Hard_Configurator - Windows Hardening Configurator

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
As I indicated earlier, the CR_????? folder is not visible in Explorer and thus cannot be whitelisted.
I see, now I appreciate the problem. But what happens if you manually create such a whitelist entry, like I suggested, even though you can't see it now in file explorer? I think it will work, I have done that kind of thing before.
 
  • Like
Reactions: oldschool

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,591
As I indicated earlier, the CR_????? folder is not visible in Explorer and thus cannot be whitelisted. I am of the belief that a new CR_????? is created at the time of each update and then deleted with the reboot. I have used SRP for 12+ years and know the weakness of broad whitelisting a folder like TEMP.
You are going to use wildcards, so there is an option for that <Add Path*Wildcards>.:giggle:
Paste and whitelist the path from your log (modified by wildcards):
C:\Users\relde\AppData\Local\Temp\CR_?????.tmp\setup.exe
 

Freki123

Level 16
Verified
Top Poster
Aug 10, 2013
753
@Andy Ful I was wondering why my "cloud-delivered protection" in my windows security screen was always "off". So i had some try and error games with the configure defender settings to get it working. A hint in the help menu at the configure defender screen or the hard configurator manuel that you have to set the reporting level to "advanced" and automatic sample submission "to at least prompt" would be nice.
I just thought it would be nice to add like one sentence with the requirements to use the win 10 cloud delivered protection in the help menu or the faq. I know some www research would have solved this also but when i press a help button a hint for this would have helped me.
I know the pros would have known it by heart but what about the average user :D ?
 

oldschool

Level 85
Verified
Top Poster
Well-known
Mar 29, 2018
7,697
@Andy Ful I was wondering why my "cloud-delivered protection" in my windows security screen was always "off". So i had some try and error games with the configure defender settings to get it working. A hint in the help menu at the configure defender screen or the hard configurator manuel that you have to set the reporting level to "advanced" and automatic sample submission "to at least prompt" would be nice.
I just thought it would be nice to add like one sentence with the requirements to use the Windows 10 cloud delivered protection in the help menu or the faq. I know some www research would have solved this also but when i press a help button a hint for this would have helped me.
I know the pros would have known it by heart but what about the average user :D ?

Choosing "High" settings in ConfigureDefender sets cloud-delivered protection to "Highest" and C-D P automatically displays in WS, but I do agree that this section of H_C User Manual could use an update. @Andy Ful :)
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,591
@Andy Ful I was wondering why my "cloud-delivered protection" in my windows security screen was always "off". So i had some try and error games with the configure defender settings to get it working. A hint in the help menu at the configure defender screen or the hard configurator manuel that you have to set the reporting level to "advanced" and automatic sample submission "to at least prompt" would be nice.
I just thought it would be nice to add like one sentence with the requirements to use the Windows 10 cloud delivered protection in the help menu or the faq. I know some www research would have solved this also but when i press a help button a hint for this would have helped me.
I know the pros would have known it by heart but what about the average user :D ?
You are right that something like FAQ would be useful for many people.:giggle:
By the way, why did not you used the predefined <Defender default settings> or <Defender high settings>?

Choosing "High" settings in ConfigureDefender sets cloud-delivered protection to "Highest" and C-D P automatically displays in WS, but I do agree that this section of H_C User Manual could use an update. @Andy Ful :)
You are invited to make changes.:giggle:(y)
 

oldschool

Level 85
Verified
Top Poster
Well-known
Mar 29, 2018
7,697
You are right that something like FAQ would be useful for many people.:giggle:
By the way, why did not you used the predefined <Defender default settings> or <Defender high settings>?


You are invited to make changes.:giggle:(y)

I figured that invitation would come! :D(y) I could suggest changes for CD section and maybe we PM about it when you are finished with your current projects. It sounds like you are very busy.
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,591
I figured that invitation would come! :D(y) I could suggest changes for CD section and maybe we PM about it when you are finished with your current projects. It sounds like you are very busy.
I can do many things on the same day, so do not hesitate to PM about it, if you are ready.
 

Reldel1

Level 2
Verified
Jun 12, 2017
50
Okay will try for todays update and report back.
Andy, there was no update yesterday but this morning a new one appeared for Edge Canary. I added the wildcard suggested, C:\Users\relde\AppData\Local\Temp\CR_?????.tmp\setup.exe but the update still fails to complete. I tried it several times each failed. Checking the blocked events in Hard_Conf it is clear to me now that Edge uses a new numbers and letters within the above TEMP folder EVERY time an update is triggered. See attached file, three different attempts, three different numbers used. I then switched off Hard_Config SRP, updated Canary, switched on SRP, all good.
 

Attachments

  • Edge Canary Update.txt
    4.3 KB · Views: 1,240

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,591
From another thread:
Correct, but what do you suggest when using HC and Windows Defender?
I have added and adblocker AdGuard (extension) and Emsisoft Browser Security to all used browsers.
That is OK. Some web browser extensions are usable and can add something to security. But many extensions are as unhealthy as many cakes.
Personally, I use WD Network Protection (ConfigureDefender), AdGuard DNS, Chromium Edge (Dev compilation + AppContainer flags) with SmartScreen, so no need for security extensions. The only one I use is Grammarly, which is veeery useful when posting on MT. :giggle:
 
Last edited:

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,591
Here is the simplest way to install and allow updates for Chromium Edge Canary compilation on Administrator account (default Windows account) wit H_C.
  1. Add three whitelisting rules via <Add Path*Wildcards> (replace your_username with correct one and do not forget to use <APPLY CHANGES>):
    • c:\Users\your_username\AppData\Local\Temp\CR_?????.tmp\setup.exe
    • c:\Users\your_username\AppData\Local\Microsoft\EdgeUpdate
    • c:\Users\your_username\AppData\Local\Microsoft\Edge SxS\Application
  2. Run the Chromium Edge Canary installer via "Run As SmartScreen".
  3. After finishing the installation, close the application, because some of its processes run with Administrator rights.
You can do it similarly on SUA starting with point 1., but after "Run As SmartScreen" (point 2.) cancel the installer when you see the UAC prompt. Now you know that it is accepted by SmartScreen, so you can use SwitchDefaultDeny to turn OFF default-deny temporarily and install Chromium Edge Canary normally. After finishing the installation simply use SwitchDefaultDeny to turn ON default-deny again. (y)

Personally, I do not use the Canary but Dev compilation, which is more stable and can be installed/updated without any whitelisting (Am I lazy?).:giggle:
 
Last edited:

Gandalf_The_Grey

Level 84
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,414
Here is the simplest way to install and allow updates for Chromium Edge Canary compilation on Administrator account (default Windows account) wit H_C.
  1. Add three whitelisting rules via <Add Path*Wildcards> (replace your_username with correct one and do not forget to use <APPLY CHANGES>):
    • c:\Users\your_username\AppData\Local\Temp\CR_?????.tmp\setup.exe
    • c:\Users\your_username\AppData\Local\Microsoft\EdgeUpdate
    • c:\Users\your_username\AppData\Local\Microsoft\Edge SxS\Application
  2. Run the Chromium Edge Canary installer via "Run As SmartScreen".
  3. After finishing the installation, close the application, because some of its processes run with Administrator rights.
You can do it similarly on SUA starting with point 1., but after "Run As SmartScreen" (point 2.) cancel the installer when you see the UAC prompt. Now you know that it is accepted by SmartScreen, so you can use SwitchDefaultDeny to turn OFF default-deny temporarily and install Chromium Edge Canary normally. After finishing the installation simply use SwitchDefaultDeny to turn ON default-deny again. (y)

Personally, I do not use the Canary but Dev compilation, which is more stable and can be installed/updated without any whitelisting (Am I lazy?).:giggle:
Same here. No problems with Dev and HC.
 

AlanOstaszewski

Level 16
Verified
Top Poster
Malware Hunter
Jul 27, 2017
775

I have updated the Hard_Configurator home website. It now looks a bit nicer. I'm looking forward to your criticism or suggestions :)

h_c.png
 
Last edited:

Moonhorse

Level 38
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,728

I have updated the Hard_Configurator home website. It now looks a bit nicer. I'm looking forward to your criticism or suggestions :)

Simple and beautiful, im looking forward testing new version of H_C after may update & clean install

Not sure if you could add the configuredefender as ''other tools'' ?
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,591

I have updated the Hard_Configurator home website. It now looks a bit nicer. I'm looking forward to your criticism or suggestions :)

(y)(y)(y)
In April I worked with @oldschool on ConfiigureDefender help & GUI, and with @shmu26 on SRP articles. They both did a great job.:giggle:
On the H_C website, ConfigureDefender is mentioned as one of important H_C modules, so it would be logical to create in the future the tab with some info/help about ConfigureDefender. Another simple solution would be creating by me the PDF document about ConfigureDefender and add it alongside H_C manual.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top