BleepingComputer.com: I want to look at a bootable drive as a slave

Jump to content

Forum Rules

When posting your problem, do not run and post a ComboFix log. ComboFix is a tool that should only be run under the supervision of someone who has been trained in its use. Using it on your own can cause problems with your computer. Any posts containing CF Logs will be ignored.

To receive help, you should instead provide a detailed description of your problem, detailed word-for-word error messages that you are receiving, screenshots of strange behaviour, and your operating system. This information is much more useful to our helpers than a ComboFix log.

If you have not received help after three days, please post a link to your topic HERE.
Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

I want to look at a bootable drive as a slave Mounting bootable as slave

#1 User is offline   PetarSickey 

  • Member
  • PipPip
  • Find Topics
  • Group: Members
  • Posts: 16
  • Joined: 17-August 09

Posted 28 November 2011 - 12:15 PM

I have a fairly benign but nevertheless troublesome virus/malware. I have taken the drive out of the computer and mounted it
as a slave in another machine that has a bootable master (both are Windows XP). My original thought was to just turn the computer
on and boot, then find the registry on the slave drive, issue the command regedit [options] filename (filename on slave), and then
hack the bad keys out, delete some files on the slave, then put it back in the original computer, and it should be ok (of course
I need to change the jumper back to single).

My fear is that I will lose the boot sector's information. I just am not sure what to do - is this a good approach.

By the way, I have often used tools such as Ultimate Boot, HD Clone, etc.., and simply booted the CD and then examined drives. I like this
because, then there is no Windows at all.

Just curious, should I use the Windows approach or should I boot to Ultimate CD and delete the files and hack the registry there.

Keep in mind that the registry file .reg is really pretty much just a text file. I would probably open it in Linux even without any
sophisticated tool. I realize I should make a backup of the registry file first.

Just curious what you think I should do?

Thanks.

This post has been edited by hamluis: 28 November 2011 - 01:10 PM
Reason for edit: Moved from XP to Am I infected.

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users