But... as you noticed, more and more keys and values toss up access errors on Win 11 in general.
With most items in the registry you can "take ownership" on the Security tab of the properties sheet.
With some though... even that isn't enough.
Microsoft has introduced a service that prevents using regedit or other tools on a small number of keys - those associated with changing the default program for html and pdf files. I've not heard that this has been extended for 24H2.
regedit has a manifest that sets the execution level to highest available, so if you are a member of the administrators group, it should give you an elevation prompt, or auto elevate if you set UAC to slack as possible or disabled it. If you're getting "access denied " messages, then you could look at the permissions on the keys. If admins don't have write permissions, then that explains it.
If you are the owner of the key, you should be able to change the permissions. So taking ownership, or impersonating the owner will enable you to change the permissions.
Most of the tweaks that I've seen that say you need to take ownership are to items under HKCR. In a lot of cases, you can achieve the desired effect by taking a different approach which doesn't require administrative rights at all. This is how HKCR works. It's HKLM\software\classes overlaid with HKCU\software\classes. HKCU items take preference. So, you can add any key you like, change any existing value, and add any new value. You can't delete keys or values that come from HKLM. For instance you can't remove an unwanted context menu item by deleting the key, but you can block it instead.
Alternatively, if you have admin rights then restore privileges are available to you. This enables you to write to secured objects such as registry keys regardless of permissions. This only works if you open the registry key with a special flag. So you need a program that does that. I don't know of any free (or commercial) programs that do that. It's not difficult to program, so you could try lobbying the author of a third party registry tool in active develpoment to add this feature. A GUI program like this would make one click to destroy windows nice and easy. So, there's a risk that Microsoft would regard this as a "potentially unwanted program" and most AV software would block it
Or you could write your own program. I've tried this using C#, and it does work. It's a very basic command line program, but isn't in a fit state to make available. It would be source code only, but all Windows systems have a C# compiler, so if you can use a command line utilty, then you can compile it yourself. The most common use of the compiler in practice is to produce code snippets to get powershell to do things it can't normally do. If you're a powershell expert and want to try it, message me and I'll send you the relevant code.
Mike
