Editing the registry is not as hard as you might think, but you
need to understand
what you’re doing, and it’s essential to make a backup before you
make any changes so that you can back them out if necessary.
The Windows Registry is a collection of database used by Microsoft
Windows to store configuration information about the software
installed on a computer. This information includes things like the
desktop background, program settings, and file extension
Windows Registry Availability
The Windows Registry and the Microsoft Registry Editor program
are available in nearly every Microsoft Windows version including
Windows 7, Windows Vista, Windows XP, Windows 2000, Windows
NT, Windows 98, Windows 95, and more.
What is the Windows Registry Used For?
The Windows Registry is used to store much of the
information and settings for software programs, hardware
devices, user preferences, operating system
configurations, and much more.
In many ways, the registry can be thought of as a kind of
DNA for the Windows operating system.
Registry Editor is the tool used to view, create, and modify the keys and
values that make up the registry.
All versions of Windows that utilize the registry include a copy of Registry
Editor by default.
Also Known As: Regedit
Basic Microsoft Registry Editor Functions:
Even though the registry contains thousands of values, there are only a few
things you need to know before you're able to make nearly any registry change.
Backup the Entire Registry
Backup Registry Keys
Delete Registry Keys
Restore Registry Keys
The Structure of The Registry :
The Registry has a hierarchal structure, although it looks complicated the
structure is similar to the directory structure on your hard disk, with Regedit
being similar to Windows Explorer.
Each main branch (denoted by a folder icon in the Registry Editor, see left) is
called a Hive, and Hives contains Keys. Each key can contain other keys
(sometimes referred to as sub-keys), as well as Values. The values contain the
actual information stored in the Registry.
Also Known As: root key
There are five main branches, each containing a specific portion of the
information stored in the Registry. They are as follows:
HKEY_CLASSES_ROOT - This branch contains file association mappings, shortcut
destinations, object linking and embedding (OLE) information, and core aspects of
the Windows user interface.
HKEY_CURRENT_USER - This branch is user-specific, and links to a section within
HKEY_USERS depending on the user that is currently logged onto the PC, which
contains information such as logon names, desktop settings, and Start menu settings.
HKEY_LOCAL_MACHINE - This branch contains machine-wide information about the
specific type of hardware, software, and other preferences on a given PC, and is
available to every user who logs onto the computer.
HKEY_USERS - This contains different Sub Keys for each user and their individual
HKEY_CURRENT_CONFIG - This branch links to a specific section in
HKEY_LOCAL_MACHINE depending on the current hardware configuration.
Definition: A key in the Windows Registry can be thought of like a file
folder. A key that sits within another key is called a "subkey."
Registry keys may contain additional registry subkeys and registry values
and will always exist under the highest key in the hierarchy called a
Also Known As: registry subkey, registry entry
Definition: A value in the Windows Registry contains specific instructions
for your Windows installation.
Many kinds of registry values exist including string values, binary values,
DWORD (32-bit) values, QWORD (64-bit) values, multi-string values, and
expandable string values.
REG_SZ – This type is a standard string, used to represent human readable text
REG_BINARY – This type is typically used by hardware components, which
store information as raw binary data: 0’s and 1’s.
REG_MULTI_SZ – This data type is a multiple string used to represent values
that contain lists or multiple values, with each entry separated by a NULL
REG_DWORD – This data type is a Double Word, or a 32-bit numeric value, and
can hold any number from 0 to 232.
REG_QWORD - A 64-bit numeric value.
REG_EXPAND_SZ – This type is an expandable string that contains a variable
that is replaced when called by an application. For example, a value containing
the string “%SystemRoot%” will be replaced by the location of the directory
containing system files.
Modify your Registry
Importing and Exporting Registry Settings
Deleting keys or values
Windows Registry Via the Command Line
There are times when you may need to make changes to the Windows
Registry via the command line, scripting in Windows is one example.
Microsoft provide the command line tool Reg.Exe for working with
the Windows Registry for users of Windows XP/Vista/7. It comes
with the following built in functions:
QUERY / ADD / DELETE / COPY / EXPORT / IMPORT
we can look at some common examples of each.
The REG QUERY command allows the user to query a single key for a
single value, or a range of keys for all their values. To display the full
range of parameters that can be used, type the following into the
command line: reg query /?
To display all subkeys and values under the key
HKLM\Software\Microsoft\ResKit\Nt\Setup on a remote computer named
REG QUERY \\ABC\HKLM\Software\Microsoft\ResKit\Nt\Setup /s
The REG ADD command allows the user to add new keys and values to
the Registry. To display the full range of parameters that can be used,
type the following into the command line: reg add /?
REG ADD KeyName [/v ValueName | /ve] [/t Type] [/s Separator] [/d
To add a registry entry to HKLM\Software\MyNewApp with a value named
Data of type REG_BINARY and data of fe340ead, type:
REG ADD HKLM\Software\MyNewApp /v Data /t REG_BINARY /d
The REG DELETE command allows the user to remove a Registry key or
value (it will remove all subkeys and values beneath the key - but will always
confirm you wish to perform the deletion first.) You should perform this as
an Administrator. To display the full range of parameters that can be used,
type the following into the command line: reg delete /?
REG DELETE KeyName [/v ValueName | /ve | /va] [/f]
To delete the registry key Timeout and its all subkeys and values, type:
REG DELETE HKLM\Software\MyCo\MyApp\Timeout
The REG COPY command allows the user to copy a single value or an entire hive
from its original location to another - local or remote. This is a VERY popular
command for administrators supporting Windows computers. To display the full
range of parameters that can be used, type the following into the command line:
reg copy /?
REG COPY KeyName1 KeyName2 [/s] [/f]
The REG EXPORT command allows the user to copy the specified subkeys,
entries, and values of the local computer into a file for transfer to other servers.
To display the full range of parameters that can be used, type the following into
the command line: reg export /?
REG EXPORT KeyName FileName
The REG IMPORT command allows the user to copy the contents of a file that
contains exported registry subkeys, entries, and values into the registry of the
local computer. To display the full range of parameters that can be used, type the
following into the command line: reg import /?
REG IMPORT FileName
Registry Access Facilities in .NET
There are built-in classes in .NET that provide facility to access the
Windows Registry from within your application.
Registry is a built-in class that helps in manipulating a Registry.
RegistryKey is another class that helps manipulate a key in the Registry.
By using these classes, one can access the Windows Registry in an easy
and efficient manner. They have an exhaustive collection of built-in
attributes and methods that facilitate the Registry manipulations.
On the other hand, Win32 APIs also could be used to manipulate the
Windows Registry. This method is applicable for Visual Basic 6 also. There
are separate functions for creating, opening, closing, and deleting keys
and storing, retrieving, and modifying values of a key.
Strongly typed data
Separation of machine and user configuration information
Backuping up specific keys difficulty
Install / Un-install difficulty
Difficult structure to navigate
Direct copy difficulty