Transcript
Presented by gopinathan.rmISAS
Microsoft Registry Editor
The Registry is the heart and soul of Microsoft Windows XP and can be called as “building block of OS” . Simply put, the registry is nothing more than your computer's settings.
Lineage of Registry
MS−DOS
Every application that ran on MS−DOS was responsible for managing its own settings.
Microsoft Windows 3.0
This version provided INI files for storing settings. Every application had its own INI files.
Windows 3.1
Registry was introduced as a tool for storing OLE (object linking and embedding) settings.
And Windows 95 & Windows NT 3.5 expanded the registry to the configuration database that Windows XP uses now.
See the contrast between the two extreme ends
Microsoft windows registry 3.11
Microsoft Windows registry vista
Some of its main functions ……………..
I. The registry contains the configuration data that makes the operating system work.
II. It enables you to customize Windows XP in ways you can't through the user interface.
III. The registry enables developers to organize configuration data in ways that are impossible with INI files.
IV. Windows XP and every application that runs on Microsoft's latest desktop operating system do absolutely nothing without consulting the registry first.
V. For each and every double−click , Windows XP consults the registry to figure out what to do with it.
VI. When a device is installed , Windows XP assigns resources to the device based on information in the registry and then stores the device's configuration in the registry.
VII. When an application such as Microsoft Word 2002 is being run , the application looks up your preferences in the registry.
Who uses registry ? This might be question arising in everybody’s mind, when dealing
with this topic …….
This built-in facility of Microsoft Windows Xp is used by,
Power users IT professionals Hackers
Power users
Mastering the registry has concrete advantages for power users,
Backing up settings is a bit easier They can customize Windows XP and its
applications
For example, they can redirect your Favorites folder to a different place, improve your Internet connection's performance.
IT professionals
Policy management is a biggest feature and IT professionals use policies to configure computer and user settings to a standard, and users can't change those settings.
Some of those features include: Deployment customization Folder redirection Hardware profiles Offline files Performance monitoring Roaming user profiles Windows Management Instrumentation
Hackers
Many optimization and "hacking" tools are available to modify this portion of the Windows operating system; it is preferable not to use them unless one has a knowledge of registry workings or wishes to learn more about the registry.
Resource hacking Gain unauthorized access to remote computer Software cracking Etc and the list goes on and on
Terminologies
%USERPROFILE% represents the current user profile folder. Thus, if you log on to the computer as gopi and your profile folders are in C:\Documents and Settings\ gopi i.e. %USERPROFILE% to C:\Documents and Settings\ gopi.
%SYSTEMDRIVE% is the drive that contains Windows XP's system files. That's usually drive C.
%SYSTEMROOT% is the folder containing Windows XP. In a clean installation, this is usually C:\Windows
Warning !
Registry is a great paradox .On the one hand, it's the central place for all of Windows XP's configuration data. On the other hand, the fact that the registry is so critical, also makes it one of the operating system's weaknesses. If the registry fails, Windows XP fails.
Getting started !
Click on Start button
Then on Run from menu
Run dialogue box will appear
In the Open text box type the command “regedit” or “regedt32.exe”
Structure of the Registry
The structure of Windows XP's registry is so similar to the structure of its file system
In the editor's left pane, which is called the key pane, just as Windows Explorer's left pane. Each folder in the key pane is a registry key.
In the editor's right pane, which is called the value pane, you see a key's values.
ILUSTRATION
Basics of Registry Keys
Keys are so similar to folders (Registry Editor even uses the same icon for keys as Windows Explorer uses for folders) that they have the same naming rules.
A key's name is limited to 256 Unicode characters, and you can use any ASCII character in the name other than a backslash (\), asterisk (*), and question mark (?).
In addition, Windows XP reserves all names that begin with a period for its own use.
Root keys
HKEY_CLASSES_ROOT HKEY_CURRENT_USER HKEY_LOCAL_MACHINE HKEY_USERS HKEY_CURRENT_CONFIG
Abbreviations used here -
HKEY_CLASSES_ROOT HKCR
HKEY_CURRENT_USER HKCU
HKEY_LOCAL_MACHINE HKLM
HKEY_USERS HKU
HKEY_CURRENT_CONFIG HKCC
Values
Each key contains one or more values. A value's name is similar to a file's name. A value's type is similar to a file's extension, which
indicates its type. A value's data is similar to the file's actual
contents.
Parts of a value
Name Every value has a name. The same rules for naming keys apply to values: up to 256 Unicode
characters except for the backslash (\), asterisk (*), and question mark (?), with Windows XP reserving all names that begin with a period. Within each key, value names must be unique, but different keys can have values with the same name.
Type Each value's type determines the type of data that it contains. For example, a REG_DWORD value contains a double-word number, and a
REG_SZ value contains a string.
Data Each value can be empty or null or can contain data. A value's data can be a maximum of 32,767 bytes, but the practical limit
is 2 KB. The data usually corresponds to the type, except that binary values can
contain strings, double−words, or anything else for that matter.
Default value
Default value is displayed as (Default). Default value is almost always a string
type. In most cases, the default value is null
and Registry Editor displays its data as (value
not set). When instructions require that you
HKEY_CURRENT_USER
Contains the root of the configuration information for the user who is currently logged on. The users folders, screen colors and control panel settings are stored here. This information is referred to as a users profile.
HKEY_USERS
Contains the root of all user profiles on the computer. HKEY_CURRENT_USER is a sub-key of HKEY_USERS.
HKEY_LOCAL_MACHINE
Contains the configuration particular to the computer (for any user).
HKEY_CLASSES_ROOT
It is sub-key of HKEY_LOCAL_MACHINE\SOFTWARE. The information stored here ensures that the correct program opens when you open a file by using windows explorer.
HKEY_CURRENT_CONFIG
Contains information about the hardware profile used by the local computer at system startup.
Editing the registry
Programs or scripts
The registry can be edited through
the APIs of the Advanced
Windows 32 Base API Library
(advapi32.dll). Some
programming languages, like
Visual Basic , Perl, VBScript, enable registry editing
from scripts.
Command line editingThe registry can be manipulated
from the command line
with the reg.exe utility. It is included in
Windows XP and Windows Vista
and can be downloaded
separately for previous versions.
Using registry editor – Manual editing
Using registry editor and customizing your computer Disable right click Disable Run from start menu Disable Volume Disable Control panel Creating a System key Disable Appearance tab Disable Settings tab Disable Screen saver tab Disable Password changing
Disable right click
Description Value Path
To Disable using right click
NAME:NOVIEWCONTEXTMENU
TYPE:DWORD
VALUE:1/0
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENT VERSION\POLICIES\EXPLORER
Disable Run from start menu
Description Value Path
To disable run from start menu
NAME:NORUN
TYPE:DWORD
VALUE:1/0
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENT VERSION\POLICIES\EXPLORER
Disable volume
Description Value Path
To disable using a volume
To disable all drives
NAME:NODRIVES
TYPE:DWORD
VALUE:A: 1B: 2C: 4D: 8E: 16F: 32 etc 6FFFFFF
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENT VERSION\POLICIES\EXPLORER
Disable control panel
Description Value Path
To disable control panel
NAME:NOCONTROLPANEL
TYPE:DWORD
VALUE:0\1
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENT VERSION\POLICIES\EXPLORER
Create a system key
Open registry editor Go to the path:
HKEY_CURRENT _USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENT VERSION\POLICIES
Make a right click In the pop menu select New and then Key Name it as System
Disable appearance tab
Description Value Path
To disable appearance tab
NAME:NODISPAPPEARANCEPAGE
TYPE:DWORD
VALUE:0\1
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENT VERSION\POLICIES\SYSTEM
Disable settings tab
Description Value Path
To disable settings tab
NAME:NODISPSETTINGSPAGE
TYPE:DWORD
VALUE:0\1
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENT VERSION\POLICIES\SYSTEM
Disable screensaver tab
Description Value Path
To disable screen saver tab
NAME:NODISPSCRSAVPAGE
TYPE:DWORD
VALUE:0\1
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENT VERSION\POLICIES\SYSTEM
Disable changing password
Description Value Path
To disable changing password
NAME:DISABLECHANGEPASSWORD
TYPE:DWORD
VALUE:0\1
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENT VERSION\POLICIES\SYSTEM
Registry Management Tools
Hundreds of third−party and shareware registry tools are available. You learn about many of them throughout this book. Some tools I use more often than others, though, and here's an introduction to them:
Registry Editor This is the primary tool you use to edit settings in the registry.
Console Registry Tool for Windows (Reg.exe) This command−line registry tool supports most of the capabilities of Registry
Editor. The significance of this tool is that it allows you to script edits in batch files.
WinDiff This tool comes with the Windows XP Support Tools, which you install from \
Support\Tools on the Windows XP CD. Most of the Windows 2000 Resource Kit tools still work well in Windows
XP, and you can download many of them from Microsoft's Web site at http://www.microsoft.com/windows2000/techinfo/reskit/tools/default.asp.
Thank you
top related