Today I would like to show you a way to edit the Windows registry if your Windows computer does not boot up properly and you cannot even get into safe mode.
After all, Windows doesn’t seem to have any on-board tools for such a situation (for example as part of “Advanced Startup” and its system recovery tools). Even with Linux live systems, I could not find a convenient way to edit the Windows registry.
Something that worked well for me, however, was the USB live system Hiren’s BootCD PE, which not only contains the standard Windows registry editor. It is even capable of dealing with BitLocker-encrypted partitions.
Let’s go…
Step 1: Create a bootable Windows PE USB Drive
First of all, you have to create a bootable flash drive containing Hiren’s BootCD PE system by following the instructions on hirensbootcd.org.
If you don’t trust this website, you can also try to create a WinPE boot system yourself. You can find a promising tutorial for this, for example, at Giantstride.gr. I personally have no experience with it yet and cannot say whether it supports BitLocker and has the registry editor on board. If you know more, feel free to leave a comment below.
Step 2: Boot from the Windows PE USB drive
Next, you have to boot from the USB drive you have just created. How this is done depends on the manufacturer of your laptop or mainboard. As a rule, you have to repeatedly press an F key immediately after switching on the laptop. On HP EliteBooks, for example, it is F9.
The best thing to do is to try out the most common keys (F12, F10, F9, F2, Ctrl + F2, Esc, Del) and otherwise do a quick internet search to find out how this is done for your manufacturer.
Step 3: Check that Windows PE has access to system drive
To access the registry, you need access to the computer’s system drive (usually the C drive). Windows PE should show you this drive in the file explorer. Click on it once and see if you can see the usual folders (Users, Programs, Windows, …). In case the drive is encrypted with BitLocker, you will now be asked for the BitLocker key, which you hopefully have somewhere.
Step 4: Mount the computer’s registry in regedit
Now, in the Windows PE system, click on Start and type “regedit” and push Enter to open the registry editor. Next, click on the desired root key (for example “HKEY_LOCAL_MACHINE”).
At this point you must pay attention! Currently you only see the registry of the Windows PE live system, not yet the registry of your actual computer. You first have to include it by clicking on File > Load Hive and navigating to the folder “C:\Windows\System32\config\”.
Here you will find the so-called hive files that contain the registry of your computer. Check out this Microsoft article to find out which hive file contains which part of your registry.
Assuming you want to edit something in the key “HKEY_LOCAL_MACHINE\SOFTWARE”. Then you would have to select the hive file “C:\Windows\System32\config\SOFTWARE”.
You will then be asked for a name under which the key should be mounted in the Windows PE system. Here you can simply take the original name and add the word “_C”. If you include “SOFTWARE”, you could call it “SOFTWARE_C”.
Step 5: Edit the registry
Now you can edit the part of the registry that you have mounted.
If you have to enter a lot here, it may be a good idea to save the changes on another computer in a registry file with the extension .reg and to put it on a second USB drive. In this case, connect the second USB drive and execute the reg file, now.
How to create and edit a registry file is explained in this article on laptopmag.com.
It is important, however, that you replace “SOFTWARE” with “SOFTWARE_C” in such a reg file, depending on the name under which you included the hive file in Step 4. This ensures that the registry change is not made in the registry of the Windows PE system, but of the actual Windows system on the computer.
Step 6: Restart the computer
That’s all you need to do. Theoretically, you can unmount the hive file in the registry editor under File > Unload Hive. In my case this was not necessary as the mounted registry was already released by shutting down the Windows PE system.
Now simply restart the computer and be happy. 😊
Example: Adding a Local Security Policy for AppLocker
One of the great things is that you can also edit the Local Security Policies on your computer this way. All you need to know is which registry key controls the policy you want to change (or more precisely, which key is controlled by the policy). If you don’t know which key you have to edit, you can just google it.
In my case, I wanted to unblock all DLLs in AppLocker. This had become necessary after a Windows update in October 2023, when suddenly all our laptops started showing a black screen after rebooting. In theory, I would have had to manually run secpol.msc (the “Local Security Policies” app) on the devices and create a rule that allows all DLLs with the path * for Everyone.
A quick Google search gave me the necessary registry keys for this which resulted in a .reg file with the following content:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE_C\Policies\Microsoft\Windows\SrpV2\Dll]
"AllowWindows"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE_C\Policies\Microsoft\Windows\SrpV2\Dll\3f5608df-8406-45bd-9884-082c03c7415e]
"Value"="<FilePathRule Id=\"3f5608df-8406-45bd-9884-082c03c7415e\" Name=\"*\" Description=\"\" UserOrGroupSid=\"S-1-1-0\" Action=\"Allow\"><Conditions><FilePathCondition Path=\"*\"/></Conditions></FilePathRule>"I executed this reg file as explained in Step 5, cleared the AppLocker cache (i.e. I deleted all files in “C:\Windows\System32\AppLocker”) and finally the laptop started up again.
Did my article help you or do you have other ideas or alternatives to Hiren’s BootCD PE? Then please leave a comment below.