Registry Basics
[ Home ] [ Back] [ Next ]
Information on the use of the Registry

Introduction 1. Introduction
Structure 2. Structure
Backing Up The Registry 3. Backing Up The Registry
Restoring The Registry 4. Restoring The Registry
Restoring a Deleted Registry 5. Restoring a Deleted Registry
Importing And Exporting 6. Importing And Exporting

Introduction:-
The Windows Registry is essentially a central database that maintains your hardware settings and enables the operating system to recognize the software on your PC. The Registry stores almost any change you make and automatically modifies itself when you alter any of the Control Panel settings, such as adding new hardware and adding and removing programs. Within our community it is recognized that the component files that make up the registry may compromise peoples security since various files contain history url's and other sensitive data. So many enquire is it possible to clean the registry, in part yes, in whole probably not. The best approach would be to automatically copy and store away the relevant files just after Windows has been successfully installed, and then as part of your daily cleaning and security session delete system.dat user.dat etc. Then replace these with your post-installation copies. Another solution will be to use system.1st mentioned in the 'Structure' paragraph below. Those that must have no security leaks may wish to do a Windows re-install.

The Registry also reflects application-specific settings in third-party utilities and holds system policy settings. Typically, network administrators have the responsibility of making changes to system policy settings. These settings involve controlling access to the Control Panel by certain users, mandating which wallpaper and color scheme displays when a specific user starts the PC, and controlling who can use specified tools and applications.

The Registry basically includes three primary files: User.dat, System.dat, and Policy.pol. User.dat stores user preferences, such as your Desktop settings and Start menu settings. System.dat stores hardware and application settings. The Policy.pol file is an optional file that stores policy settings, such as those mentioned above, and overrides settings in User.dat and System.dat.

To get an idea of the information that’s stored in your Registry, select Run from the Start menu and type regedit. This launches the Registry editor and loads the data from the User.dat and System.dat files into a single hierarchical tree. Although you can manually make changes to the Registry with the Registry editor, you should refrain from making any direct modifications unless you are a high-level user who really knows what you’re doing.

Some older Windows programs may place configuration data into two other files, System.ini and Win.ini. These files are leftovers from Windows 3.x, and for some 16-bit applications, they serve essentially the same purpose as the System.dat and User.dat files of Win95/98.

Structure:-
The Windows 9x registry is completely different from the Windows 2000 version, but the Windows 2000 registry underwent only minor changes from Windows NT 4.0. In Windows 9x, the registry consists of two files, system.dat and user.dat, in the Windows folder. System.dat contains information about the local machine and the software installed there; user.dat contains user-specific information for both applications and the machine.

Upon installation, the operating system also creates a system.1st file in the root directory of the C drive. This file is a snapshot of the registry taken at the moment that Windows is correctly installed, but before you start using the system. You can rely on that file to be an early backup copy of the registry. In case of serious registry damage, the existing system.dat file can be replaced with system.1st, and all applications can be installed. Actually, system.1st is not necessary for the proper operation of Windows, so you could delete it. However, this file should be saved as a backup of the registry!!!! In Windows 2000, all these files have disappeared, but the functionality remains the same.

Backing Up The Registry:
It is always a good idea to keep backup copies of your registry just in case you need to restore to a previous setting.

When you start your computer successfully, Windows Registry Checker (Scanreg.exe) and (Scanregw.exe under win98) creates a backup of system files and registry configuration information (including user account information, protocol bindings, software program settings, and user preferences) once daily. Files that Windows Registry Checker backs up include System.dat, User.dat, System.ini, and Win.ini.

First you should customize what the Windows Registry Checker will & won’t do. Open your C:\Windows\Scanreg.ini file. The Scanreg.ini file contains the entries that determine how the Registry Checker tool makes backup copies of your registry. Edit the x values of the settings below.

Backup=x, a value of 1 causes a backup copy of your registry to be made the first time you start your computer on any given day (determined by the system clock). A value of 0 disables the backing up of the registry.

Optimize=x, a value of 1 automatically optimizes your current registry if it contains 500KB+ of unused space. A value of 0 does not automatically optimize your current registry by removing unused space.

MaxBackupCopies=x, use this value to set the maximum amount of registry backups, e.g. a value of 5 saves the last 5 registry backups in the Windows\Sysbckup folder. This value can be between 0 and 99.

NOTE: When you restore a registry backup using Registry Checker for MS-DOS (scanreg), only the five earliest backups are displayed.

BackupDirectory=x, by default this entry does not contain a value, and registry backups are automatically saved in the Windows\Sysbckup folder. If for some reason you wish to change where the backup is stored then use this to do so. E.g. If you want to change it to you C:\Backup directory then you would have BackupDirectory=C:\Backup. I’d suggest just leaving the backup directory in its default location.

NOTE: This next Scanreg.ini setting is recommended for advanced users only. & Must be manually added into the Scanreg.ini if you intend to use it

In Windows 2000 there is no automatic backup feature. However, you can implement backups in another way. The registry backup is built into the Windows 2000 Backup utility, which you can find in Programs | Accessories | System Tools. From the main page of the Backup utility, click on the Emergency Repair Disk (ERD) button and make sure to check the proper option for backing up registry files. The procedure doesn't even attempt to copy the current registry to a floppy an impossible operation since the average size of the registry on many machines is close to 20MB. Instead, the backup procedure makes a copy of the registry files in the system repair folder: c:\winnt\repair. All the information stored in this folder is necessary to repair a damaged Windows 2000 installation and shouldn't be deleted or modified. In particular, the latest registry backup is saved in the RegBack subfolder.

Restoring The Registry:-
A safe method to return to an earlier Windows configuration is to restore a clean Registry. This is a fairly easy process in Win98 because it automatically retains five backups of your Registry. To safely restore a previous Registry in Win98, open the Start menu, click Shut Down, then select Restart In MS-DOS Mode from the dialog box that appears on-screen. From the command prompt (C>) type:
scanreg/restore

You’ll see a list of the last five Win98 Registry backup configurations and their associated dates. Select the most recent backup dated prior to the date your configuration changed, then move the cursor to Restore and press ENTER. This action automatically backs up your current system files, restores the Registry you specified, and restarts Win98 with the restored configuration. Win98, by the way, also automatically checks the integrity of the Registry at system startup. If it discovers a problem in the Registry, it first tries to fix it. But if the Registry is beyond repair, Win98 automatically restores the last good copy it has of the Registry.

Win95 only maintains one good backup copy of the Registry and stores it as System.da0 and User.da0. To restore your Registry with the backup copy, restart Win95 in the MS-DOS mode by clicking Shut Down from the Start menu, then selecting Restart In MS-DOS Mode from the dialog box. Next, make sure the C:\Windows directory displays at the command prompt (C>). If it doesn’t, type:
cd C:\Windows
Then, restore the Win95 Registry from the backup copy by typing the following commands and pressing ENTER after each entry:

attrib -h -r -s system.dat
attrib -h -r -s system.da0
copy system.da0 system.dat
attrib -h -r -s user.dat
attrib -h -r -s user.da0
copy user.da0 user.dat

(NOTE: The 0 in da0 is a zero, not the letter O.)

Restart your PC so the new Registry settings take effect. To make sure your system files remain hidden and protected after you complete the Registry restoration, click My Computer, select View, Folder Options, then click the View tab and the radio button labeled Do Not Show Hidden Or System Files.

In Windows 2000 to restore correct registry information, you should run the Restore Wizard from the Backup utility and follow its instructions. Use the previously created ERD if you cannot start and log on to Windows. Through the Backup utility, you can also schedule the registry backup at predetermined intervals.

Restoring a Deleted Registry:-
If the Registry has been deleted by accident or is corrupted in some manner, you may not be able to start Windows at all. Here's a possible solution:-

After it happens: Windows95 automatically makes backups of your registry files in USER.DA0 and SYSTEM.DA0. If, for some reason, the original files are corrupted, it automatically tries to use these backups. If this doesn't work, try to rename them manually with the REN command (you'll have to unhide them first). Lastly, there should be a file in the root directory of your boot drive (usually C:\), called SYSTEM.1ST - this is the original registry from when you first (or last) installed Windows95. Copy this file to your Windows directory, and rename it to SYSTEM.DAT. If neither the DA0 nor the 1ST files work, then thats it!

Importing and Exporting:-
Although you can edit the Registry with the Registry Editor, you can also make changes by using Registry patches. A Registry patch is a simple text file with the .REG extension that contains one or more keys or values. If you double-click on a .REG file, the patch is applied to the registry. This is a good way to share or back up small portions of the registry for use on your own computer, or someone else's, because it's much simpler and less dangerous than manually editing the Registry. You can create a Registry patch by opening the Registry Editor, selecting a branch, and choosing Export from the File menu. Then, specify a filename, and press OK. You can then view the Registry patch file by opening it in Notepad (right-click on it and select Edit). Again, just double-click on a Registry patch file (or use Import in the Registry Editor's File menu) to apply it to the registry. This is another method by which you can selectively ad/remove data from application that you don't wish to be saved as the final system backup prior to ShutDown.

Home Back Next