Windows: Registry Tutorial
The registry is a database that stores lots software configuration data, many are used by Microsoft Windows operating system itself.
WARNING: some mistakes in editing registry can make part of your Windows not work properly. Be careful.
Launching Registry Editor
❖ Window+r, then type regedit
or Start
PowerShell, then paste this: C:\Windows\regedit.exe
Backup
Before you do anything, do a backup.
In Registry Editor, use the menu [File ▸ Export] to make a backup.
Save the backup as registry_backup.reg.
As of 2021-06-08, on my machine, it takes 20 seconds and
the saved file size is 380 megabytes.
Data Structure
Registry data are key and value pairs. The key is like folders. Key can contain other keys.
At the root level, there are the following keys.
| Name | Abbreviation |
|---|---|
| HKEY_CLASSES_ROOT | HKCR |
| HKEY_CURRENT_USER | HKCU |
| HKEY_LOCAL_MACHINE | HKLM |
| HKEY_USERS | HKU |
| HKEY_CURRENT_CONFIG |
Each of the above is called a hive.
A “value” has several possible types. Here is a list of possible types:
| Type Name | Explanation |
|---|---|
| REG_NONE | No type |
| REG_SZ | string |
| REG_EXPAND_SZ | expandable string. Values between % char are expanded as Environment Variables |
| REG_BINARY | Binary data |
| REG_DWORD/REG_DWORD_LITTLE_ENDIAN | A integer, ranging from 0 to 2^32-1, with byte order being little-endian. |
| REG_DWORD_BIG_ENDIAN | A integer, ranging from 0 to 2^32-1, with byte order being big-endian |
| REG_LINK | symbolic link (char set in UNICODE) |
| REG_MULTI_SZ | A is a array of strings |
| REG_RESOURCE_LIST | Resource list |
| REG_FULL_RESOURCE_DESCRIPTOR | Resource descriptor |
| REG_RESOURCE_REQUIREMENTS_LIST | Resource Requirements List |
| REG_QWORD/REG_QWORD_LITTLE_ENDIAN | A QWORD value, a 64-bit integer (either big- or little-endian, or unspecified) (Introduced in Windows 2000) |