Free Windows Registry Tools

SpyMe Tools Tracks Changes to Your Windows Registry by Jason Fitzpatrick

Mar 2, 2009 Lifehacker

Windows only: If you like to keep a close eye on what changes new software installations make to your system, SpyMe Tools provides step-by-step snapshots of your registry and shows you what's changed.

The in-depth review of your system registry that SpyMe Tools provides may be overkill for some people, but if you need to track changes or troubleshoot problems after certain installations, it can be invaluable. It's simple to use: after you install the program, you run a system sweep with SpyMe Tools and save the results. After installing new applications or making system changes, you can compare the previous system state to the current one, and SpyMe Tools will show you all the changes. In addition to doing a before and after comparison of system snapshots, you can even run it in real time while installing software to see the changes as they happen.

If you're interested in a more automated solution, check out previously reviewed Revo Uninstaller, a thorough application remover that our commenters frequently compare just about every system tool to (and that's why we love you).

SpyMe Tools is freeware, Windows only.

SpyMe Tools [via gHacks]

[Dec 23, 2009] How to read registry in case Windows became unusable (in cases of extortion-ware and similar.Reading Windows Registry from Linux

Catarsis

Since I’m involved in Live CD projects like Metadistros, I’ve been thinking about making easier to setup systems after they come up.

Many LiveCD systems are used on Windows installed machines, so why not to “steal” all this information from Windows registry to setup our Linux system? The idea is straight forward: e.g. take network configuration from Windows and boot a Live system which can connect directly to the Internet, without prompting users about IP confs.

Today I’ve been collecting base tools to do it:

• dumphive: a tool written in Pascal to get a Windows registry binary hive file and dump it to a text file
• Win32::Registry::File, a Perl library to access a text .reg file

To dump the hardware hive from my Thinkpad Windows XP partition:

$ dumphive /mnt/winxp/WINDOWS/system32/config/SYSTEM /tmp/system.reg
 

And to read SYSTEM\ControlSet001\Control (I don’t know what the hell is this) using Win32::Registry::File:


use Win32::Registry::File;
$reg = new Win32::Registry::File();
$reg->open('/tmp/system.reg');
use Data::Dumper;
print Dumper($reg->get(['SYSTEM\ControlSet001\Control']));
 

Now, the only thing left is to find the information we’re looking for among all those nightmare registry entries, and make it work on every Windows host.

Ho, ho, ho

How to backup your windows registry

Editing registry is often called by the name of Black Magic as you can edit all the settings from here. Not only those which can be changed through program interface but also those that are not available in the program interface by default. However playing with registry can render your computer unusable or severely malfunction, ending up with the need of a fresh installation of OS. You surely don’t want to waste time in installing the OS again. So here is the procedure by which you can take a backup of windows registry

.
How to backup the whole registry?

# 1 Hit Ctrl + R and type in regedit and hit return key.

# 2 Select My Computer and select Registry from the menu and then select Export registry file.

 

# 3 Give a name such as backup and select save.

There you have your registry backup

Keep it in a safe position. I recommend keeping a copy of backup on a different computer too.

Bonus Tip : To take the backup of a particular key, select that key and repeat the above steps.

Reading the Registry (Microsoft Windows) - Perl Programming

Posted by admin (Graham Ellis), 28 September 2003 A sample piece of code that scans through all the entries in the registry and then steps through them (20 at a time) on STDOUT.

Code:

use Win32::Registry; $giTotal = 0; ### Scan through all registry entries %Roots = (      HKEY_LOCAL_MACHINE  => $HKEY_LOCAL_MACHINE,      HKEY_CURRENT_USER   => $HKEY_CURRENT_USER,      HKEY_USERS          => $HKEY_USERS,      HKEY_CLASSES_ROOT   => $HKEY_CLASSES_ROOT,      HKEY_CURRENT_CONFIG => $HKEY_CURRENT_CONFIG    ); select STDERR; $|=1; select STDOUT; my %tab; foreach $starter (keys %Roots) { print STDERR "\nScanning $starter\n"; ProcessKey ( $Roots{$starter}, "" ); } print ("\n"); @order = sort (keys (%tab)); foreach (@order) {        $t = $tab{$_}[0];        $v = "-";        $t == 1 and $v = $tab{$_}[1];    # String        if ($t == 2){ @v = split("\0",$tab{$_}[1]);    # Multiple Strings                     $v = "<".join ("> <",@v).">";  }                       $t == 3 and ($v) = unpack("l",$tab{$_}[1]); # Binary Data        print "$_  $t $v\n";        ++$np%20 or <STDIN>;      }      sub ProcessKey {  $levels++;  my( $Root, $Path ) = @_;  my $Key;  (++$giTotal%500) or inform_user();  if( $Root->Open( $Path, $Key ) )  {    my @KeyList;    my %Values;    $Key->GetKeys( \@KeyList );    if( $Key->GetValues( \%Values ) )    {      foreach my $ValueName ( keys( %Values ) )      {        my $Type = $Values{$ValueName}->[1];        my $Data = $Values{$ValueName}->[2];        $ValueName = "<Default Class>" if( "" eq $ValueName );        $tab{$starter."\\".$Path."\\".$ValueName} = [$Type,$Data] ;      }    }    else    {      print STDERR "Unable to get values for key: '$Path'\n";    }    $Key->Close();    $Path .= "\\" unless ( "" eq $Path );    foreach my $SubKey ( @KeyList )    {      ProcessKey( $Root, $Path . $SubKey );    }  }  else  {    print STDERR "Unable to open the key: '$Path'\n";  }  $levels--;  $levels or inform_user(); } sub inform_user { print  STDERR ("Scanned $giTotal keys\r");      }

Note the use of a function calling itself (recursion) to step down into the registry structure, and the use of STDERR and $| to provide user feedback
 

Posted by admin (Graham Ellis), 29 September 2003

I guess you would like to see what the output looks like:

Code:

Scanning HKEY_CURRENT_CONFIG Scanned 62 keys Scanning HKEY_LOCAL_MACHINE Scanned 53993 keys Scanning HKEY_CLASSES_ROOT Scanned 90734 keys Scanning HKEY_USERS Scanned 94740 keys Scanning HKEY_CURRENT_USER Scanned 96315 keys HKEY_CLASSES_ROOT\*\AlwaysShowExt  1 HKEY_CLASSES_ROOT\*\InfoTip  1 prop:Type;DocAuthor;DocTitle;DocSubject;DocComments;Write;Size HKEY_CLASSES_ROOT\*\OpenWithList\Excel.exe\<Default Class>  1 HKEY_CLASSES_ROOT\*\OpenWithList\IExplore.exe\<Default Class>  1 HKEY_CLASSES_ROOT\*\OpenWithList\MSPaint.exe\<Default Class>  1 HKEY_CLASSES_ROOT\*\OpenWithList\Winword.exe\<Default Class>  1 HKEY_CLASSES_ROOT\*\OpenWithList\WordPad.exe\<Default Class>  1 HKEY_CLASSES_ROOT\*\QuickTip  1 prop:Type;Size HKEY_CLASSES_ROOT\*\TileInfo  1 prop:Type;Size HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Offline Files\<Default Class>  1 {750fdf0e-2a26-11d1-a3ea-080036587f03} HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With EncryptionMenu\<Default Class>  1 {A470F8CF-A1E8-4f65-8335-227475AA5C46} HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With\<Default Class>  1 {09799AFB-AD67-11d1-ABCD-00C04FC30936} HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}\<Default Class>  1 Start Menu Pin HKEY_CLASSES_ROOT\*\shellex\PropertySheetHandlers\CryptoSignMenu\<Default Class> 1 {7444C719-39BF-11D1-8CD9-00C04FC29D45} HKEY_CLASSES_ROOT\*\shellex\PropertySheetHandlers\{883373C3-BF89-11D1-BE35-080036B11A03}\<Default Class>  1 Summary Properties Page HKEY_CLASSES_ROOT\.323\<Default Class>  1 h323file HKEY_CLASSES_ROOT\.323\Content Type  1 text/h323 HKEY_CLASSES_ROOT\.386\<Default Class>  1 vxdfile HKEY_CLASSES_ROOT\.386\PerceivedType  1 system HKEY_CLASSES_ROOT\.386\PersistentHandler\<Default Class>  1 {098f2470-bae0-11cd-b579-08002b30bfeb}

[May 14, 2009] RegReloc from LogMeTT.com Latest Version Free Download Products

RegReloc is free command line utility that allows to copy, move or delete a single key or key hierarchy in Windows Registry. These functions can be required during registry cleanup or special types of software upgrades. For example, certain software product ownership moves from one company to another, new owner will most likely want to update the registry key name for the product but retain the values of sub-keys that store user specific settings. In this case RegReloc can become part of application installer.

[May 5, 2009] Cygwin regtool

Cygwin contains a nice command like utility for working with the registry

Usage: regtool [OPTION] (add|check|get|list|remove|unset|load|unload|save) KEY
View or edit the Win32 registry

Actions:
 add KEY\SUBKEY             add new SUBKEY
 check KEY                  exit 0 if KEY exists, 1 if not
 get KEY\VALUE              prints VALUE to stdout
 list KEY                   list SUBKEYs and VALUEs
 remove KEY                 remove KEY
 set KEY\VALUE [data ...]   set VALUE
 unset KEY\VALUE            removes VALUE from KEY
 load KEY\SUBKEY PATH       load hive from PATH into new SUBKEY
 unload KEY\SUBKEY          unload hive and remove SUBKEY
 save KEY\SUBKEY PATH       save SUBKEY into new hive PATH

Options for 'list' Action:
 -k, --keys           print only KEYs
 -l, --list           print only VALUEs
 -p, --postfix        like ls -p, appends '\' postfix to KEY names

Options for 'get' Action:
 -b, --binary         print REG_BINARY data as hex bytes

Options for 'set' Action:
 -b, --binary         set type to REG_BINARY (hex args or '-')
 -e, --expand-string  set type to REG_EXPAND_SZ
 -i, --integer        set type to REG_DWORD
 -m, --multi-string   set type to REG_MULTI_SZ
 -s, --string         set type to REG_SZ

Options for 'set' and 'unset' Actions:
 -K<c>, --key-separator[=]<c>  set key separator to <c> instead of '\'

Other Options:
 -h, --help     output usage information and exit
 -q, --quiet    no error output, just nonzero return if KEY/VALUE missing
 -v, --verbose  verbose output, including VALUE contents when applicable
 -w, --wow64    access 64 bit registry view (ignored on 32 bit Windows)
 -W, --wow32    access 32 bit registry view (ignored on 32 bit Windows)
 -V, --version  output version information and exit

KEY is in the format [host]\prefix\KEY\KEY\VALUE, where host is optional
remote host in either \\hostname or hostname: format and prefix is any of:
  root     HKCR  HKEY_CLASSES_ROOT (local only)
  config   HKCC  HKEY_CURRENT_CONFIG (local only)
  user     HKCU  HKEY_CURRENT_USER (local only)
  machine  HKLM  HKEY_LOCAL_MACHINE
  users    HKU   HKEY_USERS

You can use forward slash ('/') as a separator instead of backslash, in
that case backslash is treated as escape character
Example: regtool.exe get '\user\software\Microsoft\Clock\iFormat'

The regtool program allows shell scripts to access and modify the Windows registry. Note that modifying the Windows registry is dangerous, and carelessness here can result in an unusable system. Be careful.

The -v option means "verbose". For most commands, this causes additional or lengthier messages to be printed. Conversely, the -q option supresses error messages, so you can use the exit status of the program to detect if a key exists or not (for example).

The -w option allows to access the 64 bit view on the registry. Several subkeys exist in a 32 bit and a 64 bit version when running on Windows 64. Since Cygwin is running in 32 bit mode, it has only access to the 32 bit view of these registry keys. When using the -w the 64 bit view is used and regtool can access the entire registry. This option is simply ignored when running on 32 bit Windows versions.

The -W option allows to access the 32 bit view on the registry. The purpose of this option is mainly symmetry. It allows to create OS agnostic scripts which would also work in a hypothetic 64 bit version of Cygwin.

You must provide regtool with an action following options (if any). Currently, the action must be add, set, check, get, list, remove, set, or unset.

The add action adds a new key. The check action checks to see if a key exists (the exit code of the program is zero if it does, nonzero if it does not). The get action gets the value of a value of a key, and prints it (and nothing else) to stdout. Note: if the value doesn't exist, an error message is printed and the program returns a non-zero exit code. If you give -q, it doesn't print the message but does return the non-zero exit code.

The list action lists the subkeys and values belonging to the given key. With list, the -k option instructs regtool to print only KEYs, and the -l option to print only VALUEs. The -p option postfixes a '/' to each KEY, but leave VALUEs with no postfix. The remove action removes a key. Note that you may need to remove everything in the key before you may remove it, but don't rely on this stopping you from accidentally removing too much.

The set action sets a value within a key. -b means it's binary data (REG_BINARY). The binary values are specified as hex bytes in the argument list. If the argument is '-', binary data is read from stdin instead. -e means it's an expanding string (REG_EXPAND_SZ) that contains embedded environment variables. -i means the value is an integer (REG_DWORD). -m means it's a multi-string (REG_MULTI_SZ). -s means the value is a string (REG_SZ). If you don't specify one of these, regtool tries to guess the type based on the value you give. If it looks like a number, it's a DWORD. If it starts with a percent, it's an expanding string. If you give multiple values, it's a multi-string. Else, it's a regular string. The unset action removes a value from a key.

The load action adds a new subkey and loads the contents of a registry hive into it. The parent key must be HKEY_LOCAL_MACHINE or HKEY_USERS. The unload action unloads the file and removes the subkey.

The save action saves a subkey into a registry hive.

By default, the last "\" or "/" is assumed to be the separator between the key and the value. You can use the -K option to provide an alternate key/value separator character.

[Oct 3, 2008] 50 tools to speed up your PC By Preston Gralla , PC World

09/22/2008

Registry Cleanup

The older your PC is, the more junked-up its Registry becomes. Badly written programs (and plenty of those are around) don't bother to clean the Registry when you uninstall them, and some applications add unnecessary junk. The messier the Registry is, the more likely it is to crash your PC or slow down its operations. Though the benefits of using a Registry cleaner are often debated, these utilities might be worth a try.

Wise Registry Cleaner

This freebie scans the Registry, flags orphaned or bad entries, and identifies entries that are either dangerous or safe to delete. Like most Registry cleaners, the utility will back up your Registry so that you can restore it if need be.

Download Wise Registry Cleaner | Price: Free

Glary Registry Repair

Here's another very good, free Registry cleaner. It lets you choose which changes to accept and to ignore, and creates an Undo file so that you can revert to the previous version of the Registry if problems occur.

Download Glary Registry Repair | Price: Free

Registry First Aid

If you're willing to pay for a Registry cleaner, this is a great choice. Longtime PC World contributor Steve Bass rates it as the best Registry cleaner, with good reason: It does an excellent, thorough job. It also searches the Internet for details about Registry keys, so you can have background information before deciding whether to delete or change them.

Download Registry First Aid | Price: $28 (Trial)

Auslogics Registry Defrag

Cleaning your Registry may help keep your system in tip-top shape, but you can do something else for it as well: Defragment it. This program shows how fragmented your Registry is, defragments it, and restarts your PC. The program also creates a restore point so you can restore the Registry if necessary.

Download Auslogics Registry Defrag | Price: Free

[Aug 18, 2008] RegAlyzer© - The home of Spybot-S&D!

Hat tip to Pak Wa Yau

RegAlyzer is a tool to browse and change the registry. It was created because of a few features we missed in the original regedit tool, from support for exotic value types over background and regular expression search to better bookmarks, displaying .reg files in the accustomed style and a history view.

• 1.5.8.10 (April 27th, 2008) 64 bit support, delete on search results, manual hive loading, undo and save on change logs.
• 1.5.5 (June 8th, 2007) Works with Windows Vista (logo program), Undo and Redo logs, some bugfixes, more languages.

RegAlyzer^© 1.5.8.10 - product description

[Mar 21, 2007] Ole registry Cleaner - Vers 1.5

The purpose of this program is to remove the Ole garbage left in the registry after installing and deinstalling several Ole (Com) dlls. This program can be especially useful to those who build dlls in Visual Basic. They know what I mean.

[Feb 24, 2007] How to back up, edit, and restore the registry in Windows XP and Windows Server 2003

Important This article contains information about how to modify the registry. Make sure to back up the registry before you modify it. Make sure that you know how to restore the registry if a problem occurs.

Guided Help to export registry keys and to back up the registry Requirements to install and to use this Guided Help Manual steps to back up the registry

Manual steps to export registry subkeys

 

Manual steps to back up the whole registry

 

Manual steps to edit the registry

Use the Windows user interface

 

Manual steps to use Registry Editor

Locating a subtree, key, subkey, or value

 

Adding a key

 

Adding a value

 

Changing a value

 

Manual steps to rename a key or value

 

Deleting a key or value

 

Use Group Policy

Use a Registration Entries (.reg) file

 

Use Windows Scripting Host

 

Use Windows Management Instrumentation

Use Console Registry Tool for Windows

 

Restore the registry

 

Restore the registry keys

Restore the whole registry

 

REFERENCES

[Feb 24, 2007] InstallWatch. Version 2.5 is provided as a free download.

[Feb 24, 2007]  Process Monitor  by Mark Russinovich and Bryce Cogswell

Replaced RegMon by Mark Russinovich and Bryce Cogswell. Very useful in analyzing the behavior of Spyware and dubious programs like Adobe.

Process Monitor is an advanced monitoring tool for Windows that shows real-time file system, Registry and process/thread activity. It combines the features of two legacy Sysinternals utilities, Filemon and Regmon, and adds an extensive list of enhancements including rich and non-destructive filtering, comprehensive event properties such session IDs and user names, reliable process information, full thread stacks with integrated symbol support for each operation, simultaneous logging to a file, and much more. Its uniquely powerful features will make Process Monitor a core utility in your system troubleshooting and malware hunting toolkit.

Process Monitor runs on Windows 2000 SP4 with Update Rollup 1, Windows XP SP2, Windows Server 2003 SP1, and Windows Vista as well as x64 versions of Windows XP, Windows Server 2003 SP1 and Windows Vista. 

[Sep 9, 2006] waNOCAPS at Winadmin tools

[Aug 23, 2006] TestRun  -- permit you to safely experiment with new software without fear of corrupting the windows Registry. Only Windows 95 and Windows 98.

Description: Here is a system of program files that will permit you to safely experiment with new software without fear of corrupting the windows Registry. The Registry is a data base of essential information for applications and the Operating System. Some programs that you trial may import values into the Registry that overwrite the original settings. Even if the programs are uninstalled, it can still be impossible to get the Registry back to original.

[Feb 5, 2006] O'Reilly Network -- Hacking Windows XP, Part 2 Open the Command Prompt from the Right-Click Menu

I began computing in the days of DOS, and I still can't give up the command prompt. When it comes to doing down-and-dirty tasks like mass deleting or renaming of files, nothing beats it. I find myself frequently switching back and forth between Windows Explorer and the command prompt.

Often, when using Windows Explorer, I want to open the command prompt at the folder that's my current location. That takes too many steps: opening a command prompt and then navigating to my current folder. However, there's a quicker way: add an option to the right-click context menu that will open a command prompt at your current folder. For example, if you were to right-click on the C:\My Stuff folder, you could then choose to open a command prompt at C:\My Stuff.

To add the option, run the Registry Editor [Hack #68], then go to HKEY_LOCAL_MACHINE/Software/Classes/Folder/Shell. Create a new key called Command Prompt. For the default value, enter whatever text you want to appear when you right-click on a folder-for example, Open Command Prompt. Create a new key beneath the Command Prompt key called Command. Set the default value to Cmd.exe /k pushd %L. That value will launch Cmd.exe, which is the XP command prompt. The /k switch puts the prompt into interactive mode. That is, it lets you issue commands from the command prompt; the command prompt isn't being used to issue only a single command and then exit. The pushd command stores the name of the current directory, and %L uses that name to start the command prompt at it. Exit the Registry. The new menu option will show up immediately. Note that it won't appear when you right-click on a file; it shows up only when you right-click on a folder.

TIP: While many of us like fussing around with the Registry rather than doing things the easy way, there's also a way to add this option to your right-click context menu without editing the Registry. Download and install a free copy of Microsoft's "Open Command Window Here" PowerToy from http://www.microsoft.com/windowsxp/pro/downloads/powertoys.asp. There are many other PowerToys on that page as well, and we cover them in other places in the book.

[Feb 5, 2006] Troubleshooting Windows Shutdown Problems

One of the most common causes of Windows shut down problems is a bug in RoxioТs Easy CD Creator (particularly version 5). Roxio does have a patch available at http://www.roxio.com/en/support/ecdc/software_updatesv5_2.jhtml Keep in mind though that the patch has been known to disable RoxioТs Take Two backup software that came with Easy CD Creator 5 Platinum. You should also keep in mind that version 5 is an old version that Roxio no longer supports. The current version is Easy Media Creator 7. If you suspect that Easy CD Creator may be causing your problem, then I recommend upgrading to a newer version rather than patching an old version.

[Feb 5, 2006] Shutdown is very slow - Windows XP

The main reason for slow shutdown is huge number of  services running. You usually can disable at least half-dozen without a lot of analysis (Microsoft's Telephony, themes, etc;  Symantec Ghoststart services, etc). It looks like recommendation to disable ClearPageFileAtShutdown option to improve shutdown times is outdated. This is now default setting. Your mileage may vary):

Try a clean-boot troubleshooting. Clean-boot troubleshooting is designed to isolate a performance problem. To perform clean-boot troubleshooting, you must take a number of actions, and then restart the computer after each action (to test whether the action resolved the problem). These two articles will help you isolate the problem.

• How to perform a clean boot in Windows XP
• How to perform advanced clean-boot troubleshooting in Windows XP
• How to manage Windows Startup?

Fig: Disabling the third-party Services using MSCONFIG

Check the Event Logs for any errors and track-down the software/driver causing the problem. View the error messages registered in Event Log

You may be having profile unload problems if you experience slow logoff (with Saving Settings for most of the time while logging off). UPHClean is a service that once and for all gets rid of problems with user profile not unloading. See User Profile Hive Cleanup tool's Readme.txt before installing it.

For more troubleshooting on shutdown issues, I recommend you visit MS-MVP James Eshelman's Shutdown troubleshooter page here: SHUTDOWN WORKS, BUT IT'S REAL SLOW.

[Jan 10, 2006] Registry Scan Engine Utility, Windows, Microsoft XP Registry Cleaner, RegCleaner Current Version: 2.6.5 OS: Windows 98/Me/2000/XP/XP x64/2003 License: Free for non-commercial use

The Registry is a heart and soul of any Windows system. It contains information that controls how your Windows appears and how it behaves. Most applications today use registry to store configuration and other important data. When you install an application,  a new registry entries will be created. These entries will automatically be deleted when you uninstall the application. Unfortunately, it does not always work that way.  Sometimes, you will find that some applications fail to remove their own registry entries. These entries will become obsolete.

After a long period, after installing and uninstalling a lot number of applications, your Windows registry will contain a large number of obsolete entries. These will significantly increase the registry size and thus will slowdown your computer, because Windows will need more time to load, search, and read data from registry.

To keep your computer in top performance, it is recommended to periodically clean your Windows registry.

[Jan 10, 2006] How to edit the Windows registry with Lavasoft's RegHance

You can still download older version for free (version 2.12) See for example download  but generally Google is your friend.

Why might a Windows professional want a more capable registry editor than Regedit? To answer this question, you must first look at several common reasons for editing the Windows registry.

Reasons to use RegHance over Regedit

The following sections list several reasons why you might need a faster, more efficient registry editing tool.

Registry editing is just part of Windows support

Those who support or troubleshoot Windows systems will find that a certain amount of registry editing comes with the job. Although Windows consoles and utilities offer what might be called "mediated editing" of the registry (which goes on behind the scenes under the control of such tools), sometimes direct registry snooping and editing speeds problem solving. This is particularly true when software without uninstall utilities must be removed from systems, or when uninstall programs leave unwanted detritus behind.

More quickly create Windows images

Those who create Windows images for automated installation via Microsoft’s Remote Installation Service (RIS) or by using various ghosting techniques often find that editing the registry on a master image is the fastest way to fine-tune a configuration en route to finalizing the desktop, group policy, logon, or other settings. Once a working master is tweaked, tuned, and tested, it can then be distributed in bulk around a network (or an entire enterprise).

Backing up and restoring the registry are important skills

Those who seek to back up or checkpoint Windows systems will benefit from a working knowledge of registry backup and restore techniques (or ways to roll back to earlier registry versions), because the registry basically represents the “configuration database” that describes Windows' (and related applications) presence, behavior, preferences, settings, history, etc.

Learn more about Windows' inner-workings

Those who are curious about Window’s internals and inner workings can learn a lot by looking around inside the registries. “Before” and “after” snapshots of the registry when compared to one another—for example, using the Windiff.exe utility included in the Windows 2000 Resource Kit or in the Windows XP Support Tools—can reveal exactly what happens when software is installed or when Control Panel tools or Windows consoles operate on the registry.

Definitely a step up from Regedit

Windows professionals and other interested parties will find it necessary to interact with the registry regularly, and that a good editing tool for such interaction can be helpful and worthwhile. Though RegHance doesn't support some highly advanced registry handling functions (more on this topic later), it is definitely a step up from Regedit.exe.

Also, RegHance is tightly integrated with Ad-aware. This is likely to make it appealing for those who depend on Ad-aware (and Ad-watch, the companion event tracker that watches the registry closely, among other points of Windows focus) to tell them what spyware, cookies, pop-ups, and other external influences may be doing or have done to their systems. Simply put, installing RegHance along with these tools makes it easy to observe and investigate registry changes that spyware can attempt to make or succeed in making.

How to use Registry Editor to identify an unknown PCI device This article describes how to identify and locate vendor information for a device that is displayed as Unknown Device on the Device Manager tab.

Description of the Microsoft Windows registry

This article was previously published under Q256986 SUMMARY This article describes the registry. This article also includes information about how to edit the registry, and lists references for additional information.

Continued

Recommended Links

---

In case of broken links please try to use Google search. If you find the page please notify us about new location

• Windows registry - Wikipedia, the free encyclopedia

• Microsoft/Description of the Microsoft Windows registry

  • 141377 (http://support.microsoft.com/kb/141377/)

  • 322756 (http://support.microsoft.com/kb/322756/) How to back up, edit, and restore the registry in Windows XP and Windows Server 2003
  • 322755 (http://support.microsoft.com/kb/322755/) How to back up, edit, and restore the registry in Windows 2000

  •  

• Registry Links Links to articles and other resources related to the Windows registry, from Resplendence Software Projects.

• Windows Registry Resources - Computerworld

• Knowledge Base Links: The Registry Registry tips provided by Microsoft Product Support Services.
• Registry Explorer Download From Regxplor.com, this freeware program replaces regedit and resides in Windows Explorer.
• Windows Registry Tips Library Tips for enhancing or modifying Windows performance from Active Network Inc.
• John Woram's Registry Tips Tips, utilities and links to more registry resources are provided by John Woram, president of Rockville Press Inc.
• "Understanding the Registry" (download PDF) A tutorial by Mike Lewis, a freelance technical journalist.

Monitoring and Troubleshooting the Registry

Registry software for Windows 95,98,ME,NT,2000 and XP

Freeware downloads System Utilities - Registry Tools - WebAttack.com, we download it before you do!

click here to download directly from the author

Vilma Registry Explorer is an enhanced version of the Windows Regedit program. It offers all of the standard features as well as several additional tools like bookmarks and an undo history, that allows you to undo any changes you made to the registry. It offers a comfortable interface and quick access to advanced functions from the toolbar. Vilma Registry Explorer also provides a better search function, that allows you to view all search results in the lower pane of the window.

DiamondCS security-related freeware and shareware programs (TDS, Port Explorer, Wormguard, IRClean, RegistryProt, Autostart Viewer, and more...)

DiamondCS WormGuard - Advanced Anti-Worm protection

Recent outbreaks of super-propagating worms have proven that traditional anti-virus scanning techniques (scanning for known worms) are useless against worms that spread around the globe faster than you can update your anti-virus software.

This is where WormGuard comes in, it uses generic, heusteric detection of worms which means it finds out what the worm actually does and gives you an alert if it is something harmful.

Windows Registry help Forums, self-help

RegAlyzer

RegAlyzer is a tool to browse and change the registry. It was created because of a few features we missed in the original regedit tool, from support for exotic value types over background and regular expression search to better bookmarks, displaying .reg files in the accustomed style and a history view.

Regmon 

Regmon (Sysinternals Freeware)

A Registry monitoring utility that will show you which applications are accessing your Registry, which keys they are accessing, and the Registry data that they are reading and writing - all in real-time. This advanced utility takes you one step beyond what static Registry tools can do, to let you see and understand exactly how programs use the Registry. With static tools you might be able to see what Registry values and keys changed. With Regmon you'll see how the values and keys changed..

Regmon works on Windows NT/2000/XP, .NET Server 2003 (RC2 and higher), Windows 95/98/Me and Windows 64-bit/Itanium.

RegShot

RegShot Home page  is a small utility that will take a snapshot of your registry and then compare it with a second one - after doing system changes or installing a new software. The changes report can be produced in text or HTML format and contains a list of all modifications that have taken place between snapshot1 and snapshot2. In addition, you can also specify a folder (with sub folders) to be scanned for changes as well

RegHance

RegHance 2.1 by Lavasoft

• Do you frequently work with a large number of keys or wish that you could easily view and edit multiple locations simultaneously?
• Do you perform frequent searches and wish that the native editor that ships with Windows® included more advanced options?
• Do you wish you could collect and comment important keys within multiple bookmark files?
• Do you need to read and write binary data directly to or from disk?
• Do you simply want a tool that could help you to easily backup and restore all or any portion of your registry?

Then RegHance is THE tool you can't afford to be without!

 

RegHance is designed to give you better overview capabilities and greater control, from building multiple lists of important keys to easier navigation. You can comment and save large numbers of keys to disk with just a few clicks of your mouse. RegHance is compatible with Windows 9x/ME/NT4.0, Windows 2000 and Windows XP. Not only does RegHance include a powerful hexadecimal editor that allows the user to read and write binary data to and from disk, it also includes advanced search and book marking capabilities.

RegHance supports:

• Multiple-result searching
• Deleting and manipulation of registry keys
• Switching between horizontal and vertical views
• Native keyboard shortcuts to enhance productivity

Search results can be:

• Converted to bookmarks
• Commented and saved to disk
• Exported as a text file

You can use the quick-address bar to quickly jump to a particular key or you can save and restore your working desktop at any time.

In addition RegHance was also designed to work in conjunction with Ad-Aware to provide the user with the ability to quickly and easily investigate ANY suspicious registry key with a simple mouse click.

TestRun

Description: Here is a system of program files that will permit you to safely experiment with new software without fear of corrupting the windows Registry. The Registry is a data base of essential information for applications and the Operating System. Some programs that you trial may import values into the Registry that overwrite the original settings. Even if the programs are uninstalled, it can still be impossible to get the Registry back to original.

Version: 2.12 | File size: 144 kb | OS: Windows 95/98 Home page

Other Tools

RegCln

Description: This program will display the incorrect keys from Win95 (98) Registry. If you - advanced user - are sure that these keys are really incorrect, you can delete them. Supported languages: English , Russian, French, Italian, Japanese, Spanish, Dutch, German, Finland, Czech, Hungaria, Greek, Swedish, Chinese, Portugues, Bulgarien.

Version: 2.0.1.6 | File size: 670 kb | OS: Windows[all] Home page

RegSeeker

Description: RegSeeker is a perfect companion for your Windows registry ! RegSeeker includes a powerful registry cleaner and can display various information like your startup entries, several histories (even index.dat files), installed applications and much more ! With RegSeeker you can search for any item inside your registry, export/delete the results, open them in the registry. RegSeeker also includes a tweaks panel to optimize your OS !

Version: 1.06 | File size: 247 kb | OS: Windows[all] Home page

RegScrubXP

Description: Cleans the system registry of clutter and junk. Makes your computer run faster! Includes registry tweaks to customize your computing experience! Cleans junk out of the Windows XP/2000 system registry. All changes made to the registry are fully restorable to it's original condition. You can make an exclusion list of registry entries that RegScrubXP will not display as problems. You can sift through a list of file extensions, company names, "run upon startup" programs, Internet Explorer history, and uninstall programs to delete what you think is junk. Tweak the registry with the easy to use tweaker!

Version: 3.25 | File size: 581 kb | OS: Windows 2000/XP Home page

Vilma Registry Explorer

Description: Vilma Registry Explorer is a powerful tool that will give to you the easiest way to rule all aspects of your system. You can create new keys and values, add them to the registry, or delete the existing ones. You don't have to make a backup of all your actions as Registry Explorer does it in the background. If you decide that an action is not useful, or is wrong, just open the "Backup" window and restore the item by clicking over the record. Importing and exporting data files is very easy.

Version: 1.3.4 | File size: 494 kb | OS: Windows[all] Home page

Registry Commander

Description: Use this application as an alternative for the registry editor that comes with windows (REGEDIT.EXE). - Registry Commander can do what all other registry editors can't such as cut/copy/paste, advanced search, change value type (string => binary), bookmark of keys and values, support of other types than just strings, dword and binary values. - A thing I never understood is why no registration database editors showed the size of the value data, this is properly one of the things that made me create this application!

Version: 1.02 | File size: 550 kb | OS: Windows[all] Home page

RegEditX - was not updated from 2004.

Description: RegEditX (Registry Editor Extensions) is freeware that enhances the Windows Registry Editor. If you edit the same keys repeatedly, this is for you! New buttons activate frequently used commands, and a combo box stores a history of visited keys and allows quick navigation back to them. The keys are saved across sessions and available the next time you use the Registry Editor.

Version: 1.31 | File size: 329 kb | OS: Windows[all] Home page

Registrar Lite

Description: Registrar Lite is a powerful and flexible freeware registry editor. It offers an explorer style interface which supports the clipboard and allows you to drag and drop registry keys and values. It offers background search and replace, a bookmark editor which allows you to add descriptions to registry keys as well as advanced registry value data editors which support all existing registry data types. An addressbar allows you to access registry keys and values quicly. Registrar Lite offers registry key import and export functionality which supports all native registry file types. When running on Windows XP,2000 or NT, all security features are supported by offering editors which allow you to set registry key, permissions, auditing and ownership.

Version: 2.00 | File size: 2036 kb | OS: Windows[all] Home page

RegistryReplacer

Description: The RegistryReplacer is useful for search and replace operations within the Windows Registry. It is limited to string manipulations only. Binary and numerical data cannot be processed. The involved Registry hives as well as entry types (key, values, value names) are easily selected. After so called 'replacement pairs' have been collected you may easily review changes before applying them.

Version: 1.2 OS: Windows 2000/NT/XP Home page