Re: Safe editing of the registry--need very explicit guidance
From: Kent W. England [MVP] (kwe_at_mvps.org)
Date: 06/22/04
- Next message: jennifer: "password to log onto computer... help"
- Previous message: Kent W. England [MVP]: "Re: Creator Owner Permissions"
- In reply to: 1940 LaSalle: "Safe editing of the registry--need very explicit guidance"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 21 Jun 2004 19:35:33 -0700
1940 LaSalle wrote:
> I may have a virus that hides a couple of IE 6 options,
> and I may have to edit the registry to get rid of it.
> (This is the Java JJblack Trojan virus, as best I can
> figure out.)
>
> What do I do to ensure that this exercise doesn't become
> another horror story? I'm not even sure how I go about
> backing up the registry, which I'm told is a "must do"
> step.
If you are going to change or delete a key, then export that key to a
.reg file so that you can restore it later. In addition, make a system
restore point so that if you delete a key that prevents Windows from
working properly (but still it boots) you can use your restore point as
a brute force alternative to importing your saved registry keys.
You should also run NTbackup and make a system state backup that will
save your registry hives inside the Windows folder. Then if XP doesn't
boot at all, you can use Recovery Console to copy those backup hives
over the damaged hive(s). If you don't do this, you can still
laboriously extract your last restore point from the SVI folder, but it
is a real PITA.
-- Kent W. England, Microsoft MVP for Windows Security
- Next message: jennifer: "password to log onto computer... help"
- Previous message: Kent W. England [MVP]: "Re: Creator Owner Permissions"
- In reply to: 1940 LaSalle: "Safe editing of the registry--need very explicit guidance"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
