What Is The Windows Registry

Database for Microsoft Windows

Windows Registry

Registry Editor, the user interface for the registry, in Windows 10
Developer(southward)	Microsoft
Initial release	April six, 1992; 30 years agone  (1992-04-06) with Windows three.ane
Operating system	Microsoft Windows
Platform	IA-32, x86-64 and ARM (and historically December Blastoff, Itanium, MIPS, and PowerPC)
Included with	Microsoft Windows
Type	Hierarchical database
Website	docs.microsoft.com/en-the states/windows/desktop/SysInfo/registry

The Windows Registry is a hierarchical database that stores low-level settings for the Microsoft Windows operating system and for applications that opt to employ the registry. The kernel, device drivers, services, Security Accounts Director, and user interfaces tin can all use the registry. The registry too allows access to counters for profiling organization performance.

In other words, the registry or Windows Registry contains data, settings, options, and other values for programs and hardware installed on all versions of Microsoft Windows operating systems. For example, when a program is installed, a new subkey containing settings such every bit a program's location, its version, and how to start the program, are all added to the Windows Registry.

When introduced with Windows iii.i, the Windows Registry primarily stored configuration information for COM-based components. Windows 95 and Windows NT extended its utilise to rationalize and centralize the data in the profusion of INI files, which held the configurations for individual programs, and were stored at various locations.^{[1] [two]} It is not a requirement for Windows applications to use the Windows Registry. For case, .NET Framework applications utilise XML files for configuration, while portable applications usually keep their configuration files with their executables.

Rationale [edit]

Prior to the Windows Registry, .INI files stored each program'southward settings as a text file or binary file, often located in a shared location that did non provide user-specific settings in a multi-user scenario. Past contrast, the Windows Registry stores all awarding settings in i logical repository (but a number of detached files) and in a standardized form. According to Microsoft, this offers several advantages over .INI files.^{[2] [3]} Since file parsing is done much more than efficiently with a binary format, information technology may be read from or written to more quickly than a text INI file. Furthermore, strongly typed data tin be stored in the registry, as opposed to the text data stored in .INI files. This is a do good when editing keys manually using regedit.exe, the congenital-in Windows Registry Editor. Because user-based registry settings are loaded from a user-specific path rather than from a read-only system location, the registry allows multiple users to share the aforementioned machine, and as well allows programs to work for less privileged users. Backup and restoration is also simplified as the registry can exist accessed over a network connection for remote management/support, including from scripts, using the standard set of APIs, as long as the Remote Registry service is running and firewall rules allow this.

Because the registry is a database, it offers improved system integrity with features such equally diminutive updates. If two processes endeavour to update the aforementioned registry value at the aforementioned time, one process's change will precede the other's and the overall consistency of the data will be maintained. Where changes are made to .INI files, such race conditions can result in inconsistent data that does not match either attempted update. Windows Vista and later operating systems provide transactional updates to the registry by means of the Kernel Transaction Manager, extending the atomicity guarantees across multiple key and/or value changes, with traditional commit–abort semantics. (Note however that NTFS provides such back up for the file system also, then the aforementioned guarantees could, in theory, be obtained with traditional configuration files.)

Structure [edit]

Keys and values [edit]

The registry contains ii basic elements: keys and values. Registry keys are container objects similar to folders. Registry values are non-container objects similar to files. Keys may contain values and subkeys. Keys are referenced with a syntax like to Windows' path names, using backslashes to point levels of hierarchy. Keys must have a case insensitive name without backslashes.

The hierarchy of registry keys tin can but exist accessed from a known root central handle (which is anonymous but whose effective value is a constant numeric handle) that is mapped to the content of a registry key preloaded past the kernel from a stored "hive", or to the content of a subkey within some other root cardinal, or mapped to a registered service or DLL that provides access to its contained subkeys and values.

Due east.one thousand. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows refers to the subkey "Windows" of the subkey "Microsoft" of the subkey "Software" of the HKEY_LOCAL_MACHINE root key.

There are seven predefined root keys, traditionally named co-ordinate to their constant handles defined in the Win32 API, or past synonymous abbreviations (depending on applications):^[4]

• HKEY_LOCAL_MACHINE or HKLM
• HKEY_CURRENT_CONFIG or HKCC
• HKEY_CLASSES_ROOT or HKCR
• HKEY_CURRENT_USER or HKCU
• HKEY_USERS or HKU
• HKEY_PERFORMANCE_DATA (just in Windows NT, but invisible in the Windows Registry Editor)^[5]
• HKEY_DYN_DATA (just in Windows 9x, and visible in the Windows Registry Editor)

Like other files and services in Windows, all registry keys may exist restricted by admission control lists (ACLs), depending on user privileges, or on security tokens acquired by applications, or on system security policies enforced past the arrangement (these restrictions may exist predefined past the system itself, and configured by local system administrators or by domain administrators). Unlike users, programs, services or remote systems may just see some parts of the hierarchy or distinct hierarchies from the same root keys.

Registry values are name/data pairs stored within keys. Registry values are referenced separately from registry keys. Each registry value stored in a registry primal has a unique name whose letter case is not significant. The Windows API functions that query and dispense registry values take value names separately from the primal path and/or handle that identifies the parent key. Registry values may contain backslashes in their names, but doing so makes them difficult to distinguish from their key paths when using some legacy Windows Registry API functions (whose usage is deprecated in Win32).

The terminology is somewhat misleading, as each registry key is similar to an associative array, where standard terminology would refer to the proper noun part of each registry value as a "primal". The terms are a holdout from the sixteen-bit registry in Windows 3, in which registry keys could non contain arbitrary proper name/data pairs, just rather contained only one unnamed value (which had to be a string). In this sense, the Windows 3 registry was similar a single associative array, in which the keys (in the sense of both 'registry central' and 'associative array key') formed a hierarchy, and the registry values were all strings. When the 32-bit registry was created, so was the boosted adequacy of creating multiple named values per key, and the meanings of the names were somewhat distorted.^[6] For compatibility with the previous behavior, each registry key may have a "default" value, whose name is the empty string.

Each value tin shop arbitrary data with variable length and encoding, merely which is associated with a symbolic blazon (defined as a numeric constant) defining how to parse this data. The standard types are:^[7]

Listing of standard registry value types

Type ID	Symbolic type proper name	Significant and encoding of the information stored in the registry value
0	REG_NONE	No type (the stored value, if any)
ane	REG_SZ	A string value, usually stored and exposed in UTF-16LE (when using the Unicode version of Win32 API functions), usually terminated past a NUL character
2	REG_EXPAND_SZ	An "expandable" string value that tin can incorporate surroundings variables, normally stored and exposed in UTF-16LE, normally terminated by a NUL character
3	REG_BINARY	Binary data (whatever arbitrary information)
iv	REG_DWORD / REG_DWORD_LITTLE_ENDIAN	A DWORD value, a 32-bit unsigned integer (numbers betwixt 0 and four,294,967,295 [232 – one]) (little-endian)
v	REG_DWORD_BIG_ENDIAN	A DWORD value, a 32-bit unsigned integer (numbers between 0 and 4,294,967,295 [232 – 1]) (big-endian)
6	REG_LINK	A symbolic link (UNICODE) to another registry key, specifying a root cardinal and the path to the target fundamental
7	REG_MULTI_SZ	A multi-string value, which is an ordered list of non-empty strings, commonly stored and exposed in Unicode, each one terminated by a nothing grapheme, the listing being normally terminated past a 2nd null character.[eight]
8	REG_RESOURCE_LIST	A resource list (used past the Plug-n-Play hardware enumeration and configuration)
9	REG_FULL_RESOURCE_DESCRIPTOR	A resource descriptor (used by the Plug-due north-Play hardware enumeration and configuration)
10	REG_RESOURCE_REQUIREMENTS_LIST	A resource requirements list (used by the Plug-n-Play hardware enumeration and configuration)
eleven	REG_QWORD / REG_QWORD_LITTLE_ENDIAN	A QWORD value, a 64-fleck integer (either big- or little-endian, or unspecified) (introduced in Windows 2000)[nine]

Root keys [edit]

The keys at the root level of the hierarchical database are generally named past their Windows API definitions, which all begin "HKEY".^[2] They are frequently abbreviated to a iii- or four-letter brusk proper name starting with "HK" (east.g. HKCU and HKLM). Technically, they are predefined handles (with known constant values) to specific keys that are either maintained in memory, or stored in hive files stored in the local filesystem and loaded by the organization kernel at kick time and then shared (with various admission rights) between all processes running on the local arrangement, or loaded and mapped in all processes started in a user session when the user logs on the system.

The HKEY_LOCAL_MACHINE (local car-specific configuration data) and HKEY_CURRENT_USER (user-specific configuration data) nodes have a like structure to each other; user applications typically await upwardly their settings by first checking for them in "HKEY_CURRENT_USER\Software\Vendor'south name\Awarding'southward proper name\Version\Setting name", and if the setting is not found, expect instead in the same location under the HKEY_LOCAL_MACHINE key^{[ citation needed ]}. Withal, the converse may utilize for administrator-enforced policy settings where HKLM may take precedence over HKCU. The Windows Logo Plan has specific requirements for where different types of user data may exist stored, and that the concept of least privilege exist followed and so that administrator-level admission is non required to utilize an application.^{[a] [10]}

HKEY_LOCAL_MACHINE (HKLM) [edit]

Abbreviated HKLM, HKEY_LOCAL_MACHINE stores settings that are specific to the local reckoner.^[eleven]

The key located by HKLM is actually not stored on deejay, but maintained in memory by the system kernel in lodge to map all the other subkeys. Applications cannot create any additional subkeys. On Windows NT, this key contains 4 subkeys, "SAM", "SECURITY", "SYSTEM", and "SOFTWARE", that are loaded at boot time inside their corresponding files located in the %SystemRoot%\System32\config folder. A fifth subkey, "HARDWARE", is volatile and is created dynamically, and as such is non stored in a file (it exposes a view of all the currently detected Plug-and-Play devices). On Windows Vista and above, a sixth and seventh subkey, "COMPONENTS" and "BCD", are mapped in memory by the kernel on-demand and loaded from %SystemRoot%\system32\config\COMPONENTS or from kick configuration data, \kicking\BCD on the system partition.

• The "HKLM\SAM" key usually appears equally empty for about users (unless they are granted admission past administrators of the local system or administrators of domains managing the local system). It is used to reference all "Security Accounts Director" (SAM) databases for all domains into which the local system has been administratively authorized or configured (including the local domain of the running system, whose SAM database is stored in a subkey also named "SAM": other subkeys will exist created equally needed, one for each supplementary domain). Each SAM database contains all builtin accounts (mostly group aliases) and configured accounts (users, groups and their aliases, including invitee accounts and administrator accounts) created and configured on the respective domain, for each account in that domain, information technology notably contains the user proper name which can exist used to log on that domain, the internal unique user identifier in the domain, a cryptographic hash of each user'southward password for each enabled hallmark protocol, the location of storage of their user registry hive, various condition flags (for example if the account can be enumerated and be visible in the logon prompt screen), and the listing of domains (including the local domain) into which the account was configured.
• The "HKLM\SECURITY" key ordinarily appears empty for most users (unless they are granted admission by users with administrative privileges) and is linked to the Security database of the domain into which the current user is logged on (if the user is logged on the local system domain, this key volition be linked to the registry hive stored by the local machine and managed by local system administrators or by the builtin "System" business relationship and Windows installers). The kernel will admission it to read and enforce the security policy applicable to the current user and all applications or operations executed past this user. Information technology besides contains a "SAM" subkey which is dynamically linked to the SAM database of the domain onto which the electric current user is logged on.
• The "HKLM\SYSTEM" key is commonly only writable by users with administrative privileges on the local system. Information technology contains information about the Windows system setup, data for the secure random number generator (RNG), the list of currently mounted devices containing a filesystem, several numbered "HKLM\SYSTEM\Command Sets" containing alternative configurations for system hardware drivers and services running on the local system (including the currently used one and a fill-in), a "HKLM\Arrangement\Select" subkey containing the condition of these Control Sets, and a "HKLM\SYSTEM\CurrentControlSet" which is dynamically linked at boot time to the Control Gear up which is currently used on the local system. Each configured Control Set up contains:
  • an "Enum" subkey enumerating all known Plug-and-Play devices and associating them with installed system drivers (and storing the device-specific configurations of these drivers),
  • a "Services" subkey list all installed arrangement drivers (with non device-specific configuration, and the enumeration of devices for which they are instantiated) and all programs running as services (how and when they can exist automatically started),
  • a "Command" subkey organizing the diverse hardware drivers and programs running as services and all other system-wide configuration,
  • a "Hardware Profiles" subkey enumerating the various profiles that accept been tuned (each one with "System" or "Software" settings used to modify the default profile, either in arrangement drivers and services or in the applications) as well every bit the "Hardware Profiles\Current" subkey which is dynamically linked to i of these profiles.
• The "HKLM\SOFTWARE" subkey contains software and Windows settings (in the default hardware profile). It is by and large modified by application and system installers. It is organized by software vendor (with a subkey for each), but also contains a "Windows" subkey for some settings of the Windows user interface, a "Classes" subkey containing all registered associations from file extensions, MIME types, Object Classes IDs and interfaces IDs (for OLE, COM/DCOM and ActiveX), to the installed applications or DLLs that may exist treatment these types on the local motorcar (however these associations are configurable for each user, see below), and a "Policies" subkey (as well organized by vendor) for enforcing general usage policies on applications and system services (including the fundamental certificates store used for authenticating, authorizing or disallowing remote systems or services running exterior the local network domain).
• The "HKLM\SOFTWARE\Wow6432Node" key is used past 32-flake applications on a 64-flake Windows OS, and is equivalent to merely dissever from "HKLM\SOFTWARE". The key path is transparently presented to 32-bit applications past WoW64 every bit HKLM\SOFTWARE^[12] (in a similar manner that 32-chip applications see %SystemRoot%\Syswow64 as %SystemRoot%\System32)

HKEY_CLASSES_ROOT (HKCR) [edit]

Abbreviated HKCR, HKEY_CLASSES_ROOT contains information about registered applications, such every bit file associations and OLE Object Grade IDs, tying them to the applications used to handle these items. On Windows 2000 and above, HKCR is a compilation of user-based HKCU\Software\Classes and auto-based HKLM\Software\Classes. If a given value exists in both of the subkeys above, the one in HKCU\Software\Classes takes precedence.^[xiii] The design allows for either machine- or user-specific registration of COM objects.

HKEY_USERS (HKU) [edit]

Abbreviated HKU, HKEY_USERS contains subkeys corresponding to the HKEY_CURRENT_USER keys for each user profile actively loaded on the machine, though user hives are usually simply loaded for currently logged-in users.

HKEY_CURRENT_USER (HKCU) [edit]

Abbreviated HKCU, HKEY_CURRENT_USER stores settings that are specific to the currently logged-in user.^[14] The HKEY_CURRENT_USER fundamental is a link to the subkey of HKEY_USERS that corresponds to the user; the same information is accessible in both locations. The specific subkey referenced is "(HKU)\(SID)\..." where (SID) corresponds to the Windows SID; if the "(HKCU)" key has the following suffix "(HKCU)\Software\Classes\..." then it corresponds to "(HKU)\(SID)_CLASSES\..." i.eastward. the suffix has the string "_CLASSES" is appended to the (SID).

On Windows NT systems, each user'due south settings are stored in their own files called NTUSER.DAT and USRCLASS.DAT inside their own Documents and Settings subfolder (or their ain Users sub binder in Windows Vista and above). Settings in this hive follow users with a roaming contour from machine to machine.

HKEY_PERFORMANCE_DATA [edit]

This key provides runtime information into performance data provided past either the NT kernel itself, or running system drivers, programs and services that provide operation information. This key is non stored in any hive and non displayed in the Registry Editor, but it is visible through the registry functions in the Windows API, or in a simplified view via the Performance tab of the Task Manager (only for a few performance data on the local system) or via more advanced control panels (such as the Performances Monitor or the Performances Analyzer which allows collecting and logging these data, including from remote systems).

HKEY_DYN_DATA [edit]

This fundamental is used only on Windows 95, Windows 98 and Windows ME.^[15] It contains information about hardware devices, including Plug and Play and network performance statistics. The information in this hive is as well non stored on the difficult bulldoze. The Plug and Play information is gathered and configured at startup and is stored in retentiveness.^[16]

Hives [edit]

Even though the registry presents itself as an integrated hierarchical database, branches of the registry are actually stored in a number of disk files called hives.^[17] (The word hive constitutes an in-joke.)^[18]

Some hives are volatile and are not stored on disk at all. An case of this is the hive of the co-operative starting at HKLM\HARDWARE. This hive records information nigh system hardware and is created each time the system boots and performs hardware detection.

Individual settings for users on a organization are stored in a hive (disk file) per user. During user login, the system loads the user hive nether the HKEY_USERS key and sets the HKCU (HKEY_CURRENT_USER) symbolic reference to point to the current user. This allows applications to store/think settings for the current user implicitly nether the HKCU key.

Not all hives are loaded at any ane time. At boot fourth dimension, just a minimal set of hives are loaded, and after that, hives are loaded every bit the operating organisation initializes and as users log in or whenever a hive is explicitly loaded by an awarding.

File locations [edit]

The registry is physically stored in several files, which are generally obfuscated from the user-mode APIs used to manipulate the data inside the registry. Depending upon the version of Windows, there will be dissimilar files and different locations for these files, simply they are all on the local auto. The location for system registry files in Windows NT is %SystemRoot%\System32\Config; the user-specific HKEY_CURRENT_USER user registry hive is stored in Ntuser.dat inside the user profile. In that location is one of these per user; if a user has a roaming profile, and so this file will be copied to and from a server at logout and login respectively. A second user-specific registry file named UsrClass.dat contains COM registry entries and does not roam by default.

Windows NT [edit]

Windows NT systems store the registry in a binary file format which tin can be exported, loaded and unloaded by the Registry Editor in these operating systems. The following system registry files are stored in %SystemRoot%\System32\Config\:

• Sam – HKEY_LOCAL_MACHINE\SAM
• Security – HKEY_LOCAL_MACHINE\SECURITY
• Software – HKEY_LOCAL_MACHINE\SOFTWARE
• System – HKEY_LOCAL_MACHINE\SYSTEM
• Default – HKEY_USERS\.DEFAULT
• Userdiff – Non associated with a hive. Used merely when upgrading operating systems.^[19]

The following file is stored in each user's contour folder:

• %USERPROFILE%\Ntuser.dat – HKEY_USERS\<User SID> (linked to by HKEY_CURRENT_USER)

For Windows 2000, Server 2003 and Windows XP, the following boosted user-specific file is used for file associations and COM information:

• %USERPROFILE%\Local Settings\Application Data\Microsoft\Windows\Usrclass.dat (path is localized) – HKEY_USERS\<User SID>_Classes (HKEY_CURRENT_USER\Software\Classes)

For Windows Vista and later, the path was changed to:

• %USERPROFILE%\AppData\Local\Microsoft\Windows\Usrclass.dat (path is non localized) allonym %LocalAppData%\Microsoft\Windows\Usrclass.dat – HKEY_USERS\<User SID>_Classes (HKEY_CURRENT_USER\Software\Classes)

Windows 2000 keeps an alternating copy of the registry hives (.ALT) and attempts to switch to it when corruption is detected.^[twenty] Windows XP and Windows Server 2003 do not maintain a System.alt hive because NTLDR on those versions of Windows can process the Arrangement.log file to bring up to date a System hive that has become inconsistent during a shutdown or crash. In addition, the %SystemRoot%\Repair folder contains a copy of the system'south registry hives that were created later installation and the first successful startup of Windows.

Each registry data file has an associated file with a ".log" extension that acts as a transaction log that is used to ensure that whatsoever interrupted updates can be completed upon next startup.^[21] Internally, Registry files are carve up into 4 kB "bins" that contain collections of "cells".^[21]

Windows 9x [edit]

The registry files are stored in the %WINDIR% directory under the names USER.DAT and SYSTEM.DAT with the addition of CLASSES.DAT in Windows ME. Likewise, each user profile (if profiles are enabled) has its own USER.DAT file which is located in the user's contour directory in %WINDIR%\Profiles\<Username>\.

Windows iii.eleven [edit]

The only registry file is called REG.DAT and it is stored in the %WINDIR% directory.

Windows ten Mobile [edit]

Note: To access the registry files, the Phone needs to be set in a special fashion using either:

• WpInternals ( Put the mobile device into flash manner. )
• InterOp Tools ( mount the MainOS Partition with MTP. )

If any of above Methods worked - The Device Registry Files tin exist found in the post-obit location:

          {Telephone}\EFIESP\Windows\System32\config        

Note: InterOp Tools also includes a registry editor.

Editing [edit]

Registry editors [edit]

The registry contains important configuration information for the operating system, for installed applications also as private settings for each user and application. A careless change to the operating system configuration in the registry could cause irreversible damage, so it is usually simply installer programs which perform changes to the registry database during installation/configuration and removal. If a user wants to edit the registry manually, Microsoft recommends that a backup of the registry be performed before the change.^[22] When a program is removed from command panel, it may not be completely removed and, in case of errors or glitches acquired past references to missing programs, the user might take to manually check within directories such equally program files. Afterward this, the user might demand to manually remove any reference to the uninstalled program in the registry. This is usually done by using RegEdit.exe.^[23] Editing the registry is sometimes necessary when working around Windows-specific bug east.g. problems when logging onto a domain can exist resolved past editing the registry.^[24]

Windows Registry can be edited manually using programs such equally RegEdit.exe, although these tools do not betrayal some of the registry's metadata such as the terminal modified date.

The registry editor for the three.1/95 serial of operating systems is RegEdit.exe and for Windows NT it is RegEdt32.exe; the functionalities are merged in Windows XP. Optional and/or third-party tools like to RegEdit.exe are available for many Windows CE versions.

Registry Editor allows users to perform the post-obit functions:

• Creating, manipulating, renaming^[25] and deleting registry keys, subkeys, values and value data
• Importing and exporting .REG files, exporting data in the binary hive format
• Loading, manipulating and unloading registry hive format files (Windows NT systems but)
• Setting permissions based on ACLs (Windows NT systems only)
• Bookmarking user-selected registry keys as Favorites
• Finding particular strings in key names, value names and value information
• Remotely editing the registry on another networked computer

.REG files [edit]

.REG files (also known every bit Registration entries) are text-based human-readable files for exporting and importing portions of the registry using a INI-based syntax. On Windows 2000 and later, they contain the string Windows Registry Editor Version v.00 at the beginning and are Unicode-based. On Windows 9x and NT 4.0 systems, they contain the string REGEDIT4 and are ANSI-based.^[26] Windows 9x format .REG files are compatible with Windows 2000 and later. The Registry Editor on Windows on these systems also supports exporting .REG files in Windows 9x/NT format. Data is stored in .REG files using the following syntax:^[26]

                        [<Hive proper name>\<Key name>\<Subkey name>]            "Value proper name"            =            <Value type>:<Value information>          

The Default Value of a key can be edited by using "@" instead of "Value Name":

                        [<Hive name>\<Key name>\<Subkey proper noun>]            @            =            <Value type>:<Value information>          

String values do non require a <Value type> (meet case), simply backslashes ('\') need to be written as a double-backslash ('\\'), and quotes ('"') equally backslash-quote ('\"').

For example, to add together the values "Value A", "Value B", "Value C", "Value D", "Value Due east", "Value F", "Value G", "Value H", "Value I", "Value J", "Value K", "Value Fifty", and "Value M" to the HKLM\SOFTWARE\Foobar primal:

            Windows Registry Editor Version 5.00            [            HKEY_LOCAL_MACHINE            \SOFTWARE\Foobar]            "Value A"            =            "<String value data with escape characters>"            "Value B"            =            hex:<Binary information (as comma-delimited list of hexadecimal values)>            "Value C"            =            dword:<DWORD value integer>            "Value D"            =            hex(0):<REG_NONE (as comma-delimited list of hexadecimal values)>            "Value Due east"            =            hex(ane):<REG_SZ (as comma-delimited list of hexadecimal values representing a UTF-16LE NUL-terminated cord)>            "Value F"            =            hex(two):<Expandable string value data (as comma-delimited list of hexadecimal values representing a UTF-16LE NUL-terminated string)>            "Value G"            =            hex(iii):<Binary information (as comma-delimited list of hexadecimal values)> ; equal to "Value B"            "Value H"            =            hex(iv):<DWORD value (equally comma-delimited list of 4 hexadecimal values, in picayune endian byte club)>            "Value I"            =            hex(5):<DWORD value (as comma-delimited listing of 4 hexadecimal values, in big endian byte order)>            "Value J"            =            hex(7):<Multi-string value data (as comma-delimited list of hexadecimal values representing UTF-16LE NUL-terminated strings)>            "Value Yard"            =            hex(8):<REG_RESOURCE_LIST (as comma-delimited listing of hexadecimal values)>            "Value L"            =            hex(a):<REG_RESOURCE_REQUIREMENTS_LIST (as comma-delimited list of hexadecimal values)>            "Value Thou"            =            hex(b):<QWORD value (as comma-delimited list of 8 hexadecimal values, in petty endian byte order)>          

Data from .REG files can be added/merged with the registry past double-clicking these files or using the /s switch in the command line. REG files can as well be used to remove registry data.

To remove a key (and all subkeys, values and information), the key name must be preceded by a minus sign ("-").^[26]

For example, to remove the HKLM\SOFTWARE\Foobar key (and all subkeys, values and data),

                        [            -            HKEY_LOCAL_MACHINE            \SOFTWARE\Foobar]          

To remove a value (and its data), the values to be removed must accept a minus sign ("-") later on the equal sign ("=").^[26]

For example, to remove only the "Value A" and "Value B" values (and their information) from the HKLM\SOFTWARE\Foobar cardinal:

                        [            HKEY_LOCAL_MACHINE            \SOFTWARE\Foobar]            "Value A"            =-            "Value B"            =-          

To remove just the Default value of the key HKLM\SOFTWARE\Foobar (and its information):

                        [            HKEY_LOCAL_MACHINE            \SOFTWARE\Foobar]            @            =-          

Lines beginning with a semicolon are considered comments:

                        ; This is a annotate. This can exist placed in any office of a .reg file            [            HKEY_LOCAL_MACHINE            \SOFTWARE\Foobar]            "Value"            =            "Instance string"          

Group policies [edit]

Windows group policies can alter registry keys for a number of machines or individual users based on policies. When a policy commencement takes effect for a auto or for an private user of a machine, the registry settings specified as part of the policy are practical to the automobile or user settings.

Windows will also look for updated policies and utilise them periodically, typically every xc minutes.^[27]

Through its telescopic a policy defines which machines and/or users the policy is to be applied to. Whether a car or user is within the scope of a policy or not is divers by a set of rules which tin can filter on the location of the auto or user account in organizational directory, specific users or automobile accounts or security groups. More than advanced rules can be gear up using Windows Management Instrumentation expressions. Such rules tin filter on backdrop such equally calculator vendor proper noun, CPU architecture, installed software, or networks connected to.

For case, the administrator tin create a policy with one set of registry settings for machines in the accounting section and policy with another (lock-down) fix of registry settings for kiosk terminals in the visitors area. When a machine is moved from ane scope to another (eastward.g. changing its name or moving information technology to another organizational unit), the correct policy is automatically applied. When a policy is changed it is automatically re-applied to all machines currently in its scope.

The policy is edited through a number of authoritative templates which provides a user interface for picking and changing settings. The set up of administrative templates is extensible and software packages which support such remote administration can register their ain templates.

Command line editing [edit]

reg

Developer(south)	Microsoft
Operating organization	Microsoft Windows
Blazon	Command
License	Proprietary commercial software
Website	docs.microsoft.com/en-united states/windows-server/administration/windows-commands/reg

regini

Programmer(south)	Microsoft
Operating system	Microsoft Windows
Type	Command
License	Proprietary commercial software
Website	docs.microsoft.com/en-united states of america/windows-server/administration/windows-commands/regini

The registry tin can be manipulated in a number of ways from the control line. The Reg.exe and RegIni.exe utility tools are included in Windows XP and later versions of Windows. Culling locations for legacy versions of Windows include the Resources Kit CDs or the original Installation CD of Windows.

As well, a .REG file can be imported from the command line with the following command:

RegEdit.exe /due south          file        

The /south means the file will be silent merged to the registry. If the /due south parameter is omitted the user will be asked to confirm the operation. In Windows 98, Windows 95 and at least some configurations of Windows XP the /s switch also causes RegEdit.exe to ignore the setting in the registry that allows administrators to disable it. When using the /s switch RegEdit.exe does non return an appropriate return code if the operation fails, unlike Reg.exe which does.

RegEdit.exe /e          file        

exports the whole registry in V5 format to a UNICODE .REG file, while any of

RegEdit.exe /e          file          HKEY_CLASSES_ROOT[\<key>] RegEdit.exe /e          file          HKEY_CURRENT_CONFIG[\<key>] RegEdit.exe /e          file          HKEY_CURRENT_USER[\<cardinal>] RegEdit.exe /east          file          HKEY_LOCAL_MACHINE[\<fundamental>] RegEdit.exe /east          file          HKEY_USERS[\<primal>]        

export the specified (sub)key (which has to be enclosed in quotes if it contains spaces) only.

RegEdit.exe /a          file        

exports the whole registry in V4 format to an ANSI .REG file.

RegEdit.exe /a          file          <key>        

exports the specified (sub)central (which has to exist enclosed in quotes if information technology contains spaces) only.

It is also possible to use Reg.exe. Hither is a sample to display the value of the registry value Version:

                        Reg.exe            QUERY            HKLM\Software\Microsoft\ResKit            /v            Version          

Other command line options include a VBScript or JScript together with CScript, WMI or WMIC.exe and Windows PowerShell.

Registry permissions tin can exist manipulated through the command line using RegIni.exe and the SubInACL.exe tool. For instance, the permissions on the HKEY_LOCAL_MACHINE\SOFTWARE central tin can exist displayed using:

                        SubInACL.exe            /keyreg            HKEY_LOCAL_MACHINE\SOFTWARE            /display          

PowerShell commands and scripts [edit]

Using PowerShell to navigate the registry

Windows PowerShell comes with a registry provider which presents the registry as a location blazon similar to the file system. The same commands used to manipulate files and directories in the file system tin exist used to dispense keys and values of the registry.^[28]

Also like the file system, PowerShell uses the concept of a electric current location which defines the context on which commands past default operate. The Get-ChildItem (also bachelor through the aliases ls, dir or gci) retrieves the child keys of the current location. By using the Set-Location (or the alias cd) command the user can change the current location to some other key of the registry.^[28] Commands which rename items, remove items, create new items or ready content of items or properties tin can be used to rename keys, remove keys or entire sub-trees or change values.

Through PowerShell scripts files, an ambassador can prepare scripts which, when executed, make changes to the registry. Such scripts tin can be distributed to administrators who can execute them on individual machines. The PowerShell Registry provider supports transactions, i.east. multiple changes to the registry tin be bundled into a single atomic transaction. An atomic transaction ensures that either all of the changes are committed to the database, or if the script fails, none of the changes are committed to the database.^{[28] [29]}

Programs or scripts [edit]

The registry can be edited through the APIs of the Advanced Windows 32 Base API Library (advapi32.dll).^[30] List of registry API functions:

• RegCloseKey
• RegConnectRegistry
• RegCreateKey
• RegCreateKeyEx
• RegDeleteKey
• RegDeleteValue
• RegEnumKey
• RegEnumKeyEx
• RegEnumValue
• RegFlushKey
• RegGetKeySecurity
• RegLoadKey
• RegNotifyChangeKeyValue
• RegOpenKey
• RegOpenKeyEx
• RegQueryInfoKey
• RegQueryMultipleValues
• RegQueryValue
• RegQueryValueEx
• RegReplaceKey
• RegRestoreKey
• RegSaveKey
• RegSetKeySecurity
• RegSetValue
• RegSetValueEx
• RegUnLoadKey

Many programming languages offer built-in runtime library functions or classes that wrap the underlying Windows APIs and thereby enable programs to store settings in the registry (eastward.thousand. Microsoft.Win32.Registry in VB.Net and C#, or TRegistry in Delphi and Free Pascal). COM-enabled applications like Visual Basic 6 can use the WSH WScript.Shell object. Another way is to use the Windows Resource Kit Tool, Reg.exe by executing it from lawmaking,^[31] although this is considered poor programming practice.

Similarly, scripting languages such as Perl (with Win32::TieRegistry), Python (with winreg), TCL (which comes bundled with the registry package),^[32] Windows Powershell and Windows Scripting Host also enable registry editing from scripts.

Offline editing [edit]

The offreg.dll^[33] bachelor from the Windows Commuter Kit offers a set of APIs for the cosmos and manipulation of currently non loaded registry hives like to those provided by advapi32.dll.

Information technology is also possible to edit the registry (hives) of an offline system from Windows PE or Linux (in the latter case using open up source tools).

COM cocky-registration [edit]

Prior to the introduction of registration-free COM, developers were encouraged to add initialization lawmaking to in-procedure and out-of-process binaries to perform the registry configuration required for that object to work. For in-process binaries such as .DLL and .OCX files, the modules typically exported a part called DllInstall()^[34] that could exist called past installation programs or invoked manually with utilities like Regsvr32.exe;^[35] out-of-process binaries typically support the commandline arguments /Regserver and /Unregserver that created or deleted the required registry settings.^[36] COM applications that suspension because of DLL Hell problems tin can usually be repaired with RegSvr32.exe or the /RegServer switch without having to re-invoke installation programs.^[37]

Advanced functionality [edit]

Windows exposes APIs that allows user-fashion applications to register to receive a notification event if a particular registry fundamental is changed.^[38] APIs are also available to allow kernel-mode applications to filter and modify registry calls made by other applications.^[39]

Windows also supports remote access to the registry of another calculator via the RegConnectRegistry function^[twoscore] if the Remote Registry service is running, correctly configured and its network traffic is non firewalled.^[41]

Security [edit]

Each central in the registry of Windows NT versions can have an associated security descriptor. The security descriptor contains an access control list (ACL) that describes which user groups or individual users are granted or denied admission permissions. The set up of registry permissions include 10 rights/permissions which can be explicitly immune or denied to a user or a grouping of users.

Registry permissions

Permission	Clarification
Query Value	The correct to read the registry key value.
Gear up Value	The right to write a new value
Create Subkey	The right to create subkeys.
Enumerate Subkeys	Allow the enumeration of subkeys.
Notify	The right to request change notifications for registry keys or subkeys.
Create Link	Reserved past the operating organisation.
Delete	The right to delete a key.
Write DACL	The right to modify permissions of the container'south DACL.
Write Owner	The right to modify the container's owner.
Read Control	The correct to read the DACL.

As with other securable objects in the operating system, individual access control entries (ACE) on the security descriptor tin exist explicit or inherited from a parent object.^[42]

Windows Resource Protection is a feature of Windows Vista and later versions of Windows that uses security to deny Administrators and the system WRITE access to some sensitive keys to protect the integrity of the system from malware and accidental modification.^[43]

Special ACEs on the security descriptor tin also implement mandatory integrity command for the registry key and subkeys. A process running at a lower integrity level cannot write, modify or delete a registry primal/value, even if the account of the process has otherwise been granted access through the ACL. For instance, Internet Explorer running in Protected Mode tin read medium and depression integrity registry keys/values of the currently logged on user, but it can merely modify depression integrity keys.^[44]

Outside security, registry keys cannot be deleted or edited due to other causes. Registry keys containing NUL characters cannot be deleted with standard registry editors and require a special utility for deletion, such every bit RegDelNull.^{[45] [46]}

Backups and recovery [edit]

Dissimilar editions of Windows have supported a number of different methods to dorsum upwards and restore the registry over the years, some of which are now deprecated:

• Arrangement Restore tin can support the registry and restore information technology as long as Windows is bootable, or from the Windows Recovery Environment (starting with Windows Vista).
• NTBackup can dorsum up the registry as part of the Arrangement State and restore information technology. Automated System Recovery in Windows XP tin can also restore the registry.
• On Windows NT, the Last Known Good Configuration option in startup menu relinks the HKLM\Arrangement\CurrentControlSet key, which stores hardware and device driver information.
• Windows 98 and Windows ME include control line (Scanreg.exe) and GUI (Scanregw.exe) registry checker tools to cheque and fix the integrity of the registry, create upward to five automatic regular backups by default and restore them manually or whenever abuse is detected.^[47] The registry checker tool backs up the registry, by default, to %Windir%\Sysbckup Scanreg.exe tin also run from MS-DOS.^[48]
• The Windows 95 CD-ROM included an Emergency Recovery Utility (ERU.exe) and a Configuration Backup Tool (Cfgback.exe) to back upwardly and restore the registry. Additionally Windows 95 backs up the registry to the files arrangement.da0 and user.da0 on every successful boot.
• Windows NT 4.0 included RDISK.EXE, a utility to back upward and restore the entire registry.^[49]
• Windows 2000 Resources Kit contained an unsupported pair of utilities called Regback.exe and RegRest.exe for backup and recovery of the registry.^[50]
• Periodic automatic backups of the registry are now disabled past default on Windows 10 May 2019 Update (version 1903). Microsoft recommends System Restore be used instead.^[51]

Policy [edit]

Group policy [edit]

Windows 2000 and later versions of Windows employ Grouping Policy to enforce registry settings through a registry-specific customer extension in the Group Policy processing engine.^[52] Policy may be practical locally to a unmarried computer using gpedit.msc, or to multiple users and/or computers in a domain using gpmc.msc.

Legacy systems [edit]

With Windows 95, Windows 98, Windows ME and Windows NT 4.0, administrators can use a special file to be merged into the registry, called a policy file (POLICY.POL). The policy file allows administrators to foreclose non-administrator users from changing registry settings similar, for instance, the security level of Cyberspace Explorer and the desktop background wallpaper. The policy file is primarily used in a business with a large number of computers where the business needs to be protected from rogue or devil-may-care users.

The default extension for the policy file is .Political leader. The policy file filters the settings it enforces past user and past group (a "grouping" is a defined prepare of users). To do that the policy file merges into the registry, preventing users from circumventing information technology past simply changing back the settings. The policy file is usually distributed through a LAN, but can be placed on the local calculator.

The policy file is created past a free tool by Microsoft that goes by the filename poledit.exe for Windows 95/Windows 98 and with a reckoner management module for Windows NT. The editor requires administrative permissions to be run on systems that uses permissions. The editor tin can as well direct change the current registry settings of the local computer and if the remote registry service is installed and started on another computer information technology can as well change the registry on that estimator. The policy editor loads the settings information technology tin can change from .ADM files, of which one is included, that contains the settings the Windows beat provides. The .ADM file is apparently text and supports piece of cake localisation by allowing all the strings to be stored in i place.

Virtualization [edit]

INI file virtualization [edit]

Windows NT kernels support redirection of INI file-related APIs into a virtual file in a registry location such as HKEY_CURRENT_USER using a feature called "InifileMapping".^[53] This functionality was introduced to allow legacy applications written for 16-flake versions of Windows to be able to run under Windows NT platforms on which the System binder is no longer considered an appropriate location for user-specific data or configuration. Non-compliant 32-fleck applications can also be redirected in this manner, even though the characteristic was originally intended for xvi-scrap applications.

Registry virtualization [edit]

Windows Vista introduced limited registry virtualization, whereby poorly written applications that practise not respect the principle of least privilege and instead endeavor to write user data to a read-only arrangement location (such as the HKEY_LOCAL_MACHINE hive), are silently redirected to a more than appropriate location, without changing the application itself.

Similarly, application virtualization redirects all of an application's invalid registry operations to a location such equally a file. Used together with file virtualization, this allows applications to run on a machine without being installed on information technology.

Low integrity processes may also use registry virtualization. For instance, Cyberspace Explorer 7 or viii running in "Protected Manner" on Windows Vista and above will automatically redirect registry writes by ActiveX controls to a sandboxed location in order to frustrate some classes of security exploits.

The Application Compatibility Toolkit^[54] provides shims that can transparently redirect HKEY_LOCAL_MACHINE or HKEY_CLASSES_ROOT Registry operations to HKEY_CURRENT_USER to accost "LUA" bugs that cause applications not to work for users with bereft rights.

Disadvantages [edit]

Critics labeled the registry in Windows 95 a single point of failure, because re-installation of the operating system was required if the registry became decadent.^{[ citation needed ]} However, Windows NT uses transaction logs to protect confronting corruption during updates. Current versions of Windows employ ii levels of log files to ensure integrity even in the example of power failure or similar catastrophic events during database updates.^[55] Fifty-fifty in the example of a non-recoverable error, Windows tin can repair or re-initialize damaged registry entries during system boot.^[55]

Equivalents and alternatives [edit]

In Windows, use of the registry for storing plan data is a matter of developer'south discretion. Microsoft provides programming interfaces for storing information in XML files (via MSXML) or database files (via SQL Server Compact) which developers can utilize instead. Developers are also free to use not-Microsoft alternatives or develop their own proprietary data stores.

In contrast to Windows Registry'due south binary-based database model, some other operating systems utilise separate apparently-text files for daemon and awarding configuration, merely group these configurations together for ease of direction.

• In Unix-like operating systems (including Linux) that follow the Filesystem Hierarchy Standard, system-wide configuration files (data similar to what would appear in HKEY_LOCAL_MACHINE on Windows) are traditionally stored in files in /etc/ and its subdirectories, or sometimes in /usr/local/etc. Per-user information (information that would be roughly equivalent to that in HKEY_CURRENT_USER) is stored in hidden directories and files (that start with a menstruation/full stop) inside the user's abode directory. Withal XDG-compliant applications should refer to the environment variables defined in the Base Directory specification.^[56]
• In macOS, organisation-wide configuration files are typically stored in the /Library/ binder, whereas per-user configuration files are stored in the corresponding ~/Library/ folder in the user'due south habitation directory, and configuration files prepare by the arrangement are in /System/Library/. Within these corresponding directories, an awarding typically stores a property list file in the Preferences/ sub-directory.
• RISC Bone (not to exist confused with MIPS RISC/os) uses directories for configuration information, which allows applications to be copied into application directories, equally opposed to the separate installation process that typifies Windows applications; this approach is also used on the ROX Desktop for Linux.^[57] This directory-based configuration also makes it possible to use different versions of the same application, since the configuration is washed "on the fly".^[58] If i wishes to remove the application, it is possible to simply delete the folder belonging to the application.^{[59] [60]} This will oftentimes not remove configuration settings which are stored independently from the awarding, usually inside the computer's !Boot structure, in !Boot.Choices or potentially anywhere on a network fileserver. Information technology is possible to re-create installed programs betwixt computers running RISC OS by copying the application directories belonging to the programs, however some programs may crave re-installing, e.1000. when shared files are placed outside an application directory.^[58]
• IBM AIX (a Unix variant) uses a registry component called Object Information Director (ODM). The ODM is used to shop information near organisation and device configuration. An all-encompassing set up of tools and utilities provides users with means of extending, checking, correcting the ODM database. The ODM stores its data in several files, default location is /etc/objrepos.
• The GNOME desktop surroundings uses a registry-similar interface chosen dconf for storing configuration settings for the desktop and applications.
• The Elektra Initiative provides alternative back-ends for various different text configuration files.
• While non an operating system, the Wine compatibility layer, which allows Windows software to run on a Unix-like organization, also employs a Windows-similar registry as text files in the WINEPREFIX folder: system.reg (HKEY_LOCAL_MACHINE), user.reg (HKEY_CURRENT_USER) and userdef.reg.^[61]

See also [edit]

• Registry cleaner
• Application virtualization
• LogParser – SQL-like querying of various types of log files
• List of Shell Icon Overlay Identifiers
• Ransomware assault that uses Registry

Notes [edit]

1. ^ When applications neglect to execute because they request more privileges than they require (and are denied those privileges), this is known as a limited user application (LUA) problems.

Footnotes [edit]

1. ^ Esposito, Dino (November 2000). "Windows 2000 Registry: Latest Features and APIs Provide the Ability to Customize and Extend Your Apps". MSDN Magazine. Microsoft. Archived from the original on April xv, 2003. Retrieved July nineteen, 2007.
2. ^ ^{a b c} "The System Registry".
3. ^ "Windows 95 Architecture Components". www.microsoft.com. Archived from the original on February 7, 2008. Retrieved April 29, 2008. The following table shows other difficulties or limitations caused by using .INI files that are overcome by using the Registry.
4. ^ Hipson 2002, p. v, 41–43.
5. ^ Richter, Jeffrey; Nasarre, Christophe (2008). Windows Via C/C++ (Fifth ed.). Microsoft Press. ISBN9780735642461 . Retrieved August 28, 2021.
6. ^ Raymond Chen, "Why practice registry keys have a default value?"
7. ^ Hipson 2002, pp. 207, 513–514.
8. ^ Hipson 2002, pp. 520–521.
9. ^ Hipson 2002, p. 7.
10. ^ "Designed for Windows XP Awarding Specification". Microsoft. August 20, 2002. Retrieved Apr 8, 2009.
11. ^ "HKEY_LOCAL_MACHINE". Gautam. 2009. Retrieved April 8, 2009.
12. ^ "Registry Keys Affected by WOW64 (Windows)". Msdn.microsoft.com. Retrieved Apr 10, 2014.
13. ^ "Clarification of the Microsoft Windows registry". Retrieved September 25, 2008.
14. ^ "HKEY_CURRENT_USER". Microsoft. 2009. Retrieved Apr 8, 2009.
15. ^ "Description of the HKEY_DYN_DATA Registry Key in Windows 95, Windows 98, and Windows 98 SE". back up.microsoft.com.
16. ^ "A Closer Await at HKEY_DYN_DATA". rinet.ru. Archived from the original on May 9, 2008.
17. ^ "Registry hives". Retrieved July 19, 2007.
18. ^ Chen, Raymond (August 8, 2011). "Why is a registry file chosen a "hive"?". The Sometime New Thing. Retrieved July 29, 2011.
19. ^ "Overview of the Windows NT Registry". Retrieved December ii, 2011.
20. ^ "Inside the Registry". Retrieved December 28, 2007.
21. ^ ^{a b} Norris, Peter (February 2009). "The Internal Structure of the Windows Registry" (PDF). Cranfield University. Archived from the original (PDF) on May 29, 2009.
22. ^ "Incorrect Icons Displayed for .ico Files". November 15, 2009. Retrieved March 31, 2012.
23. ^ "How to Completely Uninstall / Remove a Software Program in Windows without using 3rd Party Software? - AskVG". www.askvg.com.
24. ^ "You may receive a "Cease 0x00000035 NO_MORE_IRP_STACK_LOCATIONS" error message when you attempt to log on to a domain". October ix, 2011. Retrieved March 31, 2012. This page tells the user to edit the registry when resolving the issue.
25. ^ key renaming is implemented as removal and add while retaining subkeys/values, as the underlying APIs do not support the rename function directly
26. ^ ^{a b c d} "How to add, alter, or delete registry subkeys and values past using a .reg file". support.microsoft.com.
27. ^ "Applying Group Policy". Microsoft.
28. ^ ^{a b c} Payette, Bruce; Siddaway, Richard (2018). Windows PowerShell in Action (Third ed.). Manning Publications. pp. seven–8, 24, 608, 708–710. ISBN9781633430297 . Retrieved August 28, 2021.
29. ^ Warner, Timothy L. (May 2015). Windows PowerShell in 24 Hours, Sams Teach Yourself. Sams Publishing. p. 19, 211. ISBN9780134049359 . Retrieved August 28, 2021.
30. ^ "Reading and Writing Registry Values with Visual Basic". Retrieved July 19, 2007.
31. ^ "REG command in Windows XP". Retrieved July xix, 2007.
32. ^ "registry manual page – Tcl Bundled Packages". www.tcl.tk . Retrieved December 14, 2017.
33. ^ "Offline Registry Library". Retrieved June four, 2014.
34. ^ "DllInstall Function". Microsoft. March 7, 2012. Retrieved March 22, 2012.
35. ^ "Regsvr32". Microsoft. Retrieved March 22, 2012.
36. ^ "How to: Register Automation Servers". Microsoft. Retrieved March 22, 2012.
37. ^ "How to re-register PowerPoint 2000, PowerPoint 2003, PowerPoint 2007 and PowerPoint 2010". Microsoft. Jan 2012. Retrieved March 22, 2012.
38. ^ "RegNotifyChangeKeyValue office". Microsoft.
39. ^ "Registering for Notifications". Microsoft.
40. ^ "RegConnectRegistry function". Microsoft.
41. ^ "How to Manage Remote Admission to the Registry". Microsoft.
42. ^ Gibson, Darril (June 28, 2011). "Chapter four: Securing Access with Permissions". Microsoft Windows security : essentials. Indianapolis, Ind.: Wiley. ISBN978-1-118-01684-8.
43. ^ "Application Compatibility: Windows Resources Protection (WRP)". Microsoft. Retrieved August 8, 2012.
44. ^ Marc Silbey, Peter Brundrett. "Understanding and Working in Protected Fashion Internet Explorer". Retrieved August 8, 2012.
45. ^ "RegDelNull v1.1". Nov 1, 2006. Retrieved August 8, 2012.
46. ^ "Unable to delete certain registry keys – Error while deleting key". March 23, 2010. Retrieved August viii, 2012. Microsoft Support page.
47. ^ "Description of the Windows Registry Checker Tool (Scanreg.exe)".
48. ^ "Command-Line Switches for the Registry Checker Tool".
49. ^ "How To Backup, Edit, and Restore the Registry in Windows NT four.0". support.microsoft.com.
50. ^ "Technical Reference to the Registry: Related Resource". Microsoft. Retrieved September nine, 2011.
51. ^ "Microsoft Kills Automatic Registry Backups in Windows ten". ExtremeTech . Retrieved July 1, 2019.
52. ^ "How Core Grouping Policy Works". Microsoft. September 2, 2009. Retrieved August thirteen, 2012.
53. ^ "Chapter 26 – Initialization Files and the Registry". Microsoft. Retrieved March 3, 2008.
54. ^ "Microsoft Application Compatibility Toolkit 5.0". Microsoft. Retrieved July 26, 2008.
55. ^ ^{a b} Ionescu, Mark Russinovich, David A. Solomon, Alex (2012). "Registry Internals". Windows internals (6th ed.). Redmond, Wash.: Microsoft Press. ISBN978-0-7356-4873-9.
56. ^ "XDG Base Directory Specification". standards.freedesktop.org.
57. ^ "Application directories". Archived from the original on May 27, 2012. Retrieved May 17, 2012.
58. ^ ^{a b} "Case Studies Of The Top 132 Annoyances With Operating Systems Other Than RISC OS". Retrieved April iii, 2012. Page from the riscos.com website. Mentioned in points 82 and 104.
59. ^ "RISC OS tour". Retrieved July 19, 2007.
60. ^ "The RISC Bone Products Directory". November ii, 2006. Archived from the original on February 19, 2007. Retrieved April 1, 2012.
61. ^ 3.two. Using the Registry and Regedit (Wine User Guide)

References [edit]

• Hipson, Peter (2002). Mastering Windows XP Registry. Wiley. ISBN0-7821-2987-0 . Retrieved August 28, 2021.
• Russinovich, Mark Due east.; Solomon, David A. (2005). Microsoft Windows Internals (Fourth ed.). Microsoft Printing. pp. 183–236. ISBN978-0-7356-1917-3.

External links [edit]

• Windows Registry info & reference in the MSDN Library

What Is The Windows Registry,

Source: https://en.wikipedia.org/wiki/Windows_Registry

Posted by: burnettspas1983.blogspot.com

Share this post