Registry String Redirection / IPM Utility: Get@String

Monday, November 28, 2011

Jacques Bensimon sent over a great little registry utility and whole lot of education!  Read on …

Have you noticed that, starting with Vista/2008, some previously descriptive Registry entries (such as the names and descriptions of most system services, the descriptions of some file types under HKEY_CLASSES_ROOT, etc) are no longer in plain English (or whatever the language of the Windows installation) bur rather look like the highlighted values in the following screenshot?


These entries of the form “@filepath,-###” are examples of what Microsoft calls Registry String Redirection ( and are designed to keep the Registry “language-neutral” by replacing language-specific text with references to string resources somewhere in the file system.  For example, the DisplayName entry in the above screenshot, “@%SystemRoot%\system32\bdesvc.dll,-100”, is to be interpreted as “the string resource with ID 100 in the appropriate MUI language resource file for bdesvc.dll”, such as %SystemRoot%\system32\en-US\bdesvc.dll.mui.  This can be looked up for example with Resource Hacker, as in the following screenshot:


So now I know that BDESVC is the “BitLocker Drive Encryption Service” (that’s a relief:  I feared it might be the return of the Borland Database Engine!)

While Resource Hacker can be used in this roundabout fashion to retrieve the contents of redirected Registry strings, I thought a more direct solution might be useful, so here’s Get@String (the archive contains both 32-bit and 64-bit versions of the utility).  It can take a redirected string specification on its command line or it can be run interactively as follows:


results in


and changing the string ID to 101 results in



Next Post »