Expand description
Fields related to Windows Registry operations.
Constantsยง
- REGISTRY_
DATA_ BYTES - Original bytes written with base64 encoding.
For Windows registry operations, such as SetValueEx and RegQueryValueEx, this corresponds to the data pointed by
lp_data. This is optional but provides better recoverability and should be populated for REG_BINARY encoded values. - REGISTRY_
DATA_ STRINGS - Content when writing string types.
Populated as an array when writing string data to the registry. For single string registry types (REG_SZ, REG_EXPAND_SZ), this should be an array with one string. For sequences of string with REG_MULTI_SZ, this array will be variable length. For numeric data, such as REG_DWORD and REG_QWORD, this should be populated with the decimal representation (e.g
"1"). - REGISTRY_
DATA_ TYPE - Standard registry type for encoding contents
- REGISTRY_
HIVE - Abbreviated name for the hive.
- REGISTRY_
KEY - Hive-relative path of keys.
- REGISTRY_
PATH - Full path, including hive, key and value
- REGISTRY_
VALUE - Name of the value written.