The Select registry key provides the number of the system's CurrentControlSet. The CurrentControlSet contains important configuration for the Windows operating system, and several different Control Sets may be available within a system's registry.
In general, ControlSet001 will be the most recent Control Set that has been booted under, whereas ControlSet002 functions as a backup of a known-good state for the Control Set.
- Endpoint - Enumeration
- Windows 11
- Windows 10
- Windows 8
- Windows 7
- Windows Vista
- Windows XP
- Windows Server 2019
- Windows Server 2016
- Windows Server 2012 R2
- Windows Server 2012
- Windows Server 2008 R2
- Windows Server 2008
- Windows Server 2003 R2
- Windows Server 2003
🔋 Live System:
HKEY_LOCAL_MACHINE\SYSTEM\Select
🔌 Offline system:
- File:
%SystemRoot%\System32\config\SYSTEM - Key:
SYSTEM\Select
- RegistryExplorer (Eric Zimmerman)
Within the Select key, the value named Current identifies the CurrentControlSet by an integer. If the value is 1 for instance, that means that the CurrentControlSet on a live system will point to ControlSet001.
In the following example, the Select value's data is 1, indicating that the CurrentControlSet is ControlSet001.
PS> Get-ItemProperty -Path "HKLM:\SYSTEM\Select" -Name *
Current : 1
Default : 1
Failed : 0
LastKnownGood : 1
This example was produced on Windows 10, Version 10.0.19044 Build 19044