In today’s edition of Geek School, we’re going to teach you how to use the Registry Editor, what some of these keys actually mean, and generally help you understand it a little better.

NAVIGATION

  1. Using Task Scheduler to Run Processes Later
  2. Using the Event Viewer to Troubleshoot Issues
  3. Understanding Hard Drive Partitioning with Disk Management
  4. Learn to Use Registry Editor Like a Pro
  5. Monitoring Your PC with Resource Monitor and Task Manager
  6. Understanding the Advanced System Properties Panel
  7. Understanding and Managing Windows Services
  8. Using the Group Policy Editor to Customize Your PC
  9. Understanding Windows Administration Tools

Over the years, we have looked at many ways to hack the registry, and while most people can work through step-by-step instructions for making registry changes or double-clicking a .reg file to insert it into the registry, you will be much better served with a solid knowledge of what is registry and how it works.

The most important thing to know about the registry is that you probably shouldn’t just sit back and delete or change things for no reason. Removing a large portion of the registry will never make your computer run faster, nor will there be a registry hack that will speed up your computer or give you some important new features that don’t exist.

Almost all registry hacks involve either tweaking the behavior of certain components in Windows, or disabling a behavior you don’t like. For example, if you want to completely disable SkyDrive/OneDrive from Windows, you can use a registry hack to do so. If you’re sick of having to force restart your Windows Update, you can hack the registry to stop it.

What is a registry?

The Windows Registry is a hierarchical database that contains all the configurations and settings used by components, services, applications, and just about everything in Windows.

A registry must take into account two basic concepts: keys and values. Registry keys are objects that are basically folders and even look like folders in the interface. Values ​​are a bit like files in folders, and they contain the actual settings.

When you first open Registry Editor, you will see a tree view on the left pane that contains all the keys and the values ​​on the right side. It’s as simple as the interface.

clip_image002

The root level keys you see on the left side of the screenshot are important. Each one contains a different set of information, so depending on what you’re trying to do, you’ll need to know which section to jump to.

Interestingly, what most people don’t know is that three of the five elements at the root level are actually missing… they’re just linked to the elements below in one of the other keys.

HKEY_CLASSES_ROOT

On Windows, this section is used to manage file type associations, and it is usually abbreviated to HKCR when mentioned in documentation. This key is really just a link to HKLM\Software\Classes.

You can also use this section if you want to customize the context menu for a specific file type.

HKEY_CURRENT_USER

Contains user settings for the currently logged on user and is usually abbreviated to HKCU. It’s really just a reference to HKEY_USERS\ . The most important subsection here is HKCU\Software, which contains user-level settings for most of your programs.

HKEY_LOCAL_MACHINE

All system-wide settings are stored here and are usually abbreviated as HKLM. Basically you will use the HKLM\Software key to check the settings on the whole machine.

HKEY_USERS

Stores all settings for all users in the system. You will normally use HKCU instead, but if you need to check another user’s settings on your machine, you can use it.

HKEY_CURRENT_CONFIG

Stores all information about the current hardware configuration. This one is not used very often and is just a link to HKLM\SYSTEM\CurrentControlSet\Hardware Profiles\Current.

Creating New Keys and Values

Right-clicking on any key on the left side of the window will give you a set of options, most of which are fairly simple and straightforward.

clip_image003

You can create a new key that will be displayed as a folder on the left side, or a new value that will be displayed on the right side. These values ​​can be a bit confusing, but in reality only a couple of values ​​are used regularly.

  • String Value (REG_SZ) — contains everything that will fit in a regular string. In most cases, you can edit human-readable strings without breaking anything.
  • Binary value (REG_BINARY) — This value contains arbitrary binary data, and you almost never want to try to edit one of these keys.
  • DWORD (32-bit) value (REG_DWORD) — they are almost always used for a regular integer value, whether it be 0 or 1, or a number from 0 to 4,294,967,295.
  • QWORD (64-bit) value (REG_QWORD) — they are not very often used for registry hacking, but mostly it is a 64-bit integer value.
  • Multi-String Value (REG_MULTI_SZ) — these values ​​are quite unusual, but they work basically like a notepad window. You can enter multi-line text information in such a field.
  • Expandable String Value (REG_EXPAND_SZ) — these variables have a string that can contain environment variables and is often used for system paths. So the string could be %SystemDrive%\Windows and would expand to C:\Windows. This means that when you find a value in the registry that is set to this type, you can change or insert environment variables and they will be «expanded» before using the string.

Fun fact: DWORD is short for «double word» because «word» is the term for the default unit of data used by the processor, and when Windows was created it was 16 bits. So a «word» is 16 bits, and a «double word» is 32 bits. While all modern processors are 64-bit, the registry still uses the older format for compatibility.

Menu Favorites

One really useful feature that no one seems to notice is the Favorites menu, which is great for checking the registry location regularly. What’s really interesting is that you can export your favorites list and use it again on another computer without going through the keys and adding them to the favorites menu.

It’s also a great way to bookmark the registry if you’re browsing multiple locations, so you can easily go back to the last place you were.

clip_image004

Export registry files

You can export registry keys and all values ​​contained under them by right-clicking on the key and selecting Export. This is really important if you are going to make changes to your system.

clip_image005

Once you have the exported registry file, you can double-click it to enter the information back into the registry, or select Edit to view the contents in Notepad.

clip_image006

The registry hack file format is quite simple — the value names are on the left and the actual values ​​are on the right.

clip_image007

RELATED: How to Make Your Own Windows Registry Hack

For more information about registry hack files, be sure to read our guide on the subject.

Setting Permissions

Some registry keys prevent you from making changes by default. This usually happens because you don’t have permission to access those keys, but you can tweak the permission scheme if you like by right-clicking on the key and selecting «Permissions» and then changing it from there.

clip_image008

We have to point out that this is not a good idea and you should generally stay away from keys that require so much work to edit.

Loading the hive registry

You can use the File -> Load Hive function to load the registry from an offline system. Perhaps you’re troubleshooting another computer and would like to see what’s going on in the registry for a system that won’t boot. So you boot the system from a rescue disk, or possibly a live Linux CD, and then copy the registry files to your flash drive.

You can now open them on another computer and view them using the Load Hive option.

clip_image009

Where are these registry files stored?

You can find most of them in the Windows\System32\Config folder.

clip_image010

See these SAM, SECURITY, SOFTWARE and SYSTEM files? They correspond to the same keys in the HKEY_LOCAL_MACHINE folder.

clip_image011

The data for the HKEY_CURRENT_USER branch is stored in your user folder in a hidden NTUSER.DAT file.

Registry backup

RELATED: Create a restore point for Windows 7 or Vista System Restore

Over the years, you may have noticed that every site that advises you to hack the registry in some way also suggests that you backup your registry. But what’s the best way to do this?

You can’t export the entire registry to a file, and it won’t work very well to import it again. You also cannot easily access the files themselves on the hard drive because they are completely locked. So it won’t work.

The best option is to backup your registry? Create a system restore point.

clip_image012

Rolling back a system restore point is pretty easy.

Some Important Things

While many people refuse to agree, the fact is that registry cleaners are pointless and should not be used. Removing a few hundred keys from a database of millions will not improve performance, and any errors in the registry that caused a component to load incorrectly will be found in the event viewer or elsewhere and can be fixed without resorting to a registry cleaner.

And don’t even get us started on «defragmenting» the registry, which is complete nonsense these days. Maybe back to Windows 95 with low speed hard drives, that made sense. But now, with modern HDDs or SSDs that don’t need to be defragmented at all? Do not do that.

Похожие записи