Where The Register Is Located In Windows 10

Database for Microsoft Windows

Windows Registry

Registry Editor, the user interface for the registry, in Windows 10
Developer(south)	Microsoft
Initial release	April 6, 1992; 30 years ago  (1992-04-06) with Windows 3.ane
Operating system	Microsoft Windows
Platform	IA-32, x86-64 and ARM (and historically December Alpha, Itanium, MIPS, and PowerPC)
Included with	Microsoft Windows
Type	Hierarchical database
Website	docs.microsoft.com/en-u.s.a./windows/desktop/SysInfo/registry

The Windows Registry is a hierarchical database that stores low-level settings for the Microsoft Windows operating organisation and for applications that opt to use the registry. The kernel, device drivers, services, Security Accounts Manager, and user interfaces tin all use the registry. The registry also allows admission to counters for profiling system performance.

In other words, the registry or Windows Registry contains data, settings, options, and other values for programs and hardware installed on all versions of Microsoft Windows operating systems. For example, when a programme is installed, a new subkey containing settings such equally a programme's location, its version, and how to start the program, are all added to the Windows Registry.

When introduced with Windows 3.i, the Windows Registry primarily stored configuration information for COM-based components. Windows 95 and Windows NT extended its use to rationalize and centralize the information in the profusion of INI files, which held the configurations for individual programs, and were stored at diverse locations.^{[1] [2]} It is not a requirement for Windows applications to apply the Windows Registry. For instance, .Internet Framework applications use XML files for configuration, while portable applications ordinarily keep their configuration files with their executables.

Rationale [edit]

Prior to the Windows Registry, .INI files stored each program's settings equally a text file or binary file, frequently located in a shared location that did not provide user-specific settings in a multi-user scenario. Past contrast, the Windows Registry stores all application settings in i logical repository (but a number of discrete files) and in a standardized form. According to Microsoft, this offers several advantages over .INI files.^{[2] [three]} Since file parsing is washed much more efficiently with a binary format, it may be read from or written to more than quickly than a text INI file. Furthermore, strongly typed information tin can be stored in the registry, equally opposed to the text information stored in .INI files. This is a benefit when editing keys manually using regedit.exe, the built-in Windows Registry Editor. Because user-based registry settings are loaded from a user-specific path rather than from a read-just system location, the registry allows multiple users to share the same machine, and as well allows programs to work for less privileged users. Backup and restoration is also simplified as the registry tin can be accessed over a network connection for remote management/back up, including from scripts, using the standard set of APIs, as long every bit the Remote Registry service is running and firewall rules allow this.

Because the registry is a database, it offers improved system integrity with features such as diminutive updates. If 2 processes endeavor to update the aforementioned registry value at the aforementioned fourth dimension, 1 process'southward modify volition precede the other'due south and the overall consistency of the data volition be maintained. Where changes are made to .INI files, such race weather condition tin can result in inconsistent data that does not match either attempted update. Windows Vista and after operating systems provide transactional updates to the registry by means of the Kernel Transaction Manager, extending the atomicity guarantees beyond multiple key and/or value changes, with traditional commit–abort semantics. (Note notwithstanding that NTFS provides such support for the file system as well, so the aforementioned guarantees could, in theory, be obtained with traditional configuration files.)

Structure [edit]

Keys and values [edit]

The registry contains two basic elements: keys and values. Registry keys are container objects similar to folders. Registry values are not-container objects similar to files. Keys may contain values and subkeys. Keys are referenced with a syntax similar to Windows' path names, using backslashes to indicate levels of hierarchy. Keys must have a case insensitive name without backslashes.

The hierarchy of registry keys can just exist accessed from a known root key handle (which is anonymous but whose constructive value is a constant numeric handle) that is mapped to the content of a registry cardinal preloaded by the kernel from a stored "hive", or to the content of a subkey within some other root key, or mapped to a registered service or DLL that provides access to its contained subkeys and values.

E.1000. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows refers to the subkey "Windows" of the subkey "Microsoft" of the subkey "Software" of the HKEY_LOCAL_MACHINE root key.

There are seven predefined root keys, traditionally named according to their constant handles defined in the Win32 API, or by synonymous abbreviations (depending on applications):^[4]

• HKEY_LOCAL_MACHINE or HKLM
• HKEY_CURRENT_CONFIG or HKCC
• HKEY_CLASSES_ROOT or HKCR
• HKEY_CURRENT_USER or HKCU
• HKEY_USERS or HKU
• HKEY_PERFORMANCE_DATA (only in Windows NT, but invisible in the Windows Registry Editor)^[5]
• HKEY_DYN_DATA (only in Windows 9x, and visible in the Windows Registry Editor)

Similar other files and services in Windows, all registry keys may be restricted by access control lists (ACLs), depending on user privileges, or on security tokens acquired by applications, or on system security policies enforced past the system (these restrictions may be predefined past the system itself, and configured by local system administrators or by domain administrators). Different users, programs, services or remote systems may only see some parts of the hierarchy or distinct hierarchies from the aforementioned root keys.

Registry values are name/data pairs stored within keys. Registry values are referenced separately from registry keys. Each registry value stored in a registry key has a unique name whose letter of the alphabet instance is not pregnant. The Windows API functions that query and manipulate registry values take value names separately from the primal path and/or handle that identifies the parent central. Registry values may incorporate backslashes in their names, but doing so makes them hard to distinguish from their key paths when using some legacy Windows Registry API functions (whose usage is deprecated in Win32).

The terminology is somewhat misleading, every bit each registry key is similar to an associative array, where standard terminology would refer to the proper name role of each registry value every bit a "key". The terms are a holdout from the sixteen-bit registry in Windows 3, in which registry keys could not contain arbitrary proper name/data pairs, but rather contained but 1 unnamed value (which had to be a string). In this sense, the Windows 3 registry was similar a single associative array, in which the keys (in the sense of both 'registry cardinal' and 'associative array key') formed a hierarchy, and the registry values were all strings. When the 32-flake registry was created, and then was the additional capability of creating multiple named values per key, and the meanings of the names were somewhat distorted.^[6] For compatibility with the previous behavior, each registry key may have a "default" value, whose proper name is the empty string.

Each value can store arbitrary data with variable length and encoding, merely which is associated with a symbolic type (defined as a numeric constant) defining how to parse this data. The standard types are:^[seven]

List of standard registry value types

Type ID	Symbolic type proper noun	Meaning and encoding of the data stored in the registry value
0	REG_NONE	No type (the stored value, if whatever)
i	REG_SZ	A string value, ordinarily stored and exposed in UTF-16LE (when using the Unicode version of Win32 API functions), normally terminated by a NUL character
2	REG_EXPAND_SZ	An "expandable" string value that can comprise environment variables, ordinarily stored and exposed in UTF-16LE, unremarkably terminated by a NUL character
iii	REG_BINARY	Binary data (any capricious data)
4	REG_DWORD / REG_DWORD_LITTLE_ENDIAN	A DWORD value, a 32-chip unsigned integer (numbers between 0 and 4,294,967,295 [two32 – 1]) (little-endian)
5	REG_DWORD_BIG_ENDIAN	A DWORD value, a 32-scrap unsigned integer (numbers between 0 and 4,294,967,295 [232 – 1]) (large-endian)
half-dozen	REG_LINK	A symbolic link (UNICODE) to another registry key, specifying a root cardinal and the path to the target cardinal
seven	REG_MULTI_SZ	A multi-string value, which is an ordered list of non-empty strings, normally stored and exposed in Unicode, each one terminated past a null character, the list being normally terminated by a second goose egg character.[eight]
eight	REG_RESOURCE_LIST	A resource list (used by the Plug-north-Play hardware enumeration and configuration)
9	REG_FULL_RESOURCE_DESCRIPTOR	A resources descriptor (used by the Plug-n-Play hardware enumeration and configuration)
ten	REG_RESOURCE_REQUIREMENTS_LIST	A resource requirements list (used by the Plug-n-Play hardware enumeration and configuration)
11	REG_QWORD / REG_QWORD_LITTLE_ENDIAN	A QWORD value, a 64-chip integer (either big- or little-endian, or unspecified) (introduced in Windows 2000)[9]

Root keys [edit]

The keys at the root level of the hierarchical database are by and large named past their Windows API definitions, which all brainstorm "HKEY".^[2] They are frequently abbreviated to a three- or four-letter of the alphabet short name starting with "HK" (due east.thou. HKCU and HKLM). Technically, they are predefined handles (with known constant values) to specific keys that are either maintained in memory, or stored in hive files stored in the local filesystem and loaded by the organisation kernel at kick time and then shared (with various access rights) betwixt all processes running on the local organization, or loaded and mapped in all processes started in a user session when the user logs on the system.

The HKEY_LOCAL_MACHINE (local machine-specific configuration data) and HKEY_CURRENT_USER (user-specific configuration data) nodes accept a similar structure to each other; user applications typically look up their settings by first checking for them in "HKEY_CURRENT_USER\Software\Vendor's proper name\Application'south name\Version\Setting proper name", and if the setting is non found, look instead in the aforementioned location under the HKEY_LOCAL_MACHINE key^{[ citation needed ]}. However, the converse may apply for administrator-enforced policy settings where HKLM may take precedence over HKCU. The Windows Logo Plan has specific requirements for where dissimilar types of user data may be stored, and that the concept of to the lowest degree privilege be followed and then that administrator-level access is not required to use an application.^{[a] [10]}

HKEY_LOCAL_MACHINE (HKLM) [edit]

Abbreviated HKLM, HKEY_LOCAL_MACHINE stores settings that are specific to the local calculator.^[11]

The key located by HKLM is actually not stored on disk, but maintained in memory by the system kernel in order to map all the other subkeys. Applications cannot create whatever additional subkeys. On Windows NT, this key contains four subkeys, "SAM", "SECURITY", "SYSTEM", and "SOFTWARE", that are loaded at kick time within their respective files located in the %SystemRoot%\System32\config folder. A fifth subkey, "HARDWARE", is volatile and is created dynamically, and as such is not stored in a file (it exposes a view of all the currently detected Plug-and-Play devices). On Windows Vista and above, a sixth and seventh subkey, "COMPONENTS" and "BCD", are mapped in retentiveness by the kernel on-demand and loaded from %SystemRoot%\system32\config\COMPONENTS or from boot configuration data, \boot\BCD on the system division.

• The "HKLM\SAM" key normally appears every bit empty for most users (unless they are granted access by administrators of the local arrangement or administrators of domains managing the local system). It is used to reference all "Security Accounts Manager" (SAM) databases for all domains into which the local arrangement has been administratively authorized or configured (including the local domain of the running organisation, whose SAM database is stored in a subkey also named "SAM": other subkeys will be created as needed, i for each supplementary domain). Each SAM database contains all builtin accounts (by and large grouping aliases) and configured accounts (users, groups and their aliases, including guest accounts and administrator accounts) created and configured on the respective domain, for each business relationship in that domain, it notably contains the user name which tin can be used to log on that domain, the internal unique user identifier in the domain, a cryptographic hash of each user's countersign for each enabled authentication protocol, the location of storage of their user registry hive, various status flags (for example if the account can exist enumerated and exist visible in the logon prompt screen), and the listing of domains (including the local domain) into which the business relationship was configured.
• The "HKLM\SECURITY" key usually appears empty for virtually users (unless they are granted access past users with administrative privileges) and is linked to the Security database of the domain into which the electric current user is logged on (if the user is logged on the local organisation domain, this key will be linked to the registry hive stored by the local car and managed by local organisation administrators or by the builtin "System" business relationship and Windows installers). The kernel will access it to read and enforce the security policy applicable to the current user and all applications or operations executed past this user. It also contains a "SAM" subkey which is dynamically linked to the SAM database of the domain onto which the current user is logged on.
• The "HKLM\SYSTEM" key is normally merely writable past users with authoritative privileges on the local arrangement. It contains information near the Windows system setup, information for the secure random number generator (RNG), the listing of currently mounted devices containing a filesystem, several numbered "HKLM\SYSTEM\Control Sets" containing alternative configurations for system hardware drivers and services running on the local system (including the currently used ane and a backup), a "HKLM\SYSTEM\Select" subkey containing the status of these Control Sets, and a "HKLM\Arrangement\CurrentControlSet" which is dynamically linked at boot time to the Command Set which is currently used on the local organisation. Each configured Control Set contains:
  • an "Enum" subkey enumerating all known Plug-and-Play devices and associating them with installed organization drivers (and storing the device-specific configurations of these drivers),
  • a "Services" subkey listing all installed system drivers (with non device-specific configuration, and the enumeration of devices for which they are instantiated) and all programs running as services (how and when they can be automatically started),
  • a "Control" subkey organizing the various hardware drivers and programs running equally services and all other system-wide configuration,
  • a "Hardware Profiles" subkey enumerating the various profiles that have been tuned (each ane with "System" or "Software" settings used to modify the default profile, either in system drivers and services or in the applications) too equally the "Hardware Profiles\Current" subkey which is dynamically linked to ane of these profiles.
• The "HKLM\SOFTWARE" subkey contains software and Windows settings (in the default hardware contour). Information technology is more often than not modified past application and system installers. It is organized by software vendor (with a subkey for each), just too contains a "Windows" subkey for some settings of the Windows user interface, a "Classes" subkey containing all registered associations from file extensions, MIME types, Object Classes IDs and interfaces IDs (for OLE, COM/DCOM and ActiveX), to the installed applications or DLLs that may be treatment these types on the local car (however these associations are configurable for each user, see beneath), and a "Policies" subkey (too organized by vendor) for enforcing general usage policies on applications and system services (including the central certificates store used for authenticating, authorizing or disallowing remote systems or services running exterior the local network domain).
• The "HKLM\SOFTWARE\Wow6432Node" primal is used by 32-bit applications on a 64-scrap Windows OS, and is equivalent to but separate from "HKLM\SOFTWARE". The key path is transparently presented to 32-bit applications past WoW64 as HKLM\SOFTWARE^[12] (in a similar manner that 32-bit applications run across %SystemRoot%\Syswow64 as %SystemRoot%\System32)

HKEY_CLASSES_ROOT (HKCR) [edit]

Abbreviated HKCR, HKEY_CLASSES_ROOT contains information most registered applications, such as file associations and OLE Object Class IDs, tying them to the applications used to handle these items. On Windows 2000 and in a higher place, HKCR is a compilation of user-based HKCU\Software\Classes and motorcar-based HKLM\Software\Classes. If a given value exists in both of the subkeys above, the i in HKCU\Software\Classes takes precedence.^[thirteen] The design allows for either automobile- or user-specific registration of COM objects.

HKEY_USERS (HKU) [edit]

Abbreviated HKU, HKEY_USERS contains subkeys corresponding to the HKEY_CURRENT_USER keys for each user contour actively loaded on the automobile, though user hives are commonly only loaded for currently logged-in users.

HKEY_CURRENT_USER (HKCU) [edit]

Abbreviated HKCU, HKEY_CURRENT_USER stores settings that are specific to the currently logged-in user.^[14] The HKEY_CURRENT_USER key is a link to the subkey of HKEY_USERS that corresponds to the user; the same data is accessible in both locations. The specific subkey referenced is "(HKU)\(SID)\..." where (SID) corresponds to the Windows SID; if the "(HKCU)" primal has the post-obit suffix "(HKCU)\Software\Classes\..." then it corresponds to "(HKU)\(SID)_CLASSES\..." i.east. the suffix has the string "_CLASSES" is appended to the (SID).

On Windows NT systems, each user'south settings are stored in their own files called NTUSER.DAT and USRCLASS.DAT inside their own Documents and Settings subfolder (or their own Users sub binder in Windows Vista and higher up). Settings in this hive follow users with a roaming contour from machine to machine.

HKEY_PERFORMANCE_DATA [edit]

This primal provides runtime data into functioning data provided past either the NT kernel itself, or running system drivers, programs and services that provide performance information. This fundamental is not stored in any hive and not displayed in the Registry Editor, but it is visible through the registry functions in the Windows API, or in a simplified view via the Performance tab of the Task Manager (simply for a few performance data on the local organisation) or via more advanced control panels (such as the Performances Monitor or the Performances Analyzer which allows collecting and logging these data, including from remote systems).

HKEY_DYN_DATA [edit]

This central is used only on Windows 95, Windows 98 and Windows ME.^[15] Information technology contains data most hardware devices, including Plug and Play and network performance statistics. The information in this hive is besides not stored on the difficult drive. The Plug and Play information is gathered and configured at startup and is stored in memory.^[16]

Hives [edit]

Even though the registry presents itself equally an integrated hierarchical database, branches of the registry are actually stored in a number of disk files chosen hives.^[17] (The discussion hive constitutes an in-joke.)^[18]

Some hives are volatile and are not stored on disk at all. An instance of this is the hive of the co-operative starting at HKLM\HARDWARE. This hive records data about organization hardware and is created each time the system boots and performs hardware detection.

Individual settings for users on a system are stored in a hive (disk file) per user. During user login, the arrangement loads the user hive nether the HKEY_USERS central and sets the HKCU (HKEY_CURRENT_USER) symbolic reference to point to the electric current user. This allows applications to shop/think settings for the current user implicitly under the HKCU primal.

Non all hives are loaded at any ane time. At kicking time, only a minimal set up of hives are loaded, and after that, hives are loaded equally the operating organisation initializes and as users log in or whenever a hive is explicitly loaded by an application.

File locations [edit]

The registry is physically stored in several files, which are generally obfuscated from the user-mode APIs used to dispense the data within the registry. Depending upon the version of Windows, there volition exist dissimilar files and unlike locations for these files, simply they are all on the local machine. The location for arrangement registry files in Windows NT is %SystemRoot%\System32\Config; the user-specific HKEY_CURRENT_USER user registry hive is stored in Ntuser.dat within the user profile. There is one of these per user; if a user has a roaming profile, so this file will be copied to and from a server at logout and login respectively. A second user-specific registry file named UsrClass.dat contains COM registry entries and does not roam by default.

Windows NT [edit]

Windows NT systems store the registry in a binary file format which tin be exported, loaded and unloaded by the Registry Editor in these operating systems. The following system registry files are stored in %SystemRoot%\System32\Config\:

• Sam – HKEY_LOCAL_MACHINE\SAM
• Security – HKEY_LOCAL_MACHINE\SECURITY
• Software – HKEY_LOCAL_MACHINE\SOFTWARE
• System – HKEY_LOCAL_MACHINE\Arrangement
• Default – HKEY_USERS\.DEFAULT
• Userdiff – Not associated with a hive. Used only when upgrading operating systems.^[19]

The following file is stored in each user's profile folder:

• %USERPROFILE%\Ntuser.dat – HKEY_USERS\<User SID> (linked to past HKEY_CURRENT_USER)

For Windows 2000, Server 2003 and Windows XP, the post-obit boosted user-specific file is used for file associations and COM information:

• %USERPROFILE%\Local Settings\Application Data\Microsoft\Windows\Usrclass.dat (path is localized) – HKEY_USERS\<User SID>_Classes (HKEY_CURRENT_USER\Software\Classes)

For Windows Vista and after, the path was changed to:

• %USERPROFILE%\AppData\Local\Microsoft\Windows\Usrclass.dat (path is non localized) alias %LocalAppData%\Microsoft\Windows\Usrclass.dat – HKEY_USERS\<User SID>_Classes (HKEY_CURRENT_USER\Software\Classes)

Windows 2000 keeps an alternating copy of the registry hives (.ALT) and attempts to switch to information technology when abuse is detected.^[20] Windows XP and Windows Server 2003 do non maintain a Organization.alt hive because NTLDR on those versions of Windows can process the Arrangement.log file to bring up to date a System hive that has become inconsistent during a shutdown or crash. In addition, the %SystemRoot%\Repair folder contains a copy of the arrangement'southward registry hives that were created after installation and the first successful startup of Windows.

Each registry data file has an associated file with a ".log" extension that acts equally a transaction log that is used to ensure that any interrupted updates tin exist completed upon adjacent startup.^[21] Internally, Registry files are split up into four kB "bins" that contain collections of "cells".^[21]

Windows 9x [edit]

The registry files are stored in the %WINDIR% directory under the names USER.DAT and SYSTEM.DAT with the addition of CLASSES.DAT in Windows ME. Also, each user contour (if profiles are enabled) has its own USER.DAT file which is located in the user's profile directory in %WINDIR%\Profiles\<Username>\.

Windows 3.11 [edit]

The only registry file is chosen REG.DAT and information technology is stored in the %WINDIR% directory.

Windows ten Mobile [edit]

Notation: To access the registry files, the Telephone needs to be ready in a special mode using either:

• WpInternals ( Put the mobile device into flash mode. )
• InterOp Tools ( mount the MainOS Division with MTP. )

If any of to a higher place Methods worked - The Device Registry Files can be institute in the following location:

          {Phone}\EFIESP\Windows\System32\config        

Notation: InterOp Tools also includes a registry editor.

Editing [edit]

Registry editors [edit]

The registry contains important configuration information for the operating system, for installed applications as well as private settings for each user and application. A careless change to the operating system configuration in the registry could cause irreversible harm, so it is usually only installer programs which perform changes to the registry database during installation/configuration and removal. If a user wants to edit the registry manually, Microsoft recommends that a backup of the registry be performed before the alter.^[22] When a program is removed from control panel, it may not exist completely removed and, in case of errors or glitches acquired past references to missing programs, the user might take to manually cheque inside directories such as programme files. After this, the user might demand to manually remove any reference to the uninstalled program in the registry. This is usually washed by using RegEdit.exe.^[23] Editing the registry is sometimes necessary when working around Windows-specific issues e.g. problems when logging onto a domain can be resolved by editing the registry.^[24]

Windows Registry tin be edited manually using programs such as RegEdit.exe, although these tools do non expose some of the registry's metadata such as the last modified date.

The registry editor for the 3.1/95 series of operating systems is RegEdit.exe and for Windows NT it is RegEdt32.exe; the functionalities are merged in Windows XP. Optional and/or third-party tools like to RegEdit.exe are available for many Windows CE versions.

Registry Editor allows users to perform the post-obit functions:

• Creating, manipulating, renaming^[25] and deleting registry keys, subkeys, values and value data
• Importing and exporting .REG files, exporting data in the binary hive format
• Loading, manipulating and unloading registry hive format files (Windows NT systems simply)
• Setting permissions based on ACLs (Windows NT systems simply)
• Bookmarking user-selected registry keys as Favorites
• Finding item strings in key names, value names and value data
• Remotely editing the registry on some other networked calculator

.REG files [edit]

.REG files (also known as Registration entries) are text-based human-readable files for exporting and importing portions of the registry using a INI-based syntax. On Windows 2000 and later, they comprise the string Windows Registry Editor Version 5.00 at the kickoff and are Unicode-based. On Windows 9x and NT iv.0 systems, they comprise the string REGEDIT4 and are ANSI-based.^[26] Windows 9x format .REG files are compatible with Windows 2000 and later. The Registry Editor on Windows on these systems also supports exporting .REG files in Windows 9x/NT format. Information is stored in .REG files using the post-obit syntax:^[26]

                        [<Hive proper noun>\<Key proper name>\<Subkey proper noun>]            "Value name"            =            <Value type>:<Value data>          

The Default Value of a cardinal can be edited by using "@" instead of "Value Name":

                        [<Hive name>\<Central name>\<Subkey name>]            @            =            <Value type>:<Value information>          

String values practise not require a <Value type> (see example), just backslashes ('\') need to exist written every bit a double-backslash ('\\'), and quotes ('"') as backslash-quote ('\"').

For example, to add the values "Value A", "Value B", "Value C", "Value D", "Value Due east", "Value F", "Value Chiliad", "Value H", "Value I", "Value J", "Value K", "Value L", and "Value M" to the HKLM\SOFTWARE\Foobar key:

            Windows Registry Editor Version five.00            [            HKEY_LOCAL_MACHINE            \SOFTWARE\Foobar]            "Value A"            =            "<String value information with escape characters>"            "Value B"            =            hex:<Binary data (every bit comma-delimited listing of hexadecimal values)>            "Value C"            =            dword:<DWORD value integer>            "Value D"            =            hex(0):<REG_NONE (as comma-delimited listing of hexadecimal values)>            "Value E"            =            hex(one):<REG_SZ (equally comma-delimited list of hexadecimal values representing a UTF-16LE NUL-terminated string)>            "Value F"            =            hex(2):<Expandable string value data (as comma-delimited list of hexadecimal values representing a UTF-16LE NUL-terminated cord)>            "Value One thousand"            =            hex(3):<Binary data (equally comma-delimited list of hexadecimal values)> ; equal to "Value B"            "Value H"            =            hex(4):<DWORD value (as comma-delimited list of 4 hexadecimal values, in little endian byte order)>            "Value I"            =            hex(5):<DWORD value (as comma-delimited list of 4 hexadecimal values, in big endian byte social club)>            "Value J"            =            hex(7):<Multi-string value data (as comma-delimited list of hexadecimal values representing UTF-16LE NUL-terminated strings)>            "Value K"            =            hex(eight):<REG_RESOURCE_LIST (as comma-delimited list of hexadecimal values)>            "Value L"            =            hex(a):<REG_RESOURCE_REQUIREMENTS_LIST (as comma-delimited list of hexadecimal values)>            "Value M"            =            hex(b):<QWORD value (as comma-delimited list of 8 hexadecimal values, in little endian byte society)>          

Data from .REG files tin be added/merged with the registry by double-clicking these files or using the /s switch in the control line. REG files can too exist used to remove registry data.

To remove a primal (and all subkeys, values and data), the key proper name must be preceded by a minus sign ("-").^[26]

For example, to remove the HKLM\SOFTWARE\Foobar fundamental (and all subkeys, values and data),

                        [            -            HKEY_LOCAL_MACHINE            \SOFTWARE\Foobar]          

To remove a value (and its data), the values to be removed must accept a minus sign ("-") after the equal sign ("=").^[26]

For example, to remove only the "Value A" and "Value B" values (and their data) from the HKLM\SOFTWARE\Foobar key:

                        [            HKEY_LOCAL_MACHINE            \SOFTWARE\Foobar]            "Value A"            =-            "Value B"            =-          

To remove only the Default value of the key HKLM\SOFTWARE\Foobar (and its data):

                        [            HKEY_LOCAL_MACHINE            \SOFTWARE\Foobar]            @            =-          

Lines beginning with a semicolon are considered comments:

                        ; This is a comment. This tin can exist placed in any part of a .reg file            [            HKEY_LOCAL_MACHINE            \SOFTWARE\Foobar]            "Value"            =            "Example cord"          

Grouping policies [edit]

Windows group policies can change registry keys for a number of machines or individual users based on policies. When a policy first takes effect for a machine or for an individual user of a automobile, the registry settings specified every bit part of the policy are applied to the machine or user settings.

Windows will as well look for updated policies and apply them periodically, typically every 90 minutes.^[27]

Through its scope a policy defines which machines and/or users the policy is to exist applied to. Whether a machine or user is within the scope of a policy or not is defined by a gear up of rules which can filter on the location of the automobile or user business relationship in organizational directory, specific users or automobile accounts or security groups. More than advanced rules can be set using Windows Management Instrumentation expressions. Such rules tin filter on properties such as computer vendor proper name, CPU architecture, installed software, or networks continued to.

For instance, the administrator can create a policy with one set of registry settings for machines in the bookkeeping department and policy with some other (lock-downwards) set of registry settings for kiosk terminals in the visitors area. When a auto is moved from one scope to another (e.g. changing its proper name or moving information technology to another organizational unit), the correct policy is automatically applied. When a policy is changed it is automatically re-practical to all machines currently in its scope.

The policy is edited through a number of administrative templates which provides a user interface for picking and irresolute settings. The set of administrative templates is extensible and software packages which support such remote administration tin can register their ain templates.

Command line editing [edit]

reg

Developer(s)	Microsoft
Operating organization	Microsoft Windows
Blazon	Control
License	Proprietary commercial software
Website	docs.microsoft.com/en-us/windows-server/administration/windows-commands/reg

regini

Developer(s)	Microsoft
Operating system	Microsoft Windows
Blazon	Control
License	Proprietary commercial software
Website	docs.microsoft.com/en-us/windows-server/administration/windows-commands/regini

The registry tin can be manipulated in a number of means from the control line. The Reg.exe and RegIni.exe utility tools are included in Windows XP and later versions of Windows. Alternative locations for legacy versions of Windows include the Resource Kit CDs or the original Installation CD of Windows.

As well, a .REG file can be imported from the command line with the following control:

RegEdit.exe /south          file        

The /s means the file will be silent merged to the registry. If the /s parameter is omitted the user will exist asked to confirm the performance. In Windows 98, Windows 95 and at least some configurations of Windows XP the /s switch also causes RegEdit.exe to ignore the setting in the registry that allows administrators to disable it. When using the /southward switch RegEdit.exe does non render an advisable return code if the operation fails, different Reg.exe which does.

RegEdit.exe /e          file        

exports the whole registry in V5 format to a UNICODE .REG file, while any of

RegEdit.exe /eastward          file          HKEY_CLASSES_ROOT[\<key>] RegEdit.exe /eastward          file          HKEY_CURRENT_CONFIG[\<key>] RegEdit.exe /e          file          HKEY_CURRENT_USER[\<key>] RegEdit.exe /e          file          HKEY_LOCAL_MACHINE[\<key>] RegEdit.exe /e          file          HKEY_USERS[\<primal>]        

export the specified (sub)key (which has to be enclosed in quotes if it contains spaces) but.

RegEdit.exe /a          file        

exports the whole registry in V4 format to an ANSI .REG file.

RegEdit.exe /a          file          <primal>        

exports the specified (sub)key (which has to be enclosed in quotes if it contains spaces) only.

It is also possible to use Reg.exe. Hither is a sample to brandish the value of the registry value Version:

                        Reg.exe            QUERY            HKLM\Software\Microsoft\ResKit            /v            Version          

Other command line options include a VBScript or JScript together with CScript, WMI or WMIC.exe and Windows PowerShell.

Registry permissions can be manipulated through the command line using RegIni.exe and the SubInACL.exe tool. For example, the permissions on the HKEY_LOCAL_MACHINE\SOFTWARE key tin can be displayed using:

                        SubInACL.exe            /keyreg            HKEY_LOCAL_MACHINE\SOFTWARE            /display          

PowerShell commands and scripts [edit]

Using PowerShell to navigate the registry

Windows PowerShell comes with a registry provider which presents the registry every bit a location type similar to the file system. The same commands used to manipulate files and directories in the file organisation tin can be used to dispense keys and values of the registry.^[28]

Also like the file arrangement, PowerShell uses the concept of a current location which defines the context on which commands past default operate. The Get-ChildItem (also bachelor through the aliases ls, dir or gci) retrieves the child keys of the electric current location. By using the Set up-Location (or the allonym cd) control the user tin can change the current location to another primal of the registry.^[28] Commands which rename items, remove items, create new items or set up content of items or backdrop can be used to rename keys, remove keys or unabridged sub-trees or change values.

Through PowerShell scripts files, an administrator tin set scripts which, when executed, make changes to the registry. Such scripts tin can exist distributed to administrators who tin can execute them on individual machines. The PowerShell Registry provider supports transactions, i.e. multiple changes to the registry can exist bundled into a single atomic transaction. An diminutive transaction ensures that either all of the changes are committed to the database, or if the script fails, none of the changes are committed to the database.^{[28] [29]}

Programs or scripts [edit]

The registry can be edited through the APIs of the Advanced Windows 32 Base of operations API Library (advapi32.dll).^[30] List of registry API functions:

• RegCloseKey
• RegConnectRegistry
• RegCreateKey
• RegCreateKeyEx
• RegDeleteKey
• RegDeleteValue
• RegEnumKey
• RegEnumKeyEx
• RegEnumValue
• RegFlushKey
• RegGetKeySecurity
• RegLoadKey
• RegNotifyChangeKeyValue
• RegOpenKey
• RegOpenKeyEx
• RegQueryInfoKey
• RegQueryMultipleValues
• RegQueryValue
• RegQueryValueEx
• RegReplaceKey
• RegRestoreKey
• RegSaveKey
• RegSetKeySecurity
• RegSetValue
• RegSetValueEx
• RegUnLoadKey

Many programming languages offer built-in runtime library functions or classes that wrap the underlying Windows APIs and thereby enable programs to store settings in the registry (e.g. Microsoft.Win32.Registry in VB.NET and C#, or TRegistry in Delphi and Free Pascal). COM-enabled applications like Visual Basic 6 can utilize the WSH WScript.Shell object. Another way is to use the Windows Resources Kit Tool, Reg.exe by executing it from code,^[31] although this is considered poor programming do.

Similarly, scripting languages such as Perl (with Win32::TieRegistry), Python (with winreg), TCL (which comes bundled with the registry packet),^[32] Windows Powershell and Windows Scripting Host likewise enable registry editing from scripts.

Offline editing [edit]

The offreg.dll^[33] available from the Windows Commuter Kit offers a prepare of APIs for the creation and manipulation of currently not loaded registry hives similar to those provided past advapi32.dll.

It is also possible to edit the registry (hives) of an offline system from Windows PE or Linux (in the latter case using open source tools).

COM cocky-registration [edit]

Prior to the introduction of registration-free COM, developers were encouraged to add initialization code to in-procedure and out-of-process binaries to perform the registry configuration required for that object to work. For in-procedure binaries such equally .DLL and .OCX files, the modules typically exported a function called DllInstall()^[34] that could be chosen past installation programs or invoked manually with utilities similar Regsvr32.exe;^[35] out-of-process binaries typically support the commandline arguments /Regserver and /Unregserver that created or deleted the required registry settings.^[36] COM applications that break considering of DLL Hell issues can commonly exist repaired with RegSvr32.exe or the /RegServer switch without having to re-invoke installation programs.^[37]

Avant-garde functionality [edit]

Windows exposes APIs that allows user-manner applications to register to receive a notification event if a item registry key is changed.^[38] APIs are also available to allow kernel-mode applications to filter and alter registry calls made by other applications.^[39]

Windows too supports remote access to the registry of another estimator via the RegConnectRegistry role^[40] if the Remote Registry service is running, correctly configured and its network traffic is not firewalled.^[41]

Security [edit]

Each key in the registry of Windows NT versions can have an associated security descriptor. The security descriptor contains an access control list (ACL) that describes which user groups or private users are granted or denied access permissions. The set up of registry permissions include 10 rights/permissions which tin be explicitly immune or denied to a user or a group of users.

Registry permissions

Permission	Description
Query Value	The right to read the registry key value.
Set up Value	The right to write a new value
Create Subkey	The correct to create subkeys.
Enumerate Subkeys	Allow the enumeration of subkeys.
Notify	The right to request change notifications for registry keys or subkeys.
Create Link	Reserved by the operating system.
Delete	The right to delete a key.
Write DACL	The right to modify permissions of the container's DACL.
Write Owner	The right to modify the container's owner.
Read Control	The correct to read the DACL.

As with other securable objects in the operating arrangement, individual access control entries (ACE) on the security descriptor tin can be explicit or inherited from a parent object.^[42]

Windows Resources Protection is a feature of Windows Vista and subsequently versions of Windows that uses security to deny Administrators and the arrangement WRITE admission to some sensitive keys to protect the integrity of the system from malware and accidental modification.^[43]

Special ACEs on the security descriptor can also implement mandatory integrity control for the registry key and subkeys. A process running at a lower integrity level cannot write, modify or delete a registry key/value, even if the account of the process has otherwise been granted admission through the ACL. For instance, Internet Explorer running in Protected Mode tin can read medium and low integrity registry keys/values of the currently logged on user, merely it tin can only modify low integrity keys.^[44]

Outside security, registry keys cannot be deleted or edited due to other causes. Registry keys containing NUL characters cannot be deleted with standard registry editors and crave a special utility for deletion, such equally RegDelNull.^{[45] [46]}

Backups and recovery [edit]

Different editions of Windows take supported a number of unlike methods to back up and restore the registry over the years, some of which are now deprecated:

• Organization Restore tin can back up the registry and restore information technology as long every bit Windows is bootable, or from the Windows Recovery Surroundings (starting with Windows Vista).
• NTBackup can back up the registry as part of the Organization Land and restore it. Automated System Recovery in Windows XP tin also restore the registry.
• On Windows NT, the Last Known Skilful Configuration selection in startup menu relinks the HKLM\Arrangement\CurrentControlSet central, which stores hardware and device driver data.
• Windows 98 and Windows ME include control line (Scanreg.exe) and GUI (Scanregw.exe) registry checker tools to bank check and gear up the integrity of the registry, create up to v automatic regular backups by default and restore them manually or whenever abuse is detected.^[47] The registry checker tool backs upwardly the registry, by default, to %Windir%\Sysbckup Scanreg.exe can also run from MS-DOS.^[48]
• The Windows 95 CD-ROM included an Emergency Recovery Utility (ERU.exe) and a Configuration Backup Tool (Cfgback.exe) to back up and restore the registry. Additionally Windows 95 backs up the registry to the files arrangement.da0 and user.da0 on every successful kicking.
• Windows NT four.0 included RDISK.EXE, a utility to back up and restore the unabridged registry.^[49]
• Windows 2000 Resources Kit contained an unsupported pair of utilities called Regback.exe and RegRest.exe for backup and recovery of the registry.^[50]
• Periodic automated backups of the registry are at present disabled by default on Windows ten May 2019 Update (version 1903). Microsoft recommends Organization Restore be used instead.^[51]

Policy [edit]

Grouping policy [edit]

Windows 2000 and later versions of Windows use Grouping Policy to enforce registry settings through a registry-specific client extension in the Grouping Policy processing engine.^[52] Policy may be applied locally to a unmarried computer using gpedit.msc, or to multiple users and/or computers in a domain using gpmc.msc.

Legacy systems [edit]

With Windows 95, Windows 98, Windows ME and Windows NT 4.0, administrators tin use a special file to exist merged into the registry, called a policy file (POLICY.POL). The policy file allows administrators to preclude not-administrator users from irresolute registry settings similar, for instance, the security level of Internet Explorer and the desktop groundwork wallpaper. The policy file is primarily used in a business with a large number of computers where the business needs to exist protected from rogue or careless users.

The default extension for the policy file is .Pol. The policy file filters the settings it enforces by user and by group (a "group" is a divers set of users). To do that the policy file merges into the registry, preventing users from circumventing it by just changing back the settings. The policy file is usually distributed through a LAN, but can be placed on the local computer.

The policy file is created past a free tool by Microsoft that goes by the filename poledit.exe for Windows 95/Windows 98 and with a computer management module for Windows NT. The editor requires administrative permissions to exist run on systems that uses permissions. The editor can likewise direct alter the current registry settings of the local computer and if the remote registry service is installed and started on another computer information technology tin can also change the registry on that computer. The policy editor loads the settings information technology can change from .ADM files, of which i is included, that contains the settings the Windows shell provides. The .ADM file is plain text and supports easy localisation by assuasive all the strings to be stored in one identify.

Virtualization [edit]

INI file virtualization [edit]

Windows NT kernels support redirection of INI file-related APIs into a virtual file in a registry location such as HKEY_CURRENT_USER using a characteristic called "InifileMapping".^[53] This functionality was introduced to allow legacy applications written for xvi-chip versions of Windows to be able to run nether Windows NT platforms on which the System folder is no longer considered an advisable location for user-specific data or configuration. Non-compliant 32-fleck applications tin can also be redirected in this manner, even though the feature was originally intended for 16-bit applications.

Registry virtualization [edit]

Windows Vista introduced express registry virtualization, whereby poorly written applications that do not respect the principle of least privilege and instead attempt to write user information to a read-only system location (such as the HKEY_LOCAL_MACHINE hive), are silently redirected to a more appropriate location, without changing the application itself.

Similarly, application virtualization redirects all of an application's invalid registry operations to a location such as a file. Used together with file virtualization, this allows applications to run on a machine without being installed on information technology.

Depression integrity processes may besides utilize registry virtualization. For case, Internet Explorer vii or 8 running in "Protected Style" on Windows Vista and higher up will automatically redirect registry writes by ActiveX controls to a sandboxed location in society to frustrate some classes of security exploits.

The Application Compatibility Toolkit^[54] provides shims that can transparently redirect HKEY_LOCAL_MACHINE or HKEY_CLASSES_ROOT Registry operations to HKEY_CURRENT_USER to accost "LUA" bugs that cause applications not to work for users with insufficient rights.

Disadvantages [edit]

Critics labeled the registry in Windows 95 a single point of failure, because re-installation of the operating organization was required if the registry became decadent.^{[ commendation needed ]} However, Windows NT uses transaction logs to protect against corruption during updates. Current versions of Windows utilise two levels of log files to ensure integrity even in the case of power failure or similar catastrophic events during database updates.^[55] Even in the case of a non-recoverable error, Windows can repair or re-initialize damaged registry entries during arrangement boot.^[55]

Equivalents and alternatives [edit]

In Windows, utilize of the registry for storing program data is a matter of developer's discretion. Microsoft provides programming interfaces for storing data in XML files (via MSXML) or database files (via SQL Server Compact) which developers tin apply instead. Developers are also free to use non-Microsoft alternatives or develop their ain proprietary information stores.

In contrast to Windows Registry's binary-based database model, another operating systems use split up plain-text files for daemon and application configuration, simply grouping these configurations together for ease of management.

• In Unix-like operating systems (including Linux) that follow the Filesystem Hierarchy Standard, system-wide configuration files (information similar to what would announced in HKEY_LOCAL_MACHINE on Windows) are traditionally stored in files in /etc/ and its subdirectories, or sometimes in /usr/local/etc. Per-user information (information that would exist roughly equivalent to that in HKEY_CURRENT_USER) is stored in hidden directories and files (that start with a period/full stop) within the user's dwelling directory. Yet XDG-compliant applications should refer to the environment variables defined in the Base Directory specification.^[56]
• In macOS, organization-broad configuration files are typically stored in the /Library/ folder, whereas per-user configuration files are stored in the corresponding ~/Library/ folder in the user's habitation directory, and configuration files set by the system are in /System/Library/. Inside these respective directories, an awarding typically stores a property list file in the Preferences/ sub-directory.
• RISC Os (not to exist confused with MIPS RISC/os) uses directories for configuration data, which allows applications to be copied into awarding directories, as opposed to the separate installation process that typifies Windows applications; this approach is as well used on the ROX Desktop for Linux.^[57] This directory-based configuration also makes it possible to apply unlike versions of the same application, since the configuration is washed "on the fly".^[58] If one wishes to remove the awarding, it is possible to but delete the binder belonging to the application.^{[59] [sixty]} This will oft not remove configuration settings which are stored independently from the application, unremarkably within the computer'south !Kick construction, in !Kick.Choices or potentially anywhere on a network fileserver. It is possible to copy installed programs between computers running RISC Os past copying the application directories belonging to the programs, however some programs may require re-installing, due east.g. when shared files are placed exterior an application directory.^[58]
• IBM AIX (a Unix variant) uses a registry component chosen Object Data Managing director (ODM). The ODM is used to store information near system and device configuration. An extensive set of tools and utilities provides users with ways of extending, checking, correcting the ODM database. The ODM stores its information in several files, default location is /etc/objrepos.
• The GNOME desktop surroundings uses a registry-like interface called dconf for storing configuration settings for the desktop and applications.
• The Elektra Initiative provides alternative back-ends for various different text configuration files.
• While not an operating system, the Vino compatibility layer, which allows Windows software to run on a Unix-like arrangement, also employs a Windows-like registry as text files in the WINEPREFIX binder: system.reg (HKEY_LOCAL_MACHINE), user.reg (HKEY_CURRENT_USER) and userdef.reg.^[61]

Run into also [edit]

• Registry cleaner
• Application virtualization
• LogParser – SQL-similar querying of various types of log files
• List of Shell Icon Overlay Identifiers
• Ransomware assail that uses Registry

Notes [edit]

1. ^ When applications neglect to execute considering they request more privileges than they require (and are denied those privileges), this is known every bit a limited user application (LUA) issues.

Footnotes [edit]

1. ^ Esposito, Dino (November 2000). "Windows 2000 Registry: Latest Features and APIs Provide the Power to Customize and Extend Your Apps". MSDN Magazine. Microsoft. Archived from the original on April 15, 2003. Retrieved July nineteen, 2007.
2. ^ ^{a b c} "The Arrangement Registry".
3. ^ "Windows 95 Compages Components". www.microsoft.com. Archived from the original on Feb 7, 2008. Retrieved Apr 29, 2008. The post-obit tabular array shows other difficulties or limitations caused past using .INI files that are overcome past using the Registry.
4. ^ Hipson 2002, p. five, 41–43.
5. ^ Richter, Jeffrey; Nasarre, Christophe (2008). Windows Via C/C++ (Fifth ed.). Microsoft Press. ISBN9780735642461 . Retrieved August 28, 2021.
6. ^ Raymond Chen, "Why do registry keys have a default value?"
7. ^ Hipson 2002, pp. 207, 513–514.
8. ^ Hipson 2002, pp. 520–521.
9. ^ Hipson 2002, p. 7.
10. ^ "Designed for Windows XP Awarding Specification". Microsoft. Baronial 20, 2002. Retrieved Apr eight, 2009.
11. ^ "HKEY_LOCAL_MACHINE". Gautam. 2009. Retrieved Apr viii, 2009.
12. ^ "Registry Keys Affected by WOW64 (Windows)". Msdn.microsoft.com. Retrieved April 10, 2014.
13. ^ "Clarification of the Microsoft Windows registry". Retrieved September 25, 2008.
14. ^ "HKEY_CURRENT_USER". Microsoft. 2009. Retrieved April viii, 2009.
15. ^ "Description of the HKEY_DYN_DATA Registry Key in Windows 95, Windows 98, and Windows 98 SE". support.microsoft.com.
16. ^ "A Closer Look at HKEY_DYN_DATA". rinet.ru. Archived from the original on May 9, 2008.
17. ^ "Registry hives". Retrieved July 19, 2007.
18. ^ Chen, Raymond (August 8, 2011). "Why is a registry file called a "hive"?". The Old New Thing. Retrieved July 29, 2011.
19. ^ "Overview of the Windows NT Registry". Retrieved December 2, 2011.
20. ^ "Within the Registry". Retrieved December 28, 2007.
21. ^ ^{a b} Norris, Peter (February 2009). "The Internal Structure of the Windows Registry" (PDF). Cranfield University. Archived from the original (PDF) on May 29, 2009.
22. ^ "Wrong Icons Displayed for .ico Files". November 15, 2009. Retrieved March 31, 2012.
23. ^ "How to Completely Uninstall / Remove a Software Plan in Windows without using 3rd Party Software? - AskVG". www.askvg.com.
24. ^ "You lot may receive a "Stop 0x00000035 NO_MORE_IRP_STACK_LOCATIONS" error bulletin when you lot try to log on to a domain". October nine, 2011. Retrieved March 31, 2012. This page tells the user to edit the registry when resolving the issue.
25. ^ key renaming is implemented as removal and add together while retaining subkeys/values, as the underlying APIs do not support the rename role directly
26. ^ ^{a b c d} "How to add, alter, or delete registry subkeys and values by using a .reg file". support.microsoft.com.
27. ^ "Applying Group Policy". Microsoft.
28. ^ ^{a b c} Payette, Bruce; Siddaway, Richard (2018). Windows PowerShell in Action (Tertiary ed.). Manning Publications. pp. 7–8, 24, 608, 708–710. ISBN9781633430297 . Retrieved Baronial 28, 2021.
29. ^ Warner, Timothy L. (May 2015). Windows PowerShell in 24 Hours, Sams Teach Yourself. Sams Publishing. p. xix, 211. ISBN9780134049359 . Retrieved August 28, 2021.
30. ^ "Reading and Writing Registry Values with Visual Basic". Retrieved July 19, 2007.
31. ^ "REG command in Windows XP". Retrieved July xix, 2007.
32. ^ "registry transmission page – Tcl Bundled Packages". www.tcl.tk . Retrieved December 14, 2017.
33. ^ "Offline Registry Library". Retrieved June 4, 2014.
34. ^ "DllInstall Part". Microsoft. March 7, 2012. Retrieved March 22, 2012.
35. ^ "Regsvr32". Microsoft. Retrieved March 22, 2012.
36. ^ "How to: Register Automation Servers". Microsoft. Retrieved March 22, 2012.
37. ^ "How to re-annals PowerPoint 2000, PowerPoint 2003, PowerPoint 2007 and PowerPoint 2010". Microsoft. January 2012. Retrieved March 22, 2012.
38. ^ "RegNotifyChangeKeyValue function". Microsoft.
39. ^ "Registering for Notifications". Microsoft.
40. ^ "RegConnectRegistry function". Microsoft.
41. ^ "How to Manage Remote Access to the Registry". Microsoft.
42. ^ Gibson, Darril (June 28, 2011). "Chapter four: Securing Access with Permissions". Microsoft Windows security : essentials. Indianapolis, Ind.: Wiley. ISBN978-1-118-01684-8.
43. ^ "Application Compatibility: Windows Resource Protection (WRP)". Microsoft. Retrieved August eight, 2012.
44. ^ Marc Silbey, Peter Brundrett. "Understanding and Working in Protected Way Internet Explorer". Retrieved August 8, 2012.
45. ^ "RegDelNull v1.i". November 1, 2006. Retrieved Baronial viii, 2012.
46. ^ "Unable to delete certain registry keys – Mistake while deleting key". March 23, 2010. Retrieved August 8, 2012. Microsoft Back up page.
47. ^ "Description of the Windows Registry Checker Tool (Scanreg.exe)".
48. ^ "Control-Line Switches for the Registry Checker Tool".
49. ^ "How To Backup, Edit, and Restore the Registry in Windows NT 4.0". back up.microsoft.com.
50. ^ "Technical Reference to the Registry: Related Resources". Microsoft. Retrieved September 9, 2011.
51. ^ "Microsoft Kills Automatic Registry Backups in Windows x". ExtremeTech . Retrieved July 1, 2019.
52. ^ "How Core Group Policy Works". Microsoft. September 2, 2009. Retrieved August 13, 2012.
53. ^ "Chapter 26 – Initialization Files and the Registry". Microsoft. Retrieved March 3, 2008.
54. ^ "Microsoft Application Compatibility Toolkit 5.0". Microsoft. Retrieved July 26, 2008.
55. ^ ^{a b} Ionescu, Mark Russinovich, David A. Solomon, Alex (2012). "Registry Internals". Windows internals (6th ed.). Redmond, Wash.: Microsoft Press. ISBN978-0-7356-4873-9.
56. ^ "XDG Base Directory Specification". standards.freedesktop.org.
57. ^ "Application directories". Archived from the original on May 27, 2012. Retrieved May 17, 2012.
58. ^ ^{a b} "Case Studies Of The Top 132 Annoyances With Operating Systems Other Than RISC OS". Retrieved April 3, 2012. Page from the riscos.com website. Mentioned in points 82 and 104.
59. ^ "RISC OS bout". Retrieved July 19, 2007.
60. ^ "The RISC Os Products Directory". November 2, 2006. Archived from the original on February 19, 2007. Retrieved April 1, 2012.
61. ^ three.ii. Using the Registry and Regedit (Vino User Guide)

References [edit]

• Hipson, Peter (2002). Mastering Windows XP Registry. Wiley. ISBN0-7821-2987-0 . Retrieved August 28, 2021.
• Russinovich, Mark E.; Solomon, David A. (2005). Microsoft Windows Internals (Fourth ed.). Microsoft Press. pp. 183–236. ISBN978-0-7356-1917-3.

External links [edit]

• Windows Registry info & reference in the MSDN Library

Source: https://en.wikipedia.org/wiki/Windows_Registry

Posted by: fikebutial.blogspot.com

Share this post