How to use Registry Decoder?

September 21st, 2013

Please explain me briefly how to use Registry Decoder, or post some good tutorial.
Answer #1
Starting at their website might be a good idea..
http://code.google.com/p/registrydecoder/downloads/detail?name=RegistryDecoder-Offline-Analysis-Instructions-v1.1.pdf
Answer #2
Thank you! My problem is this: how to give the path of the file? I tried to export .reg file, which is incorrect. I need to browse somewhere in the registry, but where?C:\Windows\System32? How to obtain individual registry data for analysis to be valid for this software? I’m beginner in this area, so please understand me…
Answer #3
First I’d like to point out that this tool is best used offline as the registry hive files are access-locked while windows is running.
So basically,Your options are:
1. Run it from a live XP CD (Such as BartPE,UBCD4WIN)
2. Run it from another windows OS (if you got a multi-boot setup)
3. Similar to #2,But hook up the HDD as secondary to another PC and adjust the boot order accordingly (you should only boot from the main HDD,Not the one you wanna load the registry from),Or you could use an external enclosure instead of connecting it internally.
Now that we got that sorted,Registry hive locations:
Specific user registry (HKEY_CURRENT_USER):
\documents and settings\username\ntuser.dat (XP)
\users\username\ntuser.dat (Vista/Win7)

Global registry (HKEY_LOCAL_MACHINE):
\windows\system32\config\system
Answer #4
Thank you so much, Roberto400. You told me exactly what I need to know.

 

| Sitemap |