Of Windows and Corrupted Registry Entries
The Windows Registry can be best thought of as the universal book that all applications look to when requiring system-wide information. User specific configuration information, universal networking settings, and application display preferences are all examples of the vital information stored in the Windows Registry. For this reason, many adware and malware applications target the system registry when infecting a system. Virus writers often use the registry to mask their application’s true location and embed their code further into the system. Additionally, since so many applications are constantly accessing and modifying the Windows Registry, problems often arise.
Since the registry contains such vital system information, Windows will often fail to boot properly if registry data is corrupt or missing. Typically, Windows’ built-in recovery and repair tools can identify and eradicate or modify the corrupted entries for you, but occasionally the system is incapable of removing information maliciously planted by a virus or other application. Using a free and open source Linux distribution designed to run as a Live (temporary operating system loaded into RAM) environment, you can diagnose and repair registry problems manually. Creating a Live boot disk is simple using your system’s built-in CD burning tools. The only draw back is that the recovery process is not automated, so you will need to know the corrupted registry keys and what to change them to before attempting to use Linux to repair the corrupted or infected entries.
Choosing Your Linux Live Distribution
The first step to creating your Linux Live repair and recovery boot disk comes in the form of a decision. You need to decide on which distribution will be best for your set up. A Linux Mint or Ubuntu Live CD is probably the most common and popular since Linux Mint’s hardware recognition is phenomenal and Ubuntu, Linux Mint’s source distribution, is one of the most popular Linux desktop distributions world wide. Some users also prefer Fedora or openSUSE as well. If this is your first time with Linux, you may want to use Linux Mint for the easy set up and near-automatic configuration. More advanced users looking for a distribution with a registry editor already installed may want to try BackTrack Linux, also based on Ubuntu.
Once you have decided, head to the distribution’s website and download their Live ISO disk image. The image will take close to an hour or more, depending on your Internet connection, since most ISO images are close to 700Mb or more. If you only have a CD burner, you may want to look for a sub-700Mb ISO image since CD-Rs cannot hold over 700Mb of data.
Creating the Bootable Live Disk and Installing Registry Recovery Software
When your download has finished, use your operating system’s disk authoring application to burn the ISO image to a disk. If you are using Microsoft Windows and do not have a third-party disk burning application, then you will not have support for working with ISO images. Luckily, there is a “power toy” suggested by Microsoft for working with disk images called ISO Recorder. You can burn ISO images to CD-Rs if they will fit, or DVD-Rs for the larger images.
Restart the computer with a corrupted registry, with the Linux boot disk in the drive, and press the motherboard manufacturer’s boot menu key, then select your disk drive from the list. The boot menu key will often be “F2”, “F10”, or “Delete”, but varies between manufacturer and firmware version. Some manufacturer’s may not even include a boot menu. In such a case, press the corresponding key to enter the BIOS, then edit the boot order to place your disk drive ahead of all other devices. All of these keys are displayed at the bottom of your screen during the Power-On Self-Test (POST) portion of your boot sequence, the part that happens just before the system beep.
Once you have booted into the Linux boot disk, launch the system’s software repositories. On Linux Mint or Ubuntu you will need to find the Synaptic Package Manager while under other distributions you may need YaST2 or another option. Each distribution varies based on the developer’s preferences. Use the package manager to search for and install the “chntpw” application, a registry editing tool for Linux. Since this is a Live distribution, loaded into RAM, this application will disappear with each reboot of the Live disk. You will need to install chntpw each time you want to use the application.
Using Linux Registry Recovery Software
Siince your Microsoft Windows instance is not currently loaded, chances are likely that the Linux boot disk will be unable to see the Windows partitions. Under Ubuntu you can click the “Places” button from the top of the desktop, then select your Windows hard drive from the list to mount the drive for use. Under other distributions you will need to open a file manager and select the Windows drives or partitions from a list. Once your drives are mounted, you can move on to setting up chntpw for use.
The chntpw application does not have a graphical interface, so you will need to use the program from the Linux terminal. Use the file manager or Places menu, for Ubuntu, and open up your Windows hard drive or partition. Navigate to the “Windows\System32\config” folder, then right-click and choose “Open Terminal Here” from the context menu. Type “chntpw -l software” to access the Windows registry. Then navigate to the key you need to edit by using the “cd” command to navigate the directory tree. Finally, use the “ed” command to edit registry entries on the spot. You can exit chntpw once you are done to complete the changes.
The primary alternative for recovery and repair boot disks would be the Linux Live USB. Just like the Linux boot disk, a Live USB boots in the exact same way, but uses a spare USB flash drive instead of a CD- or DVD-R. Creating Live USB flash drives used to be more difficult on Microsoft Windows, but programs such as Unetbootin make imaging USB flash drives with a recovery image incredibly easy.
As another alternative, the chntpw application developers provide a bootable recovery disk of their own for use with chntpw that requires less of a download than a full Linux boot disk, but can do far less. Finally, there are alternative recovery and repair disks such as the Ultimate Boot CD or Hiren’s that provide extra, Windows oriented tools right out of the box. Both are available free for download like their Linux counterparts.
This post is part of the series: Linux Recovery Tutorials
Learn how to use the free and open source operating system, GNU/Linux, to analyze, recover, and repair your computer. Using Linux’s free utilities you can fix lost partitions, resurrect deleted files, and repair seemingly unrepairable hard disks.