comparing registry files from the command line

B

bill

Hello,

i made 2 registry backup's (Sam, Security, Software, System, Default)
after the system was booted with BartPE.


Questions:
1.
How can 2 versions of those files be compared from the command-line?

2.
How can the changes be written/saved to a file?



Thank you very much for any help!

Bill
 
B

bill

Depends on the tools you used for the backup.
Click to expand...

Thank's for the reply Dave! Yes I should have explained my "registry
backup approach" better :)

I booted the PC with BartPE(very similar to Microsoft Windows PE) from
CD-ROM and was therefore able to access all registry files normally
locked by the OS(Windows). Copied (Sam, Security, Software, System,
Default) to an other partition.

And now, I would like to compare 2 versions of such a registry file
(made at different point in time) and write the changes to a file (if
possible from the commandline).


Thank's a lot in advance for any help!

Bill
 
B

bill

Thank`s for the feedback! I would like to do this registry comparison
from the command line with standard MS-tools. Is this really not
possible?
Click to expand...


Ok, I think Compreg.exe is the tool for such jobs :)


Comparing Two Computers' Registries

Microsoft Compreg (Compreg.exe) is on the Microsoft Windows 2000
Resource Kit CD-ROM but
not in Windows 2000 Resource Kit Support Tools. It's an MS-DOS program
that compares two
different subkeys, whether they're on the same computer or not. That
is, you can compare
two subkeys on the same computer, or you can compare the same subkey
on two different
computers. The program's output looks like Listing 9.3.
Example 9.3. Sample Output from Compreg

1 \ShellNew
1 \ShellEx
2 \Wordpad.Document.1
2 \Word.Document.6
2 \WordDocument
2 \ShellEx
2 \Word.Document.8
1 ! REG_SZ,[Paint.Picture]
2 ! REG_SZ,[Word.Document.8]
1 !Content Type REG_SZ,[image/bmp]
2 !Content Type REG_SZ,[application/msword]
End of search : 9 differences found.



After installing the resource kit, type compreg at the MS-DOS command
prompt and include
any of the following command-line options:

compreg <1> <2> [-v] [-r] [-e] [-d] [-q] [ -n] [-h] [-?]
1 Path of the first subkey
2 Path of the second subkey
-v Shows differences and matches
-r Visits subkeys that exist only in 1 or 2
-e Sets errorlevel to the previous error code
-d Limits output to just subkey names, not values
-q Limits output to the number of differences
-n Disables the use of color in the output
-h Displays help
-? Displays command-line options

Some aspects of Compreg's command-line options bear more explanation.
In particular,
1 and 2 specify the Registry subkeys you're comparing. The notation is
\\Name\Subkey.
Name, if provided, can be the name of any computer on the network.
Subkey is a subkey
within that computer's Registry. If you don't provide a computer name,
Compreg assumes
the subkey is in the local Registry. Subkey is usually a fully
qualified name starting
from one of the root keys. You must use one of the abbreviations shown
in Table 9.2,
though, not the conventional abbreviations you learned about in
Chapter 1, "Understanding
Registries." If you specify just a computer name for 2 , Compreg
compares the subkey
specified by 1 to the same subkey on the machine specified by 2 . To
speed you along,
the following list shows several examples:
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

changing value of a registry key from command line possible ? 3
complete registry backup from the command line with 'reg save' 5
What is Windows registry (Registry Keys) 1
W2K Pro Registry Directory 1
Endless reboot - how to restore registry files 9
deleted lsass entries in the registry 7
When is registry saved in repair directory? 5
Registry keys 0

Top