In this article, we will explain everything about Windows Registry and working on it through the command prompt (CMD). You will learn:
- Switches/parameter description
- Operations that you can use
Before you make any change on the registry, be sure to make a backup of your registry or to the computer. The editing registry is very dangerous and needs to be done by professional users that know what they are doing. As the registry store all settings that system and applications need in order to operate normally, any change on them can break the system.
Check Also:
How to add registry key & values with CMD | PowerShell | Batch
How to Delete Registry Key/value
Understanding registry through command prompt (CMD)
Every administrator used at least once the registry to enable any feature or fix any issue. It’s like a database where the system and the application store settings and configurations. Most users use the Windows interface to access e modify the registry. In this case, we will use reg.exe, which is a command-line tool that allows you to edit the Registry. The reg.exe has the same functionality as the regedit interface (GUI). This can help also people that need to create scripts to play with the registry.
The structure that registry saves items is:
Hives -> Keys -> Values
Hives – The root location for example – HKEY_CURRENT_USER (HKCU)
Keys – Are a sub-entries in order to split and categorize values in several groups
Values – the final entries that the application and system has created that store data
Operations List
Below we will show the list of operations and descriptions of them. To access reg.exe open the command prompt as an administrator:
- Open Start.
- Search for CMD.
- Right-click the result and select Run as administrator.
- To get the list of all operations. type the following command and press Enter:
reg /?
The full list of operations and return codes will appear.
The description of operations and what each does is described at Microsoft:
- Add – The switch to add and edit a subkey or entry to the registry.
- Compare – Compares 2 or more specified registry subkeys or entries/values.
- Copy – Copies a registry entry to a specified location on a local or remote machine.
- Delete – Remove a subkey or values.
- Export – Copies entries and keys of the computer into a specific file in order to transfer to a different computer.
- Import – Copies the contents of a file that we export above to the target computer.
- Load – Writes saved keys and values into a different key in the registry.
- Query – Returns a list of the next tier of keys and values that are located und a specified key in the registry.
- Restore – Writes saved keys and values back to the registry from a saved file.
- Save – Saves a copy of specified keys, entries, and values in a specified file.
- Unload – Removes a section of the registry that was loaded using the REG LOAD
And, the return codes:
- 0 – Successful
- 1 – Failed
You can get help also for a specific operation. For example, if you want to get more help for the Compare operation uses the below command:
REG ADD /?
Default commands of all operations
REG ADD KeyName [/v ValueName | /ve] [/t Type] [/s Separator] [/d Data] [/f] REG DELETE [{/v ValueName | /ve | /va}] [/f] REG COMPARE [{/v ValueName | /ve}] [{/oa | /od | /os | on}] [/s] REG COPY [/s] [/f] REG EXPORT KeyName FileName [/y] REG IMPORT FileName REG LOAD KeyName FileName REG QUERY [{/v | /ve}] [/s] [/se ] [/f ] [{/k | /d}] [/c] [/e] [/t <Type>] [/z] REG RESTORE <KeyName> <FileName> REG SAVE <KeyName> <FileName> [/y] REG UNLOAD <KeyName>Switches description
Parameter | Description | |
<KeyName> | Specifies the full path of the subkey or entry to be added. To specify a remote computer, include the computer name (in the format \\<ComputerName>) as part of the KeyName. Omitting \\ComputerName\ causes the operation to default to the local computer. The KeyName must include a valid root key. Valid root keys for the local computer are: HKLM, HKCU, HKCR, HKU, and HKCC. If a remote computer is specified, valid root keys are: HKLM and HKU. If the registry key name contains a space, enclose the key name in quotes. | |
/v <ValueName> | Specifies the name of the registry entry to be added under the specified subkey. | |
/ve | Specifies that the registry entry that is added to the registry has a null value. | |
/t <Type> | Specifies registry types to search. Valid types are: REG_SZ, REG_MULTI_SZ, REG_EXPAND_SZ, REG_DWORD, REG_BINARY, REG_NONE. If not specified, all types are searched. | |
/s <Separator> | Specifies the character to be used to separate multiple instances of data when the REG_MULTI_SZ data type is specified and more than one entry needs to be listed. If not specified, the default separator is \0. | |
/d <Data> | Specifies the data for the new registry entry. | |
/f | Adds the registry entry without prompting for confirmation. | |
/oa |
|
|
/od | Specifies that only differences are displayed. This is the default behavior. | |
/os | Specifies that only matches are displayed. By default, only the differences are listed. | |
/on | Specifies that nothing is displayed. By default, only the differences are listed. | |
/s | Compares all subkeys and entries recursively. | |
/va | Deletes all entries under the specified subkey. Subkeys under the specified subkey are not deleted. | |
<FileName> | Specifies the name and path of the file to be created during the operation. The file must have a .reg extension. | |
/y | Overwrites any existing file with the name FileName without prompting for confirmation. | |
/se <Separator> | Specifies the single value separator to search for in the value name type REG_MULTI_SZ. If Separator is not specified, \0 is used. | |
/f <Data> | Specifies the data or pattern to search for. Use double quotes if a string contains spaces. If not specified, a wildcard (*) is used as the search pattern. | |
/k | Specifies to search in key names only. | |
/d | Specifies to search in data only. | |
/c | Specifies that the query is case sensitive. By default, queries are not case sensitive. | |
/e | Specifies to return only exact matches. By default, all the matches are returned. | |
/z | Specifies to include the numeric equivalent for the registry type in search results. | |
/? | Displays help for reg <operation> at the command prompt. |
How to edit registry using (CMD)
To edit the registry we will need to use ADD operation but following with the /F switches to overwrite the existing entries. If we don't use the /F switches the command line with asking you to confirm to overwrite. Let's change the value from 1 to 0.reg add HKEY_CURRENT_USER\Software\NewTestKey\ /v TestValue /t REG_DWORD /d 0
That its. The value of entries "TestValue" will change from 1 to 0.
Conclusions:
This is all about to understand the windows registry and to be available to edit the registry using (CMD). We will write and explain different articles real examples to add, edit, or delete keys and entries on the registry using CMD. Stay with US!