Thread: request recomendation for "offline" registry hive diff utility
View Single Post
  #3  
Old February 14th 10, 03:08 AM posted to microsoft.public.windowsxp.security_admin
GrandpaFerret
external usenet poster
  
Posts: 17
Default request recomendation for "offline" registry hive diff utility
John, Thank you for giving me the answer so quickly. I have no problem at
all with your approach and understand most of it... I hope you will do me
the favor of a follow up that will clarify things enough in my mind to allow
me to do as you sugested.

Its the "best approach is to individually load each hive into Regedit (with
the same name)" part I am not sure about.

Two point of confusion on my part:
1) I had already looked into trying to import a hive using regedit but the
only option I could find was to import a ".reg" (text) version, not the
actual registry file itself.
2) If you loaded the hive along the lines you are suggesting, it becomes
part of the active OS's registry, right? That sounds very dangerous to the
future integrity of the OS install in question.

The only way I have come up with to interpret your suggestion ("the best
approach is to individually load each hive into Regedit (with the same
name)") would be to bring the system up under another OS (say linux) and
replace the winXP hive file (say .../config/system) on a winXP system disk
with the system file from one of my two sets and then reboot into that winXP
OS.

I thought about a second alternative of trying to find a program that would
convert system to system.reg amd then use regedit to import it, but I see two
posable problems with that...
1) If I had a program that would export a single hive file to .reg format I
would have the answer to my original question and we would be done!
2) would not the result of the import be a murge of the active hive and the
imported hive rather than a replacement of the active hive with the imported
hive?

I am not trying to argue with someone who is trying to help me. Sorry if it
sounds like i am.... but I know very little about this area of windows, but
what I do know is that it is very dangerous to fool around with if you dont
know what you are doing....

Soooo, exactly what did you mean when you said " Probably the best approach
is to individually load each hive into Regedit (with the same name)"

By the way, I do have a scratch winXP install laying around that I can
afford to screw-up. Its just that if I am going to screw it up I would like
to get the data I need out of it before totally hosing it. :

Hope to hear back from you soon.

Thanks.
Ads