saturndude Posted November 27, 2007 Share Posted November 27, 2007 (edited) Where do I find a registry editor that will let me edit the registry of another computer?(not over a network, I have no experience with remote access)Many times, I put a compromised hard disk as a slave drive in another box (sometimes Windows, mostly linux) and I can delete [spyware] files easily. No need for safe mode. I can even research the type of spyware the client has while I'm working.But the client's registry still has references to spyware executables.Basically, I make sure the client's computer has no internet access, then put the "somewhat cleaned up" hard drive back into it. Windows starts well enough to run the registry editor that came with that version of windows (and anti-virus programs). So far, I've been lucky.Spyware is always getting worse. In the future, I might not be so lucky.Any suggestions on registry cleaning programs (other than dedicated programs like hijackthis, crapcleaner, combofix, and so forth)?(Registry cleaners also help remove Uncle Bill's "Bilt-Broken" Java and replace it with Sun's Java product.)I'd really like a registry cleaner that I can run from linux (gui), but I haven't found one yet. Working from within another Windows version (on another PC) would be just fine too. Basically, I'd like to edit the registry of another Windows installation (usually Primary Slave IDE drive).Any suggestions? Thanks in advance. Edited November 27, 2007 by saturndude Link to comment Share on other sites More sharing options...
DigeratiPrime Posted November 27, 2007 Share Posted November 27, 2007 you need to load the registry hive from the hdd you attached. http://technet2.microsoft.com/windowsserve...3.mspx?mfr=truehttp://msdn2.microsoft.com/En-US/library/ms940849.aspxYou can also use a BartPE or similiar windows based live cd on the other machine instead of having to swap around the hdd. http://www.nu2.nu/pebuilder/BTW MS removed their Java VM back when SP1a came out.http://support.microsoft.com/kb/813926 Link to comment Share on other sites More sharing options...
saturndude Posted November 28, 2007 Author Share Posted November 28, 2007 (edited) Thanks, I'll check into those links.BTW MS removed their Java VM back when SP1a came out.And I am sssooooooooo grateful! A friend has had BOTH [un]Cool Web Search AND the byte-verify trojan because of MS Java!The latest PC I'm working on is a 533 MHz Compaq with Windows ME and, you guessed it, MS Java. I predict MS Java will be around for several more years at least. Because people don't know any better.(After this box, I've got another infested box to do, then a guy in church has what sounds like a video card failure, then a friend of a friend wants me to help him build a system. Once people find out how good you are, they seek you out!)Another request:What program should I use to extract Windows cabinet files (other than extract.exe)? Sometimes people have a Windows CD (or "rescue disks"), but they often lose them. Or their hard drive has a different version (or there is no 'precopy' directory, or they blew away their rescue partition, or whatever. Stuff happens). Are the cabinet files all compressed the same way? I think they differ. So is there a way to do a "quick and dirty" extract from a cabinet file from any version of Windows? Edited November 28, 2007 by saturndude Link to comment Share on other sites More sharing options...
DigeratiPrime Posted November 28, 2007 Share Posted November 28, 2007 And I am sssooooooooo grateful! A friend has had BOTH [un]Cool Web Search AND the byte-verify trojan because of MS Java!Just FYI MS was ordered by a court to end their Java VM. The reason people are getting infected these days through Sun Java is every time an update comes out even if you install it it leaves behind the older vulnerable version, so be sure to manually uninstall it. (After this box, I've got another infested box to do, then a guy in church has what sounds like a video card failure, then a friend of a friend wants me to help him build a system. Once people find out how good you are, they seek you out!)About those other things please create new topics for them when appropriate, to avoid getting to off of topic What program should I use to extract Windows cabinet files (other than extract.exe)?I use expand.exe with "tab completion" its fast and easy. I also use UniExtract aka Universal Extractor by Nitro322, look around the forums, to unpack cabs and most other archives. Link to comment Share on other sites More sharing options...
electroglyph Posted November 29, 2007 Share Posted November 29, 2007 check out Registry Workshop if you'll be doing this a lot:http://www.torchsoft.com/en/rw_information.htmlthis is the nicest registry editor i've used, it's search feature is many many times faster than RegEdit and it also supports loading hives Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now