Sie sind auf Seite 1von 12

WINDOWS XP

HACKS
100 Industrial-Strength Tips & Tools

Preston Gralla
WINDOWS XP
HACKS
Other Microsoft Windows resources from O’Reilly
Related titles Amazon Hacks Wireless Hacks
Google Hacks Mac OS X Hacks
eBay Hacks Linux Server Hacks
TiVo Hacks

Hacks Series Home hacks.oreilly.com is a community site for developers


and power users of all stripes. Readers learn from each
other as they share their favorite tips and tools for Mac
OS X, Linux, Google, Windows XP, and more.

Windows Books windows.oreilly.com is a complete catalog of O’Reilly’s


Resource Center Windows and Office books, including sample chap-
ters and code examples.

oreillynet.com is the essential portal for developers in-


terested in open and emerging technologies, including
new platforms, programming languages, and operat-
ing systems.

Conferences O’Reilly & Associates bring diverse innovators to-


gether to nurture the ideas that spark revolutionary
industries. We specialize in documenting the latest
tools and systems, translating the innovator’s knowl-
edge into useful skills for those in the trenches. Visit
conferences.oreilly.com for our upcoming events.

Safari Bookshelf (safari.oreilly.com) is the premier on-


line reference library for programmers and IT
professionals. Conduct searches across more than
1,000 books. Subscribers can zero in on answers to
time-critical questions in a matter of seconds. Read the
books on your Bookshelf from cover to cover or sim-
ply flip to the page you need. Try it today with a free
trial.
WINDOWS XP
HACKS

Preston Gralla

Beijing • Cambridge • Farnham • Köln • Paris • Sebastopol • Taipei • Tokyo


HACK
#68 Don’t Fear the Registry

H A C K Don’t Fear the Registry Hack #68

#68 The Registry is the single best tool available for hacking XP. Here’s an
introduction to how it’s organized and how to use it.

If you haven’t spent much time in the Registry, you can easily be cowed by
it. At first glance, it’s a maze of apparently incomprehensible settings. In
fact, though, there’s a method to the madness. The Registry is a hierarchical
database of information that defines exactly how your system works, includ-
ing virtually every part of XP and its applications. Editing the Registry data-
base is often the best way to hack XP. In fact, there are many changes to the
operating system that you can make in no other way.
Even if you’ve never used the Registry directly before, you’ve changed it
without realizing it. Whenever you change a setting using the Control Panel,
for example, behind the scenes a Registry change is made that puts that new
setting into effect. The menus and dialog boxes you see in XP are often little
more than a visual front-end to the Registry.
If you want to optimize XP and master every part of it, you’ll have to use the
Registry. XP contains so many different settings and customizations that it
simply wasn’t possible for Microsoft to build a graphical interface for every
conceivable possibility. And there are many times when it’s easier and you
get more options when you edit the Registry rather than using the graphical
XP interface. You can use Windows XP without ever editing the Registry—
many users do—but advanced users understand its power tool status.
The way to edit the Registry is by using the Registry Editor, also called Reg-
Edit, which is shown in Figure 7-1. To run it, type regedit at the Run box or
command line and press Enter.

Figure 7-1. Controlling Registry settings by using the Registry Editor

Before you edit the Registry, though, you should first get a basic understand-
ing of its structure.

244 | The Registry


HACK
Don’t Fear the Registry #68

Sometimes, we power users like to jump in without reading


the manual. The Registry is not the best place to experiment
and learn as you go, until you understand at least a little
what’s going on. You could render your system useless and
unrecoverable with just a few changes. So, we recommend
making a backup [Hack #71] and reading at least most of this
chapter first. You’ll be glad later if you do this now.

The Five Logical Registry Hives


The Registry has many thousands of settings; in fact, it often has tens of
thousands of them. They are organized into five main Registry sections,
called Registry hives. Think of each hive as a root directory. Each of the hives
has a different purpose. When you start to delve into the Registry, you may
notice that many of the settings seem to be exact duplicates of one
another—in other words, settings in one hive mirror the settings in another
hive. In fact, frequently one set of settings is merely an alias (called a sym-
bolic link) of another, so that when you change those settings in one place,
the changes are made in both hives.

The hives themselves are stored in the C:\Windows\system32\


config and C:\Documents and Settings\{username} files.

Following are the five hives and what each does:


HKEY_CLASSES_ROOT
This hive contains information about file types, filename extensions,
and similar information. It instructs XP how to handle every different
file type and controls basic user interface options, such as double-click-
ing and context menus. This hive also includes class definitions (hence
the word “CLASSES” in its name) of unique objects, such as file types or
OLE objects. Frequently, classes associated with file types contain the
Shell subkey, which defines actions, such as opening and printing, that
can be taken with that file type.
HKEY_CURRENT_USER
This hive contains configuration information about the system setup of
the user that is currently logged into XP. It controls the current user’s
Desktop, as well as XP’s specific appearance and behavior for the cur-
rent user. This hive also manages network connections and connections
to devices such as printers, personal preferences such as screen colors,
as well as security rights. Also included in this hive are Security Identifi-

The Registry | 245


HACK
#68 Don’t Fear the Registry

ers (SIDs), which uniquely identify users of the PC and which have
information about each user’s rights, settings, and preferences.
HKEY_LOCAL_MACHINE
This hive contains information about the computer itself, as well as about
the operating system. It includes specific details about all hardware,
including keyboard, printer ports, storage—the entire hardware setup. In
addition, it has information about security, installed software, system
startup, drivers, services, and the machine’s specific XP configuration.
HKEY_USERS
This hive contains information about every user profile on the system.
HKEY_CURRENT_CONFIG
This hive contains information about the current hardware configura-
tion of the system, in the same way that HKEY_CURRENT_USER contains
information about the current user of the system.

Using Keys and Values


Each hive is at the top of the hierarchy, and underneath each hive are keys,
which can in turn contain subkeys, and those subkeys can contain subkeys,
and so on, organized in folder-like fashion, much like a hard drive.
Keys and subkeys contain a value, which controls a particular setting. For
example, this key:
HKEY_CURRENT_USER\Control Panel\Mouse\DoubleClickSpeed

determines the amount of time between mouse clicks that must elapse before
Windows won’t consider it to be a double-click. To set the amount of time,
you change the key’s value. In this case, the default value is 500, measured in
milliseconds, and you can edit the Registry to change it to whatever value you
want, as shown in Figure 7-2. You can also make the changes using the Mouse
Properties dialog box (Start ➝ Control Panel ➝ Printers and Other Hardware
➝ Mouse). When you make changes to that dialog box, the changes are in
turn made in the Registry, which ultimately controls the setting. In essence,
the dialog box is merely a convenient front-end to the Registry.
A key can contain one or more values. Following are the five primary data
types of values in the Registry:
REG_SZ (String value)
This data type is easy to understand and edit because it is made up of
plain text and numbers. It is one of the most common data types in the
Registry. The value for DoubleClickSpeed, mentioned earlier in this hack,
is of this type.

246 | The Registry


HACK
Don’t Fear the Registry #68

Figure 7-2. Editing a Registry key’s value

REG_MULTI_SZ (String array value)


This data type contains several strings of plain text and numbers. The
Registry Editor will let you edit these values, but it won’t let you create
them.
REG_EXPAND_SZ (Expanded string value)
This data type contains variables that Windows uses to point to the
location of files. For example, to point to the location of the Luna theme
file, the expanded string value in the Registry is %SystemRoot%\
resources\Themes\Luna.theme.
REG_BINARY (Binary values)
This data type is made up of binary data: 0s and 1s. Figure 7-3 shows a
typical example of a binary value. As a general rule, you won’t edit
binary values—instead you’ll edit string values because they’re made up
of text and numbers, as shown in Figure 7-4.
REG_DWORD (DWORD values)
This data type is represented as a number. Sometimes a 0 turns on the
key or 1 turns off the key, though it can use other numbers as well.
While you see and edit the value as a number, such as 456, the Registry
itself views the number as a hexadecimal number, 1C8. Figure 7-5 shows
a DWORD value being edited.

The Registry | 247


HACK
#68 Don’t Fear the Registry

Figure 7-3. Binary values

Figure 7-4. Editing String values

Figure 7-5. Editing DWORD values

248 | The Registry


HACK
Don’t Fear the Registry #68

Launching the Registry Editor


There’s an upside and a downside to using XP’s Registry Editor. The upside
is that it’s relatively simple to use. The downside is that it doesn’t offer
much functionality beyond basic Registry editing.

In some instances, when you make changes using the Regis-


try the changes take effect as soon as you exit the Registry. In
other instances, they’ll take effect only after you log out and
then log back in. And, in yet other instances, they’ll take
effect only after you restart Windows.

To run the Registry Editor, type regedit in the Run box or a command
prompt and press Enter. If this is the first time you’ve run the Registry Edi-
tor, it will open highlighting the HKEY_CURRENT_USER hive, as shown in
Figure 7-6. If you’ve previously used the Registry Editor, it will open high-
lighting the last key you edited or the last place you were in the Registry.

Figure 7-6. Using the Registry Editor for the first time

You can browse through the Registry with the Registry Editor in the same
way you browse through a hard disk using Windows Explorer. Clicking a +
sign opens a key to reveal the next level down of the hierarchy. Clicking a –
sign closes the key.
The Registry can be several levels deep in keys and subkeys, so navigating it
using a mouse can take a substantial amount of time. (Every time you open
it, it jumps to the last-used key.) You can use shortcut keys, though, to more
easily navigate through the Registry. The right arrow key opens a key to
reveal subkeys; the left arrow key closes a key and moves one level up in the
key hierarchy. To jump to the next subkey that begins with a specific letter,
press that letter on the keyboard.
You use the Registry Editor to edit existing keys and values, create new keys
and values, or delete existing keys and values. Sometimes, the changes take
effect as soon as you make the change and exit the Registry Editor; other

The Registry | 249


HACK
#68 Don’t Fear the Registry

times, you’ll have to reboot for them to take effect. Keep in mind that there
is no “Save” button. When you modify a value, it changes right then and
there. There is also no Undo button, so make your changes carefully.
If there’s a particular key that you want to edit, an even faster way to navi-
gate is to use the Find command from the Edit menu. (You can also use the
Find command by pressing Ctrl-F.) To find successive keys with the same
value, press the F3 key.
To edit the data associated with a value, double-click on the value in the
right pane of the Registry Editor; a box appears that lets you edit the value,
as shown in Figure 7-7.

Figure 7-7. Editing a value

When you’re editing the Registry, it’s often hard to tell what key you’re edit-
ing, because the Registry Editor doesn’t highlight that key. Instead, it shows
only an open folder icon next to it, but it’s easy to miss that icon. Check the
status bar at the bottom of the Registry Editor; it should display the key
you’re editing. If it doesn’t, choose View ➝ Status Bar from the Registry Edi-
tor menu.
To rename a key, select it and choose Edit ➝ Rename from the menu. You
can also right-click on the key and choose Edit ➝ Rename.

Adding and Deleting Keys and Values


Editing the Registry often requires that you add and delete keys and values
To add a new key, select the new key’s parent key in the left pane. Then,
choose Edit ➝ New ➝ Key from the menu. Type in the new key’s name. You
can also right-click on the new key’s parent key and choose Edit ➝ New ➝
Key. To delete a key, select it and press the Delete key.
Very often, you need to add values to a key in order for its changes to take
effect. To add a value to a key, select the new key’s parent key in the left
pane. From the menu, choose Edit ➝ New, and from the submenu, select

250 | The Registry


HACK
Don’t Fear the Registry #68

the type of value you want to create. We’ve already covered the five types of
values you can create; as a reminder, they’re detailed in Table 7-1.
To create a new value, type in the name of the new value and press Enter.
Press Enter again. The Edit Value dialog box appears, as shown in
Figure 7-7. Enter your data and press Enter.

Table 7-1. Values you’ll encounter in the Registry

Value name Registry data type


String value REG_SZ
Binary value REG_BINARY
DWORD value REG_DWORD
String array value REG_MULTI_SZ
Expanded string value REG_EXPAND_SZ

See Also
• For an excellent collection of Registry hacks, go to the Registry Guide
for Windows at http://www.winguides.com/registry. Make sure to sign
up for the newsletter that offers Registry advice and hacks.

The Registry | 251

Das könnte Ihnen auch gefallen