The Registry Editor can not only be run on Windows, but also run in MS-DOS real mode. Sometimes when the registry is damaged and cannot start Windows, we can only repair or modify the registry in DOS mode. The actual physical files of the registry are sums, which means that the data in the registry is stored in these two files.
Export the registry
This command can back up the registry file.
Command format: Regedit /L:system /R:user /E Regpath
Parameter meaning:
/L: system specifies the path to which the file is located.
/R: user specifies the path to which the file is located.
/E: This parameter specifies that the registry editor will perform the export registry operation. After this parameter, one space is left, enter the file name of the export registry.
Regpath: Used to specify which registry branch to export. If not specified, all registry branches will be exported.
If you plan to export all branches saved in C:\Windows\ and saved in C:\Windows\Profiles\ to the root key of HKEY_CLASSER_ROOT, you can execute the following command: Regedit /L:C:\Windows\/R:C:\Windows\Profiles\/e HKEY_CLASSER_ROOT
Import the registry
Command format: Regedit /L:system /R:user
Parameter meaning:
/L: system specifies the path to which the file is located.
/R: user specifies the path to which the file is located.
Rebuild the registry
Rebuild the registry, i.e. recreate and file.
Command format: Regedit /L:system /R:user /C
Parameter meaning:
/L: system specifies the path to which the file is located.
/R: user specifies the path to which the file is located.
/C: This parameter will tell the registry editor to re-create the registry with the contents in the specified .reg file.
If you want to re-create the entire registry with the contents in the file and save it to C:\Windows\ and C:\Windows\Profiles\, you can execute the command: Regedit /L:C:\Windows\/R:C:\Windows\Profiles\/C
Delete the registry branch
This command can delete a subkey branch in the registry.
The command format is: Regedit /L:system /R:user /D Regpath
Parameter meaning:
/L: system specifies the path to which the file is located.
/R: user specifies the path to which the file is located.
/C: This parameter tells the registry editor to delete the registry subkey branch specified by Regpath.
Restore the registry
You can check, backup, restore, and repair the registry. This command is stored in the "Windows \Command" directory.
Command format: Scanreg [/< option >]
Parameter meaning:
The /backup parameter is to back up the registry and related configuration files. These files are respectively \ \ 0 , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , You can modify the maximum number of backups in the \Windows \ file, by modifying the value of “maxbackupcopies=?”.
The /restore parameter is to select a backup to restore the registry. This command cannot be executed in Windows 98 environment. It must be turned off and restarted to run in pure DOS mode.
The /fix parameter is to repair the corrupted registry, and this command can only be run in DOS mode.
The /comment="< comment >" parameter is to add some detailed comments to the CAB file when backing up the registry.
Recovering corrupted registry files can be repaired using the Scanreg command, by first entering the DOS system operating environment, and then executing the following command: Scanreg/Restore
At this time, the system will prompt the registry backup status, including the CAB file name and backup time, etc. The user can choose the CAB file to be restored for recovery.
If you want to view all backup files and parts related to backup, you can execute the command: Scanreg /restore /comment
If there is any problem with the registry, you can use Scanreg to fix it. The command is: Scanreg /fix.
Replenish:
//Help information, just delete the previous "//" symbol when using it. It is best to pass the local test first.
// -e HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
// -e "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp"
//The above exports the registry content
// -s
//The registry content is imported above, and there is no prompt information. It must be in a legal format.
//____________________________________________________________________________
/////Win98 registry file header format
//REGEDIT4
//
/////win2000/xp/nt registry file header format (one empty line)
//_____________________________________________________________________________
//Windows Registry Editor Version 5.00
//
//[HKEY_LOCAL_MACHINE\SOFTWARE\Test4Adam]
//"Test1"="Adam"
//"Test2"=hex:61
//"Test3"=dword:00000064
//Test1 type is "String value"
//Test2 type is "Binary value"
//Test3 type is "DWORD value"
//Delete a project name
//[HKEY_LOCAL_MACHINE\SOFTWARE\Test4Adam]
//"Test1"=-
//Delete a child
//[-HKEY_LOCAL_MACHINE\SOFTWARE\Test4Adam]
// query "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp\PortNumber"
// query "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\Tds\tcp\PortNumber"
//Because there are spaces in the following parameters. So double quotes must be used
//The following is the tool in win2000kit
//E:\ 1.05 <[-s] string> < [-k] [-v] [-d] > [[-r] key] [-c] [-e] [-n]
//Examples: SCANREG -s Windows -k -v -d
// SCANREG -s Windows -kvd
// SCANREG /s Windows /r \lm\software /kvde
// SCANREG Windows \lm -kd -n
// SCANREG Windows \\MOON\HKEY_LOCAL_MACHINE -d
// SCANREG Windows HKEY_CURRENT_USER\software -kvd
//——————————————————————————————————————
//[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
//"AutoAdminLogon"=dword:00000001
//"DefaultDomainName"=""
//"DefaultUserName"="administrator"
//"DefaultPassword"="password"
// The above automatically logs in
//[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Ratings]
//"key"=-
// The above deletes the password for IE hierarchical review
//[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
//"NoRun"=dword:00000001
//The project is not running at the beginning
//[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
//"DisableRegistryTools"=dword:00000001
// 0x1 registry editing is prohibited
//About the use of the registry content
// | /i "WINLOGON explorer"
//Get the corresponding winlogon PID, if you log in using the terminal, 212,788 is a valid pid.
// | /i "WINLOGON explorer"
// 212 NT AUTHORITY\SYSTEM
// 824 NETBAR-5G2JURY8\Administrator
// 341 NT AUTHORITY\SYSTEM
// 788 NT AUTHORITY\SYSTEM
// 1752 NETBAR-5G2JURY8\guest
// -p "%windir%\ -s " -i PID
// -p "%windir%\ -e HKEY_LOCAL_MACHINE\SAM\SAM\" -i PID
// -p "%windir%\ -s" -i 212 (used in telnet status)
// -p "%windir%\ -s " -i 788 (used below the terminal)