Hard_Configurator - Windows Hardening Configurator

Gandalf_The_Grey

Level 84
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,415
I guess it's mostly the habit, but I just like all the folders and menu options on the right.
It's possible but I just can't get it like I want on the Windows 10 start menu.

View attachment 212743
Thanks to @Andy Ful I can now safely white-list apps pinned to the startmenu and the taskbar of StartIsBack+++ (y)
I will not have that choice in my work environment later this summer so I decided to uninstall StartIsBack +++.
Here is a screenshot of my current Windows 10 startmenu:

Schermopname (3).png
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,593
Thanks to @Andy Ful I can now safely white-list apps pinned to the startmenu and the taskbar of StartIsBack+++ (y)
I will not have that choice in my work environment later this summer so I decided to uninstall StartIsBack +++.
Here is a screenshot of my current Windows 10 startmenu:

View attachment 212800
Very nice.:giggle:(y)
 

Special

Level 1
Verified
Mar 24, 2016
43
Yes I know it's a Hard_Configurator thread, I was just referring to ConfigureDefender as how it's portable and was hoping that there was something similar to that for H_D. Since it's made by the same guy "Andy Ful" maybe he has later plans for a portable version...
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,593
Yes I know it's a Hard_Configurator thread, I was just referring to ConfigureDefender as how it's portable and was hoping that there was something similar to that for H_D. Since it's made by the same guy "Andy Ful" maybe he has later plans for a portable version...
H_C cannot be portable in this way like Configurator (one executable) because it uses several executables. Some of them are free tools made by someone else (NirSoft FullEventLogView, Sysinternals Autoruns, 7-ZIP).
It is semiportable, which means that you can copy the c:\Windows\Hard_Configurator folder to another machine (to the same location) with the same Windows bitness (64-bit or 32-bit) and it will work.
 
Last edited:

Special

Level 1
Verified
Mar 24, 2016
43
It is semiportable, which means that you can copy the c:\Windows\Hard_Configurator folder to another machine...
This was what I was mainly after, good to know.Maybe in the future, you can have a .zip/7z or a "portable" mode option in the installer that lets you choose the location where things go, instead of defaulting to C:\Windows\
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,593
This was what I was mainly after, good to know.Maybe in the future, you can have a .zip/7z or a "portable" mode option in the installer that lets you choose the location where things go, instead of defaulting to C:\Windows\
No. H_C requires the hardcoded path for RunAsSmartScreen and RunBySmartScreen executables. It should be somewhere in the c:\Windows or c:\Program Files, because those folders (and subfolders) are not writable (mostly) with standard rights. So, the malicious process cannot easily replace H_C executables, unless it will gain high privileges. The c:\Windows folder is better, because the casual user cannot easily access H_C as compared to c:\Program Files.
 
Last edited:

Gandalf_The_Grey

Level 84
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,415
Installing Logitech Options software for my mouse is a challenge for my white-listing skills :unsure:
Blocked are:
C:\ProgramData\Logishrd\LogiOptions\Software\7.12.43\LogiOptionsMgr.exe
C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
C:\ProgramData\Logishrd\LogiOptions\Software\Current\Updater.exe
C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsUI.exe
C:\Users\xxxx\AppData\Local\Temp\LogiOptions\Updater\DJCU_0.0.exe
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,593
Installing Logitech Options software for my mouse is a challenge for my white-listing skills :unsure:
Blocked are:
C:\ProgramData\Logishrd\LogiOptions\Software\7.12.43\LogiOptionsMgr.exe
C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
C:\ProgramData\Logishrd\LogiOptions\Software\Current\Updater.exe
C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsUI.exe
C:\Users\xxxx\AppData\Local\Temp\LogiOptions\Updater\DJCU_0.0.exe
The first question is: Do I really need it?:unsure:
The fact that you can install something, does not mean that it is necessary.:giggle:
If the mouse works well on the native Windows 10 software, then I would skip Logitech Options software. Such software can cause incompatibilities with Windows Updates/Upgrades.

The easy whitelisting rules (use <Add Path*Wildcards>):
C:\ProgramData\Logishrd\LogiOptions\Software\*\*.exe
C:\Users\xxxx\AppData\Local\Temp\LogiOptions\Updater\DJCU_?.?.exe

Yet, I would not use the second rule (it is in the Temp folder). The updates can be done manually, probably once for a few years.(y)
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,593
The whitelisting of a blocked file path is usually very simple:
  1. Every folder name in the blocked path can be replaced by the asterisk * .
  2. Every file name in the blocked path can be replaced by the asterisk * .
  3. Every file extension in the blocked path can be replaced by the asterisk * .
  4. Every single random letter or digit can be replaced by a question mark ? .
Example of blocked paths (the overlapping part is in green):

C:\ProgramData\Logishrd\LogiOptions\Software\7.12.43\LogiOptionsMgr.exe
C:\ProgramData\Logishrd\LogiOptions\Software\
Current\LogiOverlay.exe
C:\ProgramData\Logishrd\LogiOptions\Software\
Current\Updater.exe
C:\ProgramData\Logishrd\LogiOptions\Software\
Current\LogiOptionsUI.exe

The folder names and file names which differ can be replaced by asterisks:
C:\ProgramData\Logishrd\LogiOptions\Software\*\*.exe
C:\ProgramData\Logishrd\LogiOptions\Software\*\*.exe
C:\ProgramData\Logishrd\LogiOptions\Software\*\*
.exe
C:\ProgramData\Logishrd\LogiOptions\Software\*\*
.exe

So, in fact, we have got a single rule:
C:\ProgramData\Logishrd\LogiOptions\Software\*\*.exe

If we would like more complex rules then the folder name "7.12.43" (related to software version) could be replaced by "?.??.??", and w have got two rules:
C:\ProgramData\Logishrd\LogiOptions\Software\?.??.??\*.exe
C:\ProgramData\Logishrd\LogiOptions\Software\*\*.exe
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,593
@Andy Ful I recently installed it on my system and i really like it. Haven't you decided any icon or logo for it? It will be really cool.
Your welcome:

Version 4.0.1.0
1. Added a new version of RunBySmartScreen (minor changes)
2. Added a new version of ConfigureDefender.
Version 2.0.0.1
a) Added icon.
b) Added the button <Defender Security Log>, which allows seeing last 200 Windows
Defender events.
c) Added the splash alert when applying time-consuming features.
d) Renamed option "Reporting Level (MAPS membership level)" to "Cloud-delivered
Protection".
e) Extended the abilities of <REFRESH> button.
f) Updated the changes made by Microsoft to allow file & folder exclusions for some
additional ASR rules.
g) Corrected the issue with closing the application.
h) Extended the help.
3. Added more blocked Sponsors (total number 173).
4. Added more blocked Sponsors to Enhanced profiles.
5. Added new icons for H_C executables.

212815
 
Last edited:

Freki123

Level 16
Verified
Top Poster
Aug 10, 2013
753
H_C cannot be portable in this way like Configurator (one executable) because it uses several executables. Some of them are free tools made by someone else (... 7-ZIP).
Sorry for the noob questions:
-When i take a look at C:\Windows\Hard_Configurator\Tools\7zip(x64) the 7-zip version is 18.05 on HC 4.0.0.2. Since most packers released updates for the win rar / "ace filetype problem" is that a risk?
-Since most games require adminrights to run is there a save way to have protection and not have evertime to type the admin password?
- Does SUA helps me in any way if i fxxxx up? Like getting compromised on SUA and granting admin for legit game?

I like the H_C icon style, the switch icon doesn't look switchy enough for my taste :D
For me somthing with on/off or a green/red switchthingy looks easier to understand.
 
Last edited:

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,593
Sorry for the noob questions:
-When i take a look at C:\Windows\Hard_Configurator\Tools\7zip(x64) the 7-zip version is 18.05 on HC 4.0.0.2. Since most packers released updates for the win rar / "ace filetype problem" is that a risk?
It is not a risk, because all H_C tools are not installed in the system (invisible fo the malware in the wild) and specially protected by H_C (like the blocked sponsors). The tools are used only by H_C, and 7-ZIP is used to compress/decompress only files with custom extension *.hdc. Anyway, once a year I usually update these tools.
-Since most games require adminrights to run is there a save way to have protection and not have evertime to type the admin password?
Most games do not require admin rights. You should whitelist them properly to run without admin rights. Do not run games with admin rights - this is not safe. If you have a problem then post here or PM.
- Does SUA helps me in any way if i fxxxx up? Like getting compromised on SUA and granting admin for legit game?
SUA is useless if you run games with admin rights.
I like the H_C icon style, the switch icon doesn't look switchy enough for my taste :D
For me somthing with on/off or a green/red switchthingy looks easier to understand.
If you can create a better icon, and H_C users will like it, then I may use it in the next version.:giggle:(y)
 
Last edited:

Gandalf_The_Grey

Level 84
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,415
The first question is: Do I really need it?:unsure:
The fact that you can install something, does not mean that it is necessary.:giggle:
If the mouse works well on the native Windows 10 software, then I would skip Logitech Options software. Such software can cause incompatibilities with Windows Updates/Upgrades.

The easy whitelisting rules (use <Add Path*Wildcards>):
C:\ProgramData\Logishrd\LogiOptions\Software\*\*.exe
C:\Users\xxxx\AppData\Local\Temp\LogiOptions\Updater\DJCU_?.?.exe

Yet, I would not use the second rule (it is in the Temp folder). The updates can be done manually, probably once for a few years.(y)
I had some issues with my mouse and they're solved by installing this software. So I probably don't need it, but it works now for me. Thanks again for your support. Will have a look at the updater when I'm back home.
 

Freki123

Level 16
Verified
Top Poster
Aug 10, 2013
753
Most games do not require admin rights. You should whitelist them properly to run without admin rights. Do not run games with admin rights - this is not safe. If you have a problem then post here or PM.
If you can create a better icon, and H_C users will like it, then I may use it in the next version.:giggle:(y)
The game is Starwars the old republic. Legit online mmorpg. I whitelisted:
D:\Games\Swtor\swtor\retailclient\swtor.exe (***) BioWare, A Division of Electronic Arts Star Wars: The Old Republic 3.2.2.0
D:\Games\Swtor\launcher.exe (***) BioWare SWTOR Launcher 3.2.6.0
D:\Games\Swtor\brwc_swtor.exe (***) BitRaider, LLC BitRaider Distribution Web Client 1.3.3.4098
And it still prompts for admin rights.
Windows 10, 64bit 1809 installed on C:, D: is my games ssd.

E.g what i meant with the on/off switch (the ones with words)
Sadly i can't create anything so i just give feedback trying to be constructive :)

@Gandalf_The_Grey Not sure which mouse you got, but maybe the "Logitech Gaming Software" instead of the "Logitech Options" will work also? My G400s runs with "Logitech Gaming Software" and i didn't whitelist anything in H_C.
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,593
Hi I do not use windows smartscreen ,can I still use your program?Thks
Yes. SmartScreen is just a secure and convenient way to install new applications. Anyway, you have to set :
<Run As SmartSceen> = OFF
<Hide 'Run As Administrator''> = OFF
Now you can bypass default-deny protection by using "Run as administrator" option from Explorer context menu.

The game is Starwars the old republic. Legit online mmorpg. I whitelisted:
D:\Games\Swtor\swtor\retailclient\swtor.exe (***) BioWare, A Division of Electronic Arts Star Wars: The Old Republic 3.2.2.0
D:\Games\Swtor\launcher.exe (***) BioWare SWTOR Launcher 3.2.6.0
D:\Games\Swtor\brwc_swtor.exe (***) BitRaider, LLC BitRaider Distribution Web Client 1.3.3.4098
And it still prompts for admin rights.
Windows 10, 64bit 1809 installed on C:, D: is my games ssd.

E.g what i meant with the on/off switch (the ones with words)
Sadly i can't create anything so i just give feedback trying to be constructive :)

@Gandalf_The_Grey Not sure which mouse you got, but maybe the "Logitech Gaming Software" instead of the "Logitech Options" will work also? My G400s runs with "Logitech Gaming Software" and i didn't whitelist anything in H_C.
You have to look at the blocked events using <Tools> <BlockedEvents / Security Logs>.
Please, post here the paths which were blocked.
 

Freki123

Level 16
Verified
Top Poster
Aug 10, 2013
753
@Andy Ful When i click the launcher.exe there is instant an adminprompt. So if i grant it there is no block, when i click no there is no entry in the logs either.
svchost.exe (PID = 1940) identified D:\Games\Swtor\launcher.exe as Unrestricted using default rule, Guid = {11015445-d282-4f86-96a2-9e485f593302}
under advanced logging if given admin
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,593
@Andy Ful When i click the launcher.exe there is instant an adminprompt. So if i grant it there is no block, when i click no there is no entry in the logs either.
Understand. So, this is a launcher issue, not related to H_C protection. What kind of launcher it is and why the hell it requires admin rights????:unsure:
 

Freki123

Level 16
Verified
Top Poster
Aug 10, 2013
753
Understand. So, this is a launcher issue, not related to H_C protection. What kind of launcher it is and why the hell it requires admin rights????:unsure:
Its the legit unmodified swtor launcher that starts any patching they do for updates (via bitraider or so). After the game is patched you can play it.
The launcher.exe opens the screen for your logindata. After entering them any needed patching would start. After that i guess launcher.exe? starts the swtor.exe which is the mainexe for the game.
Why the hell it needs admin rights? No clue. But the game is as legit as it gets. No crack, private server whatever. Only bioware can answer why they need admin :D Just wanted to ask since you mentioned games don't need admin and i wanted to know what i did wrong?
 
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top