AlLfeesno Note: Firstly, the first paragraph is included in the DO All In cmd written by ZZZEVAZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ were used. Use regedit running parameter regedit [/ l: system] [/ r: user] filename1Regedit [/ l: system] [/ r: user] / c filename2Regedit [/ l: system] [/ r: user] / e filename3 [ regpath] / L: system Specifies the location of the SYSTEM.DAT file / R:.. user Specifies the location of the USER.DAT file filename1 Specifies the file (s) to import into the regist / C filename2 Specifies the file to create .. the registry from / E filename3 Specifies the file to export the registry to regpath Specifies the starting registry key to export from (Defaults to exporting the entire registry) / S (Windows) Silent -.. no message on completion from the Windows command. Row fast operation registry
Everyone who is familiar with Windows believes that almost anything can be made through the registry, how is the true question rapidly find the correct registration key.
In most cases, the operation registration table means finding a specific subkey; occasionally, it may be necessary to modify the name of the sub-key (for example, a structural change). So how can I quickly find the correct subkey and perform a modification? Also, if you do not only change the registry of the local machine, but also to make the same revision on the remote machine, what should I do? This article tells you a good tool regfind. Regfind can be found from Windows 2000 Server Resource Kit Supplement One, or download it from the Internet. Regfind is suitable for all versions of Windows, including Windows 9x Series.
Regfind is a command line tool. Do not perform REGFIND without any option, it will display help. The simplest usage is to perform a lookup, such as executing regfind "QQ", regfind will find the registration key of all containing strings "QQ", as shown.
In addition to pure lookup, Regfind can also perform a replacement: just add -R options and a replacement string after the command is required. For example, suppose your company's name is changed from Agroup to bGroup, now you want to make a corresponding change in all product registration information in the registry, just execute: regfind "Agroup" -r "bgroup". Note that if the search string contains spaces or punctuation, the string should be surrounded by quotation marks.
If you want to make a corresponding change to a remote machine, you only need to add the -m option after the previous command and specify the UNC (Universal Naming Convention, General Name Agreement) path of the remote machine, for example: regfind -m\\server03 Agroup "-r" bgroup ". Searching the entire registry is undoubtedly a considerable amount of time. In order to improve efficiency, you can limit the REGFIND search operation to a branch or subkey of a registry, just need to specify the registry location to search for the search after the -p option. For example, suppose to limit the operation of "Agroup" to the HKEY_LOCAL_MACHINE \Software\Microsoft sub key, and replace the Agroup under the sub-key into bgroup, execute: regfind "Agroup" -r "bgroup" -p "HKEY_LOCAL_MACHINESOFTWARE ∎MICROFT ".
As can be seen from the above description, REGFIND is a very convenient tool, but white is flaws, sometimes you still feel that it can't meet the requirements. First, Regfind does not support wildcards, nor does it support regular expressions - and both of these are very useful for performing complex search. The only option for adding flexibility to search operations is -y. The -y option makes the regfind's search operation is not sensitive to case, that is, if you perform Regfind Agroup -y, the REGFIND search results will contain a combination of Agroup, Agroup, and other letters (if there is no -y option, regfind default) Sensitive to case, but regind's command options are not sensitive to case, for example, you can use -r or -r) freely.
Second, if search / replacement operation is performed with regfind, it will replace all found strings, you can't ask REGFIND to replace only one of the strings. It is barely calculated that the remedy is to limit the search operation to a particular registry branch. Therefore, my suggestion is: First use regfind to find all matching registration subscripts, then perform global replacement or manually modify a particular subkey with regfind.
Third, if you want to modify numeric data, Regfind seems to be the best helper. This is because many REG_DWORD values to be processed are not 0 is 1, while 0 and 1 The opportunity to appear in the registry is too frequent, and it is likely to be misused. The only way to solve the problem is to define the search range of Regfind as accurately as possible.
Command line method directly modify the registry
First, cmdcmd is a small procedure like a pigeon egg in Windows2000, is a so-called command line console. There are two channels that enter the program: First, click "Start-> Run", type "cmd" in the edit box appear, then click "OK"; second, when starting the Windows 2000, press F8 to enter Start the selection menu, move the strip, or type the number of command line status to the security mode. The window appears is an interface of the MSDOS mode in Win9x system - a black window. There is no MSDOS mode window to see how often the commonly used toolbar is not placed. I really want to do it, expensive for the latest operating system, but what still reserved seemingly the DOS interface in the stone era? Like usually, the habitual is low in the command: cmd /? , Want to see what will prompt? This information is Chinese, you have to know that the original pure DOS environment will not directly support Chinese! 2. Have a considerable detailed help information. 3. Although the interface is a command line, it can operate a lot of deep-level projects, such as modifying the registry, and more. Later use also prove that the CMD can actually call the program of the graphical interface and return to the command line interface after the call is over. Although Microsoft puts this tool as a new instance of a command interpreter, but the method used is not different from the original DOS. After opening the command line window, you can find the same system prompt symbols as DOS, the command must Type it behind this prompt to confirm with the Enter key. The complete syntax is as follows: CMD [/ a | / u] [/ q] [/ d] [/ E: on | / E: OFF] [/ f: on | / f: OFF] [/ V : On | / v: OFF] [[/ s] [/ c | / k] String] The meaning of each parameter: CMD: is the name of the command, which is omitted. The following is the parameters or switches used in the command. / C Execute the string specified command and then end up the command of the string to execute the command specified but retains / s to modify the string process after / c or / k (see below) T: FG Sets the foreground / background color (for details, please see color /?) ON Enable file and directory name Complete characters (see below) Such as: / v: ON will be allowed! Var! Allowed when executed! VAR! Extend variable var. VAR grammar expands variables during input, which is different in a FOR cycle. / V: OFF deactivation delay environment extension. Note that if the string has quotation marks, you can accept multiple commands from the command separator '&&'. Also, due to compatibility, / x and / E: ON are the same, / y is the same as / E: OFF, and / R is the same as / c. Ignore any other command options.
If you specify / c or / k, the rest of the command option will be handled as a command line; in this case, the following logic will be used ("): 1. If you meet all the following conditions, the quotation characters on the command line will be reserved: - Do not bring / s command options - full two quotes characters - no two quotes characters Special characters, special characters are here: <> () @ ^ | - At least one blank character between the two quotes characters - At least one executable between the two quotes characters The name of the document. Otherwise, the old way is to see if the first character is a quotation mark character, if it is, let's go to the beginning of the character and delete the last quotation mark character on the command line, keep the last quotation mark The text after the character. If / d is not specified on the command line, it will look for the following REG_SZ / REG_EXPAND_SZ registry variable when cmd.exe begins. If one or two exists, these two variables will be Executive . HKEY_LOCAL_MACHINESoftwareMicrosoftCommand ProcessorAutoRun and / or HKEY_CURRENT_USERSoftwareMicrosoftCommand ProcessorAutoRun command extensions are enabled by default You can also use the / E: OFF, for a specific call, you can disable extensions on the machine. And / or the user login session enables or deactivate all CMD.exe all called extensions, this is to use the registry one or two reg_dword values in the registry of RegedT32.exe: HKEY_LOCAL_MACHINESOFTWAREMICROSOFTCOMMAND ProcessoreExtensions and / or HKEY_CURRENT_USERSOFTWAREMICROSOFTCOMMAND ProcessoreEnableExtensionS to 0x1 or 0x0. User-specific settings have priority than the machine settings. The command line command option has priority than the registry. The original DOS has a so-called internal command and external command in the CMD, in the cmd, The command line extension is introduced, you can perform the following extension sections directly in the CMD window, do not add CMD. command line extensions before the extension section include changes and / or add: DEL or ERASE # pushd push setlocal Assoc FTYPE Second, REG can do the REG command line provided by WindowsXP. REG Add, change, and display registry subkey information and values in the registry key.
To see the command syntax, click the following command:
REG ADD
Add a new child or item to the registry.
Syntax REG ADD Keyname [/ V EntryName | / VE] [/ T Datatype] [/ s Separator] [/ D value] [/ f]
Parameter keyName Specifies the full path of child. For remote computers, include the computer name before the subkey path in // computername / pathtosubkey. Ignore ComputerName will result in the default to operate the local computer. The path started with the corresponding subdirectorial tree. The effective subdôcing tree is HKLM, HKCU, HKCR, HKU, and HKCC. / v EntryName Specifies the name to be added to the specified subkey. / VE Specifies the item added to the registry as a null value. / t Dattype Specify the data type of the item value. DataType can be the following types: REG_SZ
REG_MULTI_SZ
REG_DWORD_BIG_ENDIAN
REG_DWORD
REG_BINARY
REG_DWORD_LITTLE_ENDIAN
REG_LINK
REG_FULL_RESOURCE_DESCRIPTOR
REG_EXPAND_SZ
/ s separator Specifies the character used to divide a plurality of data instances. Use this parameter when REG_MULTI_SZ is specified as a data type and needs to list multiple items. If not specified, the default separator will be used as /. / d value Specifies the value of the new registry key. / f does not use the subkey or item directly to add information. /? Display help at the command prompt. Note This operation cannot be added to add a subtree. This version of REG does not need to confirm when adding a child. The following table lists the return value of the REG ADD operation. Value Description 0 Success 1 failed
Example The following example shows how to use the REG Add command:
REG ADD / HKLM / SOFTWARE / MYCO / V DATA / T REG_BINARY / D FE340EADREG ADD "HKCU / Software / Microsoft / Winmine" / V Name3 / T REG_SZ / D AnonymousReg Add "HKCU / Software / Microsoft / WinMine" / V Time3 / T REG_DWORD / D 5
REG COMPARE
Compare the specified registry child item or item.
Syntax REG Compare Keyname1 Keyname2 [/ V EntryName | / VE] {[/ OA] | [/ OD] | [/ OS] | [ON]} [/ s]
Parameter keyName Specifies the full path of child. For remote computers, include the computer name before the subkey path in // computername / pathtosubkey. Ignore ComputerName will result in the default to operate the local computer. The path started with the corresponding subdirectorial tree. The effective subdôcing tree is HKLM, HKCU, HKCR, HKU, and HKCC. If you specify a remote computer, you can only use the HKLM and HKU subdirectory tree. / v EntryName comparative sub-specific items. / VE specifies that only items that can be more than a value. {[/ OA] | [/ OD] | [/ OS] | [ON]} Specifies the display mode of different points and match points. The default setting is / OD. Value Description / OA specifies that all different points and match points are displayed. By default, only different points are listed. / OD specifies that only different points are displayed. This is the default operation. / OS specifies only the matching point. By default, only different points are listed. / ON Specifies no content. By default, only different points are listed.
/ s Separator compares all children and items. /? Display help at the command prompt. Note The following table lists the return values of the REG COMPARE operation. Value Description 0 is successful and the result is the same. 1 Failure. 2 Successful and found different points.
Examples The following example shows how to use the REG COMPARE command:
Reg Compare "HKCU / Software / Microsoft / Winmine" "HKCU / Software / Microsoft / Winmine" / OD / S
REG COPY
Copy a registry key to the specified location of the local or remote computer.
Grammatical REG COPY Keyname1 Keyname2 [/ S] [/ f] Parameters Keyname1 Specifies the full path to copy the child. For remote computers, include the computer name before the subkey path in // computername / pathtosubkey. Ignore ComputerName will result in the default to operate the local computer. The path started with the corresponding subdirectorial tree. The effective subdôcing tree is HKLM, HKCU, HKCR, HKU, and HKCC. If you specify a remote computer, you can only use the HKLM and HKU subdirectory tree. Keyname2 The full path to the land of the child project. For remote computers, include the computer name before the subkey path in // computername / pathtosubkey. Ignore ComputerName will result in the default to operate the local computer. The path started with the corresponding subdirectorial tree. The effective subdôcing tree is HKLM, HKCU, HKCR, HKU, and HKCC. If you specify a remote computer, you can only use the HKLM and HKU subdirectory tree. / s copy all children and items under the specified subkey. / f does not need to be requested to confirm and directly copy the child. /? Display help at the command prompt. Note This version of the REG does not have to confirm when copying child. The following table lists the return values of the REG COPY operation. Value Description 0 Success 1 failed
Sample The following example shows how to use the REG COPY command:
REG COPY "HKCU / Software / Microsoft / Winmine" "HKCU / Software / Microsoft / WinMineBK" / S / FREG COPY "HKCU / Software / Microsoft / Winmineb" "HKCU / Software / Microsoft / WinMine" / S
REG DELETE
Delete items or children from registry
Syntax REG DELETE Keyname [{/ V EntryName | / VE | / VA}] [/ f]
Parameter keyName Specifies the full path of child. For remote computers, include the computer name before the subkey path in // computername / pathtosubkey. Ignore ComputerName will result in the default to operate the local computer. The path started with the corresponding subdirectorial tree. The effective subdôcing tree is HKLM, HKCU, HKCR, HKU, and HKCC. / v EntryName Delete specific items under subtrans. If an item is not specified, all items and children under the subkey will be deleted. / VE Specifies only items that can only be deleted. / VA Deletes all items under the specified subkey. Use this parameter from delete the child under the specified child. / f does not need to request confirmation to delete an existing registry child item or item. /? Display help at the command prompt. Note The following table lists the return values of the REG DELETE operation. Value Description 0 Success 1 failed
Examples The following example shows how to use the REG DELETE command:
REG DELETE "HKCU / Software / Microsoft / Winmine" / V Name1REG Delete "HKCU / Software / Microsoft / Winmine" / v Time1Reg Delete "HKCU / Software / Microsoft / Winmine" / VA
REG EXPORT
Create a copy of the specified child, item, and value to the file to transfer it to other servers.
Syntax REG EXPORT Keyname FileName
Parameter keyName Specifies the full path of child. Export operations can only work on the local computer. The path started with the corresponding subdirectorial tree. The effective subdôcing tree is HKLM, HKCU, HKCR, HKU, and HKCC. FileName Specifies the name and path to export the file. This file must have a .reg extension. /? Display help at the command prompt. Note The following table lists the return value of the REG EXPORT operation. Value Description 0 Success 1 failed
Example The following example shows how to use the REG EXPORT command:
REG EXPORT "HKCU / Software / Microsoft / Winmine" C: /Data/regbackups/wmbkup.regREG IMPORT
Copy the file containing the exported registry subkey, items, and values to the registry of the local computer.
Syntax REG IMPORT FileName
Parameters filename Specifies the name and path of the files that will be copied to the local computer registry. This file must be created in advance using the REG EXPORT command. /? Display help at the command prompt. Note The following table lists the return values of the REG IMPORT operation. Value Description 0 Success 1 failed
Example The following example shows how to use the REG IMPORT command:
Reg Import HKCU / Software / Microsoft / Winmine "C: /Data/regBackups/wmbkup.reg
REG LOAD
Write the saved child and item back to the different subtries of the registry. Its purpose is to save to a temporary file, and the file can be used for the registry key to troubleshoot or edit the registry key.
Syntax REG Load Keyname FileName
Parameter keyName Specifies the full path of child. For remote computers, include the computer name before the subkey path in // computername / pathtosubkey. Ignore ComputerName will result in the default to operate the local computer. The path started with the corresponding subdirectorial tree. The effective subdôcing tree is HKLM, HKCU, HKCR, HKU, and HKCC. FILENAME Specifies the name and path of the file to be loaded. This file must be created using the REG SAVE operation with the. HIV extension. /? Display help at the command prompt. Note The following table lists the return values of the REG LOAD operation. Value Description 0 Success 1 failed
Example The following example shows how to use the REG LOAD command:
Reg loading "HKCU / Software / Microsoft / Winminebk2" wmbkup.hiv
REG Query
Returns the list of items under the subkey of the registry and the list of the next layer.
Syntax REG Query Keyname [{/ v EntryName | / VE}] [/ s]
Parameter keyName Specifies the full path of child. For remote computers, include the computer name before the subkey path in // computername / pathtosubkey. Ignore ComputerName will result in the default to operate the local computer. The path started with the corresponding subdirectorial tree. The effective subdôcing tree is HKLM, HKCU, HKCR, HKU, and HKCC. If you specify a remote computer, you can only use the HKLM and HKU subdirectory tree. / v EntryName Returns a specific item and its value. This parameter only returns items directly located next to the specified child. I will not find the items in the subkey under the current child. If EntryName is omitted, all items under the child will be returned. / VE specifies that only items returned to a null value. / s will return all children and items in each layer. If this parameter is not used, only the child and item of the next layer will be returned. /? Display help at the command prompt. Note The following table lists the return value of the REG Query operation. Value Description 0 Success 1 failed
Example The following example shows how to use the REG Query command:
REG Query "HKLM / System / CurrentControlSet / Control / Session Manager" / V MaxstackTraaceDepth
REG Query "HKCU / Software / Microsoft / Winmine" / S
REG RESTORE
Write the saved child and item back to the registry.
Syntax REG RESTORE Keyname FileName
Parameter keyName Specifies the full path of child. RESTORE operations work only on the local computer. The path started with the corresponding subdirectorial tree. The effective subdôcing tree is HKLM, HKCU, HKCR, HKU, and HKCC. FILENAME Specifies the name and path to the file to be returned to the registry. This file must be created in advance using the REG SAVE operation with the. HIV extension. /? Display help at the command prompt. Note This action is used to overwrite the edited registry key. Before editing the registry key, use the REG SAVE to save your father child. If the editor fails, you can use this action to recover child. The following table lists the return value of the REG RESTORE operation. Value Description 0 Success 1 Failure example The following example shows how to use the REG RESTORE command:
Reg restore "HKCU / Software / Microsoft / WINMINE" Wmbkup.hiv
REG SAVE
Save the specified child, item, and registry value to the specified file.
Syntax REG Save Keyname FileName
Parameter keyName Specifies the full path of child. For remote computers, include the computer name before the subkey path in // computername / pathtosubkey. Ignore ComputerName will result in the default to operate the local computer. The path started with the corresponding subdirectorial tree. The effective subdôcing tree is HKLM, HKCU, HKCR, HKU, and HKCC. FILENAME Specifies the name and path of the file created. If the path is not specified, use the current path. /? Display help at the command prompt. Note The following table lists the return value of the REG SAVE operation. Value Description 0 Success 1 failed
Examples The following example shows how to use the REG SAVE command:
REG Save "HKCU / Software / Microsoft / Winmine" Wmbkup.hiv
Reg Unload
Use the REG LOAD to delete the loaded partial registry.
Grammatical REG Unload Keyname
Parameter keyName Specifies the full path of child. For remote computers, include the computer name before the subkey path in // computername / pathtosubkey. Ignore ComputerName will result in the default to operate the local computer. The path started with the corresponding subdirectorial tree. The effective subdôcing tree is HKLM, HKCU, HKCR, HKU, and HKCC. /? Display help at the command prompt. Note The following table lists the return value of the REG UNLOAD operation. Value Description 0 Success 1 failed
Example The following example shows how to use the reg unload command:
Reg Unload "HKCU / Software / Microsoft / Winminebk2"
Be careful
The editing of the registry may seriously damage your system. Before changing the registry, you should back up any valuable data on your computer. Be careful
The registry is directly edited only if there is no choice. The Registry Editor ignores standard security measures, allowing these settings to reduce performance, destroy the system, and even require users to reinstall Windows. Most registry settings can be used in the "Control Panel" or "Microsoft Management Console (MMC)". If you must edit the registry directly, you will then back up it. For more information, see "Registry Editor Help". Note Use REG to edit the registry of the local or remote computer directly. These changes may cause a computer that cannot operate and needs to reinstall the operating system. So don't edit the registry directly, and you should use the Control Panel or the Microsoft Management Console (MMC) "to change the registry. Some operations can view or configure registry entries for local or remote computers, while others only allow configuration of registry settings for local computers. At the same time, the remote access registry may also limit the parameters for an operation. Check the syntax for each action to verify that the operation can be used for remote computers, and verifying the parameters that can be used in that case.
Let Windows Registry to modify quickly and take effect
When we modify the registry, in many cases, only the F5 key refresh registration is not enough to make the modification take effect, and you need to restart your computer. In fact, we don't have to restart the machine each time, just run Windows's shell Explorer (different in Windows 9x / ME and Windows 2000 / XP). In Windows 9x / ME
Press the "Ctrl Alt Delete" key button, select "Explorer" in the pop-up window, and click the "End Task" button, then the screen will appear "Shutdown" menu, do not do anything, the window pops up again Click the "End Tasks" button to quickly refresh the registry without restarting.
In Windows 2000 / XP
Press the "Ctrl Alt Delete" key button, open "Task Manager", click Process tab, find and click "Explorer.exe", click the "End Process" button below, open Click the "Yes" button in the Warning dialog. Then click the "Application" tab, click the "New Task" button below, enter "Explorer.exe" in the "Create New Task" dialog box, then press the "OK" button.
