To connect connect to another computer in RegEdit, you need to first start “Remote Registry” service on the remote computer. You can find out how to do this from here. When you open registry editor and connect to a remote computer, the only hives you will see are HKEY_LOCAL_MACHINE and HKEY_USERS.
So where are the other hives? They are actually there and you can find it following these instructions. HKEY_CLASSES_ROOT and HKEY_CURRENT_USER are under the two hives you can see.
Table of Contents
HKEY_CLASSES_ROOT
It is under HKEY_LOCAL_MACHINESOFTWAREClasses
HKEY_CURRENT_USER
This is harder to find because you need to know what the user SID is and find it. You can find the user SID in HKEY_USERS and browse through each SID. You can ignore the SIDs that have only 4 digits (i.e. S-1-5-20), these are system accounts.
There are two ways to find User’s SIDs in the Registry:
Command Line Way
Run cmd console, and type in
whoami /user
Registry Key Way
You can also determine a user’s SID by looking through the ProfileImagePath values in each S-1-5-21 prefixed SID listed under theHKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionProfileList key.
The ProfileImagePath value within each SID-named registry key lists the profile directory, which includes the user name.
For example, the ProfileImagePath value under the S-1-5-21-1180699209-877415012-3182924384-1004 key on my computer is C:UsersTim so I know that the SID for the user “Tim” is “S-1-5-21-1180699209-877415012-3182924384-1004”.