The Registry is a very critical part of the Windows operating system (OS). Its basically a database that contains all the configuration settings for the OS and its applications. By modifying it, you can customize the OS to work the way you want by turning on or off certain features.
Note: Before modifying the registry always make a backup of it. You can do this with the Backup utility that comes with Windows. All you have to do use 'System State data' option. To backup individual keys you can use the Registry Editor's 'Export...' command under the File menu. For more information, see the MSKB 322756.
Modifying the Registry
To modify the registry, you need to use the Windows Registry Editor. This tool is used for reading and writing data to this system area. The Registry Editor displays registry entries in a hierarchical tree structure, similar to the Windows Explorer metaphor for displaying files and folders.
Each node of the registry structure is called a 'key' (similar to a folder), and each key generally holds one or more different settings called 'values'. Each value can contain information stored in one of a few different data types. Below is a list of the registry data types:
- Binary (REG_BINARY): Holds binary data displayed in hexadecimal format.
- DWord (REG_DWORD): Data represented by a number that is 4 bytes long.
- Expandable String (REG_EXPAND_SZ): A variable-length data string.
- Multi-String (REG_MULTI_SZ): A list of multiple string values.
- String (REG_SZ): Holds a fixed length string.
- HKEY_CLASSES_ROOT: stores information about the different file types (such as .MP3, .BMP, .TXT, etc...).
- HKEY_CURRENT_USER: stores settings from the HKEY_USERS key which contains information about the current logged in user.
- HKEY_LOCAL_MACHINE: stores global system setting, if you make a change here it effects all users..
- HKEY_USERS: stores information about all the system's user accounts.
- HKEY_CURRENT_CONFIG: contains a copy of the information from all the other root keys that in referent to the current running sessions.
- From the Start menu, select Run..., type "regedit" and press the OK button.
- In the left pane, navigate to the registry key or area you want to modify. You do this by opening each folder and drilling down deeper into the registry structure.
- From here you can create, modify or delete a registry key.
- To create it: right-click a registry key, and select New > Key.
- To rename it: right-click it, and select Rename. Give it a new name, and then press the Enter key.
- To delete it: right-click it, and select Delete.
- After you find the registry key you're looking for, in the right pane you can create, delete, or modify the registry value.
- To create it: right-click a registry key, and select New, then select a value type (i.e.: DWord, String, Binary, etc.). Give the value a name, then press the Enter key. Double-click the value, enter the data, and then press the OK button.
- To modify it: double-click on it, and enter a new data value.
- To delete it: right-click it, and select Delete.
- Press OK button, and close the Registry Editor.
Registry File Information
For thoses people who like to know everything, below is a list of files that are used for storing the differnent registry hives (i.e.: a group of keys, subkeys, and values). These files are stored in the %SystemRoot%\System32\Config folder.
Note: The HKEY_CURRENT_USER (i.e.: Ntuser.dat, Ntuser.dat.log, Ntuser.bak) hive is stored in the %UserProfile% folder.
Registry hive | Supporting files |
HKEY_LOCAL_MACHINE\SAM | Sam, Sam.Log, Sam.bak |
HKEY_LOCAL_MACHINE\Security | Security, Security.log, Security.bak |
HKEY_LOCAL_MACHINE\Software | Software, Software.log, Software.bak |
HKEY_LOCAL_MACHINE\System | System, System.log, System.bak |
HKEY_CURRENT_CONFIG | System, System.log, System.bak, Ntuser.dat, Ntuser.dat.log, Ntuser.bak |
HKEY_USERS\DEFAULT | Default, Default.log, Default.bak |
No comments:
Post a Comment