Scribd
Upload
254 views31 pages

Windows Registry

The document discusses the Windows Registry, explaining that it is a central database that stores configuration settings and other information about the computer's hardware, users, and installed applications. It provides advice on when and how to edit the registry, emphasizing the importance of backing up the registry first to avoid potential issues. The document also gives an overview of the structure and contents of the main registry keys.

Uploaded by

Totu
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
254 views31 pages

Windows Registry

The document discusses the Windows Registry, explaining that it is a central database that stores configuration settings and other information about the computer's hardware, users, and installed applications. It provides advice on when and how to edit the registry, emphasizing the importance of backing up the registry first to avoid potential issues. The document also gives an overview of the structure and contents of the main registry keys.

Uploaded by

Totu
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
You are on page 1/ 31

Your Friend and Mine

The Windows Registry


What is the Registry?

► Think of as a giant 411 switchboard


► Simple idea of centralized one-stop shopping for
all of Windows’ needs
► Everything else is a GUI for it:
 Windows Control Panel
 File Associations
 Startup Folder
► Information about WHAT and WHERE things are
but not specifics on HOW to run them
Why Edit the Registry?
► Registry is the ULTIMATE authority
► Editing it directly allows greater control over
what windows does
► Allows control over some features that don’t
have a GUI
► When things go bad…
Editing the Registry:
The Choice is Simple
► Regedit.exe ► Regedt32.exe
 Designed for single  Designed primarily for
user registries. networked registries
 Cleaner interface  Available in Windows
 Available in all 2000, and NT
supported versions of  Merged with
Windows regedit.exe in Windows
XP
Registry Basics
► Keysand Subkeys(Folders)
► Reg_Dword (Numbers)
 Hexadecimal (decimal)
►0x0000001 (1)
 True =1 False =0
► Reg_SZ (String)
 Stores strings (paths to files, etc.)
 Can be encrypted
Backup First!!
► The registry stores everything that windows
knows about the computer…let that sink in.
► Backup first!
► File =>Export or File =>Backup
► “Scanreg /backup” and System Restore
► MISTAKE=FORMAT!
Organization of the Registry

Local
Machine

Current Current
Config User
Registry
(Hkey)

Classes
Users
Root
The forgotten one-
HKey_Current_Config\
► Stores temporary information about
computer’s settings
► Barely implemented
► \Microsoft\Windows\CurrentVersion\InternetSettings (proxy enable)
The User Database
► Personalized Settings
for Windows
 Themes
All Users
 Accessibility HKey_Users
(2k/Me/XP)
 Preferences
► The Cycle- DB
► Saved on Exit
► Edit only Current_User Current User
Important Stuff in HKCU
► AppEvents= Themes (Event Sounds)
► ControlPanel = duh!
►ScreenSaver
►Desktop

► Software=User Preferences
►\Microsoft\Office\x.y\ (office prefs)
► These keys are usually system safe to
delete
Important Stuff in HKCU
► AppEvents= Themes (Event Sounds)
► ControlPanel = duh!
►ScreenSaver
►Desktop

► Software=User Preferences
►\Microsoft\Office\x.y\ (office prefs)
► These keys are usually system safe to
delete
Hkey_Classes_Root:
What should I do with that?
► Handles file
extensions/
.mp3 associations and
links to methods
(Default) ContentType OpenWithList ► Choose what
opens with what
MMJB.mp3 Icon Command (remove old apps)
 Who wins with
Icon
multiple apps
 .mp3 =>
MMJB.mp3 and
Command
mp3file
► .EXE’s + Viruses
Hkey_Classes_Root:
What should I do with that?
► Handles file
extensions/
.mp3 associations and
links to methods
(Default) ContentType OpenWithList ► Choose what
opens with what
MMJB.mp3 Icon Command (remove old apps)
 Who wins with
Icon
multiple apps
 .mp3 =>
MMJB.mp3 and
Command
mp3file
► .EXE’s + Viruses
Hkey_Classes_Root:
What should I do with that?
► Handles file
extensions/
.mp3 associations and
links to methods
(Default) ContentType OpenWithList ► Choose what
opens with what
MMJB.mp3 Icon Command (remove old apps)
 Who wins with
Icon
multiple apps
 .mp3 =>
MMJB.mp3 and
Command
mp3file
► .EXE’s + Viruses
Hkey_Local_Machine

HKey_Local_Machine

Software System Hardware

\Microsoft\Windows Applications Control Sets/HW Profiles

► Software-Application Settinsg
► System- Control Sets
 Control Sets = Windows HW Profiles
► Otherwise leave it alone!
Hkey_Local_Machine

HKey_Local_Machine

Software System Hardware

\Microsoft\Windows Applications Control Sets/HW Profiles

► Software-Application Settings
► System- Control Sets
 Control Sets = Windows HW Profiles
► Otherwise leave it alone!
\CurrentControlSet
► \Enum\ – same as Device Mgr
► \Control\Class- Driver Database
► HKLM\System\CurrentControlSet\Services
 This is the source of a lot of errors
► \Services\VxD
 Those pesky VxD’s are stored here
\Software\Microsoft\Windows\Current Version

► /AppPath – points to registered apps


► /Run/ vs /Run-/
► /Setup/
 Change install path
 Finding CD keys (shhh!)
Registry Tricks
► Backup first!
► If you can’t find it – Search!
► Copy to regedit.com if you’re infected by
virus.
► www.regedit.com for more info

You might also like