{"id":7463,"date":"2016-08-07T05:08:34","date_gmt":"2016-08-07T05:08:34","guid":{"rendered":"http:\/\/www.top-password.com\/blog\/?p=7463"},"modified":"2016-08-07T05:08:34","modified_gmt":"2016-08-07T05:08:34","slug":"edit-offline-windows-registry-from-winpe","status":"publish","type":"post","link":"https:\/\/www.top-password.com\/blog\/edit-offline-windows-registry-from-winpe\/","title":{"rendered":"How to Edit Offline Windows Registry from WinPE"},"content":{"rendered":"

When your computer no longer boots up or you’re unable to login to Windows, a registry hack might fix your problem. To access the registry for an unbootable Windows installation, you should use a WinPE bootdisk. In this tutorial we’ll walk you through the steps to load \/ edit offline registry hive from WinPE.<\/p>\n

Before get started, we need to know the locations of Windows registry hives:<\/p>\n

HKEY_LOCAL_MACHINE\\SYSTEM:<\/strong> %windir%\\system32\\config\\SYSTEM
\nHKEY_LOCAL_MACHINE\\SAM:<\/strong> %windir%\\system32\\config\\SAM
\nHKEY_LOCAL_MACHINE\\SECURITY:<\/strong> %windir%\\system32\\config\\SECURITY
\nHKEY_LOCAL_MACHINE\\SOFTWARE:<\/strong> %windir%\\system32\\config\\SOFTWARE
\nHKEY_USERS\\.DEFAULT:<\/strong> %windir%\\system32\\config\\DEFAULT<\/p>\n

How to Edit Offline Windows Registry from WinPE?<\/strong><\/p>\n

    \n
  1. Boot your computer into WinPE. Open a Command Prompt and run regedit.exe<\/strong> to open the Registry Editor.\n

    \"command-prompt-from-winpe\"<\/p>\n<\/li>\n

  2. In the left pane of Registry Editor, highlight the HKEY_LOCAL_MACHINE<\/strong> hive (or HKEY_USERS).\n

    \"highlight-registry-key\"<\/p>\n<\/li>\n

  3. Click the File<\/strong> menu and select Load Hive<\/strong>.\n

    \"load-hive\"<\/p>\n<\/li>\n

  4. Browse to your Windows partition and select the registry hive which you wish to load. In my example, the registry hives are located in the directory D:\\Windows\\System32\\Config<\/em>.\n

    \"select-registry-hive\"<\/p>\n<\/li>\n

  5. Type a key name whatever you like (e.g. “OfflineReg<\/em>“) and click OK<\/strong>. The name will be used to create a new node in the tree so one can browser the offline registry.\n

    \"enter-key-name-for-loading\"<\/p>\n<\/li>\n

  6. Now under the HKEY_LOCAL_MACHINE<\/strong> key, you should see a new key named after the name you typed previously.\n

    \"offline-registry\"<\/p>\n<\/li>\n

  7. Expand the new key, browse to the desired key or value for editing. In my example, I browse to OfflineReg\\Software\\Microsoft\\IdentityCRL\\StoredIdentities<\/em> and delete its subkey.\n

    \"modify-offline-registry\"<\/p>\n<\/li>\n

  8. When you finish with the modifications, highlight the key you created previously (e.g. “OfflineReg<\/em>“). Click the File<\/strong> menu and select Unload Hive<\/strong>.\n

    \"unload-hive\"<\/p>\n<\/li>\n

  9. This will unload the hive and all changes made will be saved to the offline registry.\n<\/li>\n<\/ol>\n","protected":false},"excerpt":{"rendered":"

    When your computer no longer boots up or you’re unable to login to Windows, a registry hack might fix your problem. To access the registry for an unbootable Windows installation, you should use a WinPE bootdisk. In this tutorial we’ll walk you through the steps to load \/ edit offline registry hive from WinPE. Before […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1,10,1894,3,39,5,4],"tags":[2881,2879,2880,2882],"class_list":["post-7463","post","type-post","status-publish","format-standard","hentry","category-others","category-tips-tricks","category-windows-10","category-windows-7","category-windows-8","category-windows-vista","category-windows-xp","tag-access-windows-registry-offline","tag-edit-offline-registry-hive","tag-load-windows-registry-offline","tag-offline-windows-registry-editor"],"_links":{"self":[{"href":"https:\/\/www.top-password.com\/blog\/wp-json\/wp\/v2\/posts\/7463","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.top-password.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.top-password.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.top-password.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.top-password.com\/blog\/wp-json\/wp\/v2\/comments?post=7463"}],"version-history":[{"count":6,"href":"https:\/\/www.top-password.com\/blog\/wp-json\/wp\/v2\/posts\/7463\/revisions"}],"predecessor-version":[{"id":7477,"href":"https:\/\/www.top-password.com\/blog\/wp-json\/wp\/v2\/posts\/7463\/revisions\/7477"}],"wp:attachment":[{"href":"https:\/\/www.top-password.com\/blog\/wp-json\/wp\/v2\/media?parent=7463"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.top-password.com\/blog\/wp-json\/wp\/v2\/categories?post=7463"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.top-password.com\/blog\/wp-json\/wp\/v2\/tags?post=7463"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}