Windows System Registry

On Tuesday, July 15, 2008 No comments

Understanding the basic structure

Windows is what is known as a "graphical user interface", allowing users to point and click their way through various icons to change settings via various checkboxes and menus. However, there is another way to customize virtually everything in the operating system all from a single point - the System Registry. In fact, some options can only be set via the System Registry - the choice simply doesn't exist in the graphical menus.

Almost all software installed on the PC will impact the System Registry. Preferences regarding hardware, options, and other software settings will all be added to the huge database of the Registry. Thus the System Registry isn't just the central nervous system for the Operating System (OS), it's the central nervous system for the OS and any applications installed to that OS.


The System Registry is also where malware "registers" itself to run on the system, or makes other modifications that can have a critical impact on the functioning of your PC.

Thus, familiarizing yourself with the System Registry is not just a good way to tweak your PC, it's essential if you wish to be able to manually defend it.

The System Registy operates much like Windows Explorer. That is to say, top tier items are folders known as keys which, when expanded, display various second tier items, also known as keys. Additional third-tier keys may also be contained within second tier keys, etc. In other words, just as Windows has folders and subfolders, the registry has keys and subkeys. Within those keys are values. To see the values a particular key contains, you first select (highlight) the key in the left pane, and the value(s) will appear in the right pane.

When a key is collapsed - that is to say, all the other keys within it are not visible - a + sign will appear to the left of the key name in the left pane. Clicking the + sign will expand that key. The key will now have a - sign to the left of it and second tier keys will be seen below it. When a + sign appears to the left of a key name, it means that other keys are contained within it.



How To Open the System Registry

Accessing the System Registry is quite easy. But be careful - don't make any changes until you've done a backup of the Registry!
Difficulty: Easy
Time Required: 1 minute

Here's How:

  1. Click Start
  2. Click Run
  3. Type REGEDIT
  4. Click OK
  5. The Registry Editor will now open
  6. To close the Registry Editor, click File | Exit


How To Backup the System Registry

The System Registry is critical to the functioning of the Windows operating system. Before making any changes to the Registry, you should first make a backup of it. Fortunately, it is quite easy to do so.
Difficulty: Easy
Time Required: 5 minutes

Here's How:

  1. Click Start
  2. Click Run
  3. Type REGEDIT
  4. Click OK
  5. The Registry Editor dialog box will now appear
  6. Click File
  7. Click Export
  8. Choose the desired directory to save the backup in
  9. Type in the desired name for the backup file
  10. Click Save
  11. Close the Registry by choosing File | Exit


How To Backup individual Registry keys

Before making a change to a key or key value, it's a good idea to make a copy of the original key. Then, if something goes wrong, it will be an easy fix to get back to where you started.
Difficulty: Easy
Time Required: 1

Here's How:

  1. Click Start
  2. Click Run
  3. Type REGEDIT
  4. Click OK
  5. The Registry Editor will open
  6. Manuever to the desired key
  7. Right-click the desired key
  8. Choose Copy Key Name from the right-click menu
  9. Open Notepad
  10. In Notepad, click Edit | Paste. The copied key will now appear in Notepad.
  11. Still in Notepad, click File | Save. Browse to the desired location you wish to save the file in and type in a name for the file using the extension .REG
  12. Click the Save as Type option and change it to "All Files". Click OK. The registry key can be easily restored by browsing to the location of the saved .REG file and double-clicking it. Doing so will automatically restore it to the proper location in the System Registry.


How To Edit the System Registry

So you've made a backup of the entire Registry and a copy of the key name. Now you're ready to make that modification. Here's how.
Difficulty: Easy
Time Required: 2

Here's How:

  1. Click Start
  2. Click Run
  3. Type REGEDIT
  4. Click OK
  5. The Registry Editor will now open
  6. Browse to the key containing the value you wish to modify. Click once to highlight the key.
  7. The values contained in the key will now appear in the right pane. Right-click the value you wish to modify.
  8. From the right-click menu, choose the action you wish to take: Modify; Modify Binary Data; Delete; or Rename.


Source : http://antivirus.about.com/cs/tutorials/a/registry.htm

Categories:

0 comments:

Post a Comment