Microsoft Windows Registry Tutorial
The registry is a database that stores settings and options.
WARNING: some mistakes in editing registry can make part of your Windows not work properly. Be careful.
Launching Registry Editor
To look at registry, launch the Registry Editor. Type ❖Window+r to launch the run dialog, then type “regedit”.
Backup
Before you do anything, do a backup.
In Registry Editor, use the menu 〖File ▸ Export〗 to make a backup.
Save the backup as
registry_backup.reg.
This might take 2 minutes. On my machine, the saved
file size is 458 megabytes.
Data Structure
Registry data are called key and value pairs. The “key” is like folders. Key can contain other keys. The “value” is like files. A key can contain many other keys and values.
At the root level, there are the following keys. (Note: the “Computer” shown in Registry Edit root is not a key.)
| Name | Abbreviation |
|---|---|
| HKEY_CLASSES_ROOT | HKCR |
| HKEY_CURRENT_USER | HKCU |
| HKEY_LOCAL_MACHINE | HKLM |
| HKEY_USERS | HKU |
| HKEY_CURRENT_CONFIG |
Each of the above is called a “hive”.
A “value” has several possible types. Here is a list of possible types:
| Type Name | Explanation |
|---|---|
| REG_NONE | No type |
| REG_SZ | string |
| REG_EXPAND_SZ | expandable string. Values between % char are expanded as environment variables |
| REG_BINARY | Binary data |
| REG_DWORD/REG_DWORD_LITTLE_ENDIAN | A integer, ranging from 0 to 2^32-1, with byte order being little-endian. |
| REG_DWORD_BIG_ENDIAN | A integer, ranging from 0 to 2^32-1, with byte order being big-endian |
| REG_LINK | symbolic link (char set in UNICODE) |
| REG_MULTI_SZ | A is a array of strings |
| REG_RESOURCE_LIST | Resource list |
| REG_FULL_RESOURCE_DESCRIPTOR | Resource descriptor |
| REG_RESOURCE_REQUIREMENTS_LIST | Resource Requirements List |
| REG_QWORD/REG_QWORD_LITTLE_ENDIAN | A QWORD value, a 64-bit integer (either big- or little-endian, or unspecified) (Introduced in Windows 2000) |
If you have a question, put $5 at patreon and message me.