Purpose:Display the specified Windows Registry tree


Format:REGDIR [/D /F /Nb /P[n] /Sn /T /TS /V /X] keyname


keynameThe Windows Registry key to enumerate


/D(ata)/T(ime stamp)
/F(full name)/TS (include seconds)
/Nb (no REG_BINARY)/V(alues)
/P(ause)/X (hex)

/Sn (nesting depth)




REGDIR will display the Windows Registry like TREE or DIR does with the file system. The Windows Registry is very large, so trying to display something like:


regdir /v /d hkcu\software


will typically display tens of thousands of records, and can potentially run out of memory in 32-bit Windows.


The key must begin with either the full root key or the short name:


Full root keyShort




/DDisplay the data for all values (only valid when used with /V)


/FDisplay the full name for each key. (The default is to display only the indented name of the current key, similar to TREE's output.)


/NbDo not display the contents of REG_BINARY values.


/P[n]Pause after displaying each page. The /P option has an optional argument n that specifies the number of seconds to wait for a keystroke before continuing.


/SREGDIR will limit the nesting recursion to that number. REGDIR defaults to unlimited key recursion.


/TPrefix the key names with the time stamp of their last change in hh:mm format.


/TSPrefix the key names with the time stamp of their last change in hh:mm:ss format.


/VDisplay the values for each key.


/XDisplay the REG_DWORD, REG_DWORD_BIG_ENDIAN, and REG_QWORD values in hex. Only valid when used with /V and /D.