Hard_Configurator - Windows Hardening Configurator

[oldschool]

Hi with hardening at high settings wil this slow down pc and / or WD?Thks

Not a bit.

 

[Andy Ful]

Hi with hardening at high settings wil this slow down pc and / or WD,,configure defender i mean?Thks

Only if you throw malware samples to disk all day.

 

[shmu26]

Outlook for the web is banning 38 new file extensions because they are commonly use to deliver malware. Interesting list, also has a link to the original 104 file extensions that are blocked
Microsoft bans 38 file extensions in Outlook for the Web | ZDNet

 

[Gangelo]

Earlier, I tried to update my graphics driver through the Radeon Settings app and failed because the app is downloading the setup file in the downloads folder and it is being blocked by SRP.
Minor nuisance because I just one-clicked "switch off srp" and "switch off restrictions" and repeated the process with success.
Nevertheless, I was wondering if there is any way to whitelist this whole operation so I don't need to touch the switches in the future?

 

[Andy Ful]

Earlier, I tried to update my graphics driver through the Radeon Settings app and failed because the app is downloading the setup file in the downloads folder and it is being blocked by SRP.
Minor nuisance because I just one-clicked "switch off srp" and "switch off restrictions" and repeated the process with success.
Nevertheless, I was wondering if there is any way to whitelist this whole operation so I don't need to touch the switches in the future?

You should not whitelist the updater executables in the Download folder. But anyway, such files can be installed manually without switching default-deny. Just use "Run As Smartscreen" option from the right-click Explorer context menu.
Please, read also the help for "Run As SmartScreen" option in H_C (I am sorry, this help is not easy to read).

 

[Gangelo]

Thanks Andy, will do.
The issue was that the app was trying to download the executable and install it without user interaction.
In the future I will download and install the driver update manually.

 

[ErzCrz]

Can you advise what you had to do in order to get SWTOR to run with hard_configurator installed?

Thanks,
Erz

Its the legit unmodified swtor launcher that starts any patching they do for updates (via bitraider or so). After the game is patched you can play it.
The launcher.exe opens the screen for your logindata. After entering them any needed patching would start. After that i guess launcher.exe? starts the swtor.exe which is the mainexe for the game.
Why the hell it needs admin rights? No clue. But the game is as legit as it gets. No crack, private server whatever. Only bioware can answer why they need admin Just wanted to ask since you mentioned games don't need admin and i wanted to know what i did wrong?

 

[Andy Ful]

Can you advise what you had to do in order to get SWTOR to run with hard_configurator installed?

Thanks,
Erz

Please post what has been blocked by using the H_C Log (<Tools> <Blocked Events / Security Log>).

 

[ErzCrz]

Will do this evening. Thanks.

 

[Andy Ful]

Will do this evening. Thanks.

What is your current security setup?

 

[ErzCrz]

Windows 10 Home. Windows Defender as Firewall /AV and OSArmor installed with default config.

Only started trying out H_C this weekend. Setup is Recommend settings and ConfigureDefender set to High.

Just nothing happened when I clicked Start menu link and then tried running that, the original link and the launcher.exe as SmartScreen but nothing happened. Just the permission popup when trying to run launcher without opening as SS. I probably need to whitelist some folders or something I'm guessing but I'll see what the log says.

Thanks.

 

[Andy Ful]

Windows 10 Home. Windows Defender as Firewall /AV and OSArmor installed with default config.

Only started trying out H_C this weekend. Setup is Recommend settings and ConfigureDefender set to High.

Just nothing happened when I clicked Start menu link and then tried running that, the original link and the launcher.exe as SmartScreen but nothing happened. Just the permission popup when trying to run launcher without opening as SS. I probably need to whitelist some folders or something I'm guessing but I'll see what the log says.

Thanks.

If you install games and software, then WD (ConfigureDefender HIGH Protection Level) + OSArmor (blocked scripting engines and some LOLBins) + FirewallHardening tool will be enough. You can also try RunBySmartScreen tool to run/open untrusted files via the right-click Explorer context menu.
Please note, that blocking PowerShell via OSArmor will make ConfigureDefender dysfunctional - you have to temporarily turn off OSArmor protection to use ConfigureDefender.

If you want to use H_C with Recommended Settings then they are optimized for semi-locked setup and OSArmor can be skipped.

 

[ErzCrz]

Thanks! Maybe it's OSArmor conflict then. Back home in a couple of hours. Will try your suggestions and let you k knows. Thanks for all your help so far. It's a great bit of software

 

[ErzCrz]

Ok, so Swtor icon click I get error:
Access to C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA\BioWare\Star Wars - The Old Republic\Star Wars - The Old Republic.lnk has been restricted by your Administrator by the default software restriction policy level.

But that was the only error. I managed to get it to run by manually running the launcher.exe file. Going to try whitelisting the link and see if that works.

Removed OSArmor as using H_C recommended settings, ConfigureDefender on HIGH.

Eric

 

[ErzCrz]

Whitelisting the start menu folder for that fixed it for me. All good now.

So - Running H_C Recommended Settings and ConfigureDefender as High the best settings to have? I should really get around to reading the manual about FirewallHardening though I expect what I'm using now will probably suffice.

Erz

 

[ErzCrz]

Got FirewallHardener setup. Pretty easy really. Thanks again for your help. Time to go change my configuration post

 

[Gandalf_The_Grey]

Got FirewallHardener setup. Pretty easy really. Thanks again for your help. Time to go change my configuration post

But your question is still valid. Is it necessary with the recommended settings of Hard_Configurator?

 

[ErzCrz]

You mean the question of OSArmor necessary with, H_C? From what I gathered from Andy Ful's earlier response it isn't necessary:

"If you want to use H_C with Recommended Settings then they are optimized for semi-locked setup and OSArmor can be skipped. "

But I'm new to this side of security so we'll wait for Andy Ful's response/clarification. At the moment it's uninstalled while I've been testing things out.

Erz

 

[Gandalf_The_Grey]

You mean the question of OSArmor necessary with, H_C? From what I gathered from Andy Ful's earlier response it isn't necessary:

"If you want to use H_C with Recommended Settings then they are optimized for semi-locked setup and OSArmor can be skipped. "

But I'm new to this side of security so we'll wait for Andy Ful's response/clarification. At the moment it's uninstalled while I've been testing things out.

Erz

No I mean if you use H_C at the recommended settings do you still need Firewall Hardening?

 

[ErzCrz]

No I mean if you use H_C at the recommended settings do you still need Firewall Hardening?

Ah, yes. I see what you mean now. Sorry, been a long day at work. It's one of those age old questions. The malicious program would be blocked but if it happens not to be, it could manipulate system files to connect out. So my guess is that it's useful as a precaution as doesn't do any harm having the default block rules added. As I've said, new to H_C so I lack the detailed knowledge.