Sign in with
Sign up | Sign in
Your question

Scan An External Registry For spyware?

Last response: in Windows XP
Share
June 12, 2010 10:03:19 PM

Yesterday, I worked on several computers at someone else's house. One computer was infected with ad-ware type stuff (pop ups, search 'helpers,' lag, etc.) and I didn't have time to do a thorough scan there, so I brought the hard drive home with me and connected it to my computer as a slave. An anti-virus scan found nothing. I feel pretty sure that a spyware/adware scan will find plenty. However, I've not been able to find a program that will scan this foreign registry. As far as these programs are concerned, it doesn't exist until it is the active registry on the boot drive.

Can this be done? Can I scan this registry without booting to the drive?
a b 8 Security
June 12, 2010 10:38:30 PM

Clay201 said:
Yesterday, I worked on several computers at someone else's house. One computer was infected with ad-ware type stuff (pop ups, search 'helpers,' lag, etc.) and I didn't have time to do a thorough scan there, so I brought the hard drive home with me and connected it to my computer as a slave. An anti-virus scan found nothing. I feel pretty sure that a spyware/adware scan will find plenty. However, I've not been able to find a program that will scan this foreign registry. As far as these programs are concerned, it doesn't exist until it is the active registry on the boot drive.

Can this be done? Can I scan this registry without booting to the drive?



No. There are programs that will allow registry access without running the particular Windows installed on the drive, but they don't make the registry available to other 3rd party programs to scan/analyze the registry.

Put the drive back in it's home machine and scan the logged-on install of Windows.
a b 8 Security
June 13, 2010 9:43:23 AM

Clay201 said:
Yesterday, I worked on several computers at someone else's house. One computer was infected with ad-ware type stuff (pop ups, search 'helpers,' lag, etc.) and I didn't have time to do a thorough scan there, so I brought the hard drive home with me and connected it to my computer as a slave. An anti-virus scan found nothing. I feel pretty sure that a spyware/adware scan will find plenty. However, I've not been able to find a program that will scan this foreign registry. As far as these programs are concerned, it doesn't exist until it is the active registry on the boot drive.

Can this be done? Can I scan this registry without booting to the drive?



Of course you can - MalwareBytes and all the other trusted scanners will scan the Registry along with the rest of the installation. The Registry is made from files contained in C:\Windows\System32\Config and so long as you don't exclude that folder, any scanner will find its way there. You don't need to see it in Regedit format to be able to clean it up.
!