Windows Registry is a central database containing most of the “pointers” and “settings” for Windows, programs, hardware and users. Pointers tell Windows or programs where to find the resources required to perform specific actions. The ways that many actions are (or are not) performed are controlled by settings. Just about any setting that you change , either in Windows or a program , modifies the registry. There are some notable exceptions. Firefox, Thunderbird and many other programs avoid the Registry entirely by saving settings, etc. in their own file folders. The registry is dynamic and exists in memory only. The Registry only exists when Windows is running. It is built by Windows from the Hives, and other hardware information, during the start up process.
Why is Registry necessary:
The most important advantage of registry approach is that it separates Machine Configurations from User Settings. As these configurations are user based, keeping programs to be user-specific becomes easier. Registry values can be backed up more easily. Whenever some application crashes, all you have to do is to import the backed up settings. The state of entire system at certain instant can be saved to a specific location. Applications like Group Policy and many 3rd Party softwares may be used to customize a program stored in dispersed location. Modifying all aspects of a program paying attention to such a detail would have been a very tedious task. With registry concept, changes are automatically made wherever necessary. Registry can be accessed without parsing thus reading from and writing to registry is easier. Registry keys are independent of the Windows language, the OS installation drive and path and even the Windows versions. Thus different customized support and solution for different configurations becomes unnecessary.
The Registry Editor:
The Registry Editor makes the structure of the actual Registry visible as keys and values, in much the the same way that Windows Explorer makes folders and files visible. You can also edit the keys and values with the Registry Editor, which is similar to editing folders and files with Windows Explorer.
Go to Start Menu>Run, type “regedit” and hit Enter. The Registry Editor window opens up.
Hereo, on the right hand pane, you see the “folders” HKEY_CLASSES_ROOT, HKEY_CURRENT_USER, HKEY_LOCAL_MACHINE, HKEY_USERS, and HKEY_CURRENT_CONFIG
These five main folders are calles hives, and their sub folders are called keys. HK is an abbreviated form of “Handle to Key”. Each of these keys is divided into sub keys, which may contain further sub keys, and so on. Each key may contain entries with various types of values.
HKEY_CLASSES_ROOT
Contains file associations, OLE information and other system settings.
HKEY_CURRENT_USER
Settings that are specific to the currently logged in user.
HKEY_CURRENT_USER mirrors the current user’s subkey of HKEY_USERS.
HKEY_LOCAL_MACHINE
Contains information about hardware, and settings that apply globally. Main subkeys are Hardware, SAM, Security, Software, System.
HKEY_USERS
HKEY_USERS contains subkeys corresponding to the HKEY_CURRENT_USER keys for each user registered on the machine.
HKEY_CURRENT_CONFIG
Settings specific to the current hardware configuration. These information are gathered at run time. These keys are not permanently stored on disk. They are regenerated at every boot.
Each registry value is stored as one of the five main data types, viz
REG_BINARY
This type stores the value as raw binary data. Most hardware component information is stored as binary data, and can be displayed in an editor in hexadecimal format.
REG_DWORD
This type represents the data by a four byte number and is commonly used for boolean values, such as “0″ is disabled and “1″ is enabled. Additionally many parameters for device driver and services are this type, and can be displayed in REGEDT32 in binary, hexadecimal and decimal format, or in REGEDIT in hexadecimal and decimal format.
REG_EXPAND_SZ
This type is an expandable data string that is string containing a variable to be replaced when called by an application. For example, for the following value, the string “%SystemRoot%” will replaced by the actual location of the directory containing the Windows NT system files.
REG_MULTI_SZ
This type is a multiple string used to represent values that contain lists or multiple values, each entry is separated by a NULL character.
REG_SZ
This type is a standard string, used to represent human readable text values.
Editing the registry:
Click on the Start button, then select Run, and in the Open box type “regedit”, and hit Enter. In Registry Editor on the left side there is a tree with folders, and on the right the contents (values) of the currently selected folder. To expand a certain branch, click on the plus sign [+] to the left of any folder, or just double-click on the folder.
To display the contents of a key (folder), just click the desired key, and look at the values listed on the right side. You can add a new key or value by selecting New from the Edit menu, or by right-clicking your mouse. And you can rename any value and almost any key with the same method used to rename files; right-click on an object and click rename, or click on it twice, or just press F2 on the keyboard. You can delete a key or value by clicking on it, and pressing Delete on the keyboard, or by right-clicking on it, and choosing Delete.
To change an existing DWORD value you have two options, hexadecimal and decimal. Be sure you know what type the value should be,
200 hexadecimal is 256 decimal, c8 is hexadecimal for 200 decimal, for example. To change binary values it is a little more complicated because they are written in hex.
Importing and Exporting registry keys:
This should be done to any and all registry keys before changing them. It will give you an easy way of changing back any changes that you make editing the registry. Right click the key that you want to export, and select Export. Then give it a name so you remember what it is. I used the name “sample” here. Be sure you save the key with a .reg extension.
Now that you have exported keys to change back your changes, you need to know how to import them into the registry. Usually a double-click on a registry file will merge it for you unless you have changed the default action. Then you have to right-click the file and select Merge. An word of caution is, don’t double click on a file with .reg extension unless you want to merge this value to your registry.
You may also import a .reg file from the file menu of registry editor.
How to make .reg file of your own:
Best way to learn about the syntax of writing a .reg file is to export a key and opening the corresponding .reg file with a text editor preferably Notepad. You can do this simply by right clicking on the .reg file you’ve exported and then selecting “Edit”.
Now study the syntax. The version of windows registry editor is written at the very first line of the file. Then write the full path of the key you want to add or modify. The path should be enclosed within “[ ]“. The values that you want to set for its sub keys should immediately follow. The name of each key is within a ” “. Then comes an “=” sign followed by the value. For example, suppose you want to change the value of the key, HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters. Under this key you only want to change values of ForwardBufferMemory, NumForwardPackets, MaxForwardBufferMemory, MaxNumForwardPackets, leaving other values intact. Then write the following in Notepad.
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters]
“ForwardBufferMemory”=dword:00024a00
“NumForwardPackets”=dword:0000024a
“MaxForwardBufferMemory”=dword:00024a00
“MaxNumForwardPackets”=dword:0000024a
Then Save the document with an extension .reg with any suitable name, like a TCP or modification etc. Close Notepad. Go to the place where you’ve saved the .reg file. Right click on it and select Merge.
Create a Shortcut to Regedit:
This can be done by simply right-clicking on a blank area of your desktop, selecting New, then Shortcut, then in the Command line box enter “regedit.exe” and click Next, enter a name then click Finish and now you can double click on the new icon to launch the Registry Editor.
Visit Daily Linked For More Fun
No comments:
Post a Comment