|
|
|
Register please!
Internet worms are increasingly targeting registry and users have now become aware of how to delete startup files using registry. Then there are problems associated with uninstalled programs which leave their marks deep in registry, slowing down the system considerably over a period of time.
Also, there are sometimes settings which one would like to alter in a program, but there are apparently no on-screen options. In all these conditions, the only way out is through better knowledge of Windows Registry. So let’s take a look at some free registry-related tools that allow various operations.
Let us start with a cleaning utility called RegClean (2.3million downloads over ZDNet). The tool checks for invalid entries — keys that contain erroneous values — and removes them for main registry files. Whatever is deleted can be merged back using the undo file created in the same folder with the name “Undo PC Name Date & Time.Reg”.
Another such tool is TweakNow RegCleaner, now a registry tool of another genre called RegMonNT. Unlike tools offering fixes, this one shows realtime registry activities so that the user knows exactly which processes are performing what operations on registry at a given time.
This information is useful in learning how Windows OS works and in tracking down malicious codes tampering with Windows Registry. The main interface shows Time, Process, Request type, Result and Other columns.
Since registry access is an ongoing activity, a lot of data is generated. To limit the resultant rows, use Options > History Depth. This results in only showing the specified number of recent entries shown in the interface. To find a particular piece of information, Options > Filter can be used, which allows inclusion or exclusion to be specified by strings separated by semi colons.
The Highlight option lets you monitor, say, a particular process through myriad of entries. Available options are reads, writes, errors, successes and open operations. Let’s take an example of how these filters can be helpful.
Say you want to know about some default paths accessed by OS. Go to Options > Filter and enter “QueryValue” in Highlight field. This results in highlighting all the activities where Request type is QueryValue in red.
Check Auto Scroll in the Options menu to ensure that recent values remain visible. You will notice that key “HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\MediaPath” was accessed by WINLOGON.EXE with the result code Success and Other column showing “D:\WINXPJAN\Media”.
Taking a closer look at this folder, one finds out that this is where the WAV files shown in Control Panel > Sounds and Audio Devices > Sounds tab > Sounds dropdown are placed. This means, to add to this list of default sounds available for Windows events (like log-on, log-off, errors etc), one can place additional WAV files here.
Exploring such stuff without a monitoring tool is a time-consuming task. Note here that the Filter command works on all the information available in the interface columns.
The next program is Windows Registry Guide — a help file which shows complete registry path and key values required to change default behaviour of Windows and its associated utilities. Categories available for tweaking are laid out in a tree control. Under Hardware node, one can learn how to change default icons of drives, disable the Win key, load balance multiple network adapters, increase USB polling interval and control aspects of RAM versus paged memory usage.
Under Networks node clients, servers, remote access and protocol properties can be altered. For instance, TCP/IP can be hardened against DoS attacks by taking control of dead-gateway detection, ICMP redirect messages, MTU discovery, keep-alive time among other settings.
Security node provides extensive configuration options like making hardware and other sensitive configuration buttons inaccessible in Windows Explorer. Control Panel along with disabling several menus and toolbars. Under Software node, IE, Media Player, MS Office and Outlook Express can be customised as well.
There is also a Windows node with 10 sub-nodes related to different sections and further nodes in some cases. Apart from registry, sections of configuration files such as Autoexec.bat, Boot.ini, Config.sys, Msdos.sys and System.ini are also explained.
Writer’s email is nizar.gmail.com
|
|
|
|
