Umbra

Level 85
Content Creator
Verified
Joined
May 16, 2011
Messages
18,517
OS
Windows 10
Antivirus
Default-Deny
#1
We've just released a new free tool: SysHardener

syshardener.png


This free security tool helps you harden Windows settings to mitigate online threats. You can enable UAC (commonly disabled by malware), unassociate bad file types (i.e JS, VBS, VBE, WSH, etc), disable autorun.inf on removable devices, enable DEP and SEH on all programs, turn off Windows Script Host (Wscript.exe), turn on SmartScreen, disable unneeded Windows services, disable Javascript on Adobe Reader, disable macros\OLE\Activex on Office, disable Javascript on Foxit Reader, block outbound connections of commonly hijacked system programs (i.e powershell.exe, wscript.exe, winword.exe, etc) via Windows Firewall rules, and much more. All these system hardening tweaks can help mitigate common today threats. Especially useful also the Windows firewall rules to block outbound connections of powershell, wscript, mshta, winword, excel, etc so an exploit cannot download the remote payload.

Product page & download:
Harden Windows Settings with SysHardener | NoVirusThanks

Works on Vista+ OS and is freeware.

Nice tool, tried it, adopted it. it does what i used to do manually.
 
Last edited by a moderator:

shmu26

Level 69
Content Creator
Verified
Joined
Jul 3, 2015
Messages
5,899
OS
Windows 10
#13
You need to run it again on every user account, because some of the settings are user account specific.
I am not sure anymore that this is true. I said it because I saw that .vbs was still associated with Wscript in my standard user account. But I ran it again, and it is still associated. So I can't figure out what went wrong...
 

Av Gurus

Level 29
AV-Tester
Verified
Joined
Sep 22, 2014
Messages
1,807
OS
Windows 10
#16
I Enable "Only Elevate Exe that are signed..." restart and then Disabled that options (and restart again) but i still get Warning messages and can't run the exe?

Clipboard01.jpg

Update:
Same thing is for options "Show Hidden and system files"

Clipboard01.jpg

Also, "Restore Defaults" doesn't do nothing.

I have Portable version, run as Admin.

UPDATE 2:
I check the Settings.ini and this looks strange...

Clipboard01.jpg
 
Last edited:

NoVirusThanks

From NoVirusThanks
Developer
Verified
Joined
Aug 23, 2012
Messages
180
OS
Windows 10
#20
@Av Gurus @plat1098

To remove the tweak "Only elevate executables that are signed and validated" from your system:

Try to do as follow:

1) Disable OSA (if installed)
2) Run SysHardener
3) Click on the button on the top-right "Un\Select All" -> Click on "UnSelect All"
4) Now all tweaks are unchecked
5) Check the option "Only elevate executables that are signed and validated"
6) Click on the button "Restore Defaults"
7) Reboot the PC

This way you will restore that selected tweak "Only elevate executables that are signed and validated" to its default value (that is disabled by the OS by default).

So now you'll be able to elevate unsigned executables as before.

@BryanB

Same for me, disabling RMS doesn't seem to affect the WiFi here.

If someone notice any issues please post here and in case I'll remove that option.

@TairikuOkami

It would be nice, if it would detect the current settings, even for version 1.0, it is a basic feature, easily done.
We can do that on the next version. We may offer a button "Backup\Restore current settings" or similar.

A great idea, but half baked and badly implemented. I always find novirusthanks tools interesting, but after trying them out, I leave them in the dust.
That's fine and I respect your opinion.

We'll do our best to improve this application.

@Evjl's Rain

Default settings should be enough for most users.

@shmu26

Looks like the unassociation of file types doesn't work in all occasions (another user reported this), or at least it isn't always permanent.

We'll improve it asap.

You need to run it again on every user account, because some of the settings are user account specific.
Yes correct.

If SysHardener doesn't already let you set constrained language for powershell, that would be a good option to add.
We'll add that tweak on the next build.

We'll try to add explaination for each tweak in the next versions as suggested by gHacks review.