Docstoc

Windows Registry

Document Sample
Windows Registry Powered By Docstoc
					WINDOWS
      REGISTRY
Editing the registry is not as hard as you might think, but you
need to understand
what you’re doing, and it’s essential to make a backup before you
make any changes so that you can back them out if necessary.
INTRODUCTION
   Defination
       The Windows Registry is a collection of database used by Microsoft
        Windows to store configuration information about the software
        installed on a computer. This information includes things like the
        desktop background, program settings, and file extension
        associations.


   Windows Registry Availability
       The Windows Registry and the Microsoft Registry Editor program
        are available in nearly every Microsoft Windows version including
        Windows 7, Windows Vista, Windows XP, Windows 2000, Windows
        NT, Windows 98, Windows 95, and more.
   What is the Windows Registry Used For?

       The Windows Registry is used to store much of the
        information and settings for software programs, hardware
        devices, user preferences, operating system
        configurations, and much more.

       In many ways, the registry can be thought of as a kind of
        DNA for the Windows operating system.
   Registry Editor
     Registry Editor is the tool used to view, create, and modify the keys and
      values that make up the registry.
     All versions of Windows that utilize the registry include a copy of Registry
      Editor by default.




       Also Known As: Regedit
   Basic Microsoft Registry Editor Functions:
       Even though the registry contains thousands of values, there are only a few
        things you need to know before you're able to make nearly any registry change.
       Backup the Entire Registry
       Backup Registry Keys
       Delete Registry Keys
       Restore Registry Keys


   The Structure of The Registry :
       The Registry has a hierarchal structure, although it looks complicated the
        structure is similar to the directory structure on your hard disk, with Regedit
        being similar to Windows Explorer.

       Each main branch (denoted by a folder icon in the Registry Editor, see left) is
        called a Hive, and Hives contains Keys. Each key can contain other keys
        (sometimes referred to as sub-keys), as well as Values. The values contain the
        actual information stored in the Registry.
   Registry Hive
     Also Known As: root key
     There are five main branches, each containing a specific portion of the
      information stored in the Registry. They are as follows:

           HKEY_CLASSES_ROOT - This branch contains file association mappings, shortcut
            destinations, object linking and embedding (OLE) information, and core aspects of
            the Windows user interface.

           HKEY_CURRENT_USER - This branch is user-specific, and links to a section within
            HKEY_USERS depending on the user that is currently logged onto the PC, which
            contains information such as logon names, desktop settings, and Start menu settings.

           HKEY_LOCAL_MACHINE - This branch contains machine-wide information about the
            specific type of hardware, software, and other preferences on a given PC, and is
            available to every user who logs onto the computer.

           HKEY_USERS - This contains different Sub Keys for each user and their individual
            preferences.

           HKEY_CURRENT_CONFIG - This branch links to a specific section                     in
            HKEY_LOCAL_MACHINE depending on the current hardware configuration.
   Registry Key
     Definition: A key in the Windows Registry can be thought of like a file
      folder. A key that sits within another key is called a "subkey."
     Registry keys may contain additional registry subkeys and registry values
      and will always exist under the highest key in the hierarchy called a
      registry hive.
     Also Known As: registry subkey, registry entry



   Registry Value
     Definition: A value in the Windows Registry contains specific instructions
      for your Windows installation.
     Many kinds of registry values exist including string values, binary values,
      DWORD (32-bit) values, QWORD (64-bit) values, multi-string values, and
      expandable string values.
   REG_SZ – This type is a standard string, used to represent human readable text
    values.


   REG_BINARY – This type is typically used by hardware components, which
    store information as raw binary data: 0’s and 1’s.


   REG_MULTI_SZ – This data type is a multiple string used to represent values
    that contain lists or multiple values, with each entry separated by a NULL
    character.


   REG_DWORD – This data type is a Double Word, or a 32-bit numeric value, and
    can hold any number from 0 to 232.


   REG_QWORD - A 64-bit numeric value.


   REG_EXPAND_SZ – This type is an expandable string that contains a variable
    that is replaced when called by an application. For example, a value containing
    the string “%SystemRoot%” will be replaced by the location of the directory
    containing system files.
 Using   Regedit
     Modify your Registry
     Importing and Exporting Registry Settings
     Deleting keys or values
   Windows Registry Via the Command Line

       There are times when you may need to make changes to the Windows
        Registry via the command line, scripting in Windows is one example.


       Using Reg.Exe
           Microsoft provide the command line tool Reg.Exe for working with
            the Windows Registry for users of Windows XP/Vista/7. It comes
            with the following built in functions:

            QUERY / ADD / DELETE / COPY / EXPORT / IMPORT

            we can look at some common examples of each.
   QUERY
       The REG QUERY command allows the user to query a single key for a
        single value, or a range of keys for all their values. To display the full
        range of parameters that can be used, type the following into the
        command line: reg query /?


       Example

           To display all subkeys and values under the key
            HKLM\Software\Microsoft\ResKit\Nt\Setup on a remote computer named
            ABC, type:
            REG QUERY \\ABC\HKLM\Software\Microsoft\ResKit\Nt\Setup /s
   ADD
       The REG ADD command allows the user to add new keys and values to
        the Registry. To display the full range of parameters that can be used,
        type the following into the command line: reg add /?

           REG ADD KeyName [/v ValueName | /ve] [/t Type] [/s Separator] [/d
            Data] [/f]


    Example

           To add a registry entry to HKLM\Software\MyNewApp with a value named
            Data of type REG_BINARY and data of fe340ead, type:

            REG ADD HKLM\Software\MyNewApp /v Data /t REG_BINARY /d
            fe340ead
   DELETE
       The REG DELETE command allows the user to remove a Registry key or
        value (it will remove all subkeys and values beneath the key - but will always
        confirm you wish to perform the deletion first.) You should perform this as
        an Administrator. To display the full range of parameters that can be used,
        type the following into the command line: reg delete /?

           REG DELETE KeyName [/v ValueName | /ve | /va] [/f]


    Example

           To delete the registry key Timeout and its all subkeys and values, type:

            REG DELETE HKLM\Software\MyCo\MyApp\Timeout
   COPY
      The REG COPY command allows the user to copy a single value or an entire hive
       from its original location to another - local or remote. This is a VERY popular
       command for administrators supporting Windows computers. To display the full
       range of parameters that can be used, type the following into the command line:
       reg copy /?
         REG COPY KeyName1 KeyName2 [/s] [/f]




   EXPORT
      The REG EXPORT command allows the user to copy the specified subkeys,
       entries, and values of the local computer into a file for transfer to other servers.
       To display the full range of parameters that can be used, type the following into
       the command line: reg export /?
         REG EXPORT KeyName FileName




   IMPORT
      The REG IMPORT command allows the user to copy the contents of a file that
       contains exported registry subkeys, entries, and values into the registry of the
       local computer. To display the full range of parameters that can be used, type the
       following into the command line: reg import /?
         REG IMPORT FileName
   Registry Access Facilities in .NET

       There are built-in classes in .NET that provide facility to access the
        Windows Registry from within your application.

       Registry is a built-in class that helps in manipulating a Registry.
        RegistryKey is another class that helps manipulate a key in the Registry.
        By using these classes, one can access the Windows Registry in an easy
        and efficient manner. They have an exhaustive collection of built-in
        attributes and methods that facilitate the Registry manipulations.

       On the other hand, Win32 APIs also could be used to manipulate the
        Windows Registry. This method is applicable for Visual Basic 6 also. There
        are separate functions for creating, opening, closing, and deleting keys
        and storing, retrieving, and modifying values of a key.
ADVANTAGE
   Registry backup
   Faster access
   Strongly typed data
   Separation of machine and user configuration information
   Remote access
   Standardization
   Database structure
DISADVANTAGE
   Backuping up specific keys difficulty
   Change danger
   Binary files
   Overhead
   Install / Un-install difficulty
   Difficult structure to navigate
   Orphaned references
   Direct copy difficulty

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:0
posted:12/3/2012
language:English
pages:17