Link to home
Start Free TrialLog in
Avatar of mickn66
mickn66

asked on

Is it possible to edit registry on dual boot computer from other boot?

Hi.  I have a dual boot system.  One of my boots (boot 1 we'll call it) has some malware that I'm having trouble getting rid of. (see https://www.experts-exchange.com/questions/21580794/Spyware-Wintools-Websearch-Websearch-Wintools.html for more info)

I know at least some of the registry entries for this malware, but when I try to delete them or edit them in regedit I get an error message saying it couldn't be deleted.

Is it possible for me to boot up to the other system  (boot 2) and edit Boot 1's registry?  Thanks
Avatar of LeeTutor
LeeTutor
Flag of United States of America image
If the other system (boot 2) also has Windows XP, it is possible.  Boot up in a parallel copy of XP.

Open REGEDIT

If the information you want to access was in HKEY_CURRENT_USER: Highlight HKEY_USERS, choose "Load hive" from the File menu, open

C:\Documents and settings\<UserProfileName>\ntuser.dat.

When asked for a name, choose "OldProfile" (or whatever other easily remembered name you choose).  Access/backup the keys you're interested in. Once you're done, highlight the "OldProfile" key, choose "Unload hive" from the file menu.

If the information you want to access was in HKEY_LOCAL_MACHINE\System or in HKEY_LOCAL_MACHINE\Software: Highlight HKEY_LOCAL_MACHINE, choose "Load hive" from the File menu, open

C:\Windows\system32\config\system

or

C:\Windows\system32\config\software

(no extension). When asked for a name, choose "OldSystem" or "OldSoftware" (or whatever). Access/backup the keys you're interested in. Once you're done, highlight the "OldSystem" or "OldSoftware" key, choose "Unload hive" from the file menu.

Of course, in the above, you might need to change "C:" to some other drive letter, depending upon what partition "boot 1" is on...
Avatar of sramesh2k
sramesh2k
Flag of India image
See also:

How to edit the registry offline using BartPE boot CD ?:
http://windowsxp.mvps.org/peboot.htm
Avatar of mickn66
mickn66

ASKER

Thanks Lee and sramesh2k - My boot one is in fact c: and boot 2 is e: for some reason.  I have heard of BartPE but since I have a dual boot I thought it might be easier this way.  I'll give this a shot and let you know how it worked.
ASKER CERTIFIED SOLUTION
Avatar of stewartacampbell
stewartacampbell
Flag of United Kingdom of Great Britain and Northern Ireland image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of mickn66
mickn66

ASKER

Stewart you just solved my problems.  All I needed to do was change the permissions - I didn't add my username, because I'm the only user and am the administrator - for some reason the administrator account didn't have full permissions.  So I fixed that and then I deleted the registry keys and low and behold the spyware is gone.  Thank you and thank everybody else for helping.