free computer repair training: Editing Windows registry with command line

Editing Windows registry with command line

We saw in the article Windows registry a graphical tool (regedit.exe) integrated in Windows used to edit the registry,there is however another command line tool that offers almost all the tasks offered by regedit.exe, it is sometimes faster to edit the registry using the command line tool than using the graphical one, besides you can use the commands in scripting that can be used for automated tasks either on the local or remote computer.

Reg.exe:

The reg.exe is the command line tool that is used to deal with the registry, to use it open a command line window by clicking on start and type cmd then right click cmd and click run as administrator, this will run cmd with elevated privileges.

Reg.exe is used with operations that perform different tasks, those operations are:

Reg Query:

Used to query the registry about the subkeys and entries located under a specified subkey in the registry.

example:

To display the key, value, and data for exact and case sensitive matches of SYSTEM under the HKLM root of data type REG_SZ, type:

REG QUERY HKLM /f SYSTEM /t REG_SZ /c /e

Reg add:

Used to add new subkey or entry to the registry.

example:

To add a registry entry to HKLM\Software\Adobe with a value named Data of type REG_BINARY and data of ac230fb, type:

REG ADD HKLM\Software\Adobe /v Data /t REG_BINARY /d ac230fb

Reg delete:

Used to delete a subkey or entry from the registry.

Example:

To delete the registry key prog1 and its all subkeys and values, type:

REG DELETE HKLM\Software\prog1.

Reg save:

Used to save specified subkeys, entries and values of the registry in a file and path given as parameters, if no path is given the file will be created in the current folder.
example:
To save a copy of the Adobe software type:
REG SAVE HKLM\Software\Adobe Adobebackup.hiv

Reg Compare:

Used to compare specified registry subkeys or entries.
syntax:

reg compare <KeyName1> <KeyName2>

The return values of this operation are:
- 0: the comparison was successful and the result is identical.
- 1: the comparison failed.
- 2: the comparison was successful and differences were found.
The following are the symbols found in the result:
= KeyName1 data is equal to KeyName2 data.

< KeyName1 data is less than KeyName2 data.

> KeyName1 data is greater than KeyName2 data.

Reg copy:

Used to copy a specified registry entry to another specified registry entry either on the local computer or on a remote one.

example:

To copy all values under prog1 on the local computer to prog2 on remote computer PC2 type:

REG COPY HKLM\Software\prog1 \\PC2\HKLM\Software\prog2

Reg export:

Used to make a backup to the specified subkeys, entries and values to transfer to another computer for instance or to use it later after editing the registry.
syntax:
Reg export KeyName FileName
example:
To export the local machine software hive and put it into softwareback.reg type:
REG EXPORT HKLM\Software softwareback.reg

Reg import:

Is the contrary of Reg export, it's used to restore the registry using a backup file given as argument.
example:
to restore the backup file created in the previous example type:
REG IMPORT softwareback.reg.
of course in case the backup file is not in the same folder you have to specify the complete path to the backup file.

Reg load:

Writes saved subkeys and entries into a different subkey in the registry. Intended for use with temporary files that are used for troubleshooting or editing registry entries.

Syntax:

reg load KeyName FileName

Reg restore:

Writes saved subkeys and entries back to the registry, it's like Reg import but with Reg restore you specify the key where you want to write the file.

syntax: