WINDOWS REGISTRY (Lesson 3 & 4)

The Windows Registry Editor is the tool that enables you to make changes to your system registry, which stores information about how the hardware and software on your computer runs. Generally, you will not and should not edit your system registry unless it is absolutely necessary. Most changes are made to the registry without your knowing they are happening. For example, installing a new application or adding a new printer to your system will update the registry. If there is an error in your registry, your computer may become unstable or nonfunctional. With a good backup, you can restore the registry to its state before any changes were made.

To access the system registry, click Start > Run, type Regedit and press the Enter key. This will open the Registry Editor.

Inside the Registry Editor – There are 5 Keys on the left side of the screen

Hkey_Classes_Root - This key displays information about OLE and associated mappings to support drag-and-drop operations.

Hkey_Current_User - This points to a branch of Hkey_Users for the currently logged on user.

Hkey_Local_Machine - This contains computer specific information including installed hardware and software. This is the one I tend to spend the most time in.

Hkey_Users - This contains information about users that have logged on to the computer

Hkey_Current_Config - This key points to a branch of Hkey_Local_Machine \ Config and has information such as display fonts and printers.

TIPS- All these tricks listed below are for Windows 95 many of them work with XP also, but make sure of one thing….before changing, deleting or creating any value…or to be on a safer side before TOUCHING the registry make sure that you have taken a back up (Go to File > Export for back up) of the registry. One wrong step can crash your system.

CAUTION: The backup that will be created will be a .REG file and is executable. Therefore double-clicking it will replace your current registry with the registry contained in the .REG file. This can be extremely dangerous. Be certain this is what you really want to do.

- Changing the Location of Special Folders

You can modify the registry to change the location of special folders like:

  • My Documents
  • Favorites
  • My Pictures
  • Personal
  1. Start Regedit
  2. Go to HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
  3. Double click on any locations you want to change and alter the path
  4. Logoff or restart for the changes to go into effect

Eliminating the Right Click on the Taskbar

To eliminate the right click on the taskbar:

  1. Start Regedit
  2. Go to HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer
  3. Add a DWORD and give it a name of NoTrayContextMenu
  4. Give it a value of 1
  5. Reboot

Eliminating the Right Click on the Desktop

To eliminate the right click on the desktop:

  1. Start Regedit
  2. Go to HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer
  3. Add a DWORD and give it a name of NoViewContextMenu
  4. Give it a value of 1
  5. Reboot

These are only three tricks…..there are many more available on net…..the idea here is not to teach you how to disable right click or how to change the color, fonts, looks, etc…..The basic reason why we post this chapter is to teach that if registry is the place where all the information is stored then why cant we brake passwords from here???

E.g. I install a software on my system to guard some folders which contain material which I want to hide. In order to access the folder I have to input a password, and if it is right only then I can see the content of the folder.

From this example it is clear that the password is stored somewhere in the system from where the software compares the value which I enter in the password field.

For this example as well as for every other software which asks for password to access the system features including the windows login password, all these values are stored in windows registry. Whenever the user enters a password, it is compared with the value stored in the system registry, and if it is found correct only then the user is allowed to access the feature.

In Windows registry we can search for specific items, keys, values or software’s using the search function in edit menu. But there is one problem the password is not stored in its original form, it is converted to some other format so that no one can recognize it. E.g.; If I set the password as “hacking” it is stored as “6167453291” or may be some other form depending upon the software.

In such cases what we can do is reset the password i.e. delete the value (whatever it is). Once the value is deleted there is no password and our purpose is solved.

Posted by $

2 comments:

Rabimba said...

You can't do these things. They are not that easy.
take windows login password for example.
Just tell me can you remove it by just accessing the registry? without using any command promt or something like that.
CAN U EVEN ACCESS THAT KEY?

16 May, 2007
$ said...

I can remove it without even starting windows...... dear!! if u think that hacking windows password is difficult....then there is much to learn.........

16 May, 2007

Post a Comment

Subscribe to: Post Comments (Atom)