Managing the Windows XP, Vista, and Windows 7 Registry from the Command Prompt with Reg.exe

Managing the Windows Registry from the Command Prompt with Reg.exe

The command-line utility reg.exe is a powerful and versatile way to manage the Windows XP, Vista, or Windows 7 Registry. This article discusses Its features and application.

Many will be familiar with the graphical interface tool regedit.exe that is available for editing the Windows Registry. Less familiar, however, is the command-line utility reg.exe that also comes with Windows. This accessory will do anything that regedit.exe can do and has the additional facility of being directly usable in scripts. It is a common tool for system administrators with many computers to manage but can also be useful to the more experienced home PC user. I will discuss some aspects that may be of interest to this latter group. More details can be found at this Microsoft site.

Registry editing is not for everybody but it is not as fearsome an operation as it is sometimes made out to be. Just be sure to follow the iron-clad rule to back up the Registry first before editing. There are many useful tweaks that involve a simple Registry edit and reg.exe provides a way that is simpler and safer in some ways than Regedit. It also provides a way to back up keys or entire hives of the Registry into files that can be stored off the main drive.

Like some other command-line utilities, the reg command is a shell or console that has its own set of sub-commands. A complete command will consist of reg subcommand variables Table I lists these subcommands and some are discussed in more detail in sections that follow. The commands can be carried out on remote networked computers as well as the local computer but I will confine the discussion to operations involving just the local computer.

Subcommand

Function

add

Adds a new subkey or entry to the registry

delete

Deletes a subkey or entries from the registry

query

Displays the data in a subkey or a value

compare

Compares specified registry subkeys or entries

copy

Copies a subkey to another subkey.

save

Saves a copy of specified subkeys, entries, and values of the registry in hive (binary) format

restore

Writes saved subkeys and entries in hive format back to the registry

load

Writes saved subkeys and entries in hive format back to a different subkey

unload

Removes a section of the registry that was loaded using reg load

export

Creates a copy of specified subkeys, entries, and values into a file in REG (text) format

import

Merges a REG file containing exported registry subkeys, entries, and values into the registry

flags

Operations for flags in registry keys (Vista, Windows 7)

Reg add

This command is used to add keys and values to the Registry. The syntax is given by REG ADD KeyName [/v ValueName | /ve] [/t Type] [/s Separator] [/d Data] [/f] Table II explains the entries.

Parameter

Description

KeyName

Complete Registry key name. Uses abbreviations HKCR, HKCU, HKLM, and HKU for root keys

/v ValueName

Adds or changes a value

/ve

Changes a key's default value

/t Type

The type of value: REG_BINARY, REG_DWORD, REG_SZ, REG_MULTI_SZ, etc. The default is REG_SZ

/s Separator

Specifies the character used to separate strings in REG_MULTI_SZ entries. The default is /0

/d Data

The data to assign to a value

Forces overwriting of existing values with prompting

REG ADD provides a quick and simple method for adding new keys to the Registry or modifying old ones. As an example, let's look at how to add the sub- key "HackersAreUs" to the Local Machine Software key. The command would be REG ADD HKLM\Software\HackersAreUs Now let's add a value named "Stuff" and make it a binary entry with data "0001". The command would be REG ADD HKLM\Software\HackersAreUs /v Stuff /t REG_BINARY /d 0001 The two commands could have been executed as a single command but I have split them to make the process clearer. I have used upper case for REG ADD but that is for clarity and is not required.

Reg delete

Keys and values can be deleted in a similar but somewhat simpler fashion. The syntax is REG DELETE KeyName [/v ValueName | /ve | /va] [/f] Table III describes the parameters.

Parameter

Description

KeyName

Complete Registry key name. Uses abbreviations HKCR, HKCU, HKLM, and HKU for root keys

/v ValueName

Deletes a value

/ve

Deletes a key's default value

/va

Deletes all values from a key

Forces deletion without prompting

Backing up and restoring the Registry

Providing methods for backing up and restoring the Registry are some of the most important applications for

regedit.exe. There

are two file formats that can be used, either a binary format known as a

hive

file or a special text format known as a REG file. The latter format may be more familiar since it is often used for Registry tweaks. The relevant commands are discussed in the following sections.

Saving and restoring hive files

To create a binary backup, use the command

REG SAVE KeyName FileName

Hive files are better for backup than REG files because they completely replace the contents of a key when they are restored. The restore command is

REG RESTORE KeyName FileName

Exporting and importing REG files

REG files are specially formatted text files with the extension "reg" that are copies of one or more Registry keys. They are often encountered as a way to carry out small Registry edits or in using Regedit.. They can also be used for backup. The commands are

REG EXPORT KeyName FileName

and

REG IMPORT FileName

Note that when a REG file is imported it , it is

merged

with Registry entries rather than completely replacing them. Values that the REG file does not contain are not removed.

Reg Query

If you want to take a quick look at what is contained in a particular Registry key or in a particular value, you can use the command REG QUERY KeyName [/v ValueName | /ve] [/s] The only new parameter here is /s. This switch will cause all the subkeys and values in a key to be queried.

CommandWindows.com

Site navigation