Ideas For Antimalware Tactics

Discussion in 'other security issues & news' started by drhu22, Feb 27, 2014.

Thread Status:
Not open for further replies.
  1. drhu22

    drhu22 Registered Member

    Joined:
    Aug 21, 2010
    Posts:
    343
    Heres my latest... Im anything but knowldgable in coding or antimalware technology but... I have the impression that an important aspect of many(?) vulnerabilities is related to the ability of malware to change settings. If thats right wouldnt encrypting settings help? Just a thought... even if this idea is completely lame, it would be interesting to hear others...

    Anyone else?
     
    Last edited: Feb 27, 2014
  2. drhu22

    drhu22 Registered Member

    Joined:
    Aug 21, 2010
    Posts:
    343
    What about running erdnt on startup?
    Its the recovery part of erunt back up.
     
  3. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    Do you use System Restore already?
     
  4. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    I don't seehow you could encrypt settings without encrypting the rest of the OS. The settings would have to be accessible to the OS and applications so they'd have to be readable for them.

    Regarding backing up with erunt, that could work with registry stored settings provided that you keep the backup up to date. Depending on what file system you use, you do do something similar with a small OS running batch files that's launched from a bootloader.
     
  5. drhu22

    drhu22 Registered Member

    Joined:
    Aug 21, 2010
    Posts:
    343
    I keep paragon backups handy... system restore is turned off.
    Erdunt is very fast though... and it it seems like it could be easy to implement. there are always other considerations. Maybe Lars Hederer could help?

    By the way thank you for the respectful intelligent reply... I am no genius regarding software... re your first point: Can you make communication between system and application exclusive?
     
    Last edited: Mar 8, 2014
  6. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    He wasn't the only one !
     
  7. drhu22

    drhu22 Registered Member

    Joined:
    Aug 21, 2010
    Posts:
    343
    Hello to noone_particular
     
  8. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    You're welcome :).

    When I used XP, I had erunt back up the registry upon system startup. With Win 7, I don't do that anymore. Nowadays, I just revert to a previous image if I'm having problems. My documents are stored on a different partition.

    Regarding your other question, can you give an example of a setting that you had in mind?
     
  9. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    I do much the same using batch files launched from Win98 during startup, except that I included the user autostart folders and core system files. On a virtual system, I was able to copy and move files fromDOS on an NTFS formatted XP unit using NTFS for DOS. I don't know if that utility will work on Vista and newer versions of Windows. It should be possible to replace the Windows registry files with backup copies from a Linux or DOS live CD. Automating the process would probably require a bootloader and a 2nd OS that will run the commands automatically as batch files. Running ERUNT from another OS might be possible as well, depending on what command line parameters it will accept.

    As a side note, if you're going to take the time to set up an automated registry restore for an NT system, you might also consider cleaning, compacting, and removing all of the MRUs from that backup registry. Keep an ERUNT copy of your as-is registry in case the cleaning process causes problems.
     
Thread Status:
Not open for further replies.