Upload
bianca-petrescu
View
222
Download
0
Embed Size (px)
Citation preview
7/29/2019 Edu19-Win32RegistryTutorial
1/17
Windows Registry Editor
%By Edu%
Introduction
The registry is a database that stores all the Operational System configuration and
informations. The Registry Editor Tool is located by default in the System folder. The 16-bits Windows95,98,ME Registry Tool (application) is called Regedit.exe while 32-bits
Windows NT4,2000,XP,2003 have both Regedit.exe and Regedt32.exe applications.
The files that composes the registry in Windows 95/98/ME are system.dat and user.dat.On Windows NT/2000/XP/2003 the files are SOFTWARE, SYSTEM, SECURITY ,
SAM.
Main
To open your Registry Editor Tool go to Start Run and type regedit without the
quotes. The Regedit window will appear and you will see a main element that is Mycomputer . When you double click it you will see the Registry ROOT KEYS They have a
'folder icon' and they are like directories. There are 5 RootKeys. PS: Windows 95 and 98
have a 6th RootKey called HKEY_DYN_DATA A table is available below with theRootKeys names and a basic description for each of them.
ROOT KEY Description
HKEY_LOCAL_MACHINEContains specific configuration information
of the computer. (Valid for any user)
HKEY_CURRENT_USER Contains the base of configuration
information for the current logged-on User.Screen, colors, Control Panel and folders
configurations are stored here. These
informations are called User Profile
HKEY_USERS Contains the bases of all users profile on the
computer. HKEY_CURRENT_USER is asub-key of HKEY_USERS
HKEY_CLASSES_ROOT It is a sub-key ofHKEY_LOCAL_MACHINE\SOFTWARE.
The informations stored here guarantees that
the correct program will be executed when
7/29/2019 Edu19-Win32RegistryTutorial
2/17
you open a file using the Windows Explorer
HKEY_CURRENT_CONFIG Contains information about the hardware
profile used by the local computer in thesystem startup
HKEY_DYN_DATA (Windows 95,98,98SE Only)
Contains configuration informations that are
stored in RAM and statistics gathered for
many network components currently in useon the computer. The information in this key
is newly created on every Windows startup.
Those RootKeys above have some keys with sub-keys (left side of the Registry Panel).The keys and sub-keys contains values of a valid type and with some data (right side of the
Registry Panel). These values contains information such as strings and numbers. Some
numbers have a specific meaning that will affect the Windows configuration depending onwhat it was set to. The Windows 9x/ME Registry editor seems to only fully read REG_SZ ,
REG_DWORD and REG_BINARY value types. It doesnt display the type in the Regedit
window, only the value names and its respective datas. The following table provides aquick description of the value types and their properties.
Type Description
REG_BINARY Usually hardware-specific data
stored in hexadecimal format, as
viewed from regedt32.exe. Bydefault, it will be displayed in
hex, but the editor can use either
binary or hex display.
REG_DWORD Usually service- or device-related data. The value is
numeric, four bytes long, and
viewed as hex data, but can beedited as binary, decimal, or
hex. To avoid headaches, I also
edit it as hex lest I confuse
myself.
REG_DWORD_BIG_ENDIAN This data is stored as a 32-bit
value. The data is weighted with
the highest-ordered byte first.
REG_SZ Terminated fixed-length text
(Unicode) string. These and
7/29/2019 Edu19-Win32RegistryTutorial
3/17
other SZ datatypes are given
String editors by the registry
editor to administer the values.
REG_MULTI_SZ Multiple data listings,
represented by text. Thesevalues can be separated by
spaces, commas, or otherdelimiters.
REG_EXPAND_SZ A data string whose data length
may change. An example is thefolder path to a file or directory
for application and
environmental variable support.
REG_LINK Linked data stored in Unicodeformat.
REG_FULL_RESOURCE_DESCRIPTOR When viewed, gives information
such as hardware DMA, IRQ,and memory address length.
Data is displayed in hex and can
be edited using byte, word, ordword format. Regedit.exe gives
only a binary editor with hex
representation of the data,
without regard to specific
application of the data.
REG_NONE When values are not given as to
datatype by an application, orthe data is encrypted so that
Server 2003 is unable to
determine the value type.
REG_RESOURCE_LIST regedt32.exe displays basic typehardware resourcesinterface
type and bus number
REG_RESOURCE_REQUIREMENTS_LIST Related to Hardware or Driver.The value data is represented inhex format. It displays a
requirements list that contains
elements such as AlternativeList , Resource List ,
Descriptor, Device Type
7/29/2019 Edu19-Win32RegistryTutorial
4/17
REG_QWORD Just like REG_DWORD value
type. The only difference is that
REG_DWORD is a 32-bitnumber and REG_QWORD is a
64-bit number.
You can edit Registry values to fit your needs, or modify some configuration but it is
extremely important that you know what exactly you are doing, what will be the effects on
the Operating System. It is highly recommended that before editing the registry you do acomplete backup of it. To do this right click on the first element, that is 'My Computer', and
then click on 'Export'. All the information existent on your Registry will be saved in a .REG
file that can be edited with notepad and executed by double-clicking on it. Notice that .REGfiles are Registry scripts that edits the registry. Editing the registry means that it can add,
rename or delete keys, modify, add or delete a value. To delete a key on the registry, right
click on the desired key and click 'delete' To add a new subkey, right click on the main keyyou want to create it on and click 'new key'. You can set up a name for this key. eg: create a
key called 'abc' on the 'Software' key of HKEY_CURRENT_USER root key. Double click
on my computer, then double click the Root key HKEY_CURRENT_USER, then double
click the key Software and you will see its subkeys and values on the right side of theRegistry Panel. Now right click on 'Software', click 'new' then click 'key' and rename it to
ABC . Suppose now you want to add a string value type of REG_SZ called '123' and value
data as 'windows' Right click on the 'ABC' key, click on 'new', then click on value of thesequence. a REG_SZ value type will appear on the right side of the Registry screen.
Rename it to '123' and press enter. Now double click this value and type 'windows' on the
"value data" field . Press enter and you are done. Now lets add a REG_BINARY valuetype called 'Bin' to the 'ABC' key and value data 43; Right click the 'ABC' key, click 'New',
then click 'Binary value'. Rename this value to 'BIN' Now double click the 'BIN' value and
type '43' on the "value data" field. Notice this field is big and when you type something it is
automatically converted to hexadecimal, appearing as a decimal value on the center of the"value data" field and appearing as a hexadecimal value on the right side. at the left side
there is 4 numbers. These 4 numbers appears on each line, depending on the numbers of
lines took to write the value data. It begins with '0000' in the first line; 0008 in the secondline; '0010' on the third and so on. REG_BINARY values can be in Hexadecimal or in
bytes. It is possible to add a Registry key to Favorites so that you can open it very fast
without having to open the RootKey, then the sub-key, the the other sub-key and so on. Todo this, on your Regedit window, go to they desired key and click it once; Now , on the
top of the Regedit window, click Favorites and click Add to Favorites. A small
window will show up displaying the name of the key on the white field. You can rename itto whatever you want and click OK. For example you can add
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services to Favorites and name
it NT_SERVICES. When you need to quickly access this key, you click Favorites then
select NT_SERVICES. You will be instantly brought to the Services key. It is possibleto delete these Favorites as well.
REGEDIT.EXE and REGEDT32.EXE Applications . Whats the
7/29/2019 Edu19-Win32RegistryTutorial
5/17
difference???
REGEDIT.EXE application when run can view and edit keys and values on the registry of
NT based systems but only partially cause it is intended for 16-bit Windows. Only
REGDT32.exe application can fully edit the registry and it is intended to 32-bit Windows.
On Windows NT and 2000 if you use REGEDIT.EXE to edit REG_EXPAND_SZ andREG_MULTI_SZ value types you will have problems cause the value will become a
normal REG_SZ type and therefore will not perform the expected action. Also it is not
possible to edit Security in the registry keys.On Windows XP and 2003 REGEDT32.EXE is only a small tool to open REGEDIT.EXE
application. Fortunately REGEDIT.EXE application on XP and 2003 can fully edit the
registry.
Permissions & Restrictions
Its also possible to set up access permissions on Windows 2000,XP,2003 for Rootkeys
and sub-keys. To do this, right click on a registry root key or sub key and click on
"Permissions". A new window will appear. There you can select what users can access ormodify on an specific root key or sub-key and their access rights. Users with administrator
privileges have, by default, full access; That means, read, write, delete any key or value.
Restricted users can only read. They can write or delete some specific keys or values,
generally related only to that user itself. Some keys in the registry cannot be even read byrestricted users. You can customize those settings: A list of existing groups and users of the
local computer will be available. You can customize what users can have full access to, or
restrict access, depending on your needs, by selecting what kind of access a specific userwill have to the selected key to set the permissions. You can select, for example, only the
read right on that key. Supposing this user is called 1, and you have users 1,2,3 everyone
with admin privileges, when you set up this restriction, only User 1 will be able to only
read . users 2,3 will have full access. You can also do this to a registry sub-key. Theprocedure is the same. Also you can restrict specifc user(s) to view a root key or a sub key.
This means that the user wont be able even to open that selected key. if that user tries toopen that key, an 'Access denied' error message will show up. Registry
Permissions/Restrictions in general are important when you have more than one person
accessing the computer, or when the computer is inside a LAN that has many users
accessing it and the computer has important data.
Remote Registry
There is a service in Windows 2000,XP,2003 called Remote Registry. By default this
service is enabled and automatically starts on every Windows boot. Its like a Registry
server intended to receive remote connections of computers of the same network. Toconnect to a computer running
The Remote Registry service, in your Regedit window click File , then click Connect
Network Registry. A small window titled Select Computer will show up. You will have3 basic fields:
First one is titled Select this kind of object. Below this it is written Computer. The
second field is titled From this location. Below it is written GROUP. The third field istitled Type the object name to be selected. Below this there is an empty field where you
7/29/2019 Edu19-Win32RegistryTutorial
6/17
are supposed to type a valid Computer Name or IP address. Supposing inside your network
you have a computer called Comp1 and IP address = 192.168.5.5 . You can type Comp1or 192.168.5.5 in this field. Click OK. If all was right you should get a Logon Prompt.
As this service by default is designed for a main security user (Windows XP and maybe
2003, I didnt test on 2000 but should be identical) you can type there the
Name of this user that is NT AUTHORITY\NetworkService, click OK and after fewseconds be connected to the remote computer. (NT AUTHORITY is the domain name and
NetworkService is the user name; Domain Name was specified since NT AUTHORITY is
not the default domain name.) You can also login with any other valid User Name existentin the target computer.
After connected to the remote computers Registry you will see the computer name or IP
address depending on which of them you have specified. 2 Root Keys will be available foredition :
HKEY_LOCAL_MACHINE and HKEY_USERS\s-1-5-xx where xx is the number related
to the Username you logged on to the remote computer. To disconnect click on File then
click Disconnect Network Registry.
Importing to the Registry
Besides those things you can do, it is also possible to edit the Registry using scripts, and
applications written in most programming language such as C++, Java, Fortran, Visual
Basic, Delphi, Asm, etc The scripts could be the default Registry script file (.REG files),VBScript, Javascript, etc In this tutorial we will only discuss the default Registry Script
(.REG files) .
With the .REG scripting you can basically add values to the Registry, delete values, deletekeys, add keys and modify values data. This type of Script begins with a title being the
Version of the Windows Registry . For Newer Windows, it is usually Windows Registry
Editor Version 5.00. But if you want a script that is compatible with ANY Windowsversion, including 95,98,ME,NT4 you can change this title to REGEDIT4 .Notice that it is very important that you write the title exactly as it appears. If you, for
example, type regedit4 it wont be recognized by Windows and errors will happen. Same
thing goes to version 5. If you type windows registry editor version 5.00 you will run intoerrors as well. The structure of this script is the following:
----------------------------------REG Script -------------------------------------------------------------Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\MySoft1]
@=MySoft1 default valueValue1=3
Type=dword:00000001
Environment Variable=hex(0):40,01,00,00,0f,00Key=hex: 20,04,00,00,0f,00,70,00,50,00
RelativePath=hex(2):63,00,3a,00,5c,00,6d,00,79,00,73,00,6f,00,66,00,\
74,00,31,00,5c,00,73,00,6f,00,66,00,74,00,2e,00,65,00,78,00,65,00,00,00Applications=hex(7):61,00,62,00,63,00,20,00,64,00,65,00,66,00,20,00,\
7/29/2019 Edu19-Win32RegistryTutorial
7/17
67,00,68,00,69,00,20,00,6a,00,6b,00,6c,00,00,00,00,00
MainType=hex(5):40,01,00
[HKEY_LOCAL_MACHINE\SOFTWARE\MySoft1\Preferences]
AlwaysRunMaximized=dword:00000001
-----------------------------End of REG Script----------------------------------------------------------
Notice that REG scripts begin with the Version information of the Registry Editor.If you try to import REG scripts that begins with Windows Registry Editor Version 5.00
to a Windows 95,98,ME or NT4 Registry, you will get an error. In order to overcome this
you can start the script with REGEDIT4 instead. This one is intended to any Windowsversion, including recent ones like XP Service Pack2 and Windows2003. The second line
of the script is in blank, just to let it more organized. Next line you have the Registry path
between brackets [ ]. Notice that if you forget those brackets the script wont do what it
was supposed to. In the line below it there is a @ (with no quotes), an equal signalafter it, and MySoft1 default value (between quotes). The @ means the default value.
Every key that you create will contain this default value, and usually contains no data. If no
data specified you will see this: (Value not defined). The equal signal must exist to separatevalues and its datas. The value name in this case is Default , type REG_SZ with data
being MySoft1 default value. The same thing goes to the line below:
The value name is Value1, type is REG_SZ and value data is 3. Notice that any valueexcept the Default Value ( @) must appear between quotes. When you have value types
different from REG_SZ, the respective data will appear without the quotes. Notice that the
other values data (REG_DWORD,REG_BINARY,REG_EXPAND_SZ,etc) appear withoutthe quotes. Notice that the other values datas, except the REG_DWORD and REG_SZ
types, begins with hex: or hex(z): , Where z is a number between 5 and 9, and this will be
the determinant of the value type. z could also be 0 or 2, or could have no value between
the brackets (eg: hex:00,12,00 or hex(2):00,01,00) and also could be a or b. Below thereis a table with these values for z and the resulting value type.
HEX(z): Resulting Value TypeHex: REG_BINARY PS: this is the same as Hex(3):Hex(0): REG_NONE
Hex(1): REG_SZ PS: Not recommend to use this specific hexdue to generate data that is not correctly interpreted by th
Registry and therefore will appear as weird symbols.
Hex(2): REG_EXPAND_SZ
Hex(3): REG_BINARY PS: this is the same as Hex:Hex(4): REG_DWORD PS: Not recommend to use this specif
hex(4): due to generate data that is not correctly interpretby the Registry and therefore will appear as invalid dwo
value. Simply use dword: instead
Hex(5): REG_DWORD_BIG_ENDIANHex(6): REG_LINK
Hex(7): REG_MULTI_SZ
7/29/2019 Edu19-Win32RegistryTutorial
8/17
Hex(8): REG_RESOURCE_LIST
Hex(9): REG_FULL_RESOURCE_DESCRIPTOR Hex(a): REG_RESOURCE_REQUIREMENTS_LIST
Hex(b): REG_QWORDThe 14th line as you can see is in blank (for organization purposes) and just below there is
another Registry path that is just the same as the 1st
one in line3, but there is a subkey forMysoft1 called Preferences, and a value type of REG_DWORD calledAlwaysRunMaximized with data as 1 (in dword 0x00000001). This is not just an
information, this has a meaning. The meaning is 1. And 1 means True. 0 means false.
Well so we can figure out that MySoft1 program Window is configured to run always in
always maximized. Some programs also stores configuration such as User password in theregistry, but encrypted and it is usually a REG_BINARY value type.
The REG script below will delete a value from the registry and then, an entire key,
including subkeys and values.
-----------------------------------------REG Script-------------------------------------------------------
REGEDIT4
[HKEY_CURRENT_USER\Software\Soft123]
type=-
[-HKEY_CURRENT_USER\Software\Soft123456]
-------------------------------------End of REG Script--------------------------------------------------
Notice the above script is able to run in any Windows version, not only in 2000/XP/2003.
(due to beginning with REGEDIT4). The firs script will only be able to run on2000/XP/2003, unless you change the title (Windows Registry Edition Version 5.00)
to REGEDIT4 . To delete a value it is used a minus signal after the equal signal of an
specific value, in our case the value is type. To delete a key in the registry, we simplyhave to put a minus signal before the key path. This will delete the last key specified in
the path (in the case Soft123456) and all its sub-keys and values.
None of the 2 scripts described above contained value types of REG_LINK,
REG_RESOURCE_REQUIREMENTS_LIST, REG_RESOURCE_LIST,REG_FULL_RESOURCE_DESCRIPTOR, because these are related to Hardware
information and configuration , very few used, except by the Hardwares itself by the time
they are installed. REG_NONE and REG_QWORD types are also very few used. The firstone happens when the Registry cannot interpret the data (sometimes because it is
encrypted) and therefore cannot establish the value type. The second one is a 64-bit value
generally used to store information about hardware stuff.
Exporting from the Registry
To export a desired key from the registry, you simply have to right-click that key and select
Export. A new window prompting where to save the key will show up. Where you see
filename, you type the name you want for the file to store the informations about the key.
7/29/2019 Edu19-Win32RegistryTutorial
9/17
In the Save as type field, you can select Registry Files (*.reg) , txt file, registry
ramification files or Win9x/ NT4 Registry files (*.reg) .Depending on what you will dowith the REG file, you will select one of those options. If its just for studying/analising
purposes, then you can save it as a normal txt file. Lets suppose this file will have
informations about NT Services (nt services are only intended for the nt systems and
therefore wont work in Windows 95,98,ME) then the best is saving it as Registry Files(*.reg) . But supposing the REG file contains informations about a software for example,
and this software is able to run in any Windows version. Then its better to save it as
Win9x/ NT4 Registry files (*.reg), because this way the file can be imported to theRegistry of any Windows. Just bellow this, in the bottom of the window, you can see the
Export Interval section, and below the complete registry path to the key you will be
exporting. If you double click a REG file you will be prompted with a message Are yousure you want to import the information contained in file.reg to the Registry?.
(Supposing file.reg is the file you want to import to the registry). If you click No the
operation will be canceled, if you click yes, and the REG file is valid and correct you will
get a message saying the information on the file.reg was successfully added to theregistry.
Editing the Registry via Command Line
We have already seen it is possible to edit the Registry manually and using scripts. It is also
possible to edit it using the Windows Command Prompt (COMMAND.COM in anyWindows version and CMD.EXE in Win NT4/2000/XP/2003).
The REGEDIT.EXE tool has a GUI part and a command line part.
REGEDIT.EXE command line syntax:
Command Effect
REGEDIT /E Exports keys and values from the Registry to a .REG fileREGEDIT /I Imports a .REG file to the Registry. Before writing to the registry
Confirmation prompt will appear asking if you really want to imp
to the registry
REGEDIT /S Imports a .REG file to the Registry in silent mode. No confirmatio
REGEDIT /D Deletes a key from the registry. (Win9x only)
REGEDIT /L:System Specify the location of System.dat to use (Win9x only)
REGEDIT /R:User Specify the location of User.dat to use. (Win9x only)
REGEDIT /C Compress the Registry. (Only works on Win98)
Below it will be shown usage examples for the above commands.
REGEDIT /E c:\file1.reg HKEY_LOCAL_MACHINE\SOFTWARE\Some ProgramThis will export the registry key Some Program located in
HKEY_LOCAL_MACHINE\SOFTWARE to a file called file1.reg in c:\
REGEDIT /I c:\file2.reg
7/29/2019 Edu19-Win32RegistryTutorial
10/17
This will import the informations in file2.reg to the Registry. A confirmation prompt will
show up.
REGEDIT /S c:\file3.regThis will silently import the informations in file3.reg to the Registry. No confirmations
prompts
The above commands are the most used ones and works on all Windows versions.
The /L:System and /R:User parameters are optionals, only works on Win9x andcomes before all the other parameters .
Example: REGEDIT [/L:System | /R:User] /S c:\file1.reg . This will silentlyimport the informations in file1.reg to the Registry, specifying the location of System.dat
and User.dat to use.
REGEDIT /D is few used and only works on Win9x . It is intended to remove a keyfrom the Registry. Example : REGEDIT /D
HKEY_LOCAL_MACHINE\SOFTWARE\Soft1This will delete the key Soft1 located in HKEY_LOCAL_MACHINE\SOFTWARE from
the Registry.
REGEDIT /C will compress the Registry. It is intended to work only on Win98. Theusage: REGEDIT /C [filename]
Windows XP and 2003 comes with a command line tool to edit the Registry and its calledREG.EXE .By default Windows NT4 and 2000 dont have this tool, but its available in
the Windows Resource Kit Tools package and can be freely downloaded from
Microsoft.com or simply copied, along the application Regini.exe, from Windows XP or
2003.Below there is a table with the REG.EXE commands and their effects.
Command EffectsREG QUERY Queries a Registry key or value by its given name.
REG ADD Adds a key or value to the Registry
REG DELETE Deletes a key or value from the Registry
REG COPY Copies subkeys and values from a key to another.
REG SAVE Saves a Registry section to a file.
REG RESTORE Restores a file to substitute a Registry key.
REG LOAD Loads a file in a Registry key.
REG UNLOAD Unloads a Registry Section
REG COMPARE Compares values and sub-keys from a key with the respectivevalues and sub-keys of another key
REG EXPORT Exports/Loads a file in a Registry key.
REG IMPORT Imports a file to the Registry.
REG.EXE makes it possible to write Registry RootKeys by its short name as showed below
7/29/2019 Edu19-Win32RegistryTutorial
11/17
HKEY_LOCAL_MACHINE = HKLM
HKEY_CURRENT_USER= HKCUHKEY_USERS = HKU
HKEY_CLASSES_ROOT = HKCR
HKEY_CURRENT_CONFIG = HKCC
Below it is available some examples of the usage of the commands listed in the above table.
REG QUERY HKLM\SOFTWARE\Soft1 /v Config This will display the registryvalue of Config
REG QUERY HKLM\SOFTWARE Displays all the values and sub-keys of the keySoftware
REG ADD HKCU\Software\Mysoft2 Adds a key called Mysoft2 to the Registry.
REG ADD HKLM\Software\War /v Types /t REG_DWORD /d 1 /f Adds a key calledWar (in case it doesnt exist yet) and a value called Types with type of REG_DWORD
to the Registry. If /t is omitted the value will be type REG_SZ. The /f parameter is toforce the action that is being taken with no confirmation prompts.
REG DELETE HKLM\SOFTWARE\MySoft1 /f Deletes the key Mysoft1 and all itssub-keys and values with no confirmation prompts.
REG DELETE HKLM\SOFTWARE\MySoft3 /v path /f Deletes the value pathlocated in Mysoft3 key with no confirmation prompts.
REG COPY HKCU\SOFTWARE\Soft1 HKCU\SOFTWARE\Soft1_Backup /f Copiesall the sub-keys and values of Soft1 key to the Soft1_Backup key without confirmation.
REG SAVE HKLM\System\CurrentControlSet\Services c:\Services_Backup.TXTSaves the Registry Section Services in the file Services_Backup.TXT located in C:\
REG RESTORE HKLM\System\CurrentControlSet\Services c:\Services_Backup.TXT Restores the file Services_Backup.TXT to substitute the Registry key Services.
REG LOAD HKLM\System c:\hklm_System.TXT Loads the file hklm_System.TXTin the registry key HKLM\System .
REG UNLOAD HKCU\Software Unloads the Software section in theRootKey HKCU .
REG COMPARE HKCU\Software\MySoft2\System1HKCU\Software\MySoft2\System2 Compares all the values under the key System1
with System2
REG COMPARE HKCU\Software\MySoft2\System1HKCU\Software\MySoft2\System2 /v Path Compares the the value of Path in the keys
System1 and System2.
REG COMPARE HKCU\Software\MySoft1 HKCU\Software\MySoft2\ /s Compares
7/29/2019 Edu19-Win32RegistryTutorial
12/17
all the values and sub-keys in the keys MySoft1 and MySoft2.
Return Codes: 1 = Success, the compared result is identical. 2 = Failure. 3 = Success, thecompared result is different.
REG EXPORT This is exactly the same as the REG LOAD command.
REG IMPORT c:\file.reg Imports the file.reg located in c:\ to the Registry.
Final Notes
Notice that 'REG.EXE' application is a command line tool that is intended for Windows
NT4,2000,XP,2003 but it is built-in only in XP and 2003. The 'REGEDIT.EXE' applicationhas a GUI (graphical user interface) and some command line parameters. The
REGEDT32.EXE application is only present on 32-bit Windows Operational Systems such
as Windows NT4,2000,XP,2003.
Remember to ALWAYS make a complete backup before editing the Registry as well asediting any other kind of configurations, files, important informations, etc.
This article will show, explain and detail some things related to the Windows Registry and
you will probably learn some cool things from it, but it will NOT , in any way make you
become an Expert; There is lots and lots of other tricky things you can do with this cutelittle tool called Regedit, such as editing information and configurations of softwares and
services, set up specific restrictions to the Registry itself or to any other Software, change
the OS look, visual effects and some graphical related stuff, among other things and you
will have to look deep inside and understand the meaning of some common used valuedatas. Tip: Look deep inside REG_DWORD values data and you will learn a lot and better
understand the options and configurations that were set up in your Windows.
Finally, I hope you have enjoyed
---------------*END*-----------------
Author: EduardoContact1: [email protected] (MSN)
Contact2: 147367087 (ICQ)
mailto:[email protected]:[email protected]7/29/2019 Edu19-Win32RegistryTutorial
13/17
7/29/2019 Edu19-Win32RegistryTutorial
14/17
7/29/2019 Edu19-Win32RegistryTutorial
15/17
7/29/2019 Edu19-Win32RegistryTutorial
16/17
7/29/2019 Edu19-Win32RegistryTutorial
17/17