Windows Registry Recovery

Martin Brinkmann
Dec 20, 2008
Data recovery, Software, Windows
|
3

Windows Registry Recovery is a software program that has been designed to recover data after a computer crash. It was designed to extract data from the Registry hives of a crashed system with the option to analyze and export these information to import them on a new computer system.

Why could this be important? The Windows Registry contains important information about configured devices, users, software programs, network configurations or services and drivers and it might be faster and easier to copy those settings to the new installation instead of configuring the system manually.

The data recovery program can read all Registry hives. The hives can be found in the Windows\System32\config directory and can only be loaded if they are not in use. This is usually the case if you are accessing a crashed installation from a new system,

Data can be exported into Regedit4 format which makes it easy to import it to a different system. It is also possible to save the data as CSV files to analyze them in other applications.

Windows Registry Recovery provides access to the following information:

  • File Information - In this explorer you can see basic file properties and checksums.
  • Security Record Explorer - Displays all security records used in registry. Usage counter, owner SID, group SID, list of affected keys and list of SACL and DACL is displayed for every record with flags and permissions enumerated. This explorer is available only for NT based system registry hives.
  • SAM - Displays Machine SID and part of SYSKEY. Enumerates local user and group accounts and some of their properties. This explorer is available only for NT based system registry SAM hive.
  • Windows Installation - Displays Windows name, ID and key, install date and user registration info. Enumerates installed software with descriptions and install date and list of installed hotfixes wih description. This explorer is available only SOFTWARE registry hive (Product ID and key are extracted in SYSTEM hive too).
  • Control Set - Displays all configured devices that worked on host machine. They are displayed in "like Device Manager" tree with some properties. This explorer is available for SYSTEM registry hive.
  • User Data - Displays user and machine name and tree based Start menu for selected USER hive. This explorer is available for USER registry hive.
  • Startup Applications - Enumerates applications that are registered to be run after startup. This explorer is available for SOFTWARE registry hive.
  • Services and Drivers - Enumerates all installed services and drivers with properties. This explorer is available only for NT based system registry SYSTEM hive.
  • Network Configuration - Displays all installed network clients, protocols and services. Enumerates all defined network connections with its TCP/IP configuration. This explorer is available only for NT based system registry SYSTEM hive.
  • Environment - Displays all environment variables. This explorer is available only for NT based system registry SYSTEM hive.
  • Shell Folders - Displays shell folders (folders known to system). This explorer is available only for NT based system registry SYSTEM hive.
  • Outlook Express - Digs out all Outlook Express accounts and their settings. This explorer is available only for NT based system registry USER hive.
  • Raw Data - This explorer displays whole registry in known tree format. Contains powerful searching and data interpreter.

The data recovery software can be downloaded directly from the developers homepage. It is compatible with all Windows versions from Windows 95 to Windows Vista. The software program is fully portable.

Advertisement

Tutorials & Tips


Previous Post: «
Next Post: «

Comments

  1. Anonymous said on March 9, 2023 at 1:52 pm
    Reply

    Does it come back after every “moment” update?

  2. Baloney said on March 9, 2023 at 2:23 pm
    Reply

    Yeah right.. Like this is going to stop defender from running =) This is comedy gold right here.

  3. Anonymous said on March 9, 2023 at 3:25 pm
    Reply

    no ‘about the author’ paragraph?

  4. Gregory said on March 9, 2023 at 4:19 pm
    Reply

    For permanent disable defender is if removed complete from system no just change permission folder.

    Just this is joke.

  5. moi said on March 9, 2023 at 5:57 pm
    Reply

    simpler, load Autoruns (SysInternals)
    – filter “Defender”
    – untag all entries
    – reboot
    nothing has changed since my 1st modification years ago

  6. John G. said on March 9, 2023 at 6:32 pm
    Reply

    I wouldn’t disable Defender imho, it has too many hidden roots inside Windows itself. One time I tried to uninstall it using brute force scripts and then the Onedrive feature stopped working definitely. A reinstallation was needed and since those times I prefer to maintain Defender untouched. It’s a better method to install another antivirus and it will disable Defender in a safer and easier mode (e.g., Avast is the best in this way, and also Panda Cloud Free is good too).

    1. Tweakmaster said on September 29, 2023 at 9:57 am
      Reply

      U are just * [Editor: removed] thats the problem ;p first of all u shall always debloat windows u shall have max 65 services with your drivers for pc and windows own servs. You didnt know what that script did

  7. boris said on March 10, 2023 at 12:19 am
    Reply

    You can not stop defender from running in background or remove it without some penalty. All you can do is to limit telemetry.

    1. TelV said on March 10, 2023 at 4:52 pm
      Reply

      @borts,

      It’s probably Smartscreen which is preventing WD from being disabled. Get rid of that and the problem should be solved: https://thegeekpage.com/disable-windows-defender-smartscreen/#How_to_disable_the_Windows_Defender_SmartScreen_via_Local_Group_Policy_Editor

  8. hoho said on March 10, 2023 at 1:47 pm
    Reply

    Remove Windows and go for Linux.

    1. basingstoke said on March 10, 2023 at 2:51 pm
      Reply

      Linux sucks dude. Besides it’s not comparable to Windows, these OSes are in different classes entirely.

      1. Derp said on March 10, 2023 at 4:36 pm
        Reply

        I use Linux as my daily driver. It’s far more stable than Windows. When’s the last time you used Linux, 2010?

      2. Bromosexual said on March 11, 2023 at 2:04 am
        Reply

        @basingstoke

        You’re right, dude. Bro, linux is just a bunch of code that starts before the OS, dude. Brobrodude, that shit ain’t even got emojis, dudebrodudeman! Dudebro, it’s no way near as cool as Windows with its hardcoded abilities to make money off the user, bro. Yo brodude man, you’re the coolest dude ever man, bro. Dude.

      3. basingstoke said on August 16, 2023 at 7:20 pm
        Reply

        Lol what? Windows 7 doesn’t come with any Emojis

  9. TelV said on March 10, 2023 at 4:46 pm
    Reply

    Download Autoruns and remove the checkmark from Windows Defender. It doesn’t remove it, but it will never run. https://learn.microsoft.com/en-us/sysinternals/downloads/autoruns

  10. Simon said on March 10, 2023 at 8:37 pm
    Reply

    Just use “Defender Control”:
    https://www.sordum.org/9480/defender-control-v2-1/comment-page-1/#comments

    Per this video,
    https://www.youtube.com/watch?v=CLIjr7FyxZ8
    it also works on Windows 11 too…

  11. Someone said on March 10, 2023 at 9:26 pm
    Reply

    Win Defender, is completly the most succesful free-built in antivirus of Microsoft. Really nice product. Saved my ass a lot of times. Has updated malware database, completly strong defence
    from whatever smart screen disables. Or if you want better and more upgrated (paid) program,
    you can go further. But defender is always on your side.

  12. CalixtoWVR1 said on March 10, 2023 at 10:03 pm
    Reply

    Why would one disable Windows (or Microsoft) Defender in the first place?. I consider this to be playing with fire big time. Everybody knows that if one is using another A-V, Defender will be disabled on its own and won’t be in one’s way.

  13. Ed D said on March 10, 2023 at 11:09 pm
    Reply

    Why would I want to disable Windows Defender in the first place? It’s a great anti virus in my opinion. Been using it since Windows 8 and and never had a problem or a virus. Why mess with a good thing, if it ain’t broke don’t fix it.

  14. owl said on August 17, 2023 at 1:57 am
    Reply

    How a ridiculous article!
    I am thoroughly stunned.

    Why Should You Disable First-Party Windows Defender?
    I can only think that it is “malice or perversely intention (want you to buy a third-party AV where you can expect a back margin)” to guide invalidation without showing the premise.
    No sane company will use third-party closed source programs (such as AV).

    As I thought, “Ghacks Technology News” seems to be coming to downfall.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.