MMVP Castner's "FixPolicies" vs Dial-a-Fix's "Policies - PCWiki
 |  RSS
Subscribe to magazine
Personal tools

PC World Documents

Views

MMVP Castner's "FixPolicies" vs Dial-a-Fix's "Policies

From PCWiki
Jump to: navigation, search


grin.gif Hi All :


Microsoft Most Valuable Professional Bill Castner, also a Moderator on the Aumha.net Support Forums, has


created a "FixPolicies" program ( actually a batch file ) to "correct" some problems involving the Windows OS.


His "program" is in contrast with Dial-a-Fix's "Policies" section . I asked about the 2 & he posted the following :


"My "FixPolicies" is the result of compiling a list of the registry tattoo entries -- Group Policy or not -- that are set by malware. I looked at the Sophos and Symantec details on hundreds of common trojan, worm and assorted malware changes to the registry. I add to the list monthly. Less than 5% of the registry entries are Group Policy objects. Many deal with aspects of the GUI interface, and are not Group Policy objects and not configurable through gpedit.msc. What dial-a-fix does or does not do in its Policy section, I really do not know. It states in its documentation that it looks at 146 entries, but says nothing else.

If "Dial-a-fix" was sufficient to revert the effects of most current malware, I would not have written "FixPolicies." But it is not. For one thing, it depends on native registry tools. These are often the first thing that malware denies a user. Furthermore, it is not Group Policy that is the main focus of a malware attack, but rather the GUI. To illustrate one area covered by "FixPolicies" -- there are nearly 48 registry entries that control what a user can do through the GUI for "Hidden Files and Folders." None are Group Policy objects. "FixPolicies" will set these to the XP defaults. I very serioiusly doubt "dial-a-fix" even treats that area of the registry.

An example: one common malware trick is to change the registry entry for a radio box selection to the REG_SZ value of "Group" rather than its default of "Radio". This completely blocks any user attempt to set Hidden Files and Folders to show. This is not a Group Policy object, and I seriously doubt it is part of "dial-a-fix" to fix.

The only use in the past I have made for "Dial-a-fix" was to either register DLLs, or attempt a repair of the Windows Installer. I have had some luck with the first, and no luck with the latter. I rarely recommend the use of the tool, but have no particular feelings about it one way or another.

Finally, I did not distribute publicly "FixPolicies" until late 2007. Please do not confuse the use of the word "Policies" in the name as indicating Group Policies. It does not. "FixPolicies" is written as a batch file so as to make it transparent to all. In addition, as the most common malware policy block is on the use of registry tools, I obviously could not just write a .REG file to accomplish my ends. I orginally wrote the application in VBS for both reasons, but found it easier to maintain as written in its current form. It is currently downloaded nearly 30,000 a month. So I believe it is helping folks. "


When Mr. Castner is helping people, usually with some Malware Issues, he usually says the following :


" Download to your Desktop *FixPolicies*.exe, a self-extracting ZIP archive from here: .exe

  • Double-click *FixPolicies*.exe.
  • Click the "Install" button on the bottom toolbar of the box that will open.
  • The program will create a new Folder called *FixPolicies*.
  • Double-click to Open the new Folder, and then double-click the file within: Fix_Policies.cmd.
  • A black box will briefly appear and then close. You can ignore any warnings or error messages. This will enable your Control Panel and stop the Administrative warnings, at least until the malware infection resets the registry policy keys again. You can run this as many times as you like . "
Name City
Address 1 State Zip
Address 2 E-mail (optional)