Main Area and Open Discussion > Living Room
General av and anti-malware discussion
MilesAhead:
Sometimes I'll use CCleaner to root out dead registry settings. It worked so well for so long I took it for granted. I didn't save the .reg backup. Then I got a CCleaner update with a bug. I think I bailed out of the mess by using my ERUNT backup. But now I use the .reg backup, ERUNT and make sure I have a recent restore point before cleaning out the crap.
With file type associations in the registry it used to be that the file type was owned by the last app that registered it. If you uninstalled the app you were left with a "hole" in the associations. Seems the kludge to get around it was having a User Level association and a global association. When you uninstall an associated app it fills the hole with the global setting. Not exactly perfect. :)
IainB:
...I use the .reg backup, ERUNT and make sure I have a recent restore point before cleaning out the crap...
-MilesAhead (November 02, 2012, 06:26 PM)
--- End quote ---
Yes, I typically run ERUNT (option ticked to save all subhives) typically once a day, and make a daily restore point. I also try to ensure a restore point after any major update or prog. install.
I only became more rigorous in the use of ERUNT after the experience I described above. :-[
These sorts of precautions could be very useful in recovering from some kind of "corrupted" file/registry entry, or malware infestation - so you could (say) blindly do a restore, and forget about doing a root cause analysis.
If the changes to the laptop software/system occurred in a process that was in statistical control, then such an approach might be valid, but the process is not in statistical control and therefore it is no more than just a pragmatic and expedient shortcut to take such an approach. We remain ignorant as to root cause, afterwards.
MilesAhead:
If you shut down your PC every day then the Autobackup program that comes with ERUNT is handy. Someplace I found a string for the target line that keeps one week of rotating backups. On the 8th day the oldest backup is deleted. It's cool because once you get through the first week the disk space usage you carry is close to constant.
Even if you never shut down you can run it manually. Once the day flips over it will run. If you forget and run it again it just quits with no action.
tomos:
I used use ERUNT on XP - but according to the FAQs page, it will only work if uac is off, so I never bothered with it on Win7
http://www.larshederer.homepage.t-online.de/erunt/faq.htm
IainB:
I used use ERUNT on XP - but according to the FAQs page, it will only work if uac is off...
-tomos (November 03, 2012, 11:28 AM)
--- End quote ---
I didn't know that. I have switched UNC off anyway.
On the subject of malware:
If you are interested in how hijack trojans and botnets can be built, there's a really interesting blog post at the Malwarebyes blog: Citadel: a cyber-criminal’s ultimate weapon?
It describes how to set up and operate CITADEL - a "crimekit" (a tool to develop and implement a cybercriminal botnet) - to do things such as, for example infect other PCs and gather data or launch hijack trojans.
It then covers how MBAM blocks a lot of these nasties, but makes the point that user caution is still advisable, as the technology is becoming increasingly sophisticated. Apparently things like Webinject phishing popups cannot always be detected/blocked, though I think your browser might be able to do something to block spurious third party popups.
-IainB (November 05, 2012, 10:23 PM)
--- End quote ---
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version