Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I want to look at a bootable drive as a slave


  • Please log in to reply
No replies to this topic

#1 PetarSickey

PetarSickey

  • Members
  • 151 posts
  • OFFLINE
  •  
  • Local time:10:12 AM

Posted 28 November 2011 - 12:15 PM

I have a fairly benign but nevertheless troublesome virus/malware. I have taken the drive out of the computer and mounted it
as a slave in another machine that has a bootable master (both are Windows XP). My original thought was to just turn the computer
on and boot, then find the registry on the slave drive, issue the command regedit [options] filename (filename on slave), and then
hack the bad keys out, delete some files on the slave, then put it back in the original computer, and it should be ok (of course
I need to change the jumper back to single).

My fear is that I will lose the boot sector's information. I just am not sure what to do - is this a good approach.

By the way, I have often used tools such as Ultimate Boot, HD Clone, etc.., and simply booted the CD and then examined drives. I like this
because, then there is no Windows at all.

Just curious, should I use the Windows approach or should I boot to Ultimate CD and delete the files and hack the registry there.

Keep in mind that the registry file .reg is really pretty much just a text file. I would probably open it in Linux even without any
sophisticated tool. I realize I should make a backup of the registry file first.

Just curious what you think I should do?

Thanks.

Edited by hamluis, 28 November 2011 - 01:10 PM.
Moved from XP to Am I infected.


BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users