Jump to content

What is your Security Setup


Humpty

Recommended Posts

  • Moderators
I'm a bit confused though. If Erunt only backs up the registry, wouldn't you still be left with the programs/system files that caused the problem in the first place after you had restored it? Could you then just delete/unistall the offending files as normal even if the registry settings don't tally with the system files.?

ERUNT in my opinion is best used for software removal in this scenario:

  1. You've already uninstalled the software.

  2. You wish to restore the registry to a time before the software was installed.

    Note: Unprotected system files that have been updated with more recent versions aren't typically a problem - unless they're broken.

  3. If System Restore fails to restore your computer!

 

Link to comment
Share on other sites

  • Moderators

Did you install those apps on Returnil by the way?

 

Cannot remember if you have vista Dennis, but if you do you can do a system restore in safe mode and you may not get that "settings not changed" then. (I've been reading again!)

 

You can also use safe mode in xp as well for sys restore.

 

Support contact

https://support.ccleaner.com/s/contact-form?language=en_US&form=general

or

support@ccleaner.com

 

Link to comment
Share on other sites

  • Moderators
The three last occasions I've tried System Restore, today being the latest, I've been told that my system hasn't changed.

 

I tried to go back a month, having installed half a dozen apps since then, but it wouldn't have it.

 

I'd like to disable it this time, as there's no benefit coming from it.

 

Is there any other purpose to system restore apart from not restoring your system?

;)

With the explanation you've given I'd almost think it's broken on your system - that being a complete assumption (right or wrong), or the changes in your system were vast enough that it would fail no matter what.

 

I've had it fail on me due to the system changes being more than it could handle. Even worse System Restore once made my system completely unbootable in Normal Windows Mode and put me in a real pickle because I couldn't even load the Normal Windows Mode and instead had to go into Safe Mode after something went drastically wrong all on it's own with an ATI display card driver installation - not even ERUNT helped in that situation.

Link to comment
Share on other sites

  • Moderators
Did you install those apps on Returnil by the way?

 

Cannot remember if you have vista Dennis, but if you do you can do a system restore in safe mode and you may not get that "settings not changed" then. (I've been reading again!)

 

You can also use safe mode in xp as well for sys restore.

 

Just installed them as normal, using Zsoft to track the install. Try the stuff first with Returnil, and if I like the program I reboot and install normally.

 

When I first started using Returnil, after rebooting to get rid of something, I searched the registry for any traces of it, although I knew there shouldn't be any, and it does as it says, nothing goes onto your hard drive.

 

So in the last month I've installed Adobe Reader 8.1, Karens backup app :) , Spyware Blaster, MedaJoin, AudioGrabber, Sensorview Pro, Digital Guitar Tuner, Burrrn, Panda AntiRootKit, IObit Smart Defrag, Ultra Defrag, Photo Commander.

 

And System Restore tells me my system hasn't changed. ;)

 

Windows XP installed, and I tried System Restore in safe mode. Still wouldn't have it.

 

Edit: Tried System Restore in stages. Went back a through restore points from a couple of days ago to about a month.

Link to comment
Share on other sites

  • Moderators
You may have more success using the command prompt in safe mode for the restore, some have. Something to keep up your sleeve anyway.

 

http://support.microsoft.com/kb/304449

 

Thanks Hazel, I'll bear that in mind, and apologies to you guys for going off topic for so long in this thread.

 

Fingers crossed, everything working ok for now.

Link to comment
Share on other sites

... And System Restore tells me my system hasn't changed. ;) ...

Is the message "Restoration Incomplete - Your computer cannot be restored to: <date> <restore point label> - No changes have been made to your computer."?

 

If so, it means the attempt did not succeed in making any changes, not that there weren't any changes since the restore point was created.

 

The message usually means a corrupt restore point but it can also mean that one or more registry keys is locked to prevent change. Do you have any security (anti-virus/anti-spyware) that protects registry keys on startup? If so, try disabling it before running restore. Alternatively, something like Sysinternals Process Monitor may show if something is locking the registry.

Link to comment
Share on other sites

  • Moderators
Is the message "Restoration Incomplete - Your computer cannot be restored to: <date> <restore point label> - No changes have been made to your computer."?

 

Alternatively, something like Sysinternals Process Monitor may show if something is locking the registry.

Hi Glenn, I could be completely wrong here, but I recollect the message as saying "cannot be restored to ***, because no changes have been made to your system".

 

Two completely different meanings, and I aint running it again to find out if I was reading something that wasn't there.

 

Thanks for the info, I will check it out, but truth be told I don't trust this feature, and would rather do a reinstall and start with a clean slate.

 

Hazel gave me a forum to check out, and when I see the problems System Restore can cause, and being fortunate enough to have a recovery partition, a reinstall is definitely my preferred option.

Link to comment
Share on other sites

Not particularly about securing programs from malware, but for securing a Laptop's info in case of theft or even a desktop's in case of burglary:-

 

TrueCrypt

 

I keep my personal or sensitive material in TrueCrypt encrypted folders or partitions which are open when I am using them but revert to encrypted when I want, or when I switch off.

 

If I lose my computer I may have lost the hardware and maybe the files and work since my last backup, but that's all. No identity theft or loss of sensitive information. It's there alright, but they CAN'T read it.

You CAN lose your dog because it got loose.

You CANNOT loose your dog because it got lose.

Spot the difference?

Link to comment
Share on other sites

  • 4 weeks later...

This is mine with a defense in depth strategy:

 

1. Hardware network address translation running private network IPs (192.168.1 etcetc)

2. Hardware stateful packet inspection firewall with block all incoming as default

3. Vista x32 on all machines in the private network which is far more secure than XP SP2 and stats show actually has less unpatched and patched security issues than macosx and common linux distros for the same time period

4. Onecare 2.0 beta software firewall/antimalware (cos its free, Im on MS's beta connect program and its lightweight). Yes the detections arent as good as competitors but MS has a proven track record of eventually winning the market. For awhile I used kaspersky but its not lightweight and I dont want to bog down my systems.

5. Kaspersky online scanner for when Im suspicious and weekly routine scans (never found anything)

6. Ad-aware 2007 free but Ive never found anything

7. Various defense in depth configuration items with my vista builds such as email all set to plain text

8. The users of these machines are all wintel experts and operate under least priveldge user accounts (probably the best security there is being educated operators

9. Amongst other MS mail I subscribe to their security bulletins. Im also on securina and other security lists and I also use the securina security scanner that has reminded me to update things like adobe flash player where I had old revisions with a possible threat vector (but again due to using IE7 in protected mode with memory protection that threat vector is effectively closed anyway) http://secunia.com/software_inspector/

 

The most Ive ever gotten is random port scans on the wan boundary. I consider it very very unlikely I could ever have an external threat effect my network except for a DOS attack which again is very very unlikely and I have upstream service provider filtering going on to some extent on that so it would take alot to flood their carrier grade switches before it even got to my wan.

 

For internal security I run hardware raid 5 on bitlocker and TPM and a USB certificate dongle (requires vista sp1 beta). All volumes have strong encryption. We also have no CRTs as it is well known that the technology exists to remotely read CRTS even through walls (why someone would do that to me I have no idea but we have lcds as a rule). We dont use group policy to block out usb or external media but the user base is trusted.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.