Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Hard_Configurator Tools
Run by Smartscreen utility
Message
<blockquote data-quote="ForgottenSeer 107474" data-source="post: 1084324"><p>Both WDAC-ISG and SRP allow Windows, Program Files, Program Files (x86) and ProgramData\\Microsoft\Windows Defender\Platform. SRP blocks the file extensions set by H_C for standard users with your extra Windows 'UAC hole' folders protection plus your exe/msi/tmp blocks for LocalLow and zip extraction folders +your H_C sponsor blocks and allows exceptions for lnk from the safe locations you specified in H_C. I am using Outlook and only Windows build-in zip, so don't need the exe/msi/tmp blocks of the other archivers and email programs. I added (exe/msi/tmp) deny for my public and download folder plus Documents/Images/Music/Video folders on D (data) partiion. I have been running your H_C config in SWH-mode plus sponsor blocks for standard with CD on MAX with all ASR rules enabled since I bought my previous laptop in 2021. Only when HP support assistant tells me it has new drivers, I have to enable CMD through reg-file temporarely.</p><p></p><p>I know you often post that SWH compared to SWH + blocking LoLbins is onlly marginally better protection. When I disable CMD the SRP block warning seems to overrule the CDM disabled and no access allowed messages. For my wife it is clearer. When she would encounter an SRP block she would know the admin set policies to block it, while the others may confuse here that something is malfunctioning. So for me it is more a useability tweak than a security tweak to add LoLBin blocks.</p></blockquote><p></p>
[QUOTE="ForgottenSeer 107474, post: 1084324"] Both WDAC-ISG and SRP allow Windows, Program Files, Program Files (x86) and ProgramData\\Microsoft\Windows Defender\Platform. SRP blocks the file extensions set by H_C for standard users with your extra Windows 'UAC hole' folders protection plus your exe/msi/tmp blocks for LocalLow and zip extraction folders +your H_C sponsor blocks and allows exceptions for lnk from the safe locations you specified in H_C. I am using Outlook and only Windows build-in zip, so don't need the exe/msi/tmp blocks of the other archivers and email programs. I added (exe/msi/tmp) deny for my public and download folder plus Documents/Images/Music/Video folders on D (data) partiion. I have been running your H_C config in SWH-mode plus sponsor blocks for standard with CD on MAX with all ASR rules enabled since I bought my previous laptop in 2021. Only when HP support assistant tells me it has new drivers, I have to enable CMD through reg-file temporarely. I know you often post that SWH compared to SWH + blocking LoLbins is onlly marginally better protection. When I disable CMD the SRP block warning seems to overrule the CDM disabled and no access allowed messages. For my wife it is clearer. When she would encounter an SRP block she would know the admin set policies to block it, while the others may confuse here that something is malfunctioning. So for me it is more a useability tweak than a security tweak to add LoLBin blocks. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
