83 replies to this topic

[erwan.l]

tough day but i want this to work

 

you need to create the policies key before anything else. check my previous post.

copy paste the exact 3 commands below in your console.

 

1.

offlinereg "c:\temp\ntuser.dat" "Software\Microsoft\Windows\currentversion" createkey policies

2.

offlinereg "c:\temp\ntuser.dat" "Software\Microsoft\Windows\currentversion\policies" createkey explorer

3.

OfflineReg "c:\temp\NTUSER.DAT" "Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" setvalue NoDrives 67108863 4

[chestertomato]

You are fantastic , at lease now a "createkey ok" succeed. What I'm thinking is , can I use WinPE to add this NTUSER.DAT , then modify it's registry I want. I was once and many times edit the offline registry from WinPE registry. Is it possible ?

 

offlinereg "c:\temp\ntuser.dat" "Software\Microsoft\Windows\currentversion" createkey policies

createkey ok

 

offlinereg "c:\temp\ntuser.dat" "Software\Microsoft\Windows\currentversion\policies" createkey explorer

OROpenKey failed:2

 

OfflineReg "c:\temp\NTUSER.DAT" "Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" setvalue NoDrives 67108863 4

OROpenKey failed:2

[erwan.l]

it should display :

 

offlinereg c:\temp\ntuser.dat "Software\Microsoft\Windows\currentversion" createkey policies

createkey ok

saved to c:\temp\ntuser.bak

 

the new hive is now in ntuser.bak.

you should then rename the old one to ntuser.old and rename ntuser.bak to ntuser.dat.

 

then : offlinereg "c:\temp\ntuser.dat" "Software\Microsoft\Windows\currentversion\policies" createkey explorer

 

EDIT : going to modify offlinereg so that it offers the possibiity to save to the original fine rather than doing a backup each time.

[erwan.l]

download new version from here : http://reboot.pro/fi...313-offlinereg/ .

 

and use : offlinereg "c:\temp\ntuser.dat" "Software\Microsoft\Windows\currentversion\policies" createkey explorer nobackup

 

it will then save to original file. no more backup to a .bak file.

that makes it easier to script and to execute several commands one after the other.

be careful then

 

also this latest version also display more "human" messages.

[chestertomato]

offlinereg c:\temp\ntuser.dat "Software\Microsoft\Windows\currentversion" createkey policies

createkey ok

 

I think when "createkey ok" the key "policies" is already written to "ntuser.dat" with no other backup. So how can I save this file for a backup ? So I go on with :

 

offlinereg "c:\temp\ntuser.dat" "Software\Microsoft\Windows\currentversion\policies" createkey explorer

OROpenKey failed:2:system can't find the specify file

 

offlinereg "c:\temp\ntuser.dat" "Software\Microsoft\Windows\currentversion\policies" createkey explorer nobackup

OROpenKey failed:2:system can't find the specify file

 

Unlike previous , there's more message "system can't find the specify file" , obviously the "c:\temp\ntuser.dat" file path is correct !

[erwan.l]

1.

offlinereg "c:\temp\ntuser.dat" "Software\Microsoft\Windows\currentversion" createkey policies nobackup

->createkey ok

saved to c:\temp\ntuser.dat

 

2.

offlinereg "c:\temp\ntuser.dat" "Software\Microsoft\Windows\currentversion\policies" createkey explorer nobackup

->createkey ok

saved to c:\temp\ntuser.dat

 

3.

OfflineReg "c:\temp\NTUSER.DAT" "Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" setvalue NoDrives 67108863 4 nobackup

->setvalue ok

saved to c:\temp\ntuser.dat

 

OROpenKey failed:2:system can't find the specify file -> actually means the key or value was not found.

[chestertomato]

I copied again a brand new ntuser.dat , but with exactly the same result as above

[erwan.l]

At this point I dont know how to help anymore

 

At my place : (in italic the command, in bold the result).

 

offlinereg "c:\temp\ntuser.dat" "Software\Microsoft\Windows\currentversion" createkey policies nobackup

createkey ok

saved to c:\temp\ntuser.dat

 

offlinereg "c:\temp\ntuser.dat" "Software\Microsoft\Windows\currentversion\policies" createkey explorer nobackup

createkey ok

saved to c:\temp\ntuser.dat

 

OfflineReg "c:\temp\NTUSER.DAT" "Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" setvalue NoDrives 67108863 4 nobackup

setvalue ok

saved to c:\temp\NTUSER.DAT

 

then I check it out :

OfflineReg "c:\temp\NTUSER.DAT" "Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" getvalue NoDrives

"NoDrives"=67108863

[chestertomato]

I understand what you mean by Italic and Bold , and I do believe those result happened at your place.

 

OfflineReg "c:\temp\NTUSER.DAT" "Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" getvalue NoDrives

OROpenKey failed:2:system can't find the specify file

 

Same error message. May be it means there's no NoDrives key in my ntuser.dat

Let me test it in another Win8PE DVD and import this ntuser.dat that's registry

[chestertomato]

Sir , I know how comes the error message !!!

 

offlinereg "c:\temp\ntuser.dat" "Software\Microsoft\Windows\currentversion" createkey policies nobackup

createkey ok

 

Then I saw the "c:\temp\ntuser.dat" file disappeared right the way ???

 

That's why the rest command line fail with :

OROpenKey failed:2:system can't find the specify file

[erwan.l]

interesting : do you actually see "saved to c:\temp\ntuser.dat" after "createkey ok" ?

 

then the "nobackup" parameter is a problem for now.

 

stick to original syntax but then remember that the updated file is actualy in the xxx.bak.

up to you to rename it each time.

[chestertomato]

It seems the file "ntuser.dat" has been deleted. I tried many times to copy a brand new ntuser.dat to c:\temp. Same many times , file deleted after the first command line

[chestertomato]

The 1st command line without "NoBackup" can keep ntuser.dat

But the 2nd and 3rd command line with or without "NoBackup" keep the same error message

[chestertomato]

Sir ,  I know why the 2nd and the 3rd command line fail with error message : OROpenKey failed:2:system can't find the specify file.

 

I run the 1st command line :

 

offlinereg "c:\temp\ntuser.dat" "Software\Microsoft\Windows\currentversion" createkey policies nobackup

createkey ok

But I don't have the following result :

saved to c:\temp\ntuser.dat            (At you place , you have)

 

It means at my place , the "policies" key has not beed added. The message createkey ok is a meaningless phrase as I haven't got saved to c:\temp\ntuser.dat

 

I can prove this. Once after running the 1st command line. I reboot my computer with Win8PE DVD. Use this Win8PE regedit to import c:\temp\ntuser.dat , but found "policies" key was not added !

 

That's why the 2nd and 3rd command must be fail !

[chestertomato]

1. I made the c:\temp\ntuser.dat -s -h

2. Eliminate the Administrator's right of this file

3. Run 1st command line

4. View this ntuser.dat in Win8PE DVD

 

But with exactly same result

[erwan.l]

uhm, i found a bug with the nobackup parameter.

drop it for now.

 

offlinereg has to create a copy everytime of the original.

the backup file = the new modified file.

you need to integrate this in your script/batch.

[chestertomato]

I was wrong in my latest post , it should be with no "NoBackup" at the 1st command and also the c:\temp\ntuser.dat still exist

 

Nevermine , sir , you already help me a lot. A grade thanks to you. I'll try my other way to soft my problem.

 

And I've to close this topic. Many many thanks

[trmpluym]

Erwan,

 

I tried to use offlinereg (v0.9.6) to import a reg file into an offline reg hive.

 

First i exported a reg file (for example HKCU\SOFTWARE\Test) into a file test.reg

 

Afterwards i tried to import this file info a user registry hive ntuser.dat

 

This is the command line i used:

 

offlinereg c:\temp\ntuser.dat c:\temp\test.reg import

 

For every subkey in the test.reg file i get the error:

 

createkey failed:2:The system can not find the file specified

 

My system is Windows 7 x64. The command prompt is elevated and both the files are not hidden of readonly.

 

Any idea ?

[erwan.l]

Erwan,

 

I tried to use offlinereg (v0.9.6) to import a reg file into an offline reg hive.

 

First i exported a reg file (for example HKCU\SOFTWARE\Test) into a file test.reg

 

Afterwards i tried to import this file info a user registry hive ntuser.dat

 

This is the command line i used:

 

offlinereg c:\temp\ntuser.dat c:\temp\test.reg import

 

For every subkey in the test.reg file i get the error:

 

createkey failed:2:The system can not find the file specified

 

My system is Windows 7 x64. The command prompt is elevated and both the files are not hidden of readonly.

 

Any idea ?

 

Hi,

 

Can you dump the full output (from command line) ?

 

Regards,

Erwan

[trmpluym]

Here the actual command line:

 

D:\B\b>offlinereg.exe c:\a\ntuser.dat d:\b\b\test.reg import > d:\b\b\output.txt

 

output.txt contains:

 

[Software\Atelier Web]

[Software\Atelier Web\Remote Commander]

[Software\Atelier Web\Remote Commander\Access Control]

createkey failed:2:Het systeem kan het opgegeven bestand niet vinden

could not open Software\Atelier Web\Remote Commander\Access Control

[Software\Atelier Web\Remote Commander\Font Sizes]

createkey failed:2:Het systeem kan het opgegeven bestand niet vinden

could not open Software\Atelier Web\Remote Commander\Font Sizes

createkey failed:2:Het systeem kan het opgegeven bestand niet vinden

could not open Software\Atelier Web\Remote Commander\Font Sizes

createkey failed:2:Het systeem kan het opgegeven bestand niet vinden

could not open Software\Atelier Web\Remote Commander\Font Sizes

createkey failed:2:Het systeem kan het opgegeven bestand niet vinden

could not open Software\Atelier Web\Remote Commander\Font Sizes

createkey failed:2:Het systeem kan het opgegeven bestand niet vinden

could not open Software\Atelier Web\Remote Commander\Font Sizes

createkey failed:2:Het systeem kan het opgegeven bestand niet vinden

could not open Software\Atelier Web\Remote Commander\Font Sizes

createkey failed:2:Het systeem kan het opgegeven bestand niet vinden

could not open Software\Atelier Web\Remote Commander\Font Sizes

createkey failed:2:Het systeem kan het opgegeven bestand niet vinden

could not open Software\Atelier Web\Remote Commander\Font Sizes

createkey failed:2:Het systeem kan het opgegeven bestand niet vinden

could not open Software\Atelier Web\Remote Commander\Font Sizes

createkey failed:2:Het systeem kan het opgegeven bestand niet vinden

could not open Software\Atelier Web\Remote Commander\Font Sizes

createkey failed:2:Het systeem kan het opgegeven bestand niet vinden

could not open Software\Atelier Web\Remote Commander\Font Sizes

createkey failed:2:Het systeem kan het opgegeven bestand niet vinden

could not open Software\Atelier Web\Remote Commander\Font Sizes

createkey failed:2:Het systeem kan het opgegeven bestand niet vinden

could not open Software\Atelier Web\Remote Commander\Font Sizes

createkey failed:2:Het systeem kan het opgegeven bestand niet vinden

could not open Software\Atelier Web\Remote Commander\Font Sizes

createkey failed:2:Het systeem kan het opgegeven bestand niet vinden

could not open Software\Atelier Web\Remote Commander\Font Sizes

createkey failed:2:Het systeem kan het opgegeven bestand niet vinden

could not open Software\Atelier Web\Remote Commander\Font Sizes

createkey failed:2:Het systeem kan het opgegeven bestand niet vinden

could not open Software\Atelier Web\Remote Commander\Font Sizes

createkey failed:2:Het systeem kan het opgegeven bestand niet vinden

could not open Software\Atelier Web\Remote Commander\Font Sizes

createkey failed:2:Het systeem kan het opgegeven bestand niet vinden

could not open Software\Atelier Web\Remote Commander\Font Sizes

createkey failed:2:Het systeem kan het opgegeven bestand niet vinden

could not open Software\Atelier Web\Remote Commander\Font Sizes

createkey failed:2:Het systeem kan het opgegeven bestand niet vinden

could not open Software\Atelier Web\Remote Commander\Font Sizes

createkey failed:2:Het systeem kan het opgegeven bestand niet vinden

could not open Software\Atelier Web\Remote Commander\Font Sizes

createkey failed:2:Het systeem kan het opgegeven bestand niet vinden

could not open Software\Atelier Web\Remote Commander\Font Sizes

createkey failed:2:Het systeem kan het opgegeven bestand niet vinden

could not open Software\Atelier Web\Remote Commander\Font Sizes

createkey failed:2:Het systeem kan het opgegeven bestand niet vinden

could not open Software\Atelier Web\Remote Commander\Font Sizes

createkey failed:2:Het systeem kan het opgegeven bestand niet vinden

could not open Software\Atelier Web\Remote Commander\Font Sizes

createkey failed:2:Het systeem kan het opgegeven bestand niet vinden

could not open Software\Atelier Web\Remote Commander\Font Sizes

createkey failed:2:Het systeem kan het opgegeven bestand niet vinden

could not open Software\Atelier Web\Remote Commander\Font Sizes

createkey failed:2:Het systeem kan het opgegeven bestand niet vinden

could not open Software\Atelier Web\Remote Commander\Font Sizes

createkey failed:2:Het systeem kan het opgegeven bestand niet vinden

could not open Software\Atelier Web\Remote Commander\Font Sizes

createkey failed:2:Het systeem kan het opgegeven bestand niet vinden

could not open Software\Atelier Web\Remote Commander\Font Sizes

createkey failed:2:Het systeem kan het opgegeven bestand niet vinden

could not open Software\Atelier Web\Remote Commander\Font Sizes

createkey failed:2:Het systeem kan het opgegeven bestand niet vinden

could not open Software\Atelier Web\Remote Commander\Font Sizes

[Software\Atelier Web\Remote Commander\Last Hosts]

createkey failed:2:Het systeem kan het opgegeven bestand niet vinden

could not open Software\Atelier Web\Remote Commander\Last Hosts

createkey failed:2:Het systeem kan het opgegeven bestand niet vinden

could not open Software\Atelier Web\Remote Commander\Last Hosts

createkey failed:2:Het systeem kan het opgegeven bestand niet vinden

could not open Software\Atelier Web\Remote Commander\Last Hosts

createkey failed:2:Het systeem kan het opgegeven bestand niet vinden

could not open Software\Atelier Web\Remote Commander\Last Hosts

createkey failed:2:Het systeem kan het opgegeven bestand niet vinden

could not open Software\Atelier Web\Remote Commander\Last Hosts

createkey failed:2:Het systeem kan het opgegeven bestand niet vinden

could not open Software\Atelier Web\Remote Commander\Last Hosts

[Software\Atelier Web\Remote Commander\Main Window Pos]

createkey failed:2:Het systeem kan het opgegeven bestand niet vinden

could not open Software\Atelier Web\Remote Commander\Main Window Pos

createkey failed:2:Het systeem kan het opgegeven bestand niet vinden

could not open Software\Atelier Web\Remote Commander\Main Window Pos

createkey failed:2:Het systeem kan het opgegeven bestand niet vinden

could not open Software\Atelier Web\Remote Commander\Main Window Pos

createkey failed:2:Het systeem kan het opgegeven bestand niet vinden

could not open Software\Atelier Web\Remote Commander\Main Window Pos

createkey failed:2:Het systeem kan het opgegeven bestand niet vinden

could not open Software\Atelier Web\Remote Commander\Main Window Pos

saved to c:\a\ntuser.bak ok

 

createkey failed:2:Het systeem kan het opgegeven bestand niet vinden

 

The above line is dutch translated it means:

 

createkey failed:2:The system can not find the file specified

[erwan.l]

ok perfect, thanks i'll work on that.

 

just to be sure, download latest version (i uploaded a fresh new version).

 

but i suspect that i am not support sub keys under sub keys...

 

this is what I get.

C:\Users\erwan>offlinereg c:\temp\ntuser.dat c:\temp\test.reg import
[Software\WinImage]
added -> WinImageUseRegistry=string:TRUE
added -> Time=string:209
added -> Read=string:0
added -> Write=string:0
added -> Create=string:6
added -> CDImageSetting=string:0
added -> ConnectedFileOption=string:17
added -> BatchWizzardPref=string:1031508
added -> DayOfUsing=string:17
added -> DayOfUsingLater=string:17
added -> DayOfUsingLaterDisp=string:1
added -> NameRegistered=string:
added -> EndBatchMessage=string:FALSE
saved to c:\temp\ntuser.new ok

[erwan.l]

I confirm : for now, offlinereg will not be able to create key under a subkey if the parent key was not created.

 

In your case, since there are no keys under Atelier Web or Remote Commander, offlinereg did not create these subkeys.

 

[Software\Atelier Web]

[Software\Atelier Web\Remote Commander]

[Software\Atelier Web\Remote Commander\Access Control]

[trmpluym]

Where can download the new version ?

 

On the URL below i stil get the 0.9.6 version

 

http://reboot.pro/fi...317-offlinereg/

 

At  http://erwan.l.free..../offlinereg.zip the download fails...

[erwan.l]

Where can download the new version ?

 

On the URL below i stil get the 0.9.6 version

 

http://reboot.pro/fi...317-offlinereg/

 

At  http://erwan.l.free..../offlinereg.zip the download fails...

 

free.fr? been years...

reboot.pro should display the below.

 

[trmpluym]

> I confirm : for now, offlinereg will not be able to create key under a subkey if the parent key was not created.

 

Ok, thanks for the quick updates Erwan !

 

I can still do it manually (load the remote hive regedit and do a find replace in the reg file) so no hurry...