fewer problems with installing/updating applications. I assume that you have read the H_C FAQs related to installing and updating applications on SUA....
Testing Hard Configurator and Sandboxie on my old laptop. On my main pc i try SUA to see if SUA and i can work together(tried it years ago and i got bad memorys about it). If all went well i think about a clean install (which i hate) and using sandboxie and Hard Configurator also on the main pc.
Thanks shmu26. It looks very interesting. I will try to integrate some your important suggestions to the current version of FAQ.Hi @Andy Ful
here is a link to my edit of the FAQ
It is a MS Word doc with lots of tracked changes and very little embedded malware
All changes should be treated as mere suggestions. I changed the font size just to make it easier to read on my computer screen.![]()
Dropbox - File Deleted
Dropbox is a free service that lets you bring your photos, docs, and videos anywhere and share them easily. Never email yourself a file again!www.dropbox.com
Enjoy.
Thanks, Andy.Thanks shmu26. It looks very interesting. I will try to integrate some your important suggestions to the current version of FAQ.![]()
By the way, if my "editing" reveals that I misunderstood certain points, don't hesitate to comment. I am hear to learn.Thanks shmu26. It looks very interesting. I will try to integrate some your important suggestions to the current version of FAQ.![]()
Have you got this alert before, or this is a new alert.When i open a new blank page in Word I always get a warning about macros being disabled. How do I remove that warning?
View attachment 210219
I'm using the Windows 10 Recommended Enhanced profile with Office 365.
If I correctly remember, he used a Word template with macro.
Yup, if I use Word add-ons, I get various warnings.Have you got this alert before, or this is a new alert.
This alert is a sign that something in your Word, tries to run a VBA code (Word template, VBA Add-in, etc.). The alert can be avoided by changing H_C settings, but it would be better to find out why Word tries to run VBA code (probably macro).
The similar problem had @shmu26. If I correctly remember, he used a Word template with macro.