none
Access Offline Registry via Command Line RRS feed

  • Question

  • Thanks, everyone.

    The goal is to do this inside a windows PE. Specifically it is for taking care of infection. I know it can be done with regedit, but I want this done automatically. Not asking for the work to be done for me, but I can't find any document on how to access offline registries with the reg command. Can I simply

    reg add "C:\Windows\System32\config\software\HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v ProxyEnable /t REG_DWORD /d 0 /f

    ? The project is all written in batch, fyi.

    Also, hate to be a bother, but if anyone could mention in passing any available scripts made by anyone which do PE cleanups of the operating system, I'm looking for those to, but haven't had time to dig yet.

    Monday, December 22, 2014 4:08 AM

Answers

  • The goal is to do this inside a windows PE. Specifically it is for taking care of infection. I know it can be done with regedit, but I want this done automatically.

    Also, hate to be a bother, but if anyone could mention in passing any available scripts made by anyone which do PE cleanups of the operating system, I'm looking for those to, but haven't had time to dig yet.

    The command

    reg /?

    tells you about reg load and reg unload which are the switches to use when modifying an offline registry. I recommend you begin by using regedit.exe to load/unload a hive in order to familiarise yourself with the process.

    About a cleanup script - you will have to find the time to do your own search, maybe using a search engine.

    • Marked as answer by James Epp Monday, December 22, 2014 5:09 PM
    Monday, December 22, 2014 2:37 PM

All replies

  • Sorry but your question is not about scripting.  YOu need to ask ina WIndows forum for the OS versionyou are using

    If you are trying to enforce proxy usage you need to use Group Policy.  Post inGP orum.


    ¯\_(ツ)_/¯

    Monday, December 22, 2014 11:53 AM
  • The goal is to do this inside a windows PE. Specifically it is for taking care of infection. I know it can be done with regedit, but I want this done automatically.

    Also, hate to be a bother, but if anyone could mention in passing any available scripts made by anyone which do PE cleanups of the operating system, I'm looking for those to, but haven't had time to dig yet.

    The command

    reg /?

    tells you about reg load and reg unload which are the switches to use when modifying an offline registry. I recommend you begin by using regedit.exe to load/unload a hive in order to familiarise yourself with the process.

    About a cleanup script - you will have to find the time to do your own search, maybe using a search engine.

    • Marked as answer by James Epp Monday, December 22, 2014 5:09 PM
    Monday, December 22, 2014 2:37 PM
  • This was, in fact, a question directed towards scripting. Sorry if this didn't come across in the OP. Any tips on how to word my next thread to make it more noticeable as a scripting scenario? I honestly couldn't think of a more appropriate forum topic.

    Monday, December 22, 2014 4:39 PM
  • This was, in fact, a question directed towards scripting. Sorry if this didn't come across in the OP. Any tips on how to word my next thread to make it more noticeable as a scripting scenario? I honestly couldn't think of a more appropriate forum topic.


    "Scripting" relates to writing code in a language such as batch, VBScript or PowerShell. People who write scripts must be fully familiar with console commands such as copy, reg.exe, path, robocopy etc. Your question relates to reg.exe for which this forum would be a more appropriate place.
    Monday, December 22, 2014 4:55 PM
  • http://superuser.com/questions/636055/how-to-modify-a-computers-offline-registry-from-winpe


    ¯\_(ツ)_/¯

    (From OP) >> "I know it can be done with regedit, but I want this done automatically."

    EDIT: I had seen this thread once, but as soon as I saw regedit I failed to RTFM and moved on to the next tab. Didn't see his use of reg load. I'm probably going to follow both this and http://ss64.com/nt/reg.html .

    • Edited by James Epp Monday, December 22, 2014 5:00 PM
    Monday, December 22, 2014 4:57 PM
  • So this forum is more for syntax? Good enough. Thing is, I was looking for a general forum. This script is to be used from a Windows 8 PE, not windows 7, and that is why I wouldn't be comfortable posting it in a windows 7 forum, because if John Doe has the same problem as me in the future, where are they going to look? I would assume scripting, because the knowledge in question is being used while scripting, and applies to different OS versions.
    Monday, December 22, 2014 4:59 PM
  • There is really no good way to "automatically" load a hive with script.  REG, as posted many times, is the only available choice in Windows.  Be sure to always unload the hive as it is unavailable as long as it is manually loaded.


    ¯\_(ツ)_/¯

    Monday, December 22, 2014 5:07 PM
  • Thanks, will do. I'll update the OP with my solution and mark one of these responses as the answer. Thanks, you two.
    Monday, December 22, 2014 5:08 PM
  • So this forum is more for syntax? Good enough. Thing is, I was looking for a general forum. This script is to be used from a Windows 8 PE, not windows 7, and that is why I wouldn't be comfortable posting it in a windows 7 forum, because if John Doe has the same problem as me in the future, where are they going to look? I would assume scripting, because the knowledge in question is being used while scripting, and applies to different OS versions.

    With product, device and subsystem specific questions it is always best to start in the forum allocated to the system.  Once you understand the issue from the subsystems perspective any question targeted at scripting will be easier to answer if the initial forum has not addressed the issue well enough to see how it can be implemented in script.


    ¯\_(ツ)_/¯

    Monday, December 22, 2014 5:10 PM