|
Become Familiar with the Windows Registry
By Stephen Bucaro
If you plan to maintain your own computer, you will need to become familiar with the
Windows Registry. For example, if your computer stops while loading Windows and
displays the mesage "Cannot find device", you will need to remove the reference to
that device from the Registry.
Before you make any changes to the Registry, be sure to back it up. This can be done
by making a copy of the files system.dat, user.dat (and classes.dat in Windows Me) in
the Windows folder. Note: First make sure Windows Explorer is configure to show
hidden and system files.
To open the Registry Editor select Start | Run, type in regedit, then click on
the OK button. The Registry Editor is a two-pane window. "Keys" are listed in
the left pane. "Values" are listed in the right pane. There are six top-level keys:
HKEY_CLASSES_ROOT
HKEY_CURRENT_USER
HKEY_LOCAL_MACHINE
HKEY_USERS
HKEY_CURRENT_CONFIG
HKEY_DYN_DATA
One important use of the Registry Editor is to see what programs are run every time
Windows starts.
Click the + sign in front of the HKEY_LOCAL_MACHINE key. This will open up the key
and display a list of sub-keys. Open the "Software" subkey. This is the key under
which software vendors should install their products. In the list of Software keys,
open the subkey Microsoft\Windows\CurrentVersion\Run.
When you open the "Run" key, it will display a list of values in the right pane of
Registry Editor. If you right-click on the Run key a popup menu will appear. Select
"New" in the menu. In the "New" menu you will see that a keys value can have one of
three different types:
String Value
Binary Value
DWORD Value
 A string contains letters and numbers, for example a directory path is a string.
A binary value is a number in hexadecimal (base 16) format. for example A0F7.
A DWORD (double-word) value is a four byte value containing two hexadecimal digits.
Note: Every key has one and only one value that is named "Default". A key may have
any number of other named values, but you cannot delete the one named Default.
For example, under the Run key on my computer, I have entries for eight programs.
Most of them are legitimate, such as Norton Auto-Protect, PWSTray, and SystemTray.
But I also have one named WebHancer Agent. This sounds like a possible spyware
program, so I will delete this entry.
Before you delete a key, you may want to write down the name of the key, and the
names and values it contains. Then right-click on the keys name in the right pane of
Registry Editor and select "Delete" in the popup menu. Then restart your computer.
Other Registry keys that start programs are:
HKEY_LOCAL_MACHINE
\Software\Microsoft\Windows\CurrentVersion
\RunServices
HKEY_CURRENT_USER
\Software\Microsoft\Windows\CurrentVersion\Run
Another important use of the Registry Editor is if your computer stops while loading
Windows and displays the message "Cannot find device". For example, every time I
start my computer, I receive the message: "Cannot find device during startup dfs.vxd".
I need to search the registry for the entry that is calling for this file.
To search a key, right-click on the key in the left pane and select "Find..." in the
popup menu. In the "Find" dialog box which appears, enter the name or value that you
want to find.
If Registry Editor finds an entry, right-click on the key and select "Delete" in the popup
menu. Then click on the "Yes" button in the "Confirm Delete" dialog box which appears.
There may be several entries in the registry that reference a device, so search
repeatedly until you have removed all references to the value that you want to remove.
Then close the Registry Editor and restart the computer.
Many times, the only option for fixing a Windows error is to work with the Registry.
If you plan to maintain your own computer, you should become comfortable working with
the Windows Registry.
| 
Free Downloads
RSS Feed