File Name: offlinereg
File Submitter: erwan.l
File Submitted: 10 May 2013
File Updated: 02 Mar 2019
File Category: Tools
Edit : an old thread but this tool was never posted to the downloads file on reboot.pro. Now catching up...
Based on MS WDK (http://msdn.microsof.../ee...7(v=VS.85).aspx), I wrote a command line tool that will allow one to read and write to an offline registry hive.
Command line usage :
OfflineReg a_hive_file a_key_path a_verb [a_value_name] [a_value]
Main Usage : OfflineReg hivepath keypath verb argument(s)
Example : OfflineReg "c:\temp\system" a_key_path getvalue a_value_name
Example : OfflineReg "c:\temp\system" a_key_path getvalue a_value_name
Example : OfflineReg "c:\temp\system" a_key_path setvalue a_reg_sz_value a_new_value
Example : OfflineReg "c:\temp\system" a_key_path setvalue " " a_new_value -> will set default key
Example : OfflineReg "c:\temp\system" a_key_path setvalue a_reg_dword_value a_dword_value 4
Example : OfflineReg "c:\temp\system" a_key_path setvalue a_reg_qword_value a_qword_value 11
Example : OfflineReg "c:\temp\system" a_key_path setvalue a_reg_binary_value 0a,0b,0c,0d,0e,0f 3
Example : OfflineReg "c:\temp\system" a_key_path setvalue a_reg_multi_sz_value "blah blah blah" 7
Example : OfflineReg "c:\temp\system" a_key_path setvalue a_reg_expand_sz_value "blah blah blah" 2
Example : OfflineReg "c:\temp\system" a_key_path deletevalue a_value
Example : OfflineReg "c:\temp\system" a_key_path deletekey a_key
Example : OfflineReg "c:\temp\system" a_key_path deletekey
Example : OfflineReg "c:\temp\system" a_key_path deletekeys
Example : OfflineReg "c:\temp\system" a_key_path createkey a_key
Example : OfflineReg "c:\temp\system" a_key_path createkey
Example : OfflineReg "c:\temp\system" " " createkey a_key -> will create a key under root
Example : OfflineReg "c:\temp\system" a_key_path enumkeys
Example : OfflineReg "c:\temp\system" a_key_path enumvalues
Example : OfflineReg "c:\temp\system" a_key_path enumallvalues
Example : OfflineReg "c:\temp\system" a_key_path create
Example : OfflineReg "c:\temp\system" " " create
Example : OfflineReg "c:\temp\system" " " import commands.reg
Example : OfflineReg "c:\temp\system" " " run commands.txt
A real life example :
OfflineReg "D:\Windows\system32\config\system" ControlSet001\Control\ProductOptions getvalue "ProductType".
Should display :
"ProductType"=WinNT
Regards,
Erwan.
Click here to download this file