Discussion in 'other anti-malware software' started by novirusthanks, Feb 26, 2018.
Works, and remembers settings here. Good work.
As far as remembering the settings is concerned, there might be a difference between the "regular" and the portable version of this program. Just guessing.
Using "regular" here.
using portable here. my settings are remembered and since the first version.
On installing SysHardener I see that some checkboxes are ticked. Are these read by SysHardener from the system settings at the time of its installation?
No, I suggested to have something like that:
Thank you imuade. I was hoping that SysHardener would give me a list of settings which I could revert to if necessary. SysHardener has a handy set of buttons in the System Tools tab so I won't be uninstalling it but I won't be using it to modify settings when I haven't the faintest idea what many of them are before I start to change them.
Never installed it but won’t if this doesn’t grt changed.
@novirusthanks as OSA and ERP , no issues (yet) on Spring Creators Update.
What about Syshardener? Are all policies set by it still valid in new update of Windows?
yes, no issue so far (obviously i didn't tried to verify each of them , but those i set in Fall still work in Spring).
Good to know before the update hits me. Thanks!
Just a question, with Spring Creators update coming up, would a backup option be good to add. I think the update will revert some options.
When I uninstall and install again, I have to go pick my settings again because they are not checked (don't know if they are applied). Is this normal behavior? I know if you have the application installed and you apply the settings, next time you open the app, your settings are checkmarked.
Same. Am sort of a portables type and always prefer it that way where they can be of most use w/o overhead of adding things to the system.
SysHardener is no exception, and it just plain works on this end.
Suggestion: block scrcons.exe from connecting out?
Great little software. Thanks for the update.
Released SysHardener v1.5:
Here is the changelog:
+ Updated Help\FAQs file
+ Added new command-line parameter: /customsettings "C:\Path\To\Settings.ini"
+ Removed button "Un\Select All" -> Use the "Tweaks" menu in the top main menu
+ Added option "Save to .INI file" on "Tweaks" main menu
+ Added option "Load from .INI file" on "Tweaks" main menu
+ New option Block Outbound Connections for Cmstp.exe (checked)
+ New option Block Outbound Connections for Esentutl.exe (checked)
+ New option Block Outbound Connections for Extrac32.exe (checked)
+ New option Block Outbound Connections for Expand.exe (unchecked)
+ New option Block Outbound Connections for Makecab.exe (checked)
+ New option Block Outbound Connections for Pcalua.exe (checked)
+ New option Block Outbound Connections for Print.exe (unchecked)
+ New option Block Outbound Connections for Replace.exe (unchecked)
+ New option Block Outbound Connections for ScriptRunner.exe (checked)
+ New option Block Outbound Connections for Scrcons.exe (checked)
+ New option Block Outbound Connections for Ftp.exe (unchecked)
+ New option Block Outbound Connections for Tftp.exe (unchecked)
+ New option Block Outbound Connections for Telnet.exe (unchecked)
+ Improved detection of Acrobat Reader 11.0
Screenshot fo the "Save to .INI file" and "Load from .INI file" options:
this is what i waited for .
Been reading a lot of demands for such a feature. Will make a whole lot of peeps very satisfied now they can keep their original and save/load new configs with this.
yep many of the tools NVT produce are excellent in term of productivity.
Does the ini file catch the settings you currently have selected, or does it rather catch the current state of your system?
Let's say I didn't apply any tweaks at all yet. I want to save my current state before tweaking. Will the ini file catch my current state? Or is there another way to do that, besides making a Windows restore point?
i believe it is only the settings.
I was asking for that option, but I don't know if it has been implemented
SH isn't real time, it is just a GUI that load some powershell scripts to enable/disable the selected options. When you install it it doesn't read anything on your system, it is why when you update it on top on the previous versions, the default setup are shown, you had to re-applied your preferred options, but now with the ini file import/export feature, you can do it in a click.
I've been a long time reader of this forum. I am trying both SysHardener and OSArmor, and I'm very impressed. Thank you to NoVirusThanks for making hardening so much easier than it has been. I've typically applied about 70 GPO hardening steps and 8 Registry hardening changes manually. SysHardener and OSArmor have captured the vast majority of those changes in a much faster and easier to use format, and have also provided additional hardening steps that I had not previously considered.
I would like to suggest some following hardening steps be considered for SysHardener. I've used these on my PCs. If some of these steps are already in SysHardener and I simply missed them, then please disregard.
GPO Settings: LLMNR: Multicast Name Resolution, Force GPO Refresh, Bitlocker Drive Encryption: Drive encryption method and cipher strength; Disable new DMA devices when computer is locked, Disable heap termination upon corruption, Disable remote shell access
Powershell Hardening Commands: Scan all scripts when they are seen or run. Enable PUA Protection
Separate names with a comma.