|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [PLUG] Edit Windows Registry from Linux LiveCD?
|
The reason that I clean out all the temp files when removing this scamware is that's the location of the reinstall files. If you remove all temp files, it doesn't matter that there are registry entries. You'll get dialog boxes complaining that the exe can't be found, but at least you'll be able to run the registry fix and run regedit. After you run your antimalware cleaner, do a manual sweep through the registry using the find feature and you'll turn up a ton of entries for Fixzilla, AV2009 and whatever else they've renamed it to.
Steve
On Sunday 10 January 2010 12:02:36 Edmond Rodriguez wrote:
> I have helped with removing malware on a few machines. It seemed to me
> that once the executable was removed, the registry did not matter so much,
> though it did need to be cleaned up. But in my case, I was able to boot
> Windows from the very start.
>
> So what is the danger if any, of using Linux to remove the executables ,
> then trying to reboot windows, and if it boots, using the Windows tools to
> clean up the registry. Perhaps that is out of the question, since trying
> to boot never even got to the point of running the malware executable?
>
some of these nasty extortion-ware programs keep hidden re-install
instructions in the registry so that removing the executable only solves the
problem until the next boot and auto reinstall.
--
Art Alexion
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|