Microsoft Windows Registry Guide, Second Edition

Editing the Registry Safely

It's easy to forget about backing up values before making what seem to be simple changes. But how do you know that a simple change isn't going to be the one that causes a major error? You don't—so you should back up values before changing or deleting them. There are both easy and difficult ways to do this; I'm going to show you the easy ways.

You'll learn three techniques in this section. The first is making backup copies of values, which you can quickly restore in the registry. Backups also document the changes you make. The second is exporting the part of the registry in which you're working to a REG file. I don't like this method for reasons that I'll explain later, but a REG file has the advantage of being readable, and this is the method that most people use. The third method, and my first choice when making significant changes, is exporting branches to hive files. This method is the most accurate way to back up and restore parts of the registry. Using any of these methods, you'll be able to recover from most pitfalls.

TIP

If these techniques fail, or if you're planning on major changes to the registry, move on to the techniques described later in this chapter. System Restore can get you out of trouble most of the time; it fails only when Windows XP no longer even starts properly. (System Restore is only available in Windows XP.) In that case, you're left with Automated System Recovery and Recovery Console, which are tools you learn about in Chapter 9, “Troubleshooting Problems.” But first try starting Windows XP in Safe Mode and then running System Restore. Do you find yourself making the same changes over and over again? I tend to customize the same settings every time I install Windows or every time I log on to a computer and get a new user profile. You don't have to worry about backing up the values you're changing if you write a script to change them automatically. Test the script carefully so you can apply it with assurance that it works properly. Chapter 11, “Scripting Registry Changes,” shows you how to write these scripts. Test them again every time you change them, too.

Copying Single Values

The easiest way to leave a way out if things go wrong is to make backup copies of values before changing them.

Here's how to do it: rename the original value to something like Initials_Name, where Initials is your initials, and Name is the value's original name. Add a date if you think you're going to change the value often. Then use the original name and type to add a new value with new data. Alternatively, use a new name to create a new value of the same type as that of the value you're changing. Copy the original value's data to the Clipboard, and then paste it into the new value. You're ready to change the value, and if you don't like the result, you can restore the original value with little effort. Figure 3-1 shows backup settings in the key HKCU\Control Panel\Desktop.

Figure 3-1 Backing up values in the registry is like having a built-in revision-tracking feature.

Likewise, instead of deleting a value, which you can recover only by memory because Registry Editor (Regedit) does not have an Undo feature, you can rename the value to hide it from any program that's looking for it. The effect is the same, and you can always restore the value by restoring its name. Although you can't easily back up entire branches before changing settings in them, you can hide entire branches to make it seem like they no longer exist. This is a safe way to remove a program's settings from the registry so that the program might be able to re-create them, for example. This is your Undo feature.

Printing portions of the registry isn't an alternative to creating backups of them. You would have to restore each and every value manually from the information on the printout, and the format isn't easily readable. If you want just a quick snapshot of a value before you change it, take a screen shot instead: press ALT+PRTSCN, and then paste the screenshot into Microsoft Paint. Print or save your screenshot for future reference.

Backing Up to REG Files

If you'd rather have a more tangible backup, one with which you can restore an entire branch, export that branch to a REG file. In Regedit, click the top-level key in the branch you're editing. Then, on the File menu, click Export, type the name of the REG file to which you want to export the branch's settings, and then click Save. Your settings are safely saved, and you can edit that branch knowing that restoring the original values will be easy. Don't export the entire registry—this takes a very long time. Back up only the branch in which you're working.

Restoring your backup REG file is easy, too. On Regedit's File menu, click Import; type the name of the REG file that contains your settings; and then click Open. You can also double-click the file to import it. I mentioned earlier that I don't like using REG files to back up settings. This is because when you import a REG file, Regedit merges the REG file's settings into the registry rather than replacing them. That means that Regedit replaces or creates any value that the REG file contains, but values that the REG file doesn't contain aren't removed from the registry. This creates a problem if you add values to the registry while editing it, because importing the REG file doesn't remove them. See Table 3-1 for a summary of the merge process.

Table 3-1 Merging REG Files

Value Exists in REG File?

Value Exists in Registry?

Action

No

No

None.

No

Yes

Regedit doesn't remove or change the value in the registry.

Yes

No

Regedit adds the value.

Yes

Yes

Regedit changes the value.

NOTE

Most of the techniques you'll learn about in this chapter work remotely, too. You can back up and restore keys for other users. If your computer fails while logging on to Windows, you can access the computer over the network and restore that computer's settings using Regedit. On the File menu, click Connect Network Registry, and type the name of the computer containing the registry you want to open. Not only can you edit the remote computer's registry, but you can also export hive files from it and import hive files into it.

Backing Up to Hive Files

Hive files are better than REG files are for backing up the registry. When you import a hive file containing a key, Regedit completely replaces the current key and all of its subkeys with the contents of the hive file. That means that Regedit removes any value you added since backing up the registry to a hive file. This is a far more accurate way to back up branches before editing them.

Exporting branches to hive files is similar to exporting them to REG files; you just pick a different file type. On Regedit's File menu, click Export. In the Save As Type list, click Registry Hive Files, type the name of the new hive file, and then click Save. Reverse the process to restore your settings: click File, Import; in the Save As Type list, click Registry Hive Files; type the name of the hive file to which you backed up your settings; and then click Open. You can use any file extension you like, but I prefer to give hive files the .dat extension. The .hiv extension is also common for hive files.

Don't confuse exporting and importing hive files with loading and unloading them. When you import a hive file, you're making changes to working parts of the registry. When you load a hive file, you're creating a whole new branch that Windows doesn't use. It doesn't read or change those settings, but they're visible in Regedit, so you can examine them. Unloading the hive file just unlinks the file from the registry. You can unload only hive files you've manually loaded, not hive files Windows loaded.

Whereas importing a hive file is a great way to restore an entire branch, loading a hive file is a good method of restoring settings precisely or just checking an original value. First load the file into the registry: click either HKLM or HKU in Regedit; on the File menu, click Load; type the name of the hive file that contains your settings; and then click Open. When Regedit prompts you for a key name, type any name that will help you identify the hive. You'll then see that hive file under the root key into which you loaded it. Figure 3-2 is an example of loading a hive file that contains a backup copy of the key HKU\Control Panel\Desktop. Examine the setting in the hive file you loaded, or even copy the backup setting, and then paste it over the current value. Don't forget to unload the hive, or you won't be able to remove the file later (Windows doesn't automatically unload hive files when you quit Regedit).

Figure 3-2 The key Backup Desktop Settings is a hive containing a backup copy of HKCU\Control Panel\Desktop\ that I've loaded into the registry.

Now that you will hopefully use hive files to back up settings before changing them, I'm going to introduce you to the ultimate way to back up registry settings: console registry tool for Windows (Reg.exe). This command-line tool comes with Windows and provides most of Regedit's features, plus some other features. You learn its full use in Chapter 11, “Scripting Registry Changes.” You can use it to save keys to hive files. You can also use it to restore, load, and unload hive files. With Reg.exe, saving a hive file is the same as exporting, and restoring a hive file is the same as importing. The best part is one of the tool's unique features: the ability to copy one key to another key, creating a quick backup copy of a key right there in the registry. For example, I can copy HKCU\Control Panel\Desktop\ to HKCU\Control Panel\JH_Backup\ with a single command. Table 3-2 describes the Reg.exe command lines for each of these features. See Chapter 11 for a full explanation of all the different options.

Table 3-2 Backing Up the Registry with Reg.exe

Command Line

Description

REG SAVE keyname filename

Save the branch starting with the key keyname to the hive file called filename. Keyname begins with one of the root key abbreviations, HKCR, HKCU, HKU, or HKCC.

REGRESTORE keyname filename

Restore the hive file filename to the key keyname, replacing all of its contents. Keyname begins with one of the root key abbreviations, HKCR, HKLM, HKCU, HKU, or HKCC.

REGLOAD keyname filename

Load the hive file filename to a new temporary branch beginning with the key keyname. Keyname begins with one of the root key abbreviations, HKCR, HKLM, HKCU, HKU, or HKCC.

REG UNLOAD keyname

Unload the hive file in the temporary branch beginning with the key keyname. Keyname begins with one of the root key abbreviations, HKCR, HKLM, HKCU, HKU, or HKCC.

REGCOPY keyname1 keyname2 [/s]

Copy the values in the key keyname1 to the key keyname2, creating keyname2 if it doesn't already exist. Keyname1 and keyname2 begin with one of the root key abbreviations, HKCR, HKLM, HKCU, HKU, or HKCC. The option /s copies the entire branch, not just the values in keyname1.

Категории