Hard_Configurator - Windows Hardening Configurator

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
Bingo!
That's it. You're the Boss....
I did not test (on Windows 1903 and 1809) if this issue will vanish after removing Child Account restrictions. In theory, the issue can be persistent. Please, let me know if the SRP functionality has been recovered.(y)
 
Last edited:

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
I did not test (on Windows 1903 and 1809) if this issue will vanish after removing Child Account restrictions. In theory, the issue can be persistent. Please, let me know if the SRP functionality has been recovered.(y)
So I left Microsoft Family, and SRP did not start working again, even after a reboot. I reinstalled SRP, and still no go.
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
So I left Microsoft Family, and SRP did not start working again, even after a reboot. I reinstalled SRP, and still no go.
I made some preliminary tests. After making child account and accepting by the child the parental control, SRP does not work properly. It is not related to SRP settings so reinstalling SRP does not help. Also removing Child Account does not help. It is a frustrating bug. I will try to analyze the registry changes (it will take some time).(y)
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
I made some preliminary tests. After making child account and accepting by the child the parental control, SRP does not work properly. It is not related to SRP settings so reinstalling SRP does not help. Also removing Child Account does not help. It is a frustrating bug. I will try to analyze the registry changes (it will take some time).(y)
Thanks.
I did things a little differently. I added my regular admin Microsoft account, with my true birth date, as a "child" into a different Microsoft account. My goal was to have anti-porn filtering in Edge browser. When I saw it was problematic, I removed myself from the "family".

I am also wondering if this child account thing is making the update from 1809 to 1903 to fail. I did the upgrade successfully one time, but when I restored a 1809 system image, now I can't upgrade anymore. It is the only significant change I can think of between then and now.
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
Hard_Configurator ver. 5.0.0.0 (new version)

For Windows 64-bit:
https://github.com/AndyFul/Hard_Configurator/blob/master/Hard_Configurator_setup(x64)_5.0.0.0.exe
For Windows 32-bit: https://github.com/AndyFul/Hard_Configurator/blob/master/Hard_Configurator_setup(x86)_5.0.0.0.exe

What is new in
ver. 5.0.0.0 ?
1. Added the new version of ConfigureDefender with additional ASR rule: "Block persistence through WMI event subscription".
2. Minor bugs corrected.
3. H_C executables are accepted by SmartScreen.
:giggle: (y)
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
It will update from the update button in the GUI?
Yes. :giggle:
Update or is a clean install required? And thank you @Andy Ful HC saves me so much time and it's helped me with family members systems. Have you got a donation page?
A clean install is not required. Just use the <Update> button and consider if you need the added features.
I have a Code Signing certificate valid to July 2020. For now, I did not have a donation page. I will see in next year if a donation will be necessary.(y)
 

silversurfer

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,048
Update-Button works fine here, it downloads Version 5.0 successfully:

HC.png
 

blueblackwow65

Level 23
Verified
Well-known
Dec 19, 2012
1,243
Hi I might be trying version 5 quick config I would think is best,I have Norton with VS and Comodo firewall, what do I need to get rid of if anything/ Thks
 
  • Like
Reactions: Andy Ful

ZeroDay

Level 30
Verified
Top Poster
Well-known
Aug 17, 2013
1,905
Yes. :giggle:

A clean install is not required. Just use the <Update> button and consider if you need the added features.
I have a Code Signing certificate valid to July 2020. For now, I did not have a donation page. I will see in next year if a donation will be necessary.(y)
Thank you. And I think you should set up a donation page, I know everyone here really appreciates your work, time and effort. Update went perfectly, thanks again.

Hi I might be trying version 5 quick config I would think is best,I have Norton with VS and Comodo firewall, what do I need to get rid of if anything/ Thks
Comodo, norton already has a firewall. Keeping VS won't hurt.
 

ZeroDay

Level 30
Verified
Top Poster
Well-known
Aug 17, 2013
1,905
I have no firewall with this version of norton.Thks
Then I'd get rid of VD. VD+CF is overkill add Norton into the mix and all you're doing is increasing your attack surface. Norton AV and Just Comodo firewall at CS settings is more than enough. Add HC to that and you don't need anything else at all. You'd be fine with just Norton and Hard Configuration. Your current setup is too much and puts your more at risk if anything.
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
Hi I might be trying version 5 quick config I would think is best,I have Norton with VS and Comodo firewall, what do I need to get rid of if anything/ Thks
Adding H_C to such a setup is unnecessary, except when you are a masochist.:giggle:(y)
 
  • Like
Reactions: shmu26

oldschool

Level 81
Verified
Top Poster
Well-known
Mar 29, 2018
7,043
Hi I might be trying version 5 quick config I would think is best,I have Norton with VS and Comodo firewall, what do I need to get rid of if anything/ Thks

@andy is correct. You are over-thinking this. You have a number of possibilities, none of which include all or most of these softs. Please post your questions about security configurations on your config. thread or open a new thread. Thank you!
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
Hi I might be trying version 5 quick config I would think is best,I have Norton with VS and Comodo firewall, what do I need to get rid of if anything/ Thks
Such a setup is common among many MT users. But, look at the below thread:
:giggle:(y)

Anyway, you can use your current setup if you like it. I used a similar setup a few years ago.
As @oldschool have said, it is better to open a thread about your config. (y)
 
Last edited:

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
I looked at the test made by devjit2018 with F-Secure SAFE 17.7 with Hard_Configurator Firewall Rules (FirewallHardening option):
It seems that F-Secure missed only the 4.js malware, which is similar to the sample analyzed by Dr.Web vxCube: https://www.virustotal.com/ui/file_behaviours/151691e449047156af81357903207a74067e5a602f6c734da32144b2a7d51f7b_Dr.Web vxCube/html
From this analysis, it follows that the malware got persistence (can be easily removed). Furthermore, some Internet connections of PowerShell were blocked by FirewallHardening rules. But one connection was realized via svchost.exe which cannot be blocked, because many legal processes use svchost.exe connections. This malicious process probably bypassed protection. The infection can be easily identified by analyzing the blocked connections in the FirewallHardening Log.

Of course, the 4.js malware would be blocked by H_C settings (either Allow EXE or Recommended settings).
 
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top