|
1. Introduction
|
|
2. Structure
|
|
3. Backing Up
The Registry
|
|
4. Restoring
The Registry
|
|
5. Restoring a
Deleted Registry
|
|
6. Importing And
Exporting
|
Introduction:- The Windows Registry
is essentially a central
database that maintains your hardware settings and enables the operating system to
recognize the software on your PC. The Registry stores almost any change you make
and automatically modifies itself when you alter any of the Control Panel settings,
such as adding new hardware and adding and removing programs. Within our
community it is recognized that the component files that make up the registry may
compromise peoples security since various files contain history url's and other
sensitive data. So many enquire is it possible to clean the registry, in part yes, in
whole probably not. The best approach would be to automatically copy and store
away the relevant files just after Windows has been successfully installed, and then
as
part of your daily cleaning and security session delete system.dat user.dat etc. Then
replace these with your post-installation copies. Another solution will be to use
system.1st mentioned in the 'Structure' paragraph below. Those that must have no
security leaks may wish to do a Windows re-install.
The Registry also reflects application-specific settings in third-party utilities and holds
system policy settings. Typically, network administrators have the responsibility of
making changes to system policy settings. These settings involve controlling access
to the Control Panel by certain users, mandating which wallpaper and color scheme
displays when a specific user starts the PC, and controlling who can use specified
tools and applications.
The Registry basically includes three primary files: User.dat, System.dat, and
Policy.pol. User.dat stores user preferences, such as your Desktop settings and Start
menu settings. System.dat stores hardware and application settings. The Policy.pol
file is an optional file that stores policy settings, such as those mentioned above, and
overrides settings in User.dat and System.dat.
To get an idea of the information that’s stored in your Registry, select Run from the
Start menu and type regedit. This launches the Registry editor and loads the data
from the User.dat and System.dat files into a single hierarchical tree. Although you
can manually make changes to the Registry with the Registry editor, you should
refrain from making any direct modifications unless you are a high-level user who
really knows what you’re doing.
Some older Windows programs may place configuration data into two other files,
System.ini and Win.ini. These files are leftovers from Windows 3.x, and for some
16-bit applications, they serve essentially the same purpose as the System.dat and
User.dat files of Win95/98.
Structure:-
The Windows 9x registry is completely different from the Windows 2000 version, but
the Windows 2000 registry underwent only minor changes from Windows NT 4.0. In
Windows 9x, the registry consists of two files, system.dat and user.dat, in the
Windows folder. System.dat contains information about the local machine and the
software installed there; user.dat contains user-specific information for both
applications and the machine.
Upon installation, the operating system also creates a system.1st file in the root
directory of the C drive. This file is a snapshot of the registry taken at the moment
that Windows is correctly installed, but before you start using the system. You can
rely on that file to be an early backup copy of the registry. In case of serious registry
damage, the existing system.dat file can be replaced with system.1st, and all
applications can be installed. Actually, system.1st is not necessary for the proper
operation of Windows, so you could delete it. However, this file should be saved as a
backup of the registry!!!! In Windows 2000, all these files have disappeared, but the
functionality remains the same.
Backing Up The Registry:
It is always a good idea to keep backup copies of your registry just in case you need
to restore to a previous setting.
When you start your computer successfully, Windows Registry Checker (Scanreg.exe)
and (Scanregw.exe under win98) creates a backup of system files and registry
configuration information (including user account information, protocol bindings,
software program settings, and user preferences) once daily. Files that Windows
Registry Checker backs up include System.dat, User.dat, System.ini, and Win.ini.
First you should customize what the Windows Registry Checker will & won’t do. Open
your C:\Windows\Scanreg.ini file. The Scanreg.ini file contains the entries that
determine how the Registry Checker tool makes backup copies of your registry. Edit
the x values of the settings below.
Backup=x, a value of 1 causes a backup copy of your registry to be made the first
time you start your computer on any given day (determined by the system clock). A
value of 0 disables the backing up of the registry.
Optimize=x, a value of 1 automatically optimizes your current registry if it contains
500KB+ of unused space. A value of 0 does not automatically optimize your current
registry by removing unused space.
MaxBackupCopies=x, use this value to set the maximum amount of registry backups,
e.g. a value of 5 saves the last 5 registry backups in the Windows\Sysbckup folder.
This value can be between 0 and 99.
NOTE: When you restore a registry backup using Registry Checker for MS-DOS
(scanreg), only the five earliest backups are displayed.
BackupDirectory=x, by default this entry does not contain a value, and registry
backups are automatically saved in the Windows\Sysbckup folder. If for some reason
you wish to change where the backup is stored then use this to do so. E.g. If you
want to change it to you C:\Backup directory then you would have
BackupDirectory=C:\Backup. I’d suggest just leaving the backup directory in its
default location.
NOTE: This next Scanreg.ini setting is recommended for advanced users only. & Must
be manually added into the Scanreg.ini if you intend to use it
In Windows 2000 there is no automatic backup feature. However, you can implement
backups in another way. The registry backup is built into the Windows 2000 Backup
utility, which you can find in Programs | Accessories | System Tools. From the main
page of the Backup utility, click on the Emergency Repair Disk (ERD) button and make
sure to check the proper option for backing up registry files. The procedure doesn't
even attempt to copy the current registry to a floppy an impossible operation since
the average size of the registry on many machines is close to 20MB. Instead, the
backup procedure makes a copy of the registry files in the system repair folder:
c:\winnt\repair. All the information stored in this folder is necessary to repair a
damaged Windows 2000 installation and shouldn't be deleted or modified. In
particular, the latest registry backup is saved in the RegBack subfolder.
Restoring The Registry:-
A safe method to return to an earlier Windows configuration is to restore a clean
Registry. This is a fairly easy process in Win98 because it automatically retains five
backups of your Registry. To safely restore a previous Registry in Win98, open the
Start menu, click Shut Down, then select Restart In MS-DOS Mode from the dialog
box that appears on-screen. From the command prompt (C>) type:
scanreg/restore
You’ll see a list of the last five Win98 Registry backup configurations and their
associated dates. Select the most recent backup dated prior to the date your
configuration changed, then move the cursor to Restore and press ENTER. This action
automatically backs up your current system files, restores the Registry you specified,
and restarts Win98 with the restored configuration. Win98, by the way, also
automatically checks the integrity of the Registry at system startup. If it discovers a
problem in the Registry, it first tries to fix it. But if the Registry is beyond repair,
Win98 automatically restores the last good copy it has of the Registry.
Win95 only maintains one good backup copy of the Registry and stores it as
System.da0 and User.da0. To restore your Registry with the backup copy, restart
Win95 in the MS-DOS mode by clicking Shut Down from the Start menu, then
selecting Restart In MS-DOS Mode from the dialog box. Next, make sure the
C:\Windows directory displays at the command prompt (C>). If it doesn’t, type:
cd C:\Windows
Then, restore the Win95 Registry from the backup copy by typing the following
commands and pressing ENTER after each entry:
attrib -h -r -s system.dat |
|
attrib -h -r -s system.da0 |
|
copy system.da0 system.dat |
attrib -h -r -s user.dat |
|
attrib -h -r -s user.da0 |
|
copy user.da0 user.dat |
(NOTE: The 0 in da0 is a zero, not the letter O.)
Restart your PC so the new Registry settings take effect. To make sure your system
files remain hidden and protected after you complete the Registry restoration, click
My Computer, select View, Folder Options, then click the View tab and the radio
button labeled Do Not Show Hidden Or System Files.
In Windows 2000 to restore correct registry information, you should run the Restore
Wizard from the Backup utility and follow its instructions. Use the previously created
ERD if you cannot start and log on to Windows. Through the Backup utility, you can
also schedule the registry backup at predetermined intervals.
Restoring a Deleted Registry:-
If the Registry has been deleted by accident or is corrupted in some manner, you may
not be able to start Windows at all. Here's a possible solution:-
After it happens:
Windows95 automatically makes backups of your registry files in USER.DA0 and
SYSTEM.DA0. If, for some reason, the original files are corrupted, it automatically
tries to use these backups. If this doesn't work, try to rename them manually with
the REN command (you'll have to unhide them first). Lastly, there should be a file in
the root directory of your boot drive (usually C:\), called SYSTEM.1ST - this is the
original registry from when you first (or last) installed Windows95. Copy this file to
your Windows directory, and rename it to SYSTEM.DAT. If neither the DA0 nor the
1ST files work, then thats it!
Importing and Exporting:-
Although you can edit the Registry with the Registry Editor, you can also make
changes by using Registry patches. A Registry patch is a simple text file with the
.REG extension that contains one or more keys or values. If you double-click on a
.REG file, the patch is applied to the registry. This is a good way to share or back up
small portions of the registry for use on your own computer, or someone else's,
because it's much simpler and less dangerous than manually editing the Registry. You
can create a Registry patch by opening the Registry Editor, selecting a branch, and
choosing Export from the File menu. Then, specify a filename, and press OK. You can
then view the Registry patch file by opening it in Notepad (right-click on it and select
Edit). Again, just double-click on a Registry patch file (or use Import in the Registry
Editor's File menu) to apply it to the registry. This is another method by which you
can selectively ad/remove data from application that you don't wish to be saved as
the final system backup prior to ShutDown.
|