Softpanorama

May the source be with you, but remember the KISS principle ;-)
Home Switchboard Unix Administration Red Hat TCP/IP Networks Neoliberalism Toxic Managers
(slightly skeptical) Educational society promoting "Back to basics" movement against IT overcomplexity and  bastardization of classic Unix

Windows Registry / Recommended Papers

News See also Recommended Links Microsoft  Articles and Techpapers Online chapters and Books Mark Russinovich Darren Mar-Elia
Microsoft
Registry Tools
Tweaking Monitoring Snapshots Backups  Registry cleaning  
Admin Horror Stories Dual Boot Disk Backup Norton Ghost Humor Random Findings Etc

NEWS CONTENTS

Old News ;-)

[Feb 24, 2007] How to back up, edit, and restore the registry in Windows XP and Windows Server 2003

Important This article contains information about how to modify the registry. Make sure to back up the registry before you modify it. Make sure that you know how to restore the registry if a problem occurs.

Guided Help to export registry keys and to back up the registry Requirements to install and to use this Guided Help Manual steps to back up the registry Manual steps to export registry subkeys

Manual steps to back up the whole registry

Manual steps to edit the registry

Use the Windows user interface

Manual steps to use Registry Editor

Locating a subtree, key, subkey, or value

Adding a key

Adding a value

Changing a value

Manual steps to rename a key or value

Deleting a key or value

Use Group Policy

Use a Registration Entries (.reg) file

Use Windows Scripting Host

Use Windows Management Instrumentation

Use Console Registry Tool for Windows

Restore the registry

Restore the registry keys

Restore the whole registry

REFERENCES

[Oct 3, 2005] Monitoring and Troubleshooting the Registry by Darren Mar-Elia

Safekeeping the Windows XP Registry

This article is largely excerpted from my book, Microsoft Windows XP Registry Guide (Microsoft Press, 2002). I've condensed a 12,000 word chapter into this column, so we're only scratching the surface here. If you want to learn more about safekeeping the Windows XP registry, take a look at Chapter 3, "Backing up the Registry."

For an introduction to working with the Windows XP registry, see my column, Customizing Your PC with the Windows XP Registry, and the Knowledge Base article, Description of the Microsoft Windows Registry.

This column is geared to advanced users of Windows XP. Although even advanced users should be aware that if you use Registry Editor incorrectly, you can cause serious problems that may require you to reinstall your operating system. Microsoft recommends that before you edit the registry, you back up the registry and understand how to restore it if a problem occurs.

In this column, I'll explain how to back up the registry and restore it if things go awry. You'll learn how to use System Restore, which ensures that you can roll back the configuration of Windows XP to an earlier snapshot that the operating system makes automatically. Also, I like to save keys to hive files before making big changes to the registry so that I can restore those hive files if I make a mess of things. Both of these tools require preparation in advance. In other words, after something goes wrong is not the best time for backing up the registry-back up the registry first.

Recommended Links

Google matched content

Softpanorama Recommended

Top articles

Sites

Darren Mar-Elia

***** How the Registry Is Architected

***** Backing Up and Securing the Registry and Manipulating Hives and Keys by Darren Mar-Elia

**** Registry Scripting by Darren Mar-Elia

***** Viewing and Manipulating the Registry by Darren Mar-Elia

***** Monitoring and Troubleshooting the Registry by Darren Mar-Elia

Because Registry problems are not always easy to spot (e.g., a security permission issue on one key in the Registry can cause seemingly unrelated problems on an application), I begin with a discussion of tools and techniques for monitoring Registry activity - including WinDiff, Reg.exe's compare option, RegMon, Event Log, and Sysdiff. With the advent of the Security Configuration tools with Group Policy and the ability to centrally distribute Registry security changes to hundreds or thousands of workstations, security issues are likely to become more commonplace as organizations seek to enhance system security at all levels. I review how the

Windows Installer logs Registry activity and discuss the best way to recover the Registry when you have problems.

The best defense against Registry problems is to keep a backup of as current a copy of your Registry as is feasible. As I discussed in "Viewing and Manipulating the Registry," the third installment in this series, you have several ways to back up Registry hives on your Windows 2000 system. However, for those cases in which you don't have a recent backup or need a faster solution, this chapter offers some techniques for identifying and addressing Registry corruption.

Finally, I present some common Registry troubles and the solutions you need to get your system back up and running quickly. In "Registry Scripting," the final installment in this series, I discuss how to combine segments of information that you learned about in the preceding chapters into scripted solutions for use either on your workstation or across an enterprise.

Tools for Monitoring the Registry
Numerous tools exist for determining how an application or system component is affecting your system and, importantly, how it is affecting the Registry. Once you know how the Registry is affected, you can often get closer to pinpointing problems. In this section, I review the most useful tools that I have found and talk about how you can use them to see what's going on in the Registry. To begin with, I consider some common Resource Kit utilities that can be useful for monitoring Registry activity. Then, I review RegMon - a great freeware tool for monitoring Registry activity in real time. Finally, I evaluate the usefulness of Win2K's native event logging tool for monitoring Registry activity.

WinDiff

WinDiff is a Resource Kit utility that compares files and directories before and after changes. How is this tool useful for Registry monitoring? You can use WinDiff with Regedt32 or Regedit to compare before and after results from Registry settings. Both Regedt32 and Regedit have ways of dumping the contents of keys or values to text files. In Regedt32, it is done using the Save Subtree As feature. In Regedit, you can use the Export Registry File feature to create a text .reg file. (From the command line, you can also use Regdmp from the Resource Kit, and the Regedit /e option to do basically the same thing as Regedt32 and Regedit.)

The process is pretty straightforward. Create a text file dump of the keys you want to monitor before you make a system change, using one of the methods above. Then make your system change. You may be installing a new application or adding a new service. Any change that affects the Registry (which will be most things!) can be tracked in this way. After you make the change, rerun the dump method on the keys of interest and use WinDiff to compare the difference.

For example, I want to find out what changes are made to HKLM\Software\Microsoft\ during the installation of the Win2K Resource Kit. I could use Regedt32 to perform a Save Subtree As operation on this whole key, then perform the Resource Kit install, then save the subtree again after the install. I use WinDiff's Compare Files feature to load both the before and after text files and WinDiff shows me what has changed. Figure 1 illustrates just such an operation and some of the differences that WinDiff revealed.

Note that in Figure 1, the !> symbol indicates that a new key or value was found in the second file (the post-Resource Kit snapshot) that wasn't in the first file. WinDiff also points out when something has changed between the first file and the second (Figure 2).

When you use WinDiff, there are a few things that you should know. First, it is a Resource Kit utility, for which Microsoft offers limited support. Under certain circumstances, it is not the most robust of tools. For example, if you choose to create a save file that is too large (e.g., if you try to dump all of HKEY_CLASSES_ROOT), WinDiff cannot load both the before and after files; it simply hangs.

Tip: How large a save file is too large for WinDiff? I find that two 2 MB files have no problem loading. I have tried loading two 9 MB files, however, and WinDiff essentially hangs. Because the system you work with is one factor in the loading equation, you may have to experiment with your system. For doing small-scale Registry comparisons on a focused set of keys or values, WinDiff is a great way to see everything that has changed.

Reg's Compare Option
WinDiff is great if you want to compare dumps of two Registry trees. However, if you need to compare keys or values in real time against a running system's Registry, you should familiarize yourself with the reg utility's compare option. I first introduced reg in "Viewing and Manipulating the Registry," the third installment in this series. Reg is the Swiss Army knife of Registry tools. The reg compare option replaces the CompReg utility that was available in NT 4.0's Resource Kit and lets you compare the contents of keys or values on local and remote machines.

As an example of how you can use reg's compare option to compare two keys on the same machine, I compare the contents of HKEY_CURRENT_USER\Control Panel\Desktop and HKEY_USERS \.Default\Control Panel\Desktop. The command syntax for such a comparison follows:

reg compare "HKU\.Default\Control Panel\Desktop" "HKCU\Control Panel\Desktop" /s /od

The /s option tells CompReg to check subkeys and values that exist under each key specified. The /od option instructs reg to show only the differences between the two keys.

The Registry and the Active Directory

Mark Russinovich

Windows NT and Windows 2000 - Inside the Registry By Mark Russinovich

Article from Windows NT Magazine

The Registry is the centralized configuration database for Windows NT and Windows 2000, as well as for applications. The Registry stores information about tuning parameters, device configuration, and user preferences. Many books and articles can help you learn about the logical layout of the Registry. These resources describe where the Registry stores specific configuration settings, which values the settings can store, and what happens when you change the settings.

However, these resources don't describe how NT physically manages the Registry. In other words, how do NT and Windows 2000 organize the Registry on disk, how do these OSs locate and retrieve configuration information when an application requests this information, and what measures do they employ to protect this database that's so crucial to their operation?

This month, I'll show you how the Configuration Manager-the kernel subsystem that implements the Registry-organizes the Registry's on-disk files. I'll discuss how the Configuration Manager manages the Registry as applications and other OS components read and change Registry keys and values. Finally, I'll discuss the mechanisms by which the Configuration Manager tries to ensure that the Registry is always in a recoverable state, even if the system crashes while you're modifying the Registry. To get the most from this column, you need to be familiar with the Registry's logical organization, including the concepts of root key, subkey, and values. If you don't have such knowledge, I recommend that you first read "Inside the Windows NT Registry," April 1997.

On This Page
Hives
Hive Structure
Cell Maps
The Registry Namespace and Operation
Stable Storage
Registry Optimizations
The End of the Tour

Annoyances.org - Introduction to the Registry

There are six main branches (five in Windows 2000 and Windows XP), each containing a specific portion of the information stored in the Registry. They are as follows:

Microsoft Articles and Techpapers

322756 - How to back up, edit, and restore the registry in Windows XP and Windows Server 2003 For a Microsoft Windows NT 4.0 version of this article, see 323170.

Important This article contains information about modifying the registry. Before you modify the registry, make sure to back it up and make sure that you understand how to restore the registry if a problem occurs. For information about how to back up, restore, and edit the registry, click the following article number to view the article in the Microsoft Knowledge Base:

Online Chapters and Books

O'reilly/Managing the Windows 2000 Registry

Chapter 5 of Microsoft Windows XP Registry Guide. It also provides detailed information about disk "cloning" using Sysprep.

Mystery Behind Windows Registry - A Guide available for download as a zip file

Random Findings



Etc

Society

Groupthink : Two Party System as Polyarchy : Corruption of Regulators : Bureaucracies : Understanding Micromanagers and Control Freaks : Toxic Managers :   Harvard Mafia : Diplomatic Communication : Surviving a Bad Performance Review : Insufficient Retirement Funds as Immanent Problem of Neoliberal Regime : PseudoScience : Who Rules America : Neoliberalism  : The Iron Law of Oligarchy : Libertarian Philosophy

Quotes

War and Peace : Skeptical Finance : John Kenneth Galbraith :Talleyrand : Oscar Wilde : Otto Von Bismarck : Keynes : George Carlin : Skeptics : Propaganda  : SE quotes : Language Design and Programming Quotes : Random IT-related quotesSomerset Maugham : Marcus Aurelius : Kurt Vonnegut : Eric Hoffer : Winston Churchill : Napoleon Bonaparte : Ambrose BierceBernard Shaw : Mark Twain Quotes

Bulletin:

Vol 25, No.12 (December, 2013) Rational Fools vs. Efficient Crooks The efficient markets hypothesis : Political Skeptic Bulletin, 2013 : Unemployment Bulletin, 2010 :  Vol 23, No.10 (October, 2011) An observation about corporate security departments : Slightly Skeptical Euromaydan Chronicles, June 2014 : Greenspan legacy bulletin, 2008 : Vol 25, No.10 (October, 2013) Cryptolocker Trojan (Win32/Crilock.A) : Vol 25, No.08 (August, 2013) Cloud providers as intelligence collection hubs : Financial Humor Bulletin, 2010 : Inequality Bulletin, 2009 : Financial Humor Bulletin, 2008 : Copyleft Problems Bulletin, 2004 : Financial Humor Bulletin, 2011 : Energy Bulletin, 2010 : Malware Protection Bulletin, 2010 : Vol 26, No.1 (January, 2013) Object-Oriented Cult : Political Skeptic Bulletin, 2011 : Vol 23, No.11 (November, 2011) Softpanorama classification of sysadmin horror stories : Vol 25, No.05 (May, 2013) Corporate bullshit as a communication method  : Vol 25, No.06 (June, 2013) A Note on the Relationship of Brooks Law and Conway Law

History:

Fifty glorious years (1950-2000): the triumph of the US computer engineering : Donald Knuth : TAoCP and its Influence of Computer Science : Richard Stallman : Linus Torvalds  : Larry Wall  : John K. Ousterhout : CTSS : Multix OS Unix History : Unix shell history : VI editor : History of pipes concept : Solaris : MS DOSProgramming Languages History : PL/1 : Simula 67 : C : History of GCC developmentScripting Languages : Perl history   : OS History : Mail : DNS : SSH : CPU Instruction Sets : SPARC systems 1987-2006 : Norton Commander : Norton Utilities : Norton Ghost : Frontpage history : Malware Defense History : GNU Screen : OSS early history

Classic books:

The Peter Principle : Parkinson Law : 1984 : The Mythical Man-MonthHow to Solve It by George Polya : The Art of Computer Programming : The Elements of Programming Style : The Unix Haterís Handbook : The Jargon file : The True Believer : Programming Pearls : The Good Soldier Svejk : The Power Elite

Most popular humor pages:

Manifest of the Softpanorama IT Slacker Society : Ten Commandments of the IT Slackers Society : Computer Humor Collection : BSD Logo Story : The Cuckoo's Egg : IT Slang : C++ Humor : ARE YOU A BBS ADDICT? : The Perl Purity Test : Object oriented programmers of all nations : Financial Humor : Financial Humor Bulletin, 2008 : Financial Humor Bulletin, 2010 : The Most Comprehensive Collection of Editor-related Humor : Programming Language Humor : Goldman Sachs related humor : Greenspan humor : C Humor : Scripting Humor : Real Programmers Humor : Web Humor : GPL-related Humor : OFM Humor : Politically Incorrect Humor : IDS Humor : "Linux Sucks" Humor : Russian Musical Humor : Best Russian Programmer Humor : Microsoft plans to buy Catholic Church : Richard Stallman Related Humor : Admin Humor : Perl-related Humor : Linus Torvalds Related humor : PseudoScience Related Humor : Networking Humor : Shell Humor : Financial Humor Bulletin, 2011 : Financial Humor Bulletin, 2012 : Financial Humor Bulletin, 2013 : Java Humor : Software Engineering Humor : Sun Solaris Related Humor : Education Humor : IBM Humor : Assembler-related Humor : VIM Humor : Computer Viruses Humor : Bright tomorrow is rescheduled to a day after tomorrow : Classic Computer Humor

The Last but not Least Technology is dominated by two types of people: those who understand what they do not manage and those who manage what they do not understand ~Archibald Putt. Ph.D


Copyright © 1996-2021 by Softpanorama Society. www.softpanorama.org was initially created as a service to the (now defunct) UN Sustainable Development Networking Programme (SDNP) without any remuneration. This document is an industrial compilation designed and created exclusively for educational use and is distributed under the Softpanorama Content License. Original materials copyright belong to respective owners. Quotes are made for educational purposes only in compliance with the fair use doctrine.

FAIR USE NOTICE This site contains copyrighted material the use of which has not always been specifically authorized by the copyright owner. We are making such material available to advance understanding of computer science, IT technology, economic, scientific, and social issues. We believe this constitutes a 'fair use' of any such copyrighted material as provided by section 107 of the US Copyright Law according to which such material can be distributed without profit exclusively for research and educational purposes.

This is a Spartan WHYFF (We Help You For Free) site written by people for whom English is not a native language. Grammar and spelling errors should be expected. The site contain some broken links as it develops like a living tree...

You can use PayPal to to buy a cup of coffee for authors of this site

Disclaimer:

The statements, views and opinions presented on this web page are those of the author (or referenced source) and are not endorsed by, nor do they necessarily reflect, the opinions of the Softpanorama society. We do not warrant the correctness of the information provided or its fitness for any purpose. The site uses AdSense so you need to be aware of Google privacy policy. You you do not want to be tracked by Google please disable Javascript for this site. This site is perfectly usable without Javascript.

Last modified: March 12, 2019