What Is A Register Key

Database for Microsoft Windows

Windows Registry

Registry Editor, the user interface for the registry, in Windows 10
Developer(s)	Microsoft
Initial release	Apr 6, 1992; thirty years ago  (1992-04-06) with Windows 3.1
Operating system	Microsoft Windows
Platform	IA-32, x86-64 and ARM (and historically DEC Alpha, Itanium, MIPS, and PowerPC)
Included with	Microsoft Windows
Type	Hierarchical database
Website	docs.microsoft.com/en-united states/windows/desktop/SysInfo/registry

The Windows Registry is a hierarchical database that stores depression-level settings for the Microsoft Windows operating system and for applications that opt to use the registry. The kernel, device drivers, services, Security Accounts Manager, and user interfaces tin all apply the registry. The registry also allows access to counters for profiling system performance.

In other words, the registry or Windows Registry contains information, settings, options, and other values for programs and hardware installed on all versions of Microsoft Windows operating systems. For example, when a program is installed, a new subkey containing settings such every bit a program's location, its version, and how to start the program, are all added to the Windows Registry.

When introduced with Windows 3.1, the Windows Registry primarily stored configuration information for COM-based components. Windows 95 and Windows NT extended its use to rationalize and centralize the information in the profusion of INI files, which held the configurations for individual programs, and were stored at diverse locations.^{[ane] [2]} Information technology is not a requirement for Windows applications to use the Windows Registry. For example, .Net Framework applications use XML files for configuration, while portable applications normally keep their configuration files with their executables.

Rationale [edit]

Prior to the Windows Registry, .INI files stored each plan'due south settings as a text file or binary file, often located in a shared location that did not provide user-specific settings in a multi-user scenario. By contrast, the Windows Registry stores all application settings in one logical repository (only a number of discrete files) and in a standardized form. According to Microsoft, this offers several advantages over .INI files.^{[2] [iii]} Since file parsing is done much more efficiently with a binary format, it may be read from or written to more rapidly than a text INI file. Furthermore, strongly typed data tin be stored in the registry, as opposed to the text information stored in .INI files. This is a benefit when editing keys manually using regedit.exe, the built-in Windows Registry Editor. Because user-based registry settings are loaded from a user-specific path rather than from a read-only system location, the registry allows multiple users to share the same machine, and also allows programs to work for less privileged users. Backup and restoration is also simplified equally the registry can be accessed over a network connectedness for remote management/back up, including from scripts, using the standard set of APIs, as long equally the Remote Registry service is running and firewall rules permit this.

Because the registry is a database, it offers improved system integrity with features such as atomic updates. If two processes effort to update the same registry value at the same time, one procedure'south change will precede the other'southward and the overall consistency of the data will be maintained. Where changes are made to .INI files, such race conditions tin can consequence in inconsistent data that does non match either attempted update. Windows Vista and afterwards operating systems provide transactional updates to the registry by means of the Kernel Transaction Managing director, extending the atomicity guarantees beyond multiple key and/or value changes, with traditional commit–abort semantics. (Note still that NTFS provides such back up for the file arrangement as well, and then the same guarantees could, in theory, be obtained with traditional configuration files.)

Construction [edit]

Keys and values [edit]

The registry contains two basic elements: keys and values. Registry keys are container objects similar to folders. Registry values are non-container objects similar to files. Keys may contain values and subkeys. Keys are referenced with a syntax similar to Windows' path names, using backslashes to signal levels of bureaucracy. Keys must take a example insensitive name without backslashes.

The hierarchy of registry keys can only exist accessed from a known root central handle (which is anonymous but whose effective value is a abiding numeric handle) that is mapped to the content of a registry primal preloaded by the kernel from a stored "hive", or to the content of a subkey inside another root key, or mapped to a registered service or DLL that provides access to its contained subkeys and values.

E.g. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows refers to the subkey "Windows" of the subkey "Microsoft" of the subkey "Software" of the HKEY_LOCAL_MACHINE root key.

At that place are seven predefined root keys, traditionally named according to their constant handles defined in the Win32 API, or by synonymous abbreviations (depending on applications):^[4]

• HKEY_LOCAL_MACHINE or HKLM
• HKEY_CURRENT_CONFIG or HKCC
• HKEY_CLASSES_ROOT or HKCR
• HKEY_CURRENT_USER or HKCU
• HKEY_USERS or HKU
• HKEY_PERFORMANCE_DATA (only in Windows NT, but invisible in the Windows Registry Editor)^[5]
• HKEY_DYN_DATA (only in Windows 9x, and visible in the Windows Registry Editor)

Like other files and services in Windows, all registry keys may be restricted by access command lists (ACLs), depending on user privileges, or on security tokens caused by applications, or on arrangement security policies enforced by the organization (these restrictions may be predefined by the organization itself, and configured by local system administrators or by domain administrators). Different users, programs, services or remote systems may only see some parts of the hierarchy or singled-out hierarchies from the same root keys.

Registry values are name/information pairs stored inside keys. Registry values are referenced separately from registry keys. Each registry value stored in a registry key has a unique name whose letter of the alphabet instance is not pregnant. The Windows API functions that query and manipulate registry values accept value names separately from the key path and/or handle that identifies the parent key. Registry values may contain backslashes in their names, just doing and so makes them hard to distinguish from their primal paths when using some legacy Windows Registry API functions (whose usage is deprecated in Win32).

The terminology is somewhat misleading, equally each registry key is like to an associative array, where standard terminology would refer to the proper name role of each registry value as a "fundamental". The terms are a holdout from the 16-scrap registry in Windows 3, in which registry keys could not contain capricious name/data pairs, just rather contained only ane unnamed value (which had to be a string). In this sense, the Windows 3 registry was like a single associative array, in which the keys (in the sense of both 'registry key' and 'associative array key') formed a hierarchy, and the registry values were all strings. When the 32-bit registry was created, and then was the additional capability of creating multiple named values per key, and the meanings of the names were somewhat distorted.^[6] For compatibility with the previous behavior, each registry fundamental may take a "default" value, whose name is the empty string.

Each value can store arbitrary data with variable length and encoding, but which is associated with a symbolic type (defined equally a numeric constant) defining how to parse this information. The standard types are:^[vii]

List of standard registry value types

Type ID	Symbolic type proper name	Meaning and encoding of the data stored in the registry value
0	REG_NONE	No type (the stored value, if whatsoever)
one	REG_SZ	A cord value, unremarkably stored and exposed in UTF-16LE (when using the Unicode version of Win32 API functions), normally terminated by a NUL character
2	REG_EXPAND_SZ	An "expandable" string value that can incorporate environment variables, normally stored and exposed in UTF-16LE, usually terminated by a NUL character
3	REG_BINARY	Binary data (any arbitrary data)
4	REG_DWORD / REG_DWORD_LITTLE_ENDIAN	A DWORD value, a 32-chip unsigned integer (numbers between 0 and iv,294,967,295 [two32 – one]) (lilliputian-endian)
5	REG_DWORD_BIG_ENDIAN	A DWORD value, a 32-chip unsigned integer (numbers between 0 and four,294,967,295 [232 – one]) (big-endian)
half-dozen	REG_LINK	A symbolic link (UNICODE) to another registry key, specifying a root fundamental and the path to the target key
7	REG_MULTI_SZ	A multi-string value, which is an ordered list of non-empty strings, normally stored and exposed in Unicode, each one terminated past a null character, the listing being normally terminated by a second null character.[8]
eight	REG_RESOURCE_LIST	A resource list (used by the Plug-n-Play hardware enumeration and configuration)
ix	REG_FULL_RESOURCE_DESCRIPTOR	A resource descriptor (used past the Plug-n-Play hardware enumeration and configuration)
10	REG_RESOURCE_REQUIREMENTS_LIST	A resources requirements list (used by the Plug-n-Play hardware enumeration and configuration)
xi	REG_QWORD / REG_QWORD_LITTLE_ENDIAN	A QWORD value, a 64-bit integer (either large- or little-endian, or unspecified) (introduced in Windows 2000)[9]

Root keys [edit]

The keys at the root level of the hierarchical database are generally named by their Windows API definitions, which all begin "HKEY".^[2] They are frequently abbreviated to a 3- or iv-letter curt name starting with "HK" (e.k. HKCU and HKLM). Technically, they are predefined handles (with known constant values) to specific keys that are either maintained in memory, or stored in hive files stored in the local filesystem and loaded by the system kernel at kicking time and and then shared (with various admission rights) between all processes running on the local system, or loaded and mapped in all processes started in a user session when the user logs on the organisation.

The HKEY_LOCAL_MACHINE (local car-specific configuration data) and HKEY_CURRENT_USER (user-specific configuration data) nodes accept a similar structure to each other; user applications typically expect up their settings past outset checking for them in "HKEY_CURRENT_USER\Software\Vendor's name\Awarding'south name\Version\Setting name", and if the setting is non found, look instead in the same location nether the HKEY_LOCAL_MACHINE key^{[ citation needed ]}. However, the antipodal may apply for ambassador-enforced policy settings where HKLM may take precedence over HKCU. The Windows Logo Program has specific requirements for where different types of user data may be stored, and that the concept of least privilege exist followed so that administrator-level access is not required to utilise an awarding.^{[a] [x]}

HKEY_LOCAL_MACHINE (HKLM) [edit]

Abbreviated HKLM, HKEY_LOCAL_MACHINE stores settings that are specific to the local estimator.^[eleven]

The central located by HKLM is actually not stored on disk, just maintained in memory by the organization kernel in order to map all the other subkeys. Applications cannot create whatever additional subkeys. On Windows NT, this key contains iv subkeys, "SAM", "SECURITY", "Organization", and "SOFTWARE", that are loaded at kicking time within their respective files located in the %SystemRoot%\System32\config folder. A 5th subkey, "HARDWARE", is volatile and is created dynamically, and as such is not stored in a file (it exposes a view of all the currently detected Plug-and-Play devices). On Windows Vista and above, a sixth and seventh subkey, "COMPONENTS" and "BCD", are mapped in memory by the kernel on-demand and loaded from %SystemRoot%\system32\config\COMPONENTS or from boot configuration data, \kicking\BCD on the organization partition.

• The "HKLM\SAM" primal usually appears as empty for most users (unless they are granted access by administrators of the local organisation or administrators of domains managing the local organization). Information technology is used to reference all "Security Accounts Manager" (SAM) databases for all domains into which the local system has been administratively authorized or configured (including the local domain of the running arrangement, whose SAM database is stored in a subkey too named "SAM": other subkeys will be created as needed, ane for each supplementary domain). Each SAM database contains all builtin accounts (generally group aliases) and configured accounts (users, groups and their aliases, including guest accounts and administrator accounts) created and configured on the respective domain, for each account in that domain, it notably contains the user name which tin be used to log on that domain, the internal unique user identifier in the domain, a cryptographic hash of each user'southward countersign for each enabled authentication protocol, the location of storage of their user registry hive, various status flags (for case if the account can be enumerated and be visible in the logon prompt screen), and the list of domains (including the local domain) into which the account was configured.
• The "HKLM\SECURITY" key usually appears empty for most users (unless they are granted access by users with administrative privileges) and is linked to the Security database of the domain into which the current user is logged on (if the user is logged on the local system domain, this key will exist linked to the registry hive stored by the local machine and managed by local system administrators or past the builtin "Organisation" account and Windows installers). The kernel volition admission it to read and enforce the security policy applicable to the current user and all applications or operations executed by this user. Information technology also contains a "SAM" subkey which is dynamically linked to the SAM database of the domain onto which the current user is logged on.
• The "HKLM\SYSTEM" key is normally only writable by users with administrative privileges on the local organisation. It contains information about the Windows system setup, information for the secure random number generator (RNG), the listing of currently mounted devices containing a filesystem, several numbered "HKLM\Arrangement\Command Sets" containing alternative configurations for system hardware drivers and services running on the local system (including the currently used i and a fill-in), a "HKLM\Arrangement\Select" subkey containing the status of these Control Sets, and a "HKLM\Organisation\CurrentControlSet" which is dynamically linked at kicking time to the Command Set which is currently used on the local organization. Each configured Control Set contains:
  • an "Enum" subkey enumerating all known Plug-and-Play devices and associating them with installed organization drivers (and storing the device-specific configurations of these drivers),
  • a "Services" subkey list all installed organization drivers (with non device-specific configuration, and the enumeration of devices for which they are instantiated) and all programs running as services (how and when they can be automatically started),
  • a "Control" subkey organizing the various hardware drivers and programs running equally services and all other system-wide configuration,
  • a "Hardware Profiles" subkey enumerating the various profiles that have been tuned (each one with "Arrangement" or "Software" settings used to modify the default profile, either in arrangement drivers and services or in the applications) besides as the "Hardware Profiles\Electric current" subkey which is dynamically linked to one of these profiles.
• The "HKLM\SOFTWARE" subkey contains software and Windows settings (in the default hardware profile). It is mostly modified past application and organization installers. It is organized by software vendor (with a subkey for each), only too contains a "Windows" subkey for some settings of the Windows user interface, a "Classes" subkey containing all registered associations from file extensions, MIME types, Object Classes IDs and interfaces IDs (for OLE, COM/DCOM and ActiveX), to the installed applications or DLLs that may be handling these types on the local machine (however these associations are configurable for each user, see below), and a "Policies" subkey (also organized by vendor) for enforcing general usage policies on applications and arrangement services (including the central certificates shop used for authenticating, authorizing or disallowing remote systems or services running outside the local network domain).
• The "HKLM\SOFTWARE\Wow6432Node" key is used by 32-bit applications on a 64-bit Windows Os, and is equivalent to but split from "HKLM\SOFTWARE". The key path is transparently presented to 32-scrap applications past WoW64 equally HKLM\SOFTWARE^[12] (in a like way that 32-bit applications run across %SystemRoot%\Syswow64 as %SystemRoot%\System32)

HKEY_CLASSES_ROOT (HKCR) [edit]

Abbreviated HKCR, HKEY_CLASSES_ROOT contains information about registered applications, such as file associations and OLE Object Class IDs, tying them to the applications used to handle these items. On Windows 2000 and above, HKCR is a compilation of user-based HKCU\Software\Classes and machine-based HKLM\Software\Classes. If a given value exists in both of the subkeys above, the one in HKCU\Software\Classes takes precedence.^[thirteen] The design allows for either machine- or user-specific registration of COM objects.

HKEY_USERS (HKU) [edit]

Abbreviated HKU, HKEY_USERS contains subkeys corresponding to the HKEY_CURRENT_USER keys for each user profile actively loaded on the machine, though user hives are usually only loaded for currently logged-in users.

HKEY_CURRENT_USER (HKCU) [edit]

Abbreviated HKCU, HKEY_CURRENT_USER stores settings that are specific to the currently logged-in user.^[14] The HKEY_CURRENT_USER fundamental is a link to the subkey of HKEY_USERS that corresponds to the user; the same information is accessible in both locations. The specific subkey referenced is "(HKU)\(SID)\..." where (SID) corresponds to the Windows SID; if the "(HKCU)" key has the following suffix "(HKCU)\Software\Classes\..." then it corresponds to "(HKU)\(SID)_CLASSES\..." i.e. the suffix has the string "_CLASSES" is appended to the (SID).

On Windows NT systems, each user's settings are stored in their own files called NTUSER.DAT and USRCLASS.DAT inside their own Documents and Settings subfolder (or their own Users sub binder in Windows Vista and above). Settings in this hive follow users with a roaming profile from motorcar to machine.

HKEY_PERFORMANCE_DATA [edit]

This fundamental provides runtime information into performance data provided by either the NT kernel itself, or running system drivers, programs and services that provide performance data. This key is not stored in whatever hive and non displayed in the Registry Editor, only information technology is visible through the registry functions in the Windows API, or in a simplified view via the Functioning tab of the Chore Director (only for a few performance data on the local organization) or via more advanced control panels (such as the Performances Monitor or the Performances Analyzer which allows collecting and logging these information, including from remote systems).

HKEY_DYN_DATA [edit]

This key is used simply on Windows 95, Windows 98 and Windows ME.^[15] It contains data about hardware devices, including Plug and Play and network performance statistics. The information in this hive is likewise not stored on the difficult bulldoze. The Plug and Play information is gathered and configured at startup and is stored in memory.^[16]

Hives [edit]

Fifty-fifty though the registry presents itself equally an integrated hierarchical database, branches of the registry are actually stored in a number of deejay files chosen hives.^[17] (The word hive constitutes an in-joke.)^[xviii]

Some hives are volatile and are non stored on deejay at all. An example of this is the hive of the branch starting at HKLM\HARDWARE. This hive records information about system hardware and is created each time the system boots and performs hardware detection.

Individual settings for users on a system are stored in a hive (deejay file) per user. During user login, the system loads the user hive under the HKEY_USERS key and sets the HKCU (HKEY_CURRENT_USER) symbolic reference to indicate to the current user. This allows applications to shop/remember settings for the current user implicitly under the HKCU cardinal.

Not all hives are loaded at any one time. At boot time, just a minimal set up of hives are loaded, and afterward that, hives are loaded every bit the operating system initializes and as users log in or whenever a hive is explicitly loaded past an application.

File locations [edit]

The registry is physically stored in several files, which are generally obfuscated from the user-way APIs used to manipulate the data inside the registry. Depending upon the version of Windows, there will be different files and dissimilar locations for these files, but they are all on the local motorcar. The location for system registry files in Windows NT is %SystemRoot%\System32\Config; the user-specific HKEY_CURRENT_USER user registry hive is stored in Ntuser.dat inside the user profile. At that place is i of these per user; if a user has a roaming profile, so this file volition be copied to and from a server at logout and login respectively. A second user-specific registry file named UsrClass.dat contains COM registry entries and does not roam by default.

Windows NT [edit]

Windows NT systems store the registry in a binary file format which can be exported, loaded and unloaded by the Registry Editor in these operating systems. The post-obit system registry files are stored in %SystemRoot%\System32\Config\:

• Sam – HKEY_LOCAL_MACHINE\SAM
• Security – HKEY_LOCAL_MACHINE\SECURITY
• Software – HKEY_LOCAL_MACHINE\SOFTWARE
• System – HKEY_LOCAL_MACHINE\System
• Default – HKEY_USERS\.DEFAULT
• Userdiff – Not associated with a hive. Used only when upgrading operating systems.^[19]

The post-obit file is stored in each user's profile folder:

• %USERPROFILE%\Ntuser.dat – HKEY_USERS\<User SID> (linked to by HKEY_CURRENT_USER)

For Windows 2000, Server 2003 and Windows XP, the following additional user-specific file is used for file associations and COM information:

• %USERPROFILE%\Local Settings\Application Information\Microsoft\Windows\Usrclass.dat (path is localized) – HKEY_USERS\<User SID>_Classes (HKEY_CURRENT_USER\Software\Classes)

For Windows Vista and afterward, the path was changed to:

• %USERPROFILE%\AppData\Local\Microsoft\Windows\Usrclass.dat (path is non localized) alias %LocalAppData%\Microsoft\Windows\Usrclass.dat – HKEY_USERS\<User SID>_Classes (HKEY_CURRENT_USER\Software\Classes)

Windows 2000 keeps an alternating copy of the registry hives (.ALT) and attempts to switch to information technology when corruption is detected.^[20] Windows XP and Windows Server 2003 do not maintain a Organisation.alt hive considering NTLDR on those versions of Windows can process the System.log file to bring up to date a System hive that has become inconsistent during a shutdown or crash. In addition, the %SystemRoot%\Repair folder contains a re-create of the system's registry hives that were created after installation and the first successful startup of Windows.

Each registry data file has an associated file with a ".log" extension that acts as a transaction log that is used to ensure that whatsoever interrupted updates tin can be completed upon next startup.^[21] Internally, Registry files are split into iv kB "bins" that contain collections of "cells".^[21]

Windows 9x [edit]

The registry files are stored in the %WINDIR% directory under the names USER.DAT and SYSTEM.DAT with the improver of CLASSES.DAT in Windows ME. Also, each user profile (if profiles are enabled) has its own USER.DAT file which is located in the user'southward profile directory in %WINDIR%\Profiles\<Username>\.

Windows three.11 [edit]

The only registry file is called REG.DAT and it is stored in the %WINDIR% directory.

Windows 10 Mobile [edit]

Annotation: To access the registry files, the Telephone needs to be fix in a special mode using either:

• WpInternals ( Put the mobile device into flash manner. )
• InterOp Tools ( mount the MainOS Partitioning with MTP. )

If any of above Methods worked - The Device Registry Files can be plant in the following location:

          {Phone}\EFIESP\Windows\System32\config        

Note: InterOp Tools also includes a registry editor.

Editing [edit]

Registry editors [edit]

The registry contains important configuration information for the operating arrangement, for installed applications equally well as individual settings for each user and awarding. A careless change to the operating system configuration in the registry could cause irreversible impairment, so it is usually simply installer programs which perform changes to the registry database during installation/configuration and removal. If a user wants to edit the registry manually, Microsoft recommends that a backup of the registry be performed earlier the change.^[22] When a program is removed from control panel, it may non be completely removed and, in case of errors or glitches caused past references to missing programs, the user might have to manually cheque inside directories such every bit plan files. Afterwards this, the user might need to manually remove any reference to the uninstalled program in the registry. This is commonly done past using RegEdit.exe.^[23] Editing the registry is sometimes necessary when working around Windows-specific issues e.g. problems when logging onto a domain can be resolved by editing the registry.^[24]

Windows Registry tin can be edited manually using programs such as RegEdit.exe, although these tools do not betrayal some of the registry's metadata such as the last modified engagement.

The registry editor for the 3.1/95 serial of operating systems is RegEdit.exe and for Windows NT it is RegEdt32.exe; the functionalities are merged in Windows XP. Optional and/or 3rd-political party tools similar to RegEdit.exe are available for many Windows CE versions.

Registry Editor allows users to perform the post-obit functions:

• Creating, manipulating, renaming^[25] and deleting registry keys, subkeys, values and value data
• Importing and exporting .REG files, exporting data in the binary hive format
• Loading, manipulating and unloading registry hive format files (Windows NT systems only)
• Setting permissions based on ACLs (Windows NT systems only)
• Bookmarking user-selected registry keys every bit Favorites
• Finding particular strings in key names, value names and value information
• Remotely editing the registry on some other networked figurer

.REG files [edit]

.REG files (also known every bit Registration entries) are text-based human being-readable files for exporting and importing portions of the registry using an INI-based syntax. On Windows 2000 and subsequently, they comprise the cord Windows Registry Editor Version 5.00 at the get-go and are Unicode-based. On Windows 9x and NT 4.0 systems, they incorporate the string REGEDIT4 and are ANSI-based.^[26] Windows 9x format .REG files are compatible with Windows 2000 and afterwards. The Registry Editor on Windows on these systems also supports exporting .REG files in Windows 9x/NT format. Information is stored in .REG files using the following syntax:^[26]

                        [<Hive proper name>\<Fundamental proper noun>\<Subkey proper name>]            "Value proper name"            =            <Value type>:<Value data>          

The Default Value of a primal can be edited by using "@" instead of "Value Proper name":

                        [<Hive name>\<Cardinal proper name>\<Subkey proper noun>]            @            =            <Value type>:<Value information>          

String values do not crave a <Value type> (see example), just backslashes ('\') need to be written every bit a double-backslash ('\\'), and quotes ('"') as backslash-quote ('\"').

For instance, to add together the values "Value A", "Value B", "Value C", "Value D", "Value E", "Value F", "Value G", "Value H", "Value I", "Value J", "Value Thousand", "Value L", and "Value G" to the HKLM\SOFTWARE\Foobar key:

            Windows Registry Editor Version 5.00            [            HKEY_LOCAL_MACHINE            \SOFTWARE\Foobar]            "Value A"            =            "<String value data with escape characters>"            "Value B"            =            hex:<Binary data (as comma-delimited list of hexadecimal values)>            "Value C"            =            dword:<DWORD value integer>            "Value D"            =            hex(0):<REG_NONE (as comma-delimited list of hexadecimal values)>            "Value E"            =            hex(ane):<REG_SZ (as comma-delimited list of hexadecimal values representing a UTF-16LE NUL-terminated string)>            "Value F"            =            hex(2):<Expandable string value data (as comma-delimited list of hexadecimal values representing a UTF-16LE NUL-terminated cord)>            "Value Chiliad"            =            hex(three):<Binary data (every bit comma-delimited list of hexadecimal values)> ; equal to "Value B"            "Value H"            =            hex(four):<DWORD value (every bit comma-delimited list of 4 hexadecimal values, in piddling endian byte order)>            "Value I"            =            hex(5):<DWORD value (as comma-delimited list of 4 hexadecimal values, in large endian byte order)>            "Value J"            =            hex(7):<Multi-cord value information (as comma-delimited list of hexadecimal values representing UTF-16LE NUL-terminated strings)>            "Value Chiliad"            =            hex(viii):<REG_RESOURCE_LIST (as comma-delimited listing of hexadecimal values)>            "Value Fifty"            =            hex(a):<REG_RESOURCE_REQUIREMENTS_LIST (as comma-delimited list of hexadecimal values)>            "Value M"            =            hex(b):<QWORD value (as comma-delimited list of viii hexadecimal values, in picayune endian byte society)>          

Data from .REG files tin be added/merged with the registry past double-clicking these files or using the /s switch in the command line. REG files can also be used to remove registry data.

To remove a key (and all subkeys, values and data), the key proper name must exist preceded by a minus sign ("-").^[26]

For instance, to remove the HKLM\SOFTWARE\Foobar key (and all subkeys, values and data),

                        [            -            HKEY_LOCAL_MACHINE            \SOFTWARE\Foobar]          

To remove a value (and its data), the values to be removed must take a minus sign ("-") after the equal sign ("=").^[26]

For example, to remove only the "Value A" and "Value B" values (and their data) from the HKLM\SOFTWARE\Foobar key:

                        [            HKEY_LOCAL_MACHINE            \SOFTWARE\Foobar]            "Value A"            =-            "Value B"            =-          

To remove only the Default value of the fundamental HKLM\SOFTWARE\Foobar (and its data):

                        [            HKEY_LOCAL_MACHINE            \SOFTWARE\Foobar]            @            =-          

Lines beginning with a semicolon are considered comments:

                        ; This is a comment. This tin can be placed in any office of a .reg file            [            HKEY_LOCAL_MACHINE            \SOFTWARE\Foobar]            "Value"            =            "Case string"          

Group policies [edit]

Windows grouping policies can change registry keys for a number of machines or individual users based on policies. When a policy first takes effect for a machine or for an private user of a motorcar, the registry settings specified as part of the policy are practical to the machine or user settings.

Windows volition likewise look for updated policies and utilise them periodically, typically every 90 minutes.^[27]

Through its scope a policy defines which machines and/or users the policy is to be applied to. Whether a machine or user is within the scope of a policy or not is defined by a set up of rules which tin filter on the location of the machine or user business relationship in organizational directory, specific users or machine accounts or security groups. More advanced rules can be gear up using Windows Management Instrumentation expressions. Such rules tin can filter on backdrop such as calculator vendor name, CPU architecture, installed software, or networks connected to.

For case, the ambassador tin create a policy with one ready of registry settings for machines in the accounting department and policy with another (lock-down) prepare of registry settings for kiosk terminals in the visitors area. When a machine is moved from one scope to another (e.g. changing its proper noun or moving it to another organizational unit), the correct policy is automatically applied. When a policy is changed it is automatically re-applied to all machines currently in its telescopic.

The policy is edited through a number of authoritative templates which provides a user interface for picking and changing settings. The fix of authoritative templates is extensible and software packages which back up such remote administration can register their own templates.

Command line editing [edit]

reg

Developer(s)	Microsoft
Operating organisation	Microsoft Windows
Blazon	Command
License	Proprietary commercial software
Website	docs.microsoft.com/en-united states/windows-server/assistants/windows-commands/reg

regini

Programmer(s)	Microsoft
Operating system	Microsoft Windows
Blazon	Control
License	Proprietary commercial software
Website	docs.microsoft.com/en-the states/windows-server/administration/windows-commands/regini

The registry can be manipulated in a number of means from the control line. The Reg.exe and RegIni.exe utility tools are included in Windows XP and later versions of Windows. Alternative locations for legacy versions of Windows include the Resource Kit CDs or the original Installation CD of Windows.

Likewise, a .REG file can exist imported from the command line with the following command:

RegEdit.exe /s          file        

The /s ways the file will exist silent merged to the registry. If the /s parameter is omitted the user will be asked to confirm the functioning. In Windows 98, Windows 95 and at least some configurations of Windows XP the /s switch also causes RegEdit.exe to ignore the setting in the registry that allows administrators to disable it. When using the /s switch RegEdit.exe does non return an advisable return code if the functioning fails, dissimilar Reg.exe which does.

RegEdit.exe /east          file        

exports the whole registry in V5 format to a UNICODE .REG file, while any of

RegEdit.exe /eastward          file          HKEY_CLASSES_ROOT[\<key>] RegEdit.exe /east          file          HKEY_CURRENT_CONFIG[\<primal>] RegEdit.exe /e          file          HKEY_CURRENT_USER[\<key>] RegEdit.exe /e          file          HKEY_LOCAL_MACHINE[\<key>] RegEdit.exe /e          file          HKEY_USERS[\<fundamental>]        

consign the specified (sub)primal (which has to be enclosed in quotes if it contains spaces) just.

RegEdit.exe /a          file        

exports the whole registry in V4 format to an ANSI .REG file.

RegEdit.exe /a          file          <key>        

exports the specified (sub)fundamental (which has to exist enclosed in quotes if information technology contains spaces) merely.

It is besides possible to use Reg.exe. Here is a sample to display the value of the registry value Version:

                        Reg.exe            QUERY            HKLM\Software\Microsoft\ResKit            /v            Version          

Other command line options include a VBScript or JScript together with CScript, WMI or WMIC.exe and Windows PowerShell.

Registry permissions tin exist manipulated through the command line using RegIni.exe and the SubInACL.exe tool. For instance, the permissions on the HKEY_LOCAL_MACHINE\SOFTWARE key can be displayed using:

                        SubInACL.exe            /keyreg            HKEY_LOCAL_MACHINE\SOFTWARE            /display          

PowerShell commands and scripts [edit]

Using PowerShell to navigate the registry

Windows PowerShell comes with a registry provider which presents the registry as a location type similar to the file arrangement. The same commands used to manipulate files and directories in the file system can be used to manipulate keys and values of the registry.^[28]

Too like the file system, PowerShell uses the concept of a current location which defines the context on which commands by default operate. The Become-ChildItem (too available through the aliases ls, dir or gci) retrieves the child keys of the electric current location. By using the Prepare-Location (or the alias cd) command the user can change the electric current location to some other fundamental of the registry.^[28] Commands which rename items, remove items, create new items or set content of items or properties can exist used to rename keys, remove keys or entire sub-trees or alter values.

Through PowerShell scripts files, an administrator tin prepare scripts which, when executed, make changes to the registry. Such scripts can exist distributed to administrators who can execute them on private machines. The PowerShell Registry provider supports transactions, i.e. multiple changes to the registry tin can be bundled into a single atomic transaction. An atomic transaction ensures that either all of the changes are committed to the database, or if the script fails, none of the changes are committed to the database.^{[28] [29]}

Programs or scripts [edit]

The registry tin can exist edited through the APIs of the Advanced Windows 32 Base API Library (advapi32.dll).^[30] Listing of registry API functions:

• RegCloseKey
• RegConnectRegistry
• RegCreateKey
• RegCreateKeyEx
• RegDeleteKey
• RegDeleteValue
• RegEnumKey
• RegEnumKeyEx
• RegEnumValue
• RegFlushKey
• RegGetKeySecurity
• RegLoadKey
• RegNotifyChangeKeyValue
• RegOpenKey
• RegOpenKeyEx
• RegQueryInfoKey
• RegQueryMultipleValues
• RegQueryValue
• RegQueryValueEx
• RegReplaceKey
• RegRestoreKey
• RegSaveKey
• RegSetKeySecurity
• RegSetValue
• RegSetValueEx
• RegUnLoadKey

Many programming languages offer congenital-in runtime library functions or classes that wrap the underlying Windows APIs and thereby enable programs to shop settings in the registry (e.g. Microsoft.Win32.Registry in VB.Net and C#, or TRegistry in Delphi and Free Pascal). COM-enabled applications like Visual Basic 6 can employ the WSH WScript.Beat object. Another fashion is to utilise the Windows Resource Kit Tool, Reg.exe by executing information technology from code,^[31] although this is considered poor programming exercise.

Similarly, scripting languages such every bit Perl (with Win32::TieRegistry), Python (with winreg), TCL (which comes bundled with the registry package),^[32] Windows Powershell and Windows Scripting Host likewise enable registry editing from scripts.

Offline editing [edit]

The offreg.dll^[33] available from the Windows Commuter Kit offers a set of APIs for the cosmos and manipulation of currently non loaded registry hives like to those provided past advapi32.dll.

Information technology is as well possible to edit the registry (hives) of an offline arrangement from Windows PE or Linux (in the latter case using open up source tools).

COM self-registration [edit]

Prior to the introduction of registration-complimentary COM, developers were encouraged to add initialization lawmaking to in-process and out-of-process binaries to perform the registry configuration required for that object to work. For in-process binaries such as .DLL and .OCX files, the modules typically exported a function called DllInstall()^[34] that could exist chosen by installation programs or invoked manually with utilities like Regsvr32.exe;^[35] out-of-process binaries typically support the commandline arguments /Regserver and /Unregserver that created or deleted the required registry settings.^[36] COM applications that break because of DLL Hell issues can commonly be repaired with RegSvr32.exe or the /RegServer switch without having to re-invoke installation programs.^[37]

Advanced functionality [edit]

Windows exposes APIs that allows user-mode applications to annals to receive a notification event if a particular registry key is changed.^[38] APIs are also available to let kernel-manner applications to filter and change registry calls fabricated past other applications.^[39]

Windows too supports remote access to the registry of some other calculator via the RegConnectRegistry office^[40] if the Remote Registry service is running, correctly configured and its network traffic is not firewalled.^[41]

Security [edit]

Each central in the registry of Windows NT versions tin take an associated security descriptor. The security descriptor contains an access control list (ACL) that describes which user groups or private users are granted or denied access permissions. The set of registry permissions include 10 rights/permissions which can be explicitly immune or denied to a user or a group of users.

Registry permissions

Permission	Clarification
Query Value	The right to read the registry key value.
Ready Value	The correct to write a new value
Create Subkey	The correct to create subkeys.
Enumerate Subkeys	Allow the enumeration of subkeys.
Notify	The correct to asking alter notifications for registry keys or subkeys.
Create Link	Reserved by the operating system.
Delete	The right to delete a key.
Write DACL	The right to change permissions of the container'south DACL.
Write Owner	The correct to modify the container'south owner.
Read Control	The correct to read the DACL.

As with other securable objects in the operating system, individual access command entries (ACE) on the security descriptor can be explicit or inherited from a parent object.^[42]

Windows Resource Protection is a feature of Windows Vista and later versions of Windows that uses security to deny Administrators and the system WRITE access to some sensitive keys to protect the integrity of the system from malware and accidental modification.^[43]

Special ACEs on the security descriptor can also implement mandatory integrity command for the registry primal and subkeys. A process running at a lower integrity level cannot write, change or delete a registry primal/value, fifty-fifty if the account of the process has otherwise been granted admission through the ACL. For instance, Internet Explorer running in Protected Style can read medium and low integrity registry keys/values of the currently logged on user, but it tin can just alter low integrity keys.^[44]

Outside security, registry keys cannot be deleted or edited due to other causes. Registry keys containing NUL characters cannot be deleted with standard registry editors and crave a special utility for deletion, such as RegDelNull.^{[45] [46]}

Backups and recovery [edit]

Different editions of Windows take supported a number of different methods to back up and restore the registry over the years, some of which are now deprecated:

• Arrangement Restore can support the registry and restore it as long as Windows is bootable, or from the Windows Recovery Surround (starting with Windows Vista).
• NTBackup can dorsum upward the registry as part of the Organization State and restore it. Automated Organization Recovery in Windows XP can too restore the registry.
• On Windows NT, the Last Known Expert Configuration option in startup carte relinks the HKLM\SYSTEM\CurrentControlSet key, which stores hardware and device driver information.
• Windows 98 and Windows ME include control line (Scanreg.exe) and GUI (Scanregw.exe) registry checker tools to check and set the integrity of the registry, create up to five automated regular backups by default and restore them manually or whenever corruption is detected.^[47] The registry checker tool backs upwardly the registry, by default, to %Windir%\Sysbckup Scanreg.exe can also run from MS-DOS.^[48]
• The Windows 95 CD-ROM included an Emergency Recovery Utility (ERU.exe) and a Configuration Fill-in Tool (Cfgback.exe) to back upwards and restore the registry. Additionally Windows 95 backs up the registry to the files arrangement.da0 and user.da0 on every successful boot.
• Windows NT 4.0 included RDISK.EXE, a utility to support and restore the unabridged registry.^[49]
• Windows 2000 Resource Kit contained an unsupported pair of utilities called Regback.exe and RegRest.exe for backup and recovery of the registry.^[fifty]
• Periodic automatic backups of the registry are at present disabled by default on Windows 10 May 2019 Update (version 1903). Microsoft recommends System Restore be used instead.^[51]

Policy [edit]

Group policy [edit]

Windows 2000 and afterwards versions of Windows use Grouping Policy to enforce registry settings through a registry-specific client extension in the Group Policy processing engine.^[52] Policy may be applied locally to a single figurer using gpedit.msc, or to multiple users and/or computers in a domain using gpmc.msc.

Legacy systems [edit]

With Windows 95, Windows 98, Windows ME and Windows NT 4.0, administrators tin can use a special file to be merged into the registry, chosen a policy file (POLICY.Political leader). The policy file allows administrators to foreclose non-ambassador users from changing registry settings like, for case, the security level of Cyberspace Explorer and the desktop background wallpaper. The policy file is primarily used in a business organisation with a large number of computers where the business organisation needs to exist protected from rogue or careless users.

The default extension for the policy file is .POL. The policy file filters the settings it enforces by user and past grouping (a "group" is a divers set of users). To do that the policy file merges into the registry, preventing users from circumventing it by just changing back the settings. The policy file is ordinarily distributed through a LAN, simply can exist placed on the local computer.

The policy file is created by a gratuitous tool by Microsoft that goes past the filename poledit.exe for Windows 95/Windows 98 and with a computer management module for Windows NT. The editor requires administrative permissions to exist run on systems that uses permissions. The editor can also straight change the current registry settings of the local computer and if the remote registry service is installed and started on some other computer it can besides change the registry on that estimator. The policy editor loads the settings information technology can change from .ADM files, of which one is included, that contains the settings the Windows trounce provides. The .ADM file is plainly text and supports easy localisation by allowing all the strings to be stored in one place.

Virtualization [edit]

INI file virtualization [edit]

Windows NT kernels back up redirection of INI file-related APIs into a virtual file in a registry location such equally HKEY_CURRENT_USER using a feature chosen "InifileMapping".^[53] This functionality was introduced to allow legacy applications written for 16-bit versions of Windows to exist able to run nether Windows NT platforms on which the System folder is no longer considered an appropriate location for user-specific information or configuration. Non-compliant 32-bit applications tin also exist redirected in this manner, fifty-fifty though the feature was originally intended for xvi-fleck applications.

Registry virtualization [edit]

Windows Vista introduced limited registry virtualization, whereby poorly written applications that do non respect the principle of least privilege and instead endeavor to write user data to a read-only system location (such as the HKEY_LOCAL_MACHINE hive), are silently redirected to a more than appropriate location, without changing the application itself.

Similarly, application virtualization redirects all of an awarding's invalid registry operations to a location such as a file. Used together with file virtualization, this allows applications to run on a machine without being installed on it.

Low integrity processes may also use registry virtualization. For example, Internet Explorer 7 or viii running in "Protected Mode" on Windows Vista and above will automatically redirect registry writes past ActiveX controls to a sandboxed location in guild to frustrate some classes of security exploits.

The Application Compatibility Toolkit^[54] provides shims that can transparently redirect HKEY_LOCAL_MACHINE or HKEY_CLASSES_ROOT Registry operations to HKEY_CURRENT_USER to address "LUA" bugs that cause applications not to work for users with insufficient rights.

Disadvantages [edit]

Critics labeled the registry in Windows 95 a unmarried point of failure, considering re-installation of the operating organisation was required if the registry became corrupt.^{[ citation needed ]} However, Windows NT uses transaction logs to protect against corruption during updates. Current versions of Windows utilize two levels of log files to ensure integrity fifty-fifty in the case of power failure or similar catastrophic events during database updates.^[55] Even in the instance of a non-recoverable error, Windows can repair or re-initialize damaged registry entries during system kicking.^[55]

Equivalents and alternatives [edit]

In Windows, use of the registry for storing program data is a thing of developer's discretion. Microsoft provides programming interfaces for storing data in XML files (via MSXML) or database files (via SQL Server Compact) which developers can apply instead. Developers are also free to use non-Microsoft alternatives or develop their own proprietary data stores.

In contrast to Windows Registry'south binary-based database model, some other operating systems utilise split up obviously-text files for daemon and application configuration, but group these configurations together for ease of management.

• In Unix-similar operating systems (including Linux) that follow the Filesystem Hierarchy Standard, system-wide configuration files (data similar to what would announced in HKEY_LOCAL_MACHINE on Windows) are traditionally stored in files in /etc/ and its subdirectories, or sometimes in /usr/local/etc. Per-user information (data that would be roughly equivalent to that in HKEY_CURRENT_USER) is stored in hidden directories and files (that start with a menstruation/full stop) within the user's habitation directory. However XDG-compliant applications should refer to the surround variables divers in the Base Directory specification.^[56]
• In macOS, organisation-broad configuration files are typically stored in the /Library/ folder, whereas per-user configuration files are stored in the corresponding ~/Library/ folder in the user'southward home directory, and configuration files set past the system are in /Organization/Library/. Within these respective directories, an application typically stores a property list file in the Preferences/ sub-directory.
• RISC OS (not to exist dislocated with MIPS RISC/os) uses directories for configuration information, which allows applications to be copied into application directories, as opposed to the carve up installation process that typifies Windows applications; this approach is also used on the ROX Desktop for Linux.^[57] This directory-based configuration likewise makes it possible to use different versions of the same application, since the configuration is done "on the wing".^[58] If i wishes to remove the application, it is possible to simply delete the folder belonging to the application.^{[59] [60]} This will often not remove configuration settings which are stored independently from the awarding, commonly within the computer'southward !Boot construction, in !Kicking.Choices or potentially anywhere on a network fileserver. Information technology is possible to copy installed programs between computers running RISC OS past copying the application directories belonging to the programs, however some programs may require re-installing, e.g. when shared files are placed exterior an application directory.^[58]
• IBM AIX (a Unix variant) uses a registry component called Object Data Manager (ODM). The ODM is used to store data virtually system and device configuration. An all-encompassing set of tools and utilities provides users with means of extending, checking, correcting the ODM database. The ODM stores its information in several files, default location is /etc/objrepos.
• The GNOME desktop surroundings uses a registry-like interface chosen dconf for storing configuration settings for the desktop and applications.
• The Elektra Initiative provides culling back-ends for various different text configuration files.
• While not an operating organisation, the Vino compatibility layer, which allows Windows software to run on a Unix-like arrangement, as well employs a Windows-like registry equally text files in the WINEPREFIX folder: system.reg (HKEY_LOCAL_MACHINE), user.reg (HKEY_CURRENT_USER) and userdef.reg.^[61]

See also [edit]

• Registry cleaner
• Application virtualization
• LogParser – SQL-like querying of various types of log files
• List of Shell Icon Overlay Identifiers
• Ransomware attack that uses Registry

Notes [edit]

1. ^ When applications fail to execute because they asking more privileges than they require (and are denied those privileges), this is known as a limited user application (LUA) issues.

Footnotes [edit]

1. ^ Esposito, Dino (Nov 2000). "Windows 2000 Registry: Latest Features and APIs Provide the Power to Customize and Extend Your Apps". MSDN Mag. Microsoft. Archived from the original on April 15, 2003. Retrieved July 19, 2007.
2. ^ ^{a b c} "The Arrangement Registry".
3. ^ "Windows 95 Architecture Components". www.microsoft.com. Archived from the original on Feb 7, 2008. Retrieved Apr 29, 2008. The following tabular array shows other difficulties or limitations caused by using .INI files that are overcome past using the Registry.
4. ^ Hipson 2002, p. 5, 41–43.
5. ^ Richter, Jeffrey; Nasarre, Christophe (2008). Windows Via C/C++ (Fifth ed.). Microsoft Printing. ISBN9780735642461 . Retrieved Baronial 28, 2021.
6. ^ Raymond Chen, "Why do registry keys take a default value?"
7. ^ Hipson 2002, pp. 207, 513–514.
8. ^ Hipson 2002, pp. 520–521.
9. ^ Hipson 2002, p. 7.
10. ^ "Designed for Windows XP Application Specification". Microsoft. August 20, 2002. Retrieved Apr eight, 2009.
11. ^ "HKEY_LOCAL_MACHINE". Gautam. 2009. Retrieved April 8, 2009.
12. ^ "Registry Keys Affected by WOW64 (Windows)". Msdn.microsoft.com. Retrieved April ten, 2014.
13. ^ "Description of the Microsoft Windows registry". Retrieved September 25, 2008.
14. ^ "HKEY_CURRENT_USER". Microsoft. 2009. Retrieved April 8, 2009.
15. ^ "Description of the HKEY_DYN_DATA Registry Key in Windows 95, Windows 98, and Windows 98 SE". back up.microsoft.com.
16. ^ "A Closer Look at HKEY_DYN_DATA". rinet.ru. Archived from the original on May 9, 2008.
17. ^ "Registry hives". Retrieved July 19, 2007.
18. ^ Chen, Raymond (Baronial 8, 2011). "Why is a registry file called a "hive"?". The Old New Affair. Retrieved July 29, 2011.
19. ^ "Overview of the Windows NT Registry". Retrieved December two, 2011.
20. ^ "Inside the Registry". Retrieved December 28, 2007.
21. ^ ^{a b} Norris, Peter (Feb 2009). "The Internal Construction of the Windows Registry" (PDF). Cranfield University. Archived from the original (PDF) on May 29, 2009.
22. ^ "Incorrect Icons Displayed for .ico Files". November 15, 2009. Retrieved March 31, 2012.
23. ^ "How to Completely Uninstall / Remove a Software Plan in Windows without using tertiary Political party Software? - AskVG". world wide web.askvg.com.
24. ^ "You may receive a "Stop 0x00000035 NO_MORE_IRP_STACK_LOCATIONS" error message when you lot endeavor to log on to a domain". Oct ix, 2011. Retrieved March 31, 2012. This folio tells the user to edit the registry when resolving the upshot.
25. ^ key renaming is implemented every bit removal and add while retaining subkeys/values, equally the underlying APIs do not support the rename function directly
26. ^ ^{a b c d} "How to add, modify, or delete registry subkeys and values by using a .reg file". support.microsoft.com.
27. ^ "Applying Group Policy". Microsoft.
28. ^ ^{a b c} Payette, Bruce; Siddaway, Richard (2018). Windows PowerShell in Activity (3rd ed.). Manning Publications. pp. seven–8, 24, 608, 708–710. ISBN9781633430297 . Retrieved August 28, 2021.
29. ^ Warner, Timothy L. (May 2015). Windows PowerShell in 24 Hours, Sams Teach Yourself. Sams Publishing. p. xix, 211. ISBN9780134049359 . Retrieved August 28, 2021.
30. ^ "Reading and Writing Registry Values with Visual Basic". Retrieved July 19, 2007.
31. ^ "REG control in Windows XP". Retrieved July xix, 2007.
32. ^ "registry transmission page – Tcl Arranged Packages". www.tcl.tk . Retrieved December 14, 2017.
33. ^ "Offline Registry Library". Retrieved June 4, 2014.
34. ^ "DllInstall Part". Microsoft. March 7, 2012. Retrieved March 22, 2012.
35. ^ "Regsvr32". Microsoft. Retrieved March 22, 2012.
36. ^ "How to: Annals Automation Servers". Microsoft. Retrieved March 22, 2012.
37. ^ "How to re-register PowerPoint 2000, PowerPoint 2003, PowerPoint 2007 and PowerPoint 2010". Microsoft. January 2012. Retrieved March 22, 2012.
38. ^ "RegNotifyChangeKeyValue function". Microsoft.
39. ^ "Registering for Notifications". Microsoft.
40. ^ "RegConnectRegistry function". Microsoft.
41. ^ "How to Manage Remote Admission to the Registry". Microsoft.
42. ^ Gibson, Darril (June 28, 2011). "Chapter 4: Securing Access with Permissions". Microsoft Windows security : essentials. Indianapolis, Ind.: Wiley. ISBN978-one-118-01684-8.
43. ^ "Application Compatibility: Windows Resource Protection (WRP)". Microsoft. Retrieved August 8, 2012.
44. ^ Marc Silbey, Peter Brundrett. "Agreement and Working in Protected Style Internet Explorer". Retrieved August 8, 2012.
45. ^ "RegDelNull v1.1". November 1, 2006. Retrieved August 8, 2012.
46. ^ "Unable to delete sure registry keys – Error while deleting cardinal". March 23, 2010. Retrieved August 8, 2012. Microsoft Support folio.
47. ^ "Clarification of the Windows Registry Checker Tool (Scanreg.exe)".
48. ^ "Command-Line Switches for the Registry Checker Tool".
49. ^ "How To Backup, Edit, and Restore the Registry in Windows NT 4.0". support.microsoft.com.
50. ^ "Technical Reference to the Registry: Related Resources". Microsoft. Retrieved September 9, 2011.
51. ^ "Microsoft Kills Automatic Registry Backups in Windows 10". ExtremeTech . Retrieved July 1, 2019.
52. ^ "How Cadre Group Policy Works". Microsoft. September 2, 2009. Retrieved Baronial 13, 2012.
53. ^ "Affiliate 26 – Initialization Files and the Registry". Microsoft. Retrieved March iii, 2008.
54. ^ "Microsoft Application Compatibility Toolkit five.0". Microsoft. Retrieved July 26, 2008.
55. ^ ^{a b} Ionescu, Mark Russinovich, David A. Solomon, Alex (2012). "Registry Internals". Windows internals (6th ed.). Redmond, Wash.: Microsoft Press. ISBN978-0-7356-4873-9.
56. ^ "XDG Base Directory Specification". standards.freedesktop.org.
57. ^ "Awarding directories". Archived from the original on May 27, 2012. Retrieved May 17, 2012.
58. ^ ^{a b} "Case Studies Of The Height 132 Annoyances With Operating Systems Other Than RISC OS". Retrieved April 3, 2012. Page from the riscos.com website. Mentioned in points 82 and 104.
59. ^ "RISC Bone bout". Retrieved July 19, 2007.
60. ^ "The RISC OS Products Directory". November 2, 2006. Archived from the original on February 19, 2007. Retrieved April 1, 2012.
61. ^ 3.2. Using the Registry and Regedit (Vino User Guide)

References [edit]

• Hipson, Peter (2002). Mastering Windows XP Registry. Wiley. ISBN0-7821-2987-0 . Retrieved August 28, 2021.
• Russinovich, Mark E.; Solomon, David A. (2005). Microsoft Windows Internals (Fourth ed.). Microsoft Press. pp. 183–236. ISBN978-0-7356-1917-iii.

External links [edit]

• Windows Registry info & reference in the MSDN Library

What Is A Register Key,

Source: https://en.wikipedia.org/wiki/Windows_Registry

Posted by: greenwoodflut1945.blogspot.com

Share this post