The Registry is the heart and soul of Microsoft Windows XP and can be called as“building block of OS” . Simply put, the registry is nothing more than your computerssettings.
Lineage of Registry MS−DOS Every application that ran on MS−DOS was responsible for managing its own settings. Microsoft Windows 3.0 This version provided INI files for storing settings. Every application had its own INI files. Windows 3.1 Registry was introduced as a tool for storing OLE (object linking and embedding) settings. And Windows 95 & Windows NT 3.5 expanded the registry to the configuration database that Windows XP uses now. See the contrast between the two extreme ends
Some of its main functions ……………..I. The registry contains the configuration data that makes the operating system work.II. It enables you to customize Windows XP in ways you cant through the user interface.III. The registry enables developers to organize configuration data in ways that are impossible with INI files.IV. Windows XP and every application that runs on Microsofts latest desktop operating system do absolutely nothing without consulting the registry first.V. For each and every double−click , Windows XP consults the registry to figure out what to do with it.VI. When a device is installed , Windows XP assigns resources to the device based on information in the registry and then stores the devices configuration in the registry.VII. When an application such as Microsoft Word 2002 is being run , the application looks up your preferences in the registry.
Who uses registry ?This might be question arising in everybody’s mind, when dealing with this topic ……. This built-in facility of Microsoft Windows Xp is used by, Power users IT professionals Hackers
Power users Mastering the registry has concrete advantages for power users, Backing up settings is a bit easier They can customize Windows XP and its applications For example, they can redirect your Favorites folder to a different place, improve your Internet connections performance.
IT professionals Policy management is a biggest feature and IT professionals use policies to configure computer and user settings to a standard, and users cant change those settings. Some of those features include: Deployment customization Folder redirection Hardware profiles Offline files Performance monitoring Roaming user profiles Windows Management Instrumentation
Hackers Many optimization and "hacking" tools are available to modify this portion of the Windows operating system; it is preferable not to use them unless one has a knowledge of registry workings or wishes to learn more about the registry. Resource hacking Gain unauthorized access to remote computer Software cracking Etc and the list goes on and on
Terminologies %USERPROFILE% represents the current user profile folder. Thus, if you log on to the computer as gopi and your profile folders are in C:Documents and Settings gopi i.e. %USERPROFILE% to C:Documents and Settings gopi. %SYSTEMDRIVE% is the drive that contains Windows XPs system files. Thats usually drive C. %SYSTEMROOT% is the folder containing Windows XP. In a clean installation, this is usually C:Windows
Warning !Registry is a great paradox .On the one hand, its the central placefor all of Windows XPs configuration data. On the other hand, thefact that the registry is so critical, also makes it one of the operatingsystems weaknesses. If the registry fails, Windows XP fails.
Getting started ! Click on Start button Then on Run from menu Run dialogue box will appearIn the Open text box type the command “regedit” or “regedt32.exe”
Structure of the Registry The structure of Windows XPs registry is so similar to the structure of its file system In the editors left pane, which is called the key pane, just as Windows Explorers left pane. Each folder in the key pane is a registry key. In the editors right pane, which is called the value pane, you see a keys values.
Basics of Registry Keys Keys are so similar to folders (Registry Editor even uses the same icon for keys as Windows Explorer uses for folders) that they have the same naming rules. A keys name is limited to 256 Unicode characters, and you can use any ASCII character in the name other than a backslash (), asterisk (*), and question mark (?). In addition, Windows XP reserves all names that begin with a period for its own use.
Abbreviations used here -HKEY_CLASSES_ROOT HKCRHKEY_CURRENT_USER HKCUHKEY_LOCAL_MACHINE HKLMHKEY_USERS HKU
Values Each key contains one or more values. A values name is similar to a files name. A values type is similar to a files extension, which indicates its type. A values data is similar to the files actual contents.
Parts of a valueName Every value has a name. The same rules for naming keys apply to values: up to 256 Unicode characters except for the backslash (), asterisk (*), and question mark (?), with Windows XP reserving all names that begin with a period. Within each key, value names must be unique, but different keys can have values with the same name.Type Each values type determines the type of data that it contains. For example, a REG_DWORD value contains a double-word number, and a REG_SZ value contains a string.Data Each value can be empty or null or can contain data. A values data can be a maximum of 32,767 bytes, but the practical limit is 2 KB. The data usually corresponds to the type, except that binary values can contain strings, double−words, or anything else for that matter.
Default value Default value is displayed as (Default). Default value is almost always a string type. In most cases, the default value is null and Registry Editor displays its data as (value not set). When instructions require that you
HKEY_CURRENT_USERContains the root of the configuration information for the user who is currently logged on. The users folders, screen colors and control panel settings are stored here. This information is referred to as a users profile.
HKEY_USERSContains the root of all user profiles on the computer. HKEY_CURRENT_USER is a sub- key of HKEY_USERS.
HKEY_LOCAL_MACHINEContains the configuration particular to the computer (for any user).
HKEY_CLASSES_ROOTIt is sub-key of HKEY_LOCAL_MACHINESOFTWARE. The information stored here ensures that the correct program opens when you open a file by using windows explorer.
HKEY_CURRENT_CONFIGContains information about the hardware profile used by the local computer at system startup.
Editing the registry Command lineManual editing Programs or scripts editingThe registry can be The registry can be edited The registry can beedited manually in through the APIs of the manipulated from theMicrosoft Windows by Advanced Windows 32 Base command line with therunning regedit.exe or API Library (advapi32.dll). reg.exe utility. It isregedt32.exe in the Some programming included in Windows XPWindows directory. languages, like Visual Basic and Windows Vista andHowever, careless , Perl, VBScript, enable can be downloadedregistry editing can registry editing from scripts. separately for previouscause irreversible versions.damage.
Using registry editor – Manual editingUsing registry editor and customizing your computer Disable right click Disable Run from start menu Disable Volume Disable Control panel Creating a System key Disable Appearance tab Disable Settings tab Disable Screen saver tab Disable Password changing
Disable right clickDescription Value PathTo Disable using NAME: HKEY_CURRENT_USERSOFTWARright click NOVIEWCONTEX EMICROSOFTWINDOWSCURREN TMENU T VERSIONPOLICIESEXPLORER TYPE: DWORD VALUE: 1/0
Disable Run from start menuDescription Value PathTo disable run NAME: HKEY_CURRENT_USERSOFTWARfrom start menu NORUN EMICROSOFTWINDOWSCURREN T VERSIONPOLICIESEXPLORER TYPE: DWORD VALUE: 1/0
Disable volumeDescription Value PathTo disable using a NAME: HKEY_CURRENT_USERSOFTvolume NODRIVES WAREMICROSOFTWINDOW SCURRENT TYPE: VERSIONPOLICIESEXPLORE DWORD R VALUE: A: 1 B: 2 C: 4 D: 8 E: 16 F: 32 etcTo disable alldrives 6FFFFFF
Disable control panelDescription Value PathTo disable control panel NAME: HKEY_CURRENT_USE NOCONTROLPANEL RSOFTWAREMICROS OFTWINDOWSCURR TYPE: ENT DWORD VERSIONPOLICIESEX PLORER VALUE: 01
Create a system key Open registry editor Go to the path: HKEY_CURRENT _USERSOFTWAREMICROSOFTWINDOWSCURRENT VERSIONPOLICIES Make a right click In the pop menu select New and then Key Name it as System
Disable appearance tabDescription Value PathTo disable NAME: HKEY_CURRENT_USERSOFTappearance tab NODISPAPPEARAN WAREMICROSOFTWINDOWS CEPAGE CURRENT VERSIONPOLICIESSYSTEM TYPE: DWORD VALUE: 01
Disable settings tabDescription Value PathTo disable settings tab NAME: HKEY_CURRENT_USE NODISPSETTINGSPAG RSOFTWAREMICROS E OFTWINDOWSCURR ENT TYPE: VERSIONPOLICIESSY DWORD STEM VALUE: 01
Registry Management ToolsHundreds of third−party and shareware registry tools are available. You learn about many of them throughout this book. Some tools I use more often than others, though, and heres an introduction to them: Registry Editor This is the primary tool you use to edit settings in the registry. Console Registry Tool for Windows (Reg.exe) This command−line registry tool supports most of the capabilities of Registry Editor. The significance of this tool is that it allows you to script edits in batch files. WinDiff This tool comes with the Windows XP Support Tools, which you install from SupportTools on the Windows XP CD. Most of the Windows 2000 Resource Kit tools still work well in Windows XP, and you can download many of them from Microsofts Web site at http://www.microsoft.com/windows2000/techinfo/reskit/tools/default.asp.