I can't find any examples of using the new API to write to HKLM. It seems to me that this should work:
Hive_Load,HKLM Reg_Add,0x3,"%reg%\Software\Roadkil","Lic_Unstp","31" Hive_Unload,HKLM
and there is no problem indicated in the log:
Processing section: [reg_hiveload] From file: [%BaseDir%\Projects\VistaPE-Beta\api.script] SetVar - Sucessfuly changed the value of [%hive_file%] to: [%HIVE_#1%] System - Refreshing all variables Loading HKLM hive.. Loading hive from %BaseDir%\Target\VistaPE\windows\system32\config\system RegHiveLoad - File: [%BaseDir%\Target\VistaPE\windows\system32\config\system] Section [wb-hive] RegWrite - root key: [HKLM] Type: [0x3] Section [wb-hive\Software\Roadkil] key [Lic_Unstp=31..] Processing section: [reg_hiveunload] From file: [%BaseDir%\Projects\VistaPE-Beta\api.script] Unloading wb-hive RegHiveUnLoad - Unloaded registry hive: [wb-hive]
but nothing gets into the registry. Am I doing something wrong?