How to Edit Windows Registry Using Ubuntu?

Edit Windows Registry Using Ubuntu

Disclosure: This post may contain affiliate links. We receive a small commission at no extra cost to you when you make a purchase using some of our links.

Once you hit by any computer virus, there is a possibility for a  corrupted Windows registry or modified by the virus. You will be stuck with that point, and you won’t be able to boot to Windows or edit the registry from Windows. Most of the time, it won’t allow you to execute Regedit command from your affected PC. One of the best solutions is to use a Linux thumb drive to temporary boot on your PC, access your Windows registry and modify it.

Let us see how to modify the Windows Registry using Ubuntu from an external USB without harming the Windows OS installation.

Editor’s Note: If you don’t have a bootable Linux USB, please scroll down for the guide to create a Live Ubuntu Thumb Drive. 

How to Edit Windows Registry Using Ubuntu from a Live USB

Linux is offering a fantastic utility named chntpw, which was originally designed to reset passwords, and then acquired the registry editing ability. You can use chntpw to edit your Windows registry, and it is coming with free Ubuntu OS.

Edit Windows Regsitry using Ubuntu

Here are the steps to reset the password using the Ubuntu OS CD.

  1. Boot from a LiveCD (you can create from downloading ISO files from Ubuntu website) one or install a second system Ubuntu.
  2. Install chntpw utility:
    sudo apt-get install chntpw
  3. Find the Windows partition:
    sudo fdisk -l
  4. Assume it is on /dev/sda2. Next step is mounting of the partition:
    sudo mkdir /media/windows
    sudo mount /dev/sda2 /media/windows
  5. Edit Windows registry now
    chntpw -l /media/windows/Windows/system32/config/software
  6. Move to registry branch you need, for example:
    cd Microsoft\Windows NT\CurrentVersion\Winlogon
  7. And edit a key, for example:
    ed Shell

Just cite the places in the registry where they can hide a record of running viruses:

HKCU\Software\Microsoft\Windows\CurrentVersionRun
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersionRun
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersionWinlogonShell
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersionWinlogonNotify
 HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersionWinlogonUserinit
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersionExplorerSharedTaskScheduler
HKLM\SOFTWARE\Microsoft\WindowsCurrentVersionShellServiceObjectDelayLoad

The default values in Regedit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersionWinlogon]
"Shell" = "Explorer.exe"
"Userinit" = "C:WINDOWSsystem32userinit.exe"

Check Explorer.exe file for the double presence, the right place for the file in Windows but not Windows > System32.

Turn off your Ubuntu, after this procedure and remove the USB drive from Windows Machine. Now restart Windows and make sure the Windows is loading properly without any issues. Good Luck!

Create a Live Ubuntu Thumb Drive

Now, your Windows PC is obviously not booting so you can’t use it to create a live Ubuntu USB. You may have to borrow a friend’s or use another PC you may have around.

  1. Download any version of Ubuntu (preferably the latest) from their official website.download Ubuntu image
  2. Download Rufus. Rufus is a utility that helps create bootable USB flash drives, such as USB keys/pen drives, memory sticks, etc.
  3. Insert a USB drive into the PC with 4GB or more capacity. This should be the USB drive you will use to boot Ubuntu and edit Windows registry.
  4. Launch Rufus.
  5. Select your USB drive from the Device drop-down menu.
  6. Next, click SELECT then navigate to and select the downloaded Ubuntu image file. Create booteable Ubuntu USB to edit Windows registry
  7. Make sure all the other options are as shown in the screenshot above.
  8. Click START.
  9. You may be asked to download additional Syslinux files, choose Yes.
  10. Then you’ll see a ISOHybrid image detected warning. Choose to Write in ISO Image mode (Recommended) and click OK.

Rufus will take some time to copy all the necessary image files to the USB drive. You can track the progress from the progress bar. When it’s complete, click CLOSE and remove the USB. Now you have a bootable Linux OS in your USB drive.

Repair Windows Registry with Linux Live USB

You did the Windows registry fix from Linux OS. Now you can boot back to Windows, and make sure Windows is loading. Before you start using the Windows, you have to run all possible scan to makes sure that you completely removed the malware or virus affected in your system. Please use some virus scanner and antimalware tools to clean up the Windows System.

2 COMMENTS

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.