Tool for repairing corrupted Windows registry hive?

Have a corrupted SOFTWARE registry hive which prevents DISM from performing repairs on a system because it can't read the Windows version.

 

I tried to manually load the hive offline into Regedit but it shows up empty, other hives load fine, however.  The file is 141MB in size.

 

Regedit did not offer to recover it from the logs, as been suggested by some among things I found.

 

I came across a tool for COMPONENTS hive recovery, so clearly there are tools for hive repair.  Did not find one for SOFTWARE yet.  My Google-fu failed here, so I'm asking.

 

No, I don't have a recent backup available.

 

Appreciate any suggestions for repairing the damaged hive file.  Thanks!

https://blog.netwrix.com/2018/10/30/how-to-back-up-and-restore-the-windows-registry/#22

 

worth a look.

https://blog.netwrix.com/2018/10/30/how-to-back-up-and-restore-the-windows-registry/#22
 
worth a look.

No, I don't have a recent backup available.

Those methods are applicable when there is something to restore from. Like I already said all I have is a damaged hive and no backups. Only repair utilities are applicable here!

I found this:
https://registry.recoverytoolbox.com/

It did pull out a couple of keys, but they weren't useful to me, need much, much more than that. Need either a better utility or I'll need to molest the disk some with data recovery tools to see if more of the file can be pulled out.

You might have the Software Hive in a Shadow backup. Download Shadow Explorer. If it finds any Shadow Copies browse to the Hive folder and look at the Software Hive date and size.

 

https://www.shadowexplorer.com/downloads.html

 

https://www.shadowexplorer.com/documentation/manual.html

You might have the Software Hive in a Shadow backup. Download Shadow Explorer. If it finds any Shadow Copies browse to the Hive folder and look at the Software Hive date and size.
 
https://www.shadowexplorer.com/downloads.html
 
https://www.shadowexplorer.com/documentation/manual.html

That's an interesting proposition, however it seems this tool doesn't work right on Windows 10. I ran it as Administrator, but still it shows an empty view for all my disks, even those that I know protection is turned on on.

I may look into other methods of accessing the Volume Shadow data but I'm quite doubtful such existed on the disk in question. Or maybe I can hook that disk up to an XP virtual machine, since that's what it seems the vintage of that tool is.

Edited by r00tb33r, 10 April 2024 - 06:07 PM.

The programs is supposed to support 10 along with 8,7, and Vista but XP is not listed. I don't believe XP used Shadow Copies Edit: Although you might want to see if running it in XP gives a different result. It's possible there are no Shadow Copies available. The program saved me when I deleted some files on 10. I was able to recover them from a Shadow Copy.

Edited by JohnC_21, 10 April 2024 - 06:52 PM.

The programs is supposed to support 10 along with 8,7, and Vista but XP is not listed. I don't believe XP used Shadow Copies Edit: Although you might want to see if running it in XP gives a different result. It's possible there are no Shadow Copies available. The program saved me when I deleted some files on 10. I was able to recover them from a Shadow Copy.

The documentation has a chapter on Server 2003 so I figured XP would be the right vintage.

Like I said, so far it shows an empty view even on a computer that I see has Volume Shadow copy turned on. On Windows 10 that is. I don't have any more Windows 7 computers and never had Windows 8. I have XP virtual machines so I can test with that.

https://en.wikipedia.org/wiki/Shadow_Copy#History

Edited by r00tb33r, 10 April 2024 - 07:07 PM.

Hope you find one. They should have been listed if you had Shadow Copy turned on. If I can remember correctly a poster at BC didn't have any System Restore Points but did have Shadow Copies and was able to recover a document that was deleted.