SysHardener: Harden Windows Settings

Discussion in 'other anti-malware software' started by novirusthanks, Feb 26, 2018.

  1. novirusthanks

    novirusthanks Developer

    Joined:
    Nov 5, 2010
    Posts:
    1,027
    Location:
    Italy
    We've just released a new free tool: SysHardener

    syshardener.png

    This free security tool helps you harden Windows settings to mitigate online threats. You can enable UAC (commonly disabled by malware), unassociate bad file types (i.e JS, VBS, VBE, WSH, etc), disable autorun.inf on removable devices, enable DEP and SEH on all programs, turn off Windows Script Host (Wscript.exe), turn on SmartScreen, disable unneeded Windows services, disable Javascript on Adobe Reader, disable macros\OLE\Activex on Office, disable Javascript on Foxit Reader, block outbound connections of commonly hijacked system programs (i.e powershell.exe, wscript.exe, winword.exe, etc) via Windows Firewall rules, and much more. All these system hardening tweaks can help mitigate common today threats. Especially useful also the Windows firewall rules to block outbound connections of powershell, wscript, mshta, winword, excel, etc so an exploit cannot download the remote payload.

    Product page & download:
    http://www.novirusthanks.org/products/syshardener/

    Works on Vista+ OS and is freeware.
     
  2. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,289
    Hi Andreas

    Do you think this adds anything to OSA??
     
  3. plat1098

    plat1098 Guest

    I just added this to my older machine, it seems very handy for another Windows Defender supplement. The only thing so far is that OSArmor notifies when I changed several settings (only elevate executables that are signed and validated, for eg.). Here are two notices. Even though the log says "blocked," the settings seemed to be enabled on reboot. Should OSArmor not have blocked these changes outright? OSArmor could have then been disabled to enable the changes if so.

    OSA note.PNG

     
  4. novirusthanks

    novirusthanks Developer

    Joined:
    Nov 5, 2010
    Posts:
    1,027
    Location:
    Italy
    @Peter2150

    This is a program that tweaks Windows settings and doesn't add any real-time protection.

    You can use it to further improve Windows security by disabling unnecessary functionalities and secure Office\Adobe Reader\etc.

    I personally use OSA for real-time protection, and I have applied tweaks from SysHardener (i.e Windows Firewall rules, Windows services disabled, etc).

    I also disabled macros\OLE\activex on Office and applied tweaks for Foxit Reader (disabled Javascript, etc).

    You may need to re-apply tweaks if Windows upgrades to a major build since during the upgrade some tweaks may be removed or restored to defaults.

    @plat1098

    Yes you may disable OSA, apply the tweaks and re-enable OSA.

    Or add that exclusion to Exclusions.db (I may add it internally on OSA on the next build).
     
  5. WildByDesign

    WildByDesign Registered Member

    Joined:
    Sep 24, 2013
    Posts:
    2,587
    Location:
    Toronto, Canada
    There is some really great stuff in here. Some true gems of tweaks, for sure. There is a lot of stuff within this tool which we would normally have to set all manually. So this can save time and is quite convenient. :thumb:
     
  6. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,838
    Location:
    Poland - Cracow
  7. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,289
    Hi Andreas

    On request. Could you add all the acrobat reader options for Acrobat itself??
     
  8. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    8,329
    Location:
    U.S.A. (South)
    Amen. Wholeheartily second that acrobat reader request.

    As innocent as it's been for years on my machines employing varying little methods here and there, and nothing has ever even had a chance to tamper it, an option for options with it can only serve to help confidently keep it secure through this app.

    Thanks. Dang @novirusthanks, you guys churn out a stack of all sorts of security apparatus.

    I been quietly following many releases that come out from time to time and you guys just keep forming up more all the time. Awesome!
     
  9. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    5,768
    Location:
    Europe then Asia
    Nice tool, it includes many of my tweaks , now i don't have to apply them separately. Well done @novirusthanks :thumb:
     
  10. Buddel

    Buddel Registered Member

    Joined:
    Apr 28, 2015
    Posts:
    968
    I love this new tool. Well done, Andreas.:thumb:

    PS: Would be great if it were possible to save and restore individual settings.
     
    Last edited: Feb 26, 2018
  11. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    5,768
    Location:
    Europe then Asia
    +1
     
  12. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    5,768
    Location:
    Europe then Asia
    By the way, there is some functionality differences between the installed and portable version?
     
  13. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    8,329
    Location:
    U.S.A. (South)
    +1

    Now that is a wonderful suggestion. How about it @novirusthanks. Possible?
     
  14. JoWazzoo

    JoWazzoo Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    241
    Location:
    Ether
    More neat toys from NVT! Thanks DLing now. :thumb:
     
  15. shmu26

    shmu26 Registered Member

    Joined:
    Jul 9, 2015
    Posts:
    1,346
    [QUOTE="ichito, post: 2740767, member: 115116"how it can be compared to Hard_Configurator?
    https://github.com/AndyFul/Hard_Configurator[/QUOTE]
    This NVT tool has a lot more Windows tweaks. On the other hand, Andy Ful's tool has SRP.
     
  16. shmu26

    shmu26 Registered Member

    Joined:
    Jul 9, 2015
    Posts:
    1,346
    Does it need to be run again on every user account, for the settings that are user account specific?

    A related issue: I ran it on my admin account, but in my LUA, I saw that .vbs was still associated with wscript.
    So I ran it again, in the LUA, and I rebooted, and Windows settings showed that .vbs was still associated with wscript.
    What is going wrong?

    Another thing: I don't even see the other file types that it is supposed to change. .vbs is the only one I see. For instance, I don't see .vbe in the list in Windows settings.

    Help...
     
  17. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    14,791
    Harden Windows PCs with SysHardener
    February 26, 2018
    https://www.ghacks.net/2018/02/26/harden-windows-pcs-with-syshardener/
     
  18. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    3,211
    Location:
    .
    1) does the default checked boxes (upon initial SysHardener launch) for the selected tweaks = the default original values set by my WinOS, on my setup, on my user account.
    2) does Select Defaults do the same as Restore Defaults
     
    Last edited: Feb 26, 2018
  19. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,097
    Location:
    South Texas, USA
    Great little tool, easy to use, but I have one question. When you first run it, is it using NVT defaults, or what is already enabled\disabled by the system's user? Thanks!
     
  20. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    14,791
    After i have launched it for the first time, the second option should be shown as ticked but it was unticked. This means it is high likely using settings which are set in the file settings.ini
     
  21. novirusthanks

    novirusthanks Developer

    Joined:
    Nov 5, 2010
    Posts:
    1,027
    Location:
    Italy
    @Peter2150

    The options related to Adobe Reader makes that changes also to Acrobat Reader DC, Acrobat Reader XI, Adobe Reader 7\8\9\10.

    @Buddel

    You can already restore individual tweaks:

    Select only tweaks you want to restore to their defaults values, then click on "Restore Defaults".

    @Umbra

    Portable version is same as installer version.

    @shmu26

    Looks like the unassociation of file types doesn't work in all occasions (another user reported this), or at least it isn't always permanent.

    We'll improve it asap.

    @mood

    We'll try to add explaination for each tweak in the next versions as suggested by gHacks review.

    @bjm_ @dja2k

    The program loads the selected tweaks from Settings.ini located in the same folder of SysHardener.exe

    And by default are enabled only tweaks that can be useful for most regular users.

    When you close the program or when you click the "Apply Selected" or "Restore Defaults" button the program saves the checked tweaks in Settings.ini.

    The "Select Defaults" from the top-right button "Un\Select All" just checks the tweaks recommended by the program (the ones enabled by default).

    The button "Restore Defaults" restores the selected tweaks to their default value (the original value set by the OS).
     
  22. WildByDesign

    WildByDesign Registered Member

    Joined:
    Sep 24, 2013
    Posts:
    2,587
    Location:
    Toronto, Canada
    I experienced this as well with my LUA. Temporary fix (worked for me): Go to your Admin account and temporarily re-instate your LUA to administrative privileges. Reboot back into your LUA (now with admin privs) and enable what you want with SysHardener. Reboot and ensure all settings have taken place and stayed in place. Reboot back into your main Admin account and revoke your Admin privileges from your original LUA, making it true LUA like before. Reboot and ensure all settings are good. Anyway, this workaround is what worked for me with SysHardener and my LUA.
     
  23. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    3,211
    Location:
    .
    "restore to their defaults values" ... you mean the value set by the OS or set upon initial SysHardener launch + Apply Selected?

    seems like I'd click on "Apply Selected" because "Restore Defaults" restores the selected tweaks to the original value set by the OS and not set by SysHardener defaults?
     
    Last edited: Feb 26, 2018
  24. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,289
    Hi Andreas

    On Adobe I was not talking about "reader" but the full Adobe Acrobat
     
  25. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    6,790
    Location:
    Among the gum trees
    It would be good if there was a return to the settings prior to installation as well.
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.