Tài liệu Examining the Regedit User inferface phần 3 docx
Bạn đang xem bản rút gọn của tài liệu. Xem và tải ngay bản đầy đủ của tài liệu tại đây (29.73 KB, 7 trang )
Adding New Keys
To add a new key to any registry hive, select the New | Key commands from the Edit
menu. The procedure is straightforward and very similar to that of creating new folders in
Windows Explorer. The new key will be created without prompting the user to provide a
name, but you will be able to rename the new key after it has been created.
Adding New Value Entries
To add new registry value entries, select the New command from the Edit menu, then
select the appropriate command, depending on the data type of the value entry to be
created. Using Windows XP or Windows Server 2003 version of Regedit.exe, you can
create string-value types (REG_SZ, REG_MULTI_SZ, and REG_EXPAND_SZ) and
binary values (REG_DWORD or REG_BINARY). The new value entry will be created
without prompting the user to provide a name, but you'll be able to rename and edit the
value after it has been created.
Using the Binary Editor
When you select the binary value (REG_BINARY data type) and then select the Modify
command from the Edit menu, Regedit.exe opens the Edit Binary Value window (Fig.
3.10). Note that you can use the binary editor to edit a value of any type by selecting the
Modify Binary Data command. Enter the data into the Value data field of the Edit
Binary Value window.
Figure 3.10: The Edit Binary Value window
Editing String Values
Select the REG_SZ value in the right pane of the Registry Editor window. Then select the
Modify command from the Edit menu to start the String Editor. The Edit String window
(Fig. 3.11
) allows you to edit string values.
Figure 3.11: The Edit String window
Editing DWORD Values
When you double-click a REG_DWORD registry value entry or highlight an entry of this
type and select the Modify command from the Edit menu, the DWORD editor starts
(Fig. 3.12
). By default, all REG_DWORD data are displayed in hex format. However,
you can also display data using decimal format by selecting the appropriate radio button
from the Base group at the bottom of the window.
Figure 3.12: The Edit DWORD Value window
Editing Multi-String Values
The Edit Multi-String window (Fig. 3.13
) opens when you double-click the multi-string
value or select a multi-string value and then choose the Modify command from the Edit
menu. This window allows you to edit multi-string values.
Figure 3.13: The Edit Multi-String window
Viewing Resource Lists
As was already mentioned in Chapter 1
, the system registry stores all information on the
hardware installed on the computer. The registry even has special data types for this
purpose, namely, REG_RESOURCE_LIST, REG_FULL_RESOURCE_DESCRIPTOR,
and REG_RESOURCE_REQUIREMENTS_LIST. These data types are only used in the
HKEY_LOCAL_MACHINE\HARDWARE registry key. The value entries of these types
are viewed in the Resource Lists (Fig. 3.14
) and Resources windows (Fig. 3.15).
Figure 3.14: The Resource Lists window
Figure 3.15: The Resources window
Deleting Registry Keys and Value Entries
To delete a registry key or value entry, select the object that you wish to delete and then
select the Delete command from the Edit menu. The system will prompt you to confirm
your intention to delete the selected key or value entry (Fig. 3.16
).
Figure 3.16: The system prompts you to confirm your intention to delete a registry key or
value entry
Note Don't forget to back up the registry hives where you'll be deleting keys or value
entries. Registry editors don't provide the capability to undo this operation. After
having confirmed the deletion, you will have no other means of restoring the
information other than the use of backup copies. As shown in Fig. 3.14
, the warning
message displayed by the system doesn't specify the name of the key you are about
to delete. Before proceeding further, check the name of the selected key and make
sure that you know what you're doing.
If you delete something from the
HKEY_LOCAL_MACHINE\System\CurrentControlSet, you can restore this key
using the Last Known Good configuration (see Chapter 6
).
The View Menu Commands
The View menu contains commands that allow you to select the method of displaying the
registry. It contains the following commands:
Status Bar
Split
Display Binary Data
Refresh
The Status Bar command in the View menu allows the user to hide the status bar. The
status bar is useful because it helps you to navigate the registry. For this reason, I
recommend that users (at least beginners) don't hide it.
The Split option moves the mouse cursor to the divider separating the left and right panes
of the Registry Editor window. All you have to do is to move the mouse right or left to
find a new position for the divider. After that, the only thing you need to do is to click the
left (or right) mouse button.
Tip Tip Resizing the Registry Editor window is similar to resizing Explorer or My
Computer windows. You just need to move the mouse cursor to the divider, wait
until it changes to a double arrow, click the left mouse button and drag the divider
left or right. When you are done, release the mouse button.
The Display Binary Data command from the View menu, which was introduced with
Windows XP and is present in all products of the Windows Server 2003 family, becomes
available only after you select one of the value entries listed in the right pane of the
Registry Editor window. This command allows you to view the selected data item using
one of three formats: Byte, Word, or Dword. Notice that it doesn't allow you to edit the
data (if you need to, select the value entry and choose the Modify Binary Data from the
Edit menu).
