|Home │ Lock Registry │ Merge Registry │|
Registry editing using Console Registry Tool reg.exe
Topics on this page:
 The commands
This is a brief introduction to using Windows XP's built-in Console Registry Tool for Windows v.3.0, reg.exe to edit the registry. There are other alternatives including VBScript, JScript and inf files. These are powerful methods to edit the registry.
You can use this tool to unlock your registry. Refer to my article on "lock registry" for more details on unlocking regedit. Because it runs from the command prompt, it can be used in a batch script for deployment and unattended installations.
2. The commands
There are 11 reg.exe commands available. In the command prompt or script you can use capitals or small letters.
I will not cover each of them in detail but will only concentrate on REG ADD, REG DELETE and REG QUERY. These are useful in dealing with hijacking when regedit.exe is disabled.
The REG LOAD command loads a registry hive file (dat) to a temporary key and is similar to File > Load Hive in the registry editor.
The REG RESTORE command uses a registry hive file to overwrite the existing hive thereby restoring the registry using the backup hive. Note the difference between this and the REG LOAD command.
The REG IMPORT command is similar to running this command:
You will find details of the syntax of each command by typing:
in the command prompt.
As always, test your commands and scripts in a test computer or virtual host and not on your production computer. The examples above are taken from my registry and Group Policy articles.
2.1. REG ADD
2.1.1. Example: Add or change NoRecentDocsMenu policy
This command will change the No Recent Document Menu policy registry key from the existing value of 1 (policy enabled) to 0 (policy disabled):
You must type Y to the prompt to proceed. If the data name did not exist then it will simply add the add and its value without prompting.
Figure 1 shows the above two operations. The second command was run after the value was first manually deleted.
Fig. 1. REG ADD command in operation
REG ADD commands can be added together sequentially in a batch script for example in unattended installations using RunOnceEx to add applications.
2.2. REG DELETE
The following command will delete the relevant key value to unlock the registry after it has been disabled by the administrator (or hijacking script; please refer to my article on registry locking):
The following command will delete the whole \System subkey:
These commands are especially useful in Windows XP Home Edition in which there is no Group Policy Editor to unlock the policy.
Figure 2 shows the above two commands and the interactive prompts.
Fig. 2. REG DELETE command to unlock the registry
The command can easily be incorporated in a batch script (bat or cmd, fig. 3).
Fig. 3. Unlock registry batch script in operation.
2.3. REG QUERY
2.3.1. Example: Reg query NoDriveTypeAutoRun policy key
The following command queries the registry for the NoDriveTypeAutoRun policy key and its value.
Figure 4 shows the actual operation; note that the binary value 0x91 is shown (rather than the decimal 145) for this key.
Fig. 4. REG QUERY command for NoDriveTypeAutoRun
The REG QUERY command returns an ERRORLEVEL to 0 when it succeeds and 1 otherwise. This can be useful in an automated batch script when you only want to add a key if it doesn't already exists.
Honeycutt, Jerry, Microsoft Windows XP Registry Guide (Redmond: Microsoft Press, 2003)
Knittel, Brian, Windows XP Under the Hood. Hardcore Windows Scripting and Command Line Power (Indianapolis: Que, 2003)
Go to TOP
Copyright © 2005 by Kilian. All my articles including graphics are provided "as is" without warranties of any kind. I hereby disclaim all warranties with regard to the information provided. In no event shall I be liable for any damage of any kind whatsoever resulting from the information. The articles are provided in good faith and after some degree of verification but they may contain technical or typographical errors. Links to other web resources may be changed at any time and are beyond the control of the author. Articles may be added, removed, edited or improved at any time. No support is provided by the author.
This is not an official support page for any products mentioned. All the products mentioned are trademarks of their companies. Edit the registry at your own risk and back up first.
Created 18 Mar 2005 Last updated 22 Mar 2005