Use a Windows Restore Point for Windows Repair Using an Ubuntu Live-CD
----------------------------------------------------------------------

1.  Boot into your Ubuntu LiveCD on the offending machine.  See Note 2 at the bottom for Windows Vista

2.  Navigate to the Windows drive and open the Windows Folder

3.  Create a folder named tmpbk        # Purpose:  backup the existing Windows registry

4.  Copy the following to that tmpbk folder:

    c:\windows\system32\config\system
    c:\windows\system32\config\software
    c:\windows\system32\config\sam
    c:\windows\system32\config\security
    c:\windows\system32\config\default

5.  Navigate to the System Volume Information folder  (will need to show all files)

    Note This folder contains one or more _restore {GUID} folders 
    such as "_restore{87BD3667-3246-476B-923F-F86E30B3E7F8}".
    There may be one or more folders starting with "RPx under this folder. These are restore points. 

6.  Open a non-recent Snapshot subfolder at the following location: 
    C:\System Volume Information\_restore{D86480E3-73EF-47BC-A0EB-A81BE6EE3ED8}\RP1\Snapshot

7.  Create a folder named tmpnew in the Windows folder        # Purpose: restore point's Windows registry

8.  From the Snapshot folder, copy the following files to the tmpnew folder:

    _REGISTRY_USER_.DEFAULT 
    _REGISTRY_MACHINE_SECURITY 
    _REGISTRY_MACHINE_SOFTWARE 
    _REGISTRY_MACHINE_SYSTEM 
    _REGISTRY_MACHINE_SAM

9.  In the tmpnew folder, rename the files as follows:

    _REGISTRY_USER_.DEFAULT          to      DEFAULT 
    _REGISTRY_MACHINE_SECURITY       to      SECURITY 
    _REGISTRY_MACHINE_SOFTWARE       to      SOFTWARE 
    _REGISTRY_MACHINE_SYSTEM         to      SYSTEM 
    _REGISTRY_MACHINE_SAM            to      SAM 

10. Copy the 5 files (DEFAULT, SECURITY, SOFTWARE, SYSTEM, SAM) to c:\windows\system32\config\
    overwriting the existing corrupted registry.

11. Dismount the Windows drive, exit Ubuntu and reboot the computer to Windows.


Note 1:  These instructions 1-11 assume that a useful restore point exists.  Malware may have removed them.

If necessary, a Clean, Windows-install registry is found at:

    c:\windows\repair\system
    c:\windows\repair\software
    c:\windows\repair\sam
    c:\windows\repair\security
    c:\windows\repair\default

Note 2:  Windows Vista appears to have the backup registry in:

    C:\windows\system32\config\regback\software
    C:\windows\system32\config\regback\system
    C:\windows\system32\config\regback\Sam
    C:\windows\system32\config\regback\security
    C:\windows\system32\config\regback\Default