NVT SysHardener: Harden Windows Settings

D

Deleted member 178

Thread author
We've just released a new free tool: SysHardener

syshardener.png


This free security tool helps you harden Windows settings to mitigate online threats. You can enable UAC (commonly disabled by malware), unassociate bad file types (i.e JS, VBS, VBE, WSH, etc), disable autorun.inf on removable devices, enable DEP and SEH on all programs, turn off Windows Script Host (Wscript.exe), turn on SmartScreen, disable unneeded Windows services, disable Javascript on Adobe Reader, disable macros\OLE\Activex on Office, disable Javascript on Foxit Reader, block outbound connections of commonly hijacked system programs (i.e powershell.exe, wscript.exe, winword.exe, etc) via Windows Firewall rules, and much more. All these system hardening tweaks can help mitigate common today threats. Especially useful also the Windows firewall rules to block outbound connections of powershell, wscript, mshta, winword, excel, etc so an exploit cannot download the remote payload.

Product page & download:
Harden Windows Settings with SysHardener | NoVirusThanks

Works on Vista+ OS and is freeware.

Nice tool, tried it, adopted it. it does what i used to do manually.
 
Last edited by a moderator:

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
You need to run it again on every user account, because some of the settings are user account specific.
I am not sure anymore that this is true. I said it because I saw that .vbs was still associated with Wscript in my standard user account. But I ran it again, and it is still associated. So I can't figure out what went wrong...
 

Av Gurus

Level 29
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Sep 22, 2014
1,767
I Enable "Only Elevate Exe that are signed..." restart and then Disabled that options (and restart again) but i still get Warning messages and can't run the exe?

Clipboard01.jpg

Update:
Same thing is for options "Show Hidden and system files"

Clipboard01.jpg

Also, "Restore Defaults" doesn't do nothing.

I have Portable version, run as Admin.

UPDATE 2:
I check the Settings.ini and this looks strange...

Clipboard01.jpg
 
Last edited:

NoVirusThanks

From NoVirusThanks
Verified
Developer
Well-known
Aug 23, 2012
292
@Av Gurus @plat1098

To remove the tweak "Only elevate executables that are signed and validated" from your system:

Try to do as follow:

1) Disable OSA (if installed)
2) Run SysHardener
3) Click on the button on the top-right "Un\Select All" -> Click on "UnSelect All"
4) Now all tweaks are unchecked
5) Check the option "Only elevate executables that are signed and validated"
6) Click on the button "Restore Defaults"
7) Reboot the PC

This way you will restore that selected tweak "Only elevate executables that are signed and validated" to its default value (that is disabled by the OS by default).

So now you'll be able to elevate unsigned executables as before.

@BryanB

Same for me, disabling RMS doesn't seem to affect the WiFi here.

If someone notice any issues please post here and in case I'll remove that option.

@TairikuOkami

It would be nice, if it would detect the current settings, even for version 1.0, it is a basic feature, easily done.

We can do that on the next version. We may offer a button "Backup\Restore current settings" or similar.

A great idea, but half baked and badly implemented. I always find novirusthanks tools interesting, but after trying them out, I leave them in the dust.

That's fine and I respect your opinion.

We'll do our best to improve this application.

@Evjl's Rain

Default settings should be enough for most users.

@shmu26

Looks like the unassociation of file types doesn't work in all occasions (another user reported this), or at least it isn't always permanent.

We'll improve it asap.

You need to run it again on every user account, because some of the settings are user account specific.

Yes correct.

If SysHardener doesn't already let you set constrained language for powershell, that would be a good option to add.

We'll add that tweak on the next build.

We'll try to add explaination for each tweak in the next versions as suggested by gHacks review.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top