Skip to content Skip to sidebar Skip to footer
Home / Regedit Cannot Display Error Reading Run Statements

Regedit Cannot Display Error Reading Run Statements

Post a Comment

Database for Microsoft Windows

Windows Registry
Registry Editor icon.png
Regstry Editor.png

Registry Editor, the user interface for the registry, in Windows 10
Developer(due south) Microsoft
Initial release April 6, 1992; 29 years ago  (1992-04-06) with Windows 3.1
Operating system Microsoft Windows
Platform IA-32, x86-64 and ARM (and historically DEC Alpha, Itanium, MIPS, and PowerPC)
Included with Microsoft Windows
Type Hierarchical database
Website docs.microsoft.com/en-united states of america/windows/desktop/SysInfo/registry Edit this on Wikidata

The Windows Registry is a hierarchical database that stores low-level settings for the Microsoft Windows operating system and for applications that opt to use the registry. The kernel, device drivers, services, Security Accounts Manager, and user interfaces tin all use the registry. The registry as well allows access to counters for profiling organization performance.

In other words, the registry or Windows Registry contains information, settings, options, and other values for programs and hardware installed on all versions of Microsoft Windows operating systems. For case, when a program is installed, a new subkey containing settings such every bit a program's location, its version, and how to start the program, are all added to the Windows Registry.

When introduced with Windows 3.1, the Windows Registry primarily stored configuration information for COM-based components. Windows 95 and Windows NT extended its use to rationalize and centralize the information in the profusion of INI files, which held the configurations for individual programs, and were stored at various locations.[1] [2] It is not a requirement for Windows applications to use the Windows Registry. For example, .Internet Framework applications use XML files for configuration, while portable applications usually keep their configuration files with their executables.

Rationale [edit]

Prior to the Windows Registry, .INI files stored each plan'southward settings as a text file or binary file, often located in a shared location that did non provide user-specific settings in a multi-user scenario. By contrast, the Windows Registry stores all application settings in one logical repository (just a number of discrete files) and in a standardized form. Co-ordinate to Microsoft, this offers several advantages over .INI files.[2] [3] Since file parsing is washed much more efficiently with a binary format, information technology may be read from or written to more quickly than a text INI file. Furthermore, strongly typed data can exist stored in the registry, equally opposed to the text information stored in .INI files. This is a benefit when editing keys manually using regedit.exe, the built-in Windows Registry Editor. Because user-based registry settings are loaded from a user-specific path rather than from a read-only system location, the registry allows multiple users to share the aforementioned machine, and also allows programs to work for less privileged users. Backup and restoration is also simplified as the registry tin be accessed over a network connection for remote management/support, including from scripts, using the standard set of APIs, as long as the Remote Registry service is running and firewall rules let this.

Because the registry is a database, it offers improved arrangement integrity with features such every bit diminutive updates. If two processes effort to update the same registry value at the same time, ane process's alter volition precede the other'southward and the overall consistency of the data will exist maintained. Where changes are fabricated to .INI files, such race conditions can event in inconsistent data that does non match either attempted update. Windows Vista and later on operating systems provide transactional updates to the registry by means of the Kernel Transaction Director, extending the atomicity guarantees across multiple key and/or value changes, with traditional commit–abort semantics. (Note however that NTFS provides such support for the file organization every bit well, and then the same guarantees could, in theory, be obtained with traditional configuration files.)

Structure [edit]

Keys and values [edit]

The registry contains two basic elements: keys and values. Registry keys are container objects similar to folders. Registry values are non-container objects similar to files. Keys may contain values and subkeys. Keys are referenced with a syntax similar to Windows' path names, using backslashes to bespeak levels of bureaucracy. Keys must take a case insensitive name without backslashes.

The bureaucracy of registry keys can but be accessed from a known root key handle (which is anonymous but whose effective value is a constant numeric handle) that is mapped to the content of a registry primal preloaded past the kernel from a stored "hive", or to the content of a subkey inside another root key, or mapped to a registered service or DLL that provides access to its independent subkeys and values.

E.g. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows refers to the subkey "Windows" of the subkey "Microsoft" of the subkey "Software" of the HKEY_LOCAL_MACHINE root central.

There are seven predefined root keys, traditionally named according to their abiding handles defined in the Win32 API, or by synonymous abbreviations (depending on applications):[iv]

  • HKEY_LOCAL_MACHINE or HKLM
  • HKEY_CURRENT_CONFIG or HKCC
  • HKEY_CLASSES_ROOT or HKCR
  • HKEY_CURRENT_USER or HKCU
  • HKEY_USERS or HKU
  • HKEY_PERFORMANCE_DATA (only in Windows NT, but invisible in the Windows Registry Editor)[5]
  • HKEY_DYN_DATA (just in Windows 9x, and visible in the Windows Registry Editor)

Like other files and services in Windows, all registry keys may be restricted by access control lists (ACLs), depending on user privileges, or on security tokens acquired by applications, or on organisation security policies enforced by the system (these restrictions may be predefined by the organisation itself, and configured past local organisation administrators or by domain administrators). Unlike users, programs, services or remote systems may simply see some parts of the hierarchy or distinct hierarchies from the aforementioned root keys.

Registry values are proper noun/data pairs stored within keys. Registry values are referenced separately from registry keys. Each registry value stored in a registry key has a unique name whose letter of the alphabet case is non pregnant. The Windows API functions that query and manipulate registry values have value names separately from the key path and/or handle that identifies the parent key. Registry values may comprise backslashes in their names, just doing so makes them difficult to distinguish from their key paths when using some legacy Windows Registry API functions (whose usage is deprecated in Win32).

The terminology is somewhat misleading, every bit each registry central is similar to an associative assortment, where standard terminology would refer to the name part of each registry value as a "key". The terms are a holdout from the xvi-bit registry in Windows iii, in which registry keys could not contain capricious proper name/data pairs, merely rather independent only one unnamed value (which had to be a string). In this sense, the Windows 3 registry was similar a single associative array, in which the keys (in the sense of both 'registry central' and 'associative array key') formed a hierarchy, and the registry values were all strings. When the 32-bit registry was created, so was the additional capability of creating multiple named values per key, and the meanings of the names were somewhat distorted.[6] For compatibility with the previous behavior, each registry key may have a "default" value, whose proper name is the empty string.

Each value can store arbitrary data with variable length and encoding, just which is associated with a symbolic type (divers as a numeric abiding) defining how to parse this data. The standard types are:[7]

List of standard registry value types
Type ID Symbolic type proper name Pregnant and encoding of the information stored in the registry value
0 REG_NONE No blazon (the stored value, if any)
1 REG_SZ A string value, normally stored and exposed in UTF-16LE (when using the Unicode version of Win32 API functions), usually terminated past a NUL graphic symbol
2 REG_EXPAND_SZ An "expandable" string value that tin contain environment variables, ordinarily stored and exposed in UTF-16LE, usually terminated by a NUL character
3 REG_BINARY Binary data (whatsoever arbitrary data)
four REG_DWORD / REG_DWORD_LITTLE_ENDIAN A DWORD value, a 32-fleck unsigned integer (numbers between 0 and 4,294,967,295 [two32 – i]) (piddling-endian)
5 REG_DWORD_BIG_ENDIAN A DWORD value, a 32-flake unsigned integer (numbers between 0 and 4,294,967,295 [232 – one]) (large-endian)
vi REG_LINK A symbolic link (UNICODE) to some other registry central, specifying a root key and the path to the target central
vii REG_MULTI_SZ A multi-string value, which is an ordered listing of non-empty strings, normally stored and exposed in Unicode, each one terminated past a zip character, the listing being ordinarily terminated by a second null character.[8]
8 REG_RESOURCE_LIST A resources list (used by the Plug-n-Play hardware enumeration and configuration)
9 REG_FULL_RESOURCE_DESCRIPTOR A resource descriptor (used by the Plug-northward-Play hardware enumeration and configuration)
ten REG_RESOURCE_REQUIREMENTS_LIST A resource requirements listing (used by the Plug-n-Play hardware enumeration and configuration)
eleven REG_QWORD / REG_QWORD_LITTLE_ENDIAN A QWORD value, a 64-bit integer (either big- or piddling-endian, or unspecified) (introduced in Windows 2000)[9]

Root keys [edit]

The keys at the root level of the hierarchical database are generally named past their Windows API definitions, which all begin "HKEY".[2] They are often abbreviated to a three- or four-alphabetic character brusk name starting with "HK" (e.g. HKCU and HKLM). Technically, they are predefined handles (with known constant values) to specific keys that are either maintained in memory, or stored in hive files stored in the local filesystem and loaded past the organisation kernel at boot time and so shared (with diverse admission rights) between all processes running on the local system, or loaded and mapped in all processes started in a user session when the user logs on the system.

The HKEY_LOCAL_MACHINE (local machine-specific configuration data) and HKEY_CURRENT_USER (user-specific configuration data) nodes accept a similar structure to each other; user applications typically look upward their settings past first checking for them in "HKEY_CURRENT_USER\Software\Vendor's proper noun\Awarding's name\Version\Setting name", and if the setting is not found, wait instead in the aforementioned location under the HKEY_LOCAL_MACHINE cardinal[ citation needed ]. All the same, the antipodal may apply for administrator-enforced policy settings where HKLM may accept precedence over HKCU. The Windows Logo Program has specific requirements for where different types of user data may be stored, and that the concept of least privilege be followed so that administrator-level admission is not required to utilize an application.[a] [x]

HKEY_LOCAL_MACHINE (HKLM) [edit]

Abbreviated HKLM, HKEY_LOCAL_MACHINE stores settings that are specific to the local computer.[11]

The key located by HKLM is actually non stored on disk, only maintained in retention by the arrangement kernel in order to map all the other subkeys. Applications cannot create any additional subkeys. On Windows NT, this key contains 4 subkeys, "SAM", "SECURITY", "Organization", and "SOFTWARE", that are loaded at kicking time inside their respective files located in the %SystemRoot%\System32\config folder. A fifth subkey, "HARDWARE", is volatile and is created dynamically, and every bit such is not stored in a file (it exposes a view of all the currently detected Plug-and-Play devices). On Windows Vista and to a higher place, a 6th and seventh subkey, "COMPONENTS" and "BCD", are mapped in retentivity by the kernel on-demand and loaded from %SystemRoot%\system32\config\COMPONENTS or from boot configuration information, \kick\BCD on the organization partition.

  • The "HKLM\SAM" primal usually appears every bit empty for near users (unless they are granted access by administrators of the local system or administrators of domains managing the local system). It is used to reference all "Security Accounts Manager" (SAM) databases for all domains into which the local system has been administratively authorized or configured (including the local domain of the running arrangement, whose SAM database is stored in a subkey as well named "SAM": other subkeys will be created every bit needed, one for each supplementary domain). Each SAM database contains all builtin accounts (mostly group aliases) and configured accounts (users, groups and their aliases, including guest accounts and ambassador accounts) created and configured on the respective domain, for each account in that domain, it notably contains the user name which can exist used to log on that domain, the internal unique user identifier in the domain, a cryptographic hash of each user's password for each enabled authentication protocol, the location of storage of their user registry hive, various status flags (for example if the account can be enumerated and exist visible in the logon prompt screen), and the list of domains (including the local domain) into which the account was configured.
  • The "HKLM\SECURITY" key commonly appears empty for virtually users (unless they are granted access by users with administrative privileges) and is linked to the Security database of the domain into which the current user is logged on (if the user is logged on the local system domain, this fundamental will be linked to the registry hive stored by the local machine and managed past local arrangement administrators or by the builtin "Arrangement" business relationship and Windows installers). The kernel will access information technology to read and enforce the security policy applicable to the current user and all applications or operations executed by this user. It also contains a "SAM" subkey which is dynamically linked to the SAM database of the domain onto which the current user is logged on.
  • The "HKLM\SYSTEM" central is normally only writable by users with administrative privileges on the local organisation. Information technology contains data nigh the Windows organisation setup, data for the secure random number generator (RNG), the list of currently mounted devices containing a filesystem, several numbered "HKLM\SYSTEM\Control Sets" containing alternative configurations for organisation hardware drivers and services running on the local system (including the currently used one and a backup), a "HKLM\Organization\Select" subkey containing the status of these Control Sets, and a "HKLM\SYSTEM\CurrentControlSet" which is dynamically linked at boot time to the Control Set which is currently used on the local system. Each configured Control Fix contains:
    • an "Enum" subkey enumerating all known Plug-and-Play devices and associating them with installed arrangement drivers (and storing the device-specific configurations of these drivers),
    • a "Services" subkey list all installed organisation drivers (with non device-specific configuration, and the enumeration of devices for which they are instantiated) and all programs running as services (how and when they tin be automatically started),
    • a "Control" subkey organizing the diverse hardware drivers and programs running as services and all other system-broad configuration,
    • a "Hardware Profiles" subkey enumerating the various profiles that have been tuned (each ane with "System" or "Software" settings used to alter the default profile, either in organization drivers and services or in the applications) also as the "Hardware Profiles\Current" subkey which is dynamically linked to one of these profiles.
  • The "HKLM\SOFTWARE" subkey contains software and Windows settings (in the default hardware profile). It is by and large modified by application and arrangement installers. It is organized by software vendor (with a subkey for each), but also contains a "Windows" subkey for some settings of the Windows user interface, a "Classes" subkey containing all registered associations from file extensions, MIME types, Object Classes IDs and interfaces IDs (for OLE, COM/DCOM and ActiveX), to the installed applications or DLLs that may be handling these types on the local motorcar (nevertheless these associations are configurable for each user, see below), and a "Policies" subkey (too organized past vendor) for enforcing general usage policies on applications and arrangement services (including the central certificates store used for authenticating, authorizing or disallowing remote systems or services running outside the local network domain).
  • The "HKLM\SOFTWARE\Wow6432Node" fundamental is used by 32-scrap applications on a 64-bit Windows Bone, and is equivalent to merely dissever from "HKLM\SOFTWARE". The key path is transparently presented to 32-chip applications by WoW64 as HKLM\SOFTWARE[12] (in a like manner that 32-bit applications encounter %SystemRoot%\Syswow64 as %SystemRoot%\System32)

HKEY_CLASSES_ROOT (HKCR) [edit]

Abbreviated HKCR, HKEY_CLASSES_ROOT contains data about registered applications, such as file associations and OLE Object Class IDs, tying them to the applications used to handle these items. On Windows 2000 and higher up, HKCR is a compilation of user-based HKCU\Software\Classes and machine-based HKLM\Software\Classes. If a given value exists in both of the subkeys to a higher place, the one in HKCU\Software\Classes takes precedence.[thirteen] The design allows for either motorcar- or user-specific registration of COM objects.

HKEY_USERS (HKU) [edit]

Abbreviated HKU, HKEY_USERS contains subkeys corresponding to the HKEY_CURRENT_USER keys for each user profile actively loaded on the automobile, though user hives are commonly only loaded for currently logged-in users.

HKEY_CURRENT_USER (HKCU) [edit]

Abbreviated HKCU, HKEY_CURRENT_USER stores settings that are specific to the currently logged-in user.[fourteen] The HKEY_CURRENT_USER key is a link to the subkey of HKEY_USERS that corresponds to the user; the same information is accessible in both locations. The specific subkey referenced is "(HKU)\(SID)\..." where (SID) corresponds to the Windows SID; if the "(HKCU)" cardinal has the following suffix "(HKCU)\Software\Classes\..." and so information technology corresponds to "(HKU)\(SID)_CLASSES\..." i.e. the suffix has the string "_CLASSES" is appended to the (SID).
On Windows NT systems, each user'south settings are stored in their own files called NTUSER.DAT and USRCLASS.DAT inside their own Documents and Settings subfolder (or their own Users sub folder in Windows Vista and higher up). Settings in this hive follow users with a roaming contour from automobile to motorcar.

HKEY_PERFORMANCE_DATA [edit]

This key provides runtime data into functioning data provided by either the NT kernel itself, or running system drivers, programs and services that provide performance data. This cardinal is not stored in any hive and non displayed in the Registry Editor, only it is visible through the registry functions in the Windows API, or in a simplified view via the Performance tab of the Chore Managing director (just for a few performance data on the local system) or via more than advanced command panels (such as the Performances Monitor or the Performances Analyzer which allows collecting and logging these information, including from remote systems).

HKEY_DYN_DATA [edit]

This key is used merely on Windows 95, Windows 98 and Windows ME.[15] It contains information about hardware devices, including Plug and Play and network performance statistics. The information in this hive is also non stored on the hard drive. The Plug and Play information is gathered and configured at startup and is stored in memory.[16]

Hives [edit]

Even though the registry presents itself as an integrated hierarchical database, branches of the registry are actually stored in a number of disk files called hives.[17] (The give-and-take hive constitutes an in-joke.)[18]

Some hives are volatile and are not stored on disk at all. An example of this is the hive of the co-operative starting at HKLM\HARDWARE. This hive records information about system hardware and is created each time the system boots and performs hardware detection.

Individual settings for users on a arrangement are stored in a hive (disk file) per user. During user login, the system loads the user hive nether the HKEY_USERS central and sets the HKCU (HKEY_CURRENT_USER) symbolic reference to betoken to the current user. This allows applications to store/call back settings for the current user implicitly under the HKCU key.

Not all hives are loaded at any i time. At boot fourth dimension, merely a minimal prepare of hives are loaded, and afterwards that, hives are loaded equally the operating system initializes and equally users log in or whenever a hive is explicitly loaded by an application.

File locations [edit]

The registry is physically stored in several files, which are by and large obfuscated from the user-mode APIs used to dispense the data inside the registry. Depending upon the version of Windows, in that location will be different files and different locations for these files, merely they are all on the local machine. The location for arrangement registry files in Windows NT is %SystemRoot%\System32\Config; the user-specific HKEY_CURRENT_USER user registry hive is stored in Ntuser.dat inside the user contour. There is 1 of these per user; if a user has a roaming profile, then this file will exist copied to and from a server at logout and login respectively. A second user-specific registry file named UsrClass.dat contains COM registry entries and does non roam by default.

Windows NT [edit]

Windows NT systems store the registry in a binary file format which tin be exported, loaded and unloaded by the Registry Editor in these operating systems. The post-obit system registry files are stored in %SystemRoot%\System32\Config\:

  • Sam – HKEY_LOCAL_MACHINE\SAM
  • Security – HKEY_LOCAL_MACHINE\SECURITY
  • Software – HKEY_LOCAL_MACHINE\SOFTWARE
  • System – HKEY_LOCAL_MACHINE\SYSTEM
  • Default – HKEY_USERS\.DEFAULT
  • Userdiff – Not associated with a hive. Used just when upgrading operating systems.[xix]

The following file is stored in each user's contour folder:

  • %USERPROFILE%\Ntuser.dat – HKEY_USERS\<User SID> (linked to by HKEY_CURRENT_USER)

For Windows 2000, Server 2003 and Windows XP, the following additional user-specific file is used for file associations and COM information:

  • %USERPROFILE%\Local Settings\Awarding Information\Microsoft\Windows\Usrclass.dat (path is localized) – HKEY_USERS\<User SID>_Classes (HKEY_CURRENT_USER\Software\Classes)

For Windows Vista and later, the path was changed to:

  • %USERPROFILE%\AppData\Local\Microsoft\Windows\Usrclass.dat (path is not localized) alias %LocalAppData%\Microsoft\Windows\Usrclass.dat – HKEY_USERS\<User SID>_Classes (HKEY_CURRENT_USER\Software\Classes)

Windows 2000 keeps an alternate copy of the registry hives (.ALT) and attempts to switch to it when corruption is detected.[20] Windows XP and Windows Server 2003 do not maintain a Arrangement.alt hive because NTLDR on those versions of Windows can process the System.log file to bring up to engagement a System hive that has become inconsistent during a shutdown or crash. In addition, the %SystemRoot%\Repair folder contains a copy of the system's registry hives that were created after installation and the first successful startup of Windows.

Each registry data file has an associated file with a ".log" extension that acts equally a transaction log that is used to ensure that whatever interrupted updates can be completed upon side by side startup.[21] Internally, Registry files are split into four kB "bins" that incorporate collections of "cells".[21]

Windows 9x [edit]

The registry files are stored in the %WINDIR% directory under the names USER.DAT and System.DAT with the addition of CLASSES.DAT in Windows ME. Likewise, each user profile (if profiles are enabled) has its own USER.DAT file which is located in the user's profile directory in %WINDIR%\Profiles\<Username>\.

Windows three.11 [edit]

The but registry file is called REG.DAT and information technology is stored in the %WINDIR% directory.

Windows 10 Mobile [edit]

Note: To access the registry files, the Phone needs to be set in a special manner using either:

  • WpInternals ( Put the mobile device into flash mode. )
  • InterOp Tools ( mountain the MainOS Partition with MTP. )

If any of above Methods worked - The Device Registry Files can be found in the post-obit location: 

          {Phone}\EFIESP\Windows\System32\config

Note: InterOp Tools also includes a registry editor.

Editing [edit]

Registry editors [edit]

The registry contains important configuration information for the operating system, for installed applications too as individual settings for each user and application. A careless change to the operating system configuration in the registry could cause irreversible damage, and then information technology is commonly only installer programs which perform changes to the registry database during installation/configuration and removal. If a user wants to edit the registry manually, Microsoft recommends that a backup of the registry be performed before the change.[22] When a program is removed from control console, it may not be completely removed and, in instance of errors or glitches caused by references to missing programs, the user might accept to manually bank check inside directories such every bit program files. After this, the user might need to manually remove whatsoever reference to the uninstalled programme in the registry. This is ordinarily washed by using RegEdit.exe.[23] Editing the registry is sometimes necessary when working around Windows-specific bug eastward.chiliad. problems when logging onto a domain tin be resolved by editing the registry.[24]

Windows Registry can be edited manually using programs such every bit RegEdit.exe, although these tools do not expose some of the registry's metadata such as the concluding modified date.

The registry editor for the 3.ane/95 series of operating systems is RegEdit.exe and for Windows NT it is RegEdt32.exe; the functionalities are merged in Windows XP. Optional and/or third-political party tools like to RegEdit.exe are bachelor for many Windows CE versions.

Registry Editor allows users to perform the following functions:

  • Creating, manipulating, renaming[25] and deleting registry keys, subkeys, values and value data
  • Importing and exporting .REG files, exporting data in the binary hive format
  • Loading, manipulating and unloading registry hive format files (Windows NT systems merely)
  • Setting permissions based on ACLs (Windows NT systems only)
  • Bookmarking user-selected registry keys equally Favorites
  • Finding detail strings in key names, value names and value data
  • Remotely editing the registry on some other networked computer

.REG files [edit]

.REG files (also known as Registration entries) are text-based homo-readable files for exporting and importing portions of the registry using a INI-based syntax. On Windows 2000 and later, they contain the string Windows Registry Editor Version five.00 at the beginning and are Unicode-based. On Windows 9x and NT 4.0 systems, they contain the cord REGEDIT4 and are ANSI-based.[26] Windows 9x format .REG files are compatible with Windows 2000 and later. The Registry Editor on Windows on these systems likewise supports exporting .REG files in Windows 9x/NT format. Data is stored in .REG files using the following syntax:[26] 

                        [<Hive name>\<Key name>\<Subkey name>]            "Value proper name"            =            <Value type>:<Value data>

The Default Value of a central can be edited by using "@" instead of "Value Name": 

                        [<Hive proper name>\<Cardinal name>\<Subkey name>]            @            =            <Value blazon>:<Value data>

String values do not crave a <Value type> (see example), but backslashes ('\') demand to exist written as a double-backslash ('\\'), and quotes ('"') as backslash-quote ('\"').

For instance, to add the values "Value A", "Value B", "Value C", "Value D", "Value E", "Value F", "Value G", "Value H", "Value I", "Value J", "Value Chiliad", "Value 50", and "Value M" to the HKLM\SOFTWARE\Foobar key: 

            Windows Registry Editor Version 5.00            [            HKEY_LOCAL_MACHINE            \SOFTWARE\Foobar]            "Value A"            =            "<String value data with escape characters>"            "Value B"            =            hex:<Binary data (as comma-delimited list of hexadecimal values)>            "Value C"            =            dword:<DWORD value integer>            "Value D"            =            hex(0):<REG_NONE (as comma-delimited list of hexadecimal values)>            "Value E"            =            hex(1):<REG_SZ (every bit comma-delimited list of hexadecimal values representing a UTF-16LE NUL-terminated string)>            "Value F"            =            hex(2):<Expandable string value data (every bit comma-delimited list of hexadecimal values representing a UTF-16LE NUL-terminated string)>            "Value G"            =            hex(3):<Binary data (as comma-delimited list of hexadecimal values)> ; equal to "Value B"            "Value H"            =            hex(4):<DWORD value (as comma-delimited list of 4 hexadecimal values, in piffling endian byte gild)>            "Value I"            =            hex(5):<DWORD value (as comma-delimited list of 4 hexadecimal values, in large endian byte order)>            "Value J"            =            hex(seven):<Multi-string value data (equally comma-delimited list of hexadecimal values representing UTF-16LE NUL-terminated strings)>            "Value Grand"            =            hex(8):<REG_RESOURCE_LIST (as comma-delimited list of hexadecimal values)>            "Value L"            =            hex(a):<REG_RESOURCE_REQUIREMENTS_LIST (every bit comma-delimited listing of hexadecimal values)>            "Value M"            =            hex(b):<QWORD value (equally comma-delimited list of 8 hexadecimal values, in little endian byte order)>

Data from .REG files can exist added/merged with the registry by double-clicking these files or using the /s switch in the control line. REG files tin also exist used to remove registry data.

To remove a central (and all subkeys, values and data), the primal name must be preceded by a minus sign ("-").[26]

For example, to remove the HKLM\SOFTWARE\Foobar cardinal (and all subkeys, values and data), 

                        [            -            HKEY_LOCAL_MACHINE            \SOFTWARE\Foobar]

To remove a value (and its data), the values to be removed must have a minus sign ("-") subsequently the equal sign ("=").[26]

For case, to remove just the "Value A" and "Value B" values (and their data) from the HKLM\SOFTWARE\Foobar key: 

                        [            HKEY_LOCAL_MACHINE            \SOFTWARE\Foobar]            "Value A"            =-            "Value B"            =-

To remove only the Default value of the key HKLM\SOFTWARE\Foobar (and its data): 

                        [            HKEY_LOCAL_MACHINE            \SOFTWARE\Foobar]            @            =-

Lines beginning with a semicolon are considered comments: 

                        ; This is a comment. This tin can exist placed in any part of a .reg file            [            HKEY_LOCAL_MACHINE            \SOFTWARE\Foobar]            "Value"            =            "Instance cord"

Group policies [edit]

Windows group policies tin can change registry keys for a number of machines or private users based on policies. When a policy first takes result for a machine or for an individual user of a machine, the registry settings specified as part of the policy are applied to the machine or user settings.

Windows will also wait for updated policies and apply them periodically, typically every 90 minutes.[27]

Through its scope a policy defines which machines and/or users the policy is to be applied to. Whether a machine or user is within the scope of a policy or not is defined by a prepare of rules which can filter on the location of the machine or user account in organizational directory, specific users or motorcar accounts or security groups. More than advanced rules can exist fix using Windows Direction Instrumentation expressions. Such rules can filter on properties such as estimator vendor name, CPU architecture, installed software, or networks connected to.

For example, the ambassador can create a policy with one set of registry settings for machines in the accounting department and policy with another (lock-down) gear up of registry settings for kiosk terminals in the visitors area. When a machine is moved from one scope to another (e.one thousand. changing its name or moving it to another organizational unit), the correct policy is automatically applied. When a policy is changed it is automatically re-applied to all machines currently in its scope.

The policy is edited through a number of administrative templates which provides a user interface for picking and changing settings. The set of administrative templates is extensible and software packages which support such remote assistants tin can register their own templates.

Command line editing [edit]

reg
Developer(s) Microsoft
Operating system Microsoft Windows
Type Control
License Proprietary commercial software
Website docs.microsoft.com/en-u.s.a./windows-server/assistants/windows-commands/reg
regini
Programmer(s) Microsoft
Operating system Microsoft Windows
Blazon Command
License Proprietary commercial software
Website docs.microsoft.com/en-u.s.a./windows-server/assistants/windows-commands/regini

The registry tin be manipulated in a number of ways from the command line. The Reg.exe and RegIni.exe utility tools are included in Windows XP and later versions of Windows. Alternative locations for legacy versions of Windows include the Resources Kit CDs or the original Installation CD of Windows.

Also, a .REG file can exist imported from the control line with the following command: 

RegEdit.exe /s          file

The /southward means the file volition be silent merged to the registry. If the /s parameter is omitted the user will be asked to confirm the performance. In Windows 98, Windows 95 and at least some configurations of Windows XP the /s switch as well causes RegEdit.exe to ignore the setting in the registry that allows administrators to disable information technology. When using the /s switch RegEdit.exe does not render an appropriate return code if the operation fails, unlike Reg.exe which does. 

RegEdit.exe /e          file

exports the whole registry in V5 format to a UNICODE .REG file, while any of 

RegEdit.exe /east          file          HKEY_CLASSES_ROOT[\<key>] RegEdit.exe /due east          file          HKEY_CURRENT_CONFIG[\<cardinal>] RegEdit.exe /due east          file          HKEY_CURRENT_USER[\<key>] RegEdit.exe /eastward          file          HKEY_LOCAL_MACHINE[\<primal>] RegEdit.exe /eastward          file          HKEY_USERS[\<key>]

export the specified (sub)fundamental (which has to be enclosed in quotes if information technology contains spaces) only. 

RegEdit.exe /a          file

exports the whole registry in V4 format to an ANSI .REG file. 

RegEdit.exe /a          file          <key>

exports the specified (sub)key (which has to be enclosed in quotes if it contains spaces) only.

Information technology is also possible to use Reg.exe. Here is a sample to display the value of the registry value Version: 

                        Reg.exe            QUERY            HKLM\Software\Microsoft\ResKit            /5            Version

Other command line options include a VBScript or JScript together with CScript, WMI or WMIC.exe and Windows PowerShell.

Registry permissions can be manipulated through the command line using RegIni.exe and the SubInACL.exe tool. For instance, the permissions on the HKEY_LOCAL_MACHINE\SOFTWARE key tin can be displayed using: 

                        SubInACL.exe            /keyreg            HKEY_LOCAL_MACHINE\SOFTWARE            /display

PowerShell commands and scripts [edit]

Using PowerShell to navigate the registry

Windows PowerShell comes with a registry provider which presents the registry as a location type similar to the file system. The same commands used to manipulate files and directories in the file system can be used to manipulate keys and values of the registry.[28]

Too like the file system, PowerShell uses the concept of a current location which defines the context on which commands by default operate. The Get-ChildItem (also bachelor through the aliases ls, dir or gci) retrieves the child keys of the current location. By using the Set up-Location (or the alias cd) command the user tin can change the current location to another key of the registry.[28] Commands which rename items, remove items, create new items or ready content of items or properties can be used to rename keys, remove keys or entire sub-trees or change values.

Through PowerShell scripts files, an administrator can prepare scripts which, when executed, brand changes to the registry. Such scripts can be distributed to administrators who tin execute them on individual machines. The PowerShell Registry provider supports transactions, i.eastward. multiple changes to the registry can be bundled into a single atomic transaction. An diminutive transaction ensures that either all of the changes are committed to the database, or if the script fails, none of the changes are committed to the database.[28] [29]

Programs or scripts [edit]

The registry can be edited through the APIs of the Advanced Windows 32 Base of operations API Library (advapi32.dll).[thirty]

List of registry API functions
RegCloseKey RegOpenKey RegConnectRegistry RegOpenKeyEx
RegCreateKey RegQueryInfoKey RegCreateKeyEx RegQueryMultipleValues
RegDeleteKey RegQueryValue RegDeleteValue RegQueryValueEx
RegEnumKey RegReplaceKey RegEnumKeyEx RegRestoreKey
RegEnumValue RegSaveKey RegFlushKey RegSetKeySecurity
RegGetKeySecurity RegSetValue RegLoadKey RegSetValueEx
RegNotifyChangeKeyValue RegUnLoadKey

Many programming languages offer born runtime library functions or classes that wrap the underlying Windows APIs and thereby enable programs to store settings in the registry (eastward.g. Microsoft.Win32.Registry in VB.NET and C#, or TRegistry in Delphi and Free Pascal). COM-enabled applications like Visual Basic vi can use the WSH WScript.Beat object. Some other way is to use the Windows Resource Kit Tool, Reg.exe by executing information technology from lawmaking,[31] although this is considered poor programming practice.

Similarly, scripting languages such every bit Perl (with Win32::TieRegistry), Python (with winreg), TCL (which comes arranged with the registry packet),[32] Windows Powershell and Windows Scripting Host also enable registry editing from scripts.

Offline editing [edit]

The offreg.dll[33] available from the Windows Driver Kit offers a set of APIs for the creation and manipulation of currently non loaded registry hives similar to those provided by advapi32.dll.

It is also possible to edit the registry (hives) of an offline system from Windows PE or Linux (in the latter example using open source tools).

COM self-registration [edit]

Prior to the introduction of registration-free COM, developers were encouraged to add initialization code to in-process and out-of-process binaries to perform the registry configuration required for that object to piece of work. For in-process binaries such equally .DLL and .OCX files, the modules typically exported a function called DllInstall()[34] that could exist chosen by installation programs or invoked manually with utilities similar Regsvr32.exe;[35] out-of-process binaries typically support the commandline arguments /Regserver and /Unregserver that created or deleted the required registry settings.[36] COM applications that intermission because of DLL Hell issues can commonly be repaired with RegSvr32.exe or the /RegServer switch without having to re-invoke installation programs.[37]

Avant-garde functionality [edit]

Windows exposes APIs that allows user-mode applications to annals to receive a notification event if a particular registry cardinal is inverse.[38] APIs are also available to allow kernel-mode applications to filter and modify registry calls made by other applications.[39]

Windows also supports remote access to the registry of another computer via the RegConnectRegistry function[forty] if the Remote Registry service is running, correctly configured and its network traffic is not firewalled.[41]

Security [edit]

Each key in the registry of Windows NT versions can have an associated security descriptor. The security descriptor contains an access command list (ACL) that describes which user groups or individual users are granted or denied admission permissions. The ready of registry permissions include 10 rights/permissions which tin can be explicitly allowed or denied to a user or a group of users.

Registry permissions
Permission Description
Query Value The right to read the registry key value.
Ready Value The correct to write a new value
Create Subkey The correct to create subkeys.
Enumerate Subkeys Allow the enumeration of subkeys.
Notify The right to request change notifications for registry keys or subkeys.
Create Link Reserved by the operating system.
Delete The right to delete a cardinal.
Write DACL The right to change permissions of the container'south DACL.
Write Owner The correct to modify the container'south owner.
Read Command The right to read the DACL.

As with other securable objects in the operating arrangement, individual access control entries (ACE) on the security descriptor can be explicit or inherited from a parent object.[42]

Windows Resource Protection is a feature of Windows Vista and afterward versions of Windows that uses security to deny Administrators and the system WRITE access to some sensitive keys to protect the integrity of the system from malware and accidental modification.[43]

Special ACEs on the security descriptor can also implement mandatory integrity control for the registry key and subkeys. A process running at a lower integrity level cannot write, alter or delete a registry central/value, fifty-fifty if the account of the procedure has otherwise been granted access through the ACL. For instance, Internet Explorer running in Protected Way can read medium and low integrity registry keys/values of the currently logged on user, just it tin can just modify depression integrity keys.[44]

Outside security, registry keys cannot be deleted or edited due to other causes. Registry keys containing NUL characters cannot exist deleted with standard registry editors and require a special utility for deletion, such as RegDelNull.[45] [46]

Backups and recovery [edit]

Different editions of Windows have supported a number of different methods to back upwards and restore the registry over the years, some of which are now deprecated:

  • Arrangement Restore can back up the registry and restore information technology as long every bit Windows is bootable, or from the Windows Recovery Environs (starting with Windows Vista).
  • NTBackup can dorsum up the registry every bit function of the System Land and restore it. Automated Organisation Recovery in Windows XP can also restore the registry.
  • On Windows NT, the Last Known Good Configuration option in startup carte relinks the HKLM\System\CurrentControlSet key, which stores hardware and device commuter information.
  • Windows 98 and Windows ME include command line (Scanreg.exe) and GUI (Scanregw.exe) registry checker tools to check and fix the integrity of the registry, create upwardly to 5 automatic regular backups by default and restore them manually or whenever abuse is detected.[47] The registry checker tool backs upward the registry, by default, to %Windir%\Sysbckup Scanreg.exe tin also run from MS-DOS.[48]
  • The Windows 95 CD-ROM included an Emergency Recovery Utility (ERU.exe) and a Configuration Fill-in Tool (Cfgback.exe) to back up and restore the registry. Additionally Windows 95 backs up the registry to the files system.da0 and user.da0 on every successful boot.
  • Windows NT 4.0 included RDISK.EXE, a utility to back up and restore the unabridged registry.[49]
  • Windows 2000 Resource Kit contained an unsupported pair of utilities called Regback.exe and RegRest.exe for backup and recovery of the registry.[l]
  • Periodic automatic backups of the registry are at present disabled by default on Windows 10 May 2019 Update (version 1903). Microsoft recommends Organisation Restore be used instead.[51]

Policy [edit]

Group policy [edit]

Windows 2000 and later versions of Windows use Grouping Policy to enforce registry settings through a registry-specific client extension in the Group Policy processing engine.[52] Policy may be applied locally to a unmarried figurer using gpedit.msc, or to multiple users and/or computers in a domain using gpmc.msc.

Legacy systems [edit]

With Windows 95, Windows 98, Windows ME and Windows NT iv.0, administrators can use a special file to be merged into the registry, called a policy file (POLICY.Political leader). The policy file allows administrators to prevent non-administrator users from irresolute registry settings similar, for instance, the security level of Internet Explorer and the desktop background wallpaper. The policy file is primarily used in a business with a large number of computers where the business organization needs to be protected from rogue or devil-may-care users.

The default extension for the policy file is .Political leader. The policy file filters the settings information technology enforces past user and past grouping (a "group" is a defined fix of users). To do that the policy file merges into the registry, preventing users from circumventing it by only changing back the settings. The policy file is unremarkably distributed through a LAN, but tin can be placed on the local figurer.

The policy file is created by a costless tool by Microsoft that goes by the filename poledit.exe for Windows 95/Windows 98 and with a computer management module for Windows NT. The editor requires administrative permissions to be run on systems that uses permissions. The editor tin can likewise directly change the current registry settings of the local figurer and if the remote registry service is installed and started on another computer information technology can also change the registry on that reckoner. The policy editor loads the settings it can change from .ADM files, of which one is included, that contains the settings the Windows shell provides. The .ADM file is plain text and supports easy localisation by allowing all the strings to exist stored in 1 place.

Virtualization [edit]

INI file virtualization [edit]

Windows NT kernels back up redirection of INI file-related APIs into a virtual file in a registry location such as HKEY_CURRENT_USER using a feature called "InifileMapping".[53] This functionality was introduced to allow legacy applications written for 16-bit versions of Windows to exist able to run under Windows NT platforms on which the System binder is no longer considered an appropriate location for user-specific data or configuration. Non-compliant 32-bit applications can too exist redirected in this manner, fifty-fifty though the feature was originally intended for 16-bit applications.

Registry virtualization [edit]

Windows Vista introduced express registry virtualization, whereby poorly written applications that practise not respect the principle of least privilege and instead try to write user data to a read-only system location (such equally the HKEY_LOCAL_MACHINE hive), are silently redirected to a more appropriate location, without irresolute the application itself.

Similarly, application virtualization redirects all of an application's invalid registry operations to a location such as a file. Used together with file virtualization, this allows applications to run on a machine without beingness installed on it.

Low integrity processes may besides use registry virtualization. For example, Internet Explorer vii or 8 running in "Protected Mode" on Windows Vista and above will automatically redirect registry writes by ActiveX controls to a sandboxed location in social club to frustrate some classes of security exploits.

The Application Compatibility Toolkit[54] provides shims that tin transparently redirect HKEY_LOCAL_MACHINE or HKEY_CLASSES_ROOT Registry operations to HKEY_CURRENT_USER to address "LUA" bugs that cause applications not to work for users with insufficient rights.

Disadvantages [edit]

Critics labeled the registry in Windows 95 a single indicate of failure, because re-installation of the operating system was required if the registry became decadent.[ commendation needed ] Even so, Windows NT uses transaction logs to protect against corruption during updates. Current versions of Windows use two levels of log files to ensure integrity even in the case of power failure or similar catastrophic events during database updates.[55] Even in the case of a non-recoverable error, Windows tin can repair or re-initialize damaged registry entries during system kick.[55]

Equivalents and alternatives [edit]

In Windows, apply of the registry for storing programme data is a affair of programmer'southward discretion. Microsoft provides programming interfaces for storing data in XML files (via MSXML) or database files (via SQL Server Compact) which developers can utilize instead. Developers are also free to use non-Microsoft alternatives or develop their own proprietary data stores.

In contrast to Windows Registry's binary-based database model, another operating systems use separate evidently-text files for daemon and application configuration, but grouping these configurations together for ease of management.

  • In Unix-like operating systems (including Linux) that follow the Filesystem Bureaucracy Standard, system-broad configuration files (information like to what would appear in HKEY_LOCAL_MACHINE on Windows) are traditionally stored in files in /etc/ and its subdirectories, or sometimes in /usr/local/etc. Per-user data (information that would exist roughly equivalent to that in HKEY_CURRENT_USER) is stored in subconscious directories and files (that kickoff with a period/full cease) within the user'due south home directory. Yet XDG-compliant applications should refer to the surroundings variables divers in the Base of operations Directory specification.[56]
  • In macOS, arrangement-broad configuration files are typically stored in the /Library/ folder, whereas per-user configuration files are stored in the corresponding ~/Library/ folder in the user's domicile directory, and configuration files set by the organisation are in /Arrangement/Library/. Within these respective directories, an application typically stores a property list file in the Preferences/ sub-directory.
  • RISC Bone (not to be confused with MIPS RISC/os) uses directories for configuration data, which allows applications to be copied into application directories, as opposed to the separate installation process that typifies Windows applications; this approach is also used on the ROX Desktop for Linux.[57] This directory-based configuration likewise makes it possible to utilise unlike versions of the aforementioned application, since the configuration is done "on the fly".[58] If one wishes to remove the application, it is possible to simply delete the folder belonging to the application.[59] [60] This will oftentimes not remove configuration settings which are stored independently from the application, usually within the computer's !Boot construction, in !Boot.Choices or potentially anywhere on a network fileserver. It is possible to re-create installed programs between computers running RISC Os by copying the awarding directories belonging to the programs, still some programs may crave re-installing, eastward.1000. when shared files are placed outside an application directory.[58]
  • IBM AIX (a Unix variant) uses a registry component called Object Information Manager (ODM). The ODM is used to store data about organization and device configuration. An extensive ready of tools and utilities provides users with means of extending, checking, correcting the ODM database. The ODM stores its data in several files, default location is /etc/objrepos.
  • The GNOME desktop environment uses a registry-like interface called dconf for storing configuration settings for the desktop and applications.
  • The Elektra Initiative provides culling back-ends for diverse different text configuration files.
  • While non an operating arrangement, the Wine compatibility layer, which allows Windows software to run on a Unix-similar system, besides employs a Windows-like registry as text files in the WINEPREFIX binder: system.reg (HKEY_LOCAL_MACHINE), user.reg (HKEY_CURRENT_USER) and userdef.reg.[61]

Run across also [edit]

  • Registry cleaner
  • Application virtualization
  • LogParser – SQL-similar querying of various types of log files
  • List of Shell Icon Overlay Identifiers
  • Ransomware attack that uses Registry

Notes [edit]

  1. ^ When applications fail to execute because they request more privileges than they require (and are denied those privileges), this is known every bit a limited user application (LUA) bug.

Footnotes [edit]

  1. ^ Esposito, Dino (Nov 2000). "Windows 2000 Registry: Latest Features and APIs Provide the Power to Customize and Extend Your Apps". MSDN Magazine. Microsoft. Archived from the original on April 15, 2003. Retrieved July 19, 2007.
  2. ^ a b c "The System Registry".
  3. ^ "Windows 95 Architecture Components". world wide web.microsoft.com. Archived from the original on February vii, 2008. Retrieved April 29, 2008. The following table shows other difficulties or limitations caused by using .INI files that are overcome by using the Registry.
  4. ^ Hipson 2002, p. 5, 41–43.
  5. ^ Richter, Jeffrey; Nasarre, Christophe (2008). Windows Via C/C++ (5th ed.). Microsoft Press. ISBN9780735642461 . Retrieved August 28, 2021.
  6. ^ Raymond Chen, "Why exercise registry keys accept a default value?"
  7. ^ Hipson 2002, pp. 207, 513–514.
  8. ^ Hipson 2002, pp. 520–521.
  9. ^ Hipson 2002, p. 7.
  10. ^ "Designed for Windows XP Application Specification". Microsoft. August 20, 2002. Retrieved April 8, 2009.
  11. ^ "HKEY_LOCAL_MACHINE". Gautam. 2009. Retrieved Apr 8, 2009.
  12. ^ "Registry Keys Affected by WOW64 (Windows)". Msdn.microsoft.com. Retrieved April 10, 2014.
  13. ^ "Description of the Microsoft Windows registry". Retrieved September 25, 2008.
  14. ^ "HKEY_CURRENT_USER". Microsoft. 2009. Retrieved Apr 8, 2009.
  15. ^ "Description of the HKEY_DYN_DATA Registry Key in Windows 95, Windows 98, and Windows 98 SE". back up.microsoft.com.
  16. ^ "A Closer Look at HKEY_DYN_DATA". rinet.ru. Archived from the original on May 9, 2008.
  17. ^ "Registry hives". Retrieved July 19, 2007.
  18. ^ Chen, Raymond (August viii, 2011). "Why is a registry file called a "hive"?". The Old New Thing. Retrieved July 29, 2011.
  19. ^ "Overview of the Windows NT Registry". Retrieved December 2, 2011.
  20. ^ "Inside the Registry". Retrieved December 28, 2007.
  21. ^ a b Norris, Peter (February 2009). "The Internal Structure of the Windows Registry" (PDF). Cranfield University. Archived from the original (PDF) on May 29, 2009.
  22. ^ "Incorrect Icons Displayed for .ico Files". November fifteen, 2009. Retrieved March 31, 2012.
  23. ^ "How to Completely Uninstall / Remove a Software Program in Windows without using 3rd Party Software? - AskVG". www.askvg.com.
  24. ^ "You may receive a "STOP 0x00000035 NO_MORE_IRP_STACK_LOCATIONS" error message when you try to log on to a domain". Oct 9, 2011. Retrieved March 31, 2012. This page tells the user to edit the registry when resolving the issue.
  25. ^ key renaming is implemented as removal and add together while retaining subkeys/values, as the underlying APIs practise not support the rename function direct
  26. ^ a b c d "How to add, modify, or delete registry subkeys and values by using a .reg file". support.microsoft.com.
  27. ^ "Applying Grouping Policy". Microsoft.
  28. ^ a b c Payette, Bruce; Siddaway, Richard (2018). Windows PowerShell in Action (Tertiary ed.). Manning Publications. pp. seven–8, 24, 608, 708–710. ISBN9781633430297 . Retrieved Baronial 28, 2021.
  29. ^ Warner, Timothy L. (May 2015). Windows PowerShell in 24 Hours, Sams Teach Yourself. Sams Publishing. p. 19, 211. ISBN9780134049359 . Retrieved August 28, 2021.
  30. ^ "Reading and Writing Registry Values with Visual Basic". Retrieved July 19, 2007.
  31. ^ "REG command in Windows XP". Retrieved July xix, 2007.
  32. ^ "registry manual page – Tcl Bundled Packages". www.tcl.tk . Retrieved December 14, 2017.
  33. ^ "Offline Registry Library". Retrieved June 4, 2014.
  34. ^ "DllInstall Part". Microsoft. March 7, 2012. Retrieved March 22, 2012.
  35. ^ "Regsvr32". Microsoft. Retrieved March 22, 2012.
  36. ^ "How to: Register Automation Servers". Microsoft. Retrieved March 22, 2012.
  37. ^ "How to re-register PowerPoint 2000, PowerPoint 2003, PowerPoint 2007 and PowerPoint 2010". Microsoft. January 2012. Retrieved March 22, 2012.
  38. ^ "RegNotifyChangeKeyValue part". Microsoft.
  39. ^ "Registering for Notifications". Microsoft.
  40. ^ "RegConnectRegistry function". Microsoft.
  41. ^ "How to Manage Remote Admission to the Registry". Microsoft.
  42. ^ Gibson, Darril (June 28, 2011). "Chapter 4: Securing Admission with Permissions". Microsoft Windows security : essentials. Indianapolis, Ind.: Wiley. ISBN978-ane-118-01684-8.
  43. ^ "Application Compatibility: Windows Resource Protection (WRP)". Microsoft. Retrieved August 8, 2012.
  44. ^ Marc Silbey, Peter Brundrett. "Understanding and Working in Protected Mode Internet Explorer". Retrieved Baronial 8, 2012.
  45. ^ "RegDelNull v1.one". November i, 2006. Retrieved Baronial viii, 2012.
  46. ^ "Unable to delete certain registry keys – Mistake while deleting cardinal". March 23, 2010. Retrieved August viii, 2012. Microsoft Support folio.
  47. ^ "Description of the Windows Registry Checker Tool (Scanreg.exe)".
  48. ^ "Command-Line Switches for the Registry Checker Tool".
  49. ^ "How To Fill-in, Edit, and Restore the Registry in Windows NT 4.0". support.microsoft.com.
  50. ^ "Technical Reference to the Registry: Related Resources". Microsoft. Retrieved September 9, 2011.
  51. ^ "Microsoft Kills Automated Registry Backups in Windows 10". ExtremeTech . Retrieved July 1, 2019.
  52. ^ "How Core Grouping Policy Works". Microsoft. September 2, 2009. Retrieved Baronial 13, 2012.
  53. ^ "Chapter 26 – Initialization Files and the Registry". Microsoft. Retrieved March 3, 2008.
  54. ^ "Microsoft Application Compatibility Toolkit 5.0". Microsoft. Retrieved July 26, 2008.
  55. ^ a b Ionescu, Marking Russinovich, David A. Solomon, Alex (2012). "Registry Internals". Windows internals (6th ed.). Redmond, Wash.: Microsoft Press. ISBN978-0-7356-4873-9.
  56. ^ "XDG Base Directory Specification". standards.freedesktop.org.
  57. ^ "Application directories". Archived from the original on May 27, 2012. Retrieved May 17, 2012.
  58. ^ a b "Instance Studies Of The Peak 132 Annoyances With Operating Systems Other Than RISC Bone". Retrieved Apr 3, 2012. Page from the riscos.com website. Mentioned in points 82 and 104.
  59. ^ "RISC Os bout". Retrieved July 19, 2007.
  60. ^ "The RISC OS Products Directory". November 2, 2006. Archived from the original on February 19, 2007. Retrieved Apr 1, 2012.
  61. ^ 3.2. Using the Registry and Regedit (Wine User Guide)

References [edit]

  • Hipson, Peter (2002). Mastering Windows XP Registry. Wiley. ISBN0-7821-2987-0 . Retrieved August 28, 2021.
  • Russinovich, Marker Due east.; Solomon, David A. (2005). Microsoft Windows Internals (Fourth ed.). Microsoft Press. pp. 183–236. ISBN978-0-7356-1917-3.

External links [edit]

  • Windows Registry info & reference in the MSDN Library

yoshiokafromming.blogspot.com

Source: https://en.wikipedia.org/wiki/Windows_Registry

You may like these posts

Post a Comment for "Regedit Cannot Display Error Reading Run Statements"