How to modify a computer's offline registry from WINPE?

windows regedit winpe

I need to make changes on my registry without using the OS software, and need to do it with WINPE. However when WINPE is ready to work and I am trying to open regedit.exe it shows me only current OS information, actually the WINPE information.

So how to use WinPE as an offline registry editor?


Load the necessary registry hives:

  • in Registry Editor (regedit), select either HKEY_LOCAL_MACHINE or HKEY_USERS, then click File → Load Hive, open the hive file, and input a temporary name for it;

  • in command line, use reg load HKLM\temp-name path-to-hive
    or reg load HKU\temp‑name path-to-hive.

The hive files are located in:

  • most of HKEY_LOCAL_MACHINE corresponds to files in %SystemRoot%\system32\config:
    • HKLM\SAM – file SAM
    • HKLM\SECURITY – file SECURITY
    • HKLM\Software – file software
    • HKLM\SYSTEM – file system
    • the special "system" user's registry (e.g. login screen, etc.) – file default
  • each user's personal registry (i.e. their HKEY_CURRENT_USER) is located in file NTUSER.DAT in their profile directory (e.g. C:\Users\grawity\NTUSER.DAT);
    • however, HKCU\Software\Classes is stored in the file AppData\Local\Microsoft\Windows\UsrClass.dat.

A list of currently loaded hives is at HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\hivelist.

Related

Windows desktop background: how to have system info displayed
Free and easy alternatives to Ghost? [closed]
Is UPS necessary to have for a PC?
NTFS Permissions - Create Files and Folder but prevent Deletion and Modification
How can I install Windows 7 without dvd or usb, on linux?
Outlook 2003: how to forward messages and not lose the sender/recipient email addresses
Use PC internet on mobile phone via bluetooth
Shutdown without sudo user password in ubuntu
How do you hide Windows 7 Explorer Toolbar and Property Bar?
4.00GB (3.25GB usable) in Windows 7 x64
UAC being turned off once a day on Windows 7
How do I autohide the top panel in Unity?