REG.exe (NT Resource Kit, W2K Support Tools)
Read, Set or Delete registry keys and values
The REG command was updated in Resource Kit supplement 2 - the syntax for Windows 2000 is different.
SYNTAX: REG QUERY RegistryPath ["String"] [/S] [/size] [/list] REG ADD RegistryPath=Value [DataType] REG UPDATE RegistryPath=Value REG DELETE RegistryPath [/FORCE] REG COPY Source [\\Machine] Dest [\\Machine] REG SAVE RegistryPath FileName REG RESTORE FileName KeyName REG LOAD FileName KeyName REG UNLOAD KeyName REG FIND [ROOTKEY\]Key [DataType] SearchStr [ReplaceStr] [-y] [-z[R]] REG DUMP RegistryPath FileName REG COMPARE [ROOTKEY\]Key [ROOTKEY\]Key [-o[M][D]] [-q] [-e] You can apply any of the above commands to a remote machine by adding \\MachineName to the command line. Key: RegistryPath : [ROOTKEY\]Key[\'ValueName'] where ROOTKEY is one of HKLM = hkey_Local_machine (default) HKCR = hkey_classes_root HKCU = hkey_current_user HKU = hkey_users Key = The full name of a key under the selected ROOTKEY. ValueName = The value, under the selected Key, to edit. (default is all keys and values) Enclose ValueNames that containe the \ character in single quotes. DataType : REG_SZ | REG_DWORD | REG_EXPAND_SZ | REG_MULTI_SZ (default = REG_SZ) Machine : Name of remote machine - omitting defaults to current machine. Only HKLM and HKU are available on remote machines. Source : a RegistryPath in the format above. Dest : a RegistryPath in the format above. FileName : The filename to save to or restore from (without an extension.) KeyName : A key name to load the hive file into. (Creating a new key) specify the key name to UNload with: [ROOTKEY\]Key /S Query all subkeys. /size Query the size of RegistryPath /list Search strings from RegistryPath /FORCE Force a deletion without asking "are you are sure" SearchStr : Value to search for. ReplaceStr : Value to replace. -y : Force case sensitivity for SearchStr -z : Find non-Unicode-compliant entries or entries missing a trailing null character. (forces case sensitity) R : Adjust entry to add Unicode compliancy or the missing null char. -o Omit screen output of: M: Matches D: Differences -e Sets the error level to the error code that was in effect the last time the utility was run. By default, the error level is set to the number of differences that were found. -q Very quiet, just print the number of differences.
On remote NT machines the file is written to the System32 directory.
On remote Win95 machines the file is written to the Windows directory.
SAVE is identical to BACKUP.
An example of each command is available from the command line
REG QUERY /?
REG ADD /?
REG UPDATE /?
REG DELETE /?
REG COPY /?
REG SAVE /?
REG BACKUP /?
REG RESTORE /?
REG LOAD /?
REG UNLOAD /?
REG FIND /?
REG DUMP /?
REG COMPARE /?
"The way to a mans heart is through his stomach" - Fanny Fern (writer)
SETX - Set environment variables permanently, can also read a registry key and write the value to a text file.
REGEDIT - Load Registry settings from a .REG file
REGEDT32.EXE - Edit the registry including Security and Auditing Options
Dureg - Registry Size Estimator. (Win 2K ResKit)
Equivalent Linux BASH commands: