Window Registry by David Hellen

Registry Editor !" # $% & Registry Editor

!' ' % () â&#x20AC;Śâ&#x20AC;Śâ&#x20AC;ŚMysteryzillion $ / 0' %1$ $# 2 $% 3 4 2" ' & 5 $% 0 5 6 / 7 $# 0 28 6 7 ' 73 $ 9 0 3 4 Registry ! : 0& .. ? : 0 20& ! 5 ... 7/ 6= &5 / / 2 6 2 !' > & 5 4 7/ 6= &5 Hardware &B Information 7F Network Information 7F User 7 &B wallpaper, Screen Saver 7 registry 2 > 3 4 Registry 7 2 > Windows 98/Me ! System.dat /&5 User.dat ! &5 Binary ) File $% U 9 F Windows NT/2000/XP ! 5 6 $ 0 5& Registry 7 Hives 0 5 #1 U 9 \Windows\System32\Config Folder 2 > 3 4 Registry 7$ #6 3 F $ #6 3 ! Start Run U 9 regedit 0 5 U 9 OK 4 Registry Editor 10 3 4 Registry Editor /&5 &$ 0 5 3 4 Win.ini 5 System.ini 50 Notepad, Text Editor 5/&5$ 0 5 :8 4 Registry b 7/ 6= &B 7 Setting 7 Regedit.exe 2" U 9 Windows Registry c Setting 0 $% 3 4 Registry d (f) 3 4 h4 HKEY-CLASSES-ROOT m4 HKEY-CURRENT-USER n4 HKEY-LOCAL-MACHINE o4 HKEY-USERS p4 HKEY-CURRENT-CONFIG f4 HKEY-DYN-DATA

+/- $ ' " 2 5

HKEY-CLASSES-ROOT

28 window 9x 2" $ t &5 Standard Class Objects 7 2 4 Class Object ! 6 t 8 Function 7 &B/ ' & 4 HKEY-CURRENT-USER 7/ 6= 0" >& 2" $ t28 7b 3 w t &5 User Perference(wallpaper,screen saver,etc.) /&5 3 #6 3 5 w t 2" $ t) 3 4 & 9 User 3 #6 9 2 > &5 Perference 7 HKEY-CURRENT-USER >& 2 > U 9 0 2" $ t / &5 User &B Personalized Setting 7 9 2 3 4 HKEY-LOCAL-MACHINE 28 # / User Setting 7/&5 0" 2 ! &5 System ! #6 0 7 2 > 3 4 28 7/ 6= &5 x' &B 7 F 0 2 6F $%t 0 2 6 2 > 3 4 HKEY-USERS 3 y 6 ) # Setting $% / 3 ! 0 2" $ t / &5 2 > $% 3 4 z - # {6 7/ 6= 8 &5 Monitor ) 0" > 3 {6 4 3 5 # 0 2" / ) 0" >& 0" F 9 # 0 2" / &5 Monitor /&5 2 &5 Values 7 2 > 3 4 HKEY-DYN-DATA 28 5 7/ 6= 0 $ / $ / 0 ) % 5 System Configuration 7 RAM 1 U 9 0 0 5 3 4 28b Boot 0 System Configuration 7 $ 0& Update 0 3 4 ( #6 4 4Regedit 3 Regedit 32 3 ! U 9 Windows 2000 /&5 XP ) 6 t 3 4 Regedition 2" / 60' $% 3 4 7 0' %7 &5 / 0' Regedit 32.exe > $ / !/ 5 Regedit & 2" 6 4 Windows XP HKEY-DYN-DATA 75 b :8 window registry (h) Windows Registry Windows &B Setting 7 6 6 }7/ 5b Control Pannel / ! 5

$ ! 3 4 b User 6 7 073 8 / 3 4 5 5 Windows b 285 7 > # ) &B $ ! ( 6 t Control Pannel /$ ! #7 5 $ t :8 4 37 $ ! &B 7 Windows O.S 7 &B$ ! ( 7 Registry /2 $ ! #7 5$ t 3 4 Windows O.S &B Registry ! O.S /&B &B Application, Hardware, Software, Device Driver & Network Portocol 7/&B 2 ! &B 2 #6 0 4 Registry >& d ( 7 5 -Device & Application 6 &B Setup Progarm 6 -User Profile 6 -NTLDR (Windows load &5 Progarm) -Device Driver -Hardware Profile -Application Progarms Registry ' ! " ) 6 t #7&) 3 4 (1) Logical Organization (2) Physical Organization (1) Logical Organization 285 5 Branch (5) # 3 4 &B 9 # High level key(or) Sub key(or) Main key 0 5 #1 3 4 28B 0' / > Sub key 7 U 9 5 !" ! 5 Value 7 3 4 Value 7 0' Value name 7 U 9 5 Assign 0 > &B Data & Data Type 7 3 4 &B 9 High level key(or) Sub key(or) Main key 7 5-HKEY_CURRENT_USER - 0 logon / &B user /&B2 ! &B #6 7 % $ 3 4 - 0 User &B #6 0 7 2 > 3 4 -HKEY_CLASSES_ROOT - Software ) 5 o Software 7 ' 2 5 %7&B ' > 2' % $ 3 4

- -HKEY_LOCAL_MACHINE Â&#x192; Sub key # $% 3 4 -HKEY_CURRENT_CONFIG - 0 Active $% / &B Hardware Configuration % $ 3 4 - o 2' -HKEY_LOCAL_MACHINE Â&#x192; Sub key ) # $% 2 Software & System Data 6 > )( % $ 3 4 -HKEY_USERS - 0 Logon / 2 User &B ID & Logon Screeen ' ! / 0 &B #6 0 7 $ 3 4 - User 0" &B Profile 7 2 3 4 - -HKEY_CURRENT_USER 2' -HKEY_USERS Â&#x192; Sub key # $% 2' 4 -HKEY_LOCAL_MACHINE - O.S / 0 2 Device 6 F Device Driver 6 /&B2 ! 2 Data 6 7/ 6= /&B2 ! 2 Data Configuration 6 $ 3 4 - 8'9 2 User 6 Logon / z 7 o &B #6 0 7 $ 4 ( > Sub Key # ' $# $% 5 Registry d Sub key ) # & $ 7B) 3 4 -HKEY_USERS -HKEY_CURRENT_USER , HKEY_LOCAL_MACHINE -HKEY_CURRENT_CONFIG & -HKEY_CLASSES_ROOT / 3 4) (2) Physical Organization Registry Hive 0 5 #1 &B % # >& 2 > 3 4 &B 7 5 1.Default 2.SAM 3.SECURITY 4.SOFTWARE 5.SYSTEM 5$% 3 4

-HKEY_LOCAL_MACHINE SAM SECURITY SOFTWARE [-HKEY_CLASSES_ROOT] , [-HKEY_CURRENT_CONFIG] SYSTEM [-HKEY_CURRENT_CONFIG] -HKEY_USERS Default [-HKEY_CURRENT_USER] 0 750 ! ( 5 }7/ 5b Logical & 2" $ tU 9 5 Physical 5 / 0' 3" ! ! $ 3 4 6 2 $% 5 5 }7/ 5b Registery ! Run / regedit U 9 #1 ' 3 4 28:3 / 3 F 285 #6 0 7 :3 2 > 3 ! 2 $ t :8 4 28 / &B 0 5 %System Root%\System32\Config >& / 3 4 %System Root% ! 5 System File 7 &B C:\Windows ! 0 4 0 6 $ 3 ! 5 Windows XP 7 C:\Windows\System32\Config >& 75) 3 4 Windows OS b Registry Automatic Backup 0 U 9 5 Backup File 7 %System%\Repair >& 2 > 3 4 & }7/ 5 Registry 2 U 94 / 0' U 9....... 285 !9 27 4 Start Menu> Run (Win+R) 27 F / U 9 Run dialog box 10 regedit 0 5 U 9 Enter # 0 Registry Editor 10 0 5 3 4 Registry Editor Dialogbox ! :3 % Nevigation Aera High level key(or) Sub key(or) Main key 0 5 #1 &B Registry &B d Branches # 75 $% U 9 5F ' % Topic Area 5 2 ! Registry Value Data 7 $ 2 3 5 Data Name, Data Type /&B Data 6 t 7 $ 2 $% 3 4 > $ $ > 20 Value # &B Data # % $ &B / Data type 6 t (f) 6 t / # # /&B % $ ) 3 4 &B 9 (f) 6 t 5 ........... 1.REG_BINARY Raw Binary Data, Hardware 2 7 7/ 6= binary $% 2 3 5F

Registery editor 6z $#"t / Hexa Decimal /&B$ 3 4 2.REG_DWORD 4 byte ' &B / Â&#x160;Â&#x2039;/ /&B2 F Device Driver 6 F Service ) 52 ! 2 / 52 #6 (parameter) 6 % $ 3 4 3.REG_EXPAND_SZ / (variable) 6 4.REG_MULTI_SZ multiple type, user 6 2 ) 2 Char ) 5 Â&#x160;Â&#x2039;/ 6 ) " F / 07 F /&B $# 7 4 5.REG_SZ 2 6 U 9 06 2 #6 2 Â? z / / # 4 6.REG_FULL_RESOCE_DESCRIPTOR Hardware # (Dirver # ) Resource List 2 !' / 9Â? > > 2 Nested Array # 4 ( 2" 6 &B data type 7 /9/&B $ > 3 4) Registry 050 &B / 2 ( 7$ t0 $% 0 5 > z9 7 //&B Windows &B Registry Backup 0 > #6 3 4 Registry b Windows &B z9 ) $% 5 " # 6 9 #6 tB37 27 #&B Windows &B > $ 2/ 3 4 & # Windows 2 5 0 &B Backup or Restore Wizard 2" $ tU 9 Registry backup & restore 0 .............. Start Menu> Run (Run >& ntbackup 0 5 >' ) Backup & Restore Wizard Dialogbox 60 0 5 3 ...... &B 9 Welcome Page 1 &B Advance Mode ! &B $ 2 ) 0 Backup Utility Box > 60 3 4 &B 9 >& Backup Tab 7 0 U 9 :3 : $# My Computer System State Checkbox / $# 0 $# U 9 !" Backup Media or File Name box Backup 0 3 5 % 2 3 5 / /&B % ' ) % 5 7 Browse ) 4 Save as Dialog box 60 &B # Backup % 2 0 &B / (Folder) 7 F ' U 9 5 Save 0 4 / U 9 5 Start Backup #0 ) 0 Backup Job Information Dialogbox

60 U 9 Start Backup > ) 0 4 Backup 0 U 9 27 &B # 5 "The Backup is complete" ! &B 2 10 $% U 9 5 Progress Box % 5 7 Close ) 4 U 9 Backup Utility Box > 4 ! Registry # 0" Backup 0 &B ! 5U 9 !" 27 U 94 Registry $ t$ (0 ! 5 )U 9 !" 27 0 5 /Â&#x160; $ / $% #6 3 ! 5 Backup 0 > &B File $ / U 9 Restore 0 3 4 Restore 0 #6 5 #Â&#x2039; Backup 0 > &B file double click ) 0 4 Backup & Restore Wizard Dialogbox 60 0 5 3 ...... &B 9 Welcome Page 1 &B Advance Mode ! &B $ 2 ) 0 Backup Utility Box > 60 3 4 &B 9 >& Restore and Menage Media Tab 7 0 4 ' % file $%/ 5#6> U 9 System State / $# > 75 4 Backup % 80 / & $ / U 9 Restore 0 50 5 Start Restore ) 4 80 U 9 2 %6 U 9 3 0 5 2 &B Warning Box 60 $% U 9 OK ) 0 Confirm Box 60 $% 3 4 ( $ / >8 3 / .............) Ok &> ) 0 4 Restore Progress Box > 60 U 9 Restore 0 0 5 3 4 U 9 27 5 "The restore is complete" ! &B / 10 close 2 ) 0 4 #6 tB setting 7b restart #6 $ ' " 50 5 Restart #6 0 0 5 &B dialog box 60 0 5 3 4 !" 5 Yes ) 0 4 Windows Restart 627 U 9 5 /Â&#x160; 80 ( $ ! #6 / $# / 6 t ) $ / 0' 27 0 5 3 4 $# $# 2 Registery Software 7 2" $ tU 9 Backup & Restroe 0 0 50' 3 4 z - CCleaner, Power, Blue 2' $% 5 5................... window registry (m) Windows Registry Manual $ t$ $# 9 #/ 9 > z9 7 $ t0 > 2 5 5 Registry Backup 0 &4 > % $ > &5/' /&B $% $% 3 w t &B /' /&B $% $% Registry Backup 0 $% 0 > 0 4 / # (short-cuts) 7 / 0' > 2 5 3 4 SUB KEY SHORT-CUTS HKEY_CURRENT_USER [- HKCU] HKEY_CLASSES_ROOT [- HKCR]

HKEY_CURRENT_CONFIG [- HKCC] HKEY_USERS [- HKU] HKEY_LOCAL_MACHINE [ - HKLM] (Registry $ ! &B / HKCU /&B$ 0 2" $ t / 2 User 3 2 0 6 6 t 2 U 9 HKLM /&B$ ! $# User 0" 6 t 2 3 4) Registry $ t$ 3 ! b 3 5 3 0 #6 &B 0 27 U 9 Value # >' F U 9 2 Value &B Data $ t$ ! 0 4 }7/ 5 > z9 !" Registry >& Value # 2 >' ' F 9 # 5 $ ' " $ 0 3 F / ! ( Short-cuts ) 7 & 2" 27 3 4 # >' 3 5 Registry Value &B 0 ! ( 5 TaskBar Properties 0 0 ) > &B Value # 4 > z9 7 Registry Editor %7 5U 9 5 HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\policies\Explorer 27 U 9 R-Click > 0 F &B 9 10 &B New / ! 5 >' #6 &B Data Type # 7 0 ( 9 / 5 DWORD Value 7 0 )4 &B ! ' % Topic Area >& DWORD Value 2 # 10 U 94 285 &B / ' 5 NoSetTaskbar 0 5 0 4( &B 9 / ' w 9 3 F / ' / Registry 0 0 :8 )4 # ! Value # U 94 &B 9 Value 2" # 7B) 3 4 &B 9> & Value Name (#Â&#x2039; }7/ 5 NoSetTaskbar 0 5 0 &B / ) /&B Data Type ( }7/ 5 New / 7 0 &B DWORD Value) 5 7 #63 &B 10 4 / !" &B Data 5 802 > &B (Default) 10 4 285 &B Default 2 ' (zero) $% 3 4 9 > 3 ! 5 Taskbar 1 ' 2' 6 t 2 ( b :8 4 9 5 Taskbar &B Properties 08 $ ) Data Default / % Zero / 1 $ 3 4 NoSetTaskbar R-Click ) 60 &B box >& Modify ) 0 Edit DWORD Value Dialogbox 0 10 3 4 &B 9>& Value Data zero / 1 $ 0 3 4 U 9 OK ) 4 Registry Editor &B' % Topic Area >& Data 1 $% 27 U 94 Computer Refresh(F5) 0 0 /&B Effect $% U 9 Taskbar R-Click ) 60 &B SubMenu >& Properties 7 0 Dialogbox 6 0 5:& Restrictions Box 2 10 $% 3 4

1 Value # >' % 5 7 }7/ 5b 0 ! 5 27 #&B 3 4 HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\policies\Explorer 3 0 5 6 0 27 &B / Sub Key ( > 7 Explorer) # 0 / Sub Key (Explorer) > Sub Key (policies) R-Click ) U 9 60 &B>& New &B Key ) 0 3 ! Sub Key 2 # 0 $% 3 4 &B 9 # 6 0 #6 2 / ' rename /&B $ / $ 0 5 3 4 Sub Key 7 Value 7 %6 #6 5 R-Click ) U 9 60 &B>& Delete ) U 9 %6 0 5 3 4 %6 &B # 5 2#6 %6 0 3 4 2 %6 w 9 &B Registry #6 0 7 6 / ) 3 4 Key # &B 2 ' 06 /0 5 / / >' 27 0" 7$% R-Click ) U 9 60 &B box >& Copy Key Name / ! 5 8 38) 3 4 #6 &B Key Name R-Click ) U 9 Paste #60 B 3 4 Registry 0' Bookmarks 3 4 w t 28 6 7 54 27 / 6F 0 / 6 0 2 > 0 5 3 4 # }7/ 5 CPU Name $ &B 0 0 2 > 4 HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\Cen tralProcessor\0 27 0 4 ' % Topic Area >& ProcessorNameString ! &B Data Name 75 4 &B b CPU Name $ 0&05 3 5 / # &4 9 / / # 073 80 0 5 }7/ 5 2 > #&B 3 4 Registry Editor &B File Menu Bar Favorite ) 0 4 &B 9>& Add to Favorite ) U 9 10 &B Dialogbox >& Favorite Name CPU Change Name 0 5 0 4 / 0" 80 / $ / > 0 4 &B 9 / (CPU Name Change ) 27 #6 Favorite &B !" 1 / &B CPU Name Change ! ) 0 /&B 0 6 $ / 7 27 $% 3 4 & # Registry $ ! % 5 7 }7/ $ 3 5 Short-cuts 0 7 ' > â&#x20AC;Śâ&#x20AC;Śâ&#x20AC;Śâ&#x20AC;Ś

PATH SHORT-CUTS (0 7 F 2" 6 &B0 7 ) HKCU\Software\Microsoft\Windows\CurrentVersion\ 1 0 5 3 4 HKLM\Software\Microsoft\Windows\CurrentVersion\ 2 0 5 3 4

HKLM\Software\Microsoft\Windows\CurrentVersion\pol icies\Explorer 2>P\E HKLM\Software\Microsoft\Windows\CurrentVersion\pol icies\System 2>P\S THE REGISTRY NAME DISPLAY NAME (Registry &B 2 Â&#x2019; ' 7 ) {20D04FE0-3AEA-1069-A2D8-08002B30309D} ! MY COMPUTER 4 {450D8FBA-AD25-11D0-98A8-0800361B1103} ! MY DOCUMENTS 4 {645FF040-5081-101B-9F08-00AA002F954E} ! RECYCLE BIN 4 Start Menu Function 6 manage 0 $# # 2#6 $ 3 4 / b 7 5 3 2 2 ' 4 073 8 3 4 > //&B }7/ 5 Run Command 4 Run / ! 5 : 0 0 0 5 0 5 54 0 5 1 (or) 2 >P\E 5 / â&#x20AC;Ś. 1 0 ! 5 Computer &B0 User 3 & 6 t 2 3 2 0 5 Computer &B User 0" 6 t 2 3 4 ( #6 tB Admin & Guess Account #7&> 0 5 )4 1 (or) 2 > P\E 27 U 9 Explorer R-Click > Value 2 # 38 Value &B Type DWORD Value, Name 6 5 NoRun 0 5 U 9 F Data Default 0 / 1 $ 0 4 / U 9 Refresh(F5) 0 0 &B Run 0 0 5 :8 4 (Run 6 27 5 b U 9F Registry 0 28 7 7 Run $ / #1% 5 Registry Editor Run / regedit /&B2 2" %8 28 7 #}7 $ / 27 3 4 z }7/ 54 /&B# {64 C:\Windows\regedit Registry Editor 2 3 4) 2 ' % 5 Items, Value Name, Data Type, Value, Path 7 > 3 4 ' F $ ' 4

Items [Value] [Name] [Data] [Type] [Value] [Path] Logon Name [ NoUserNameInStartMenu ] [ DWORD ] [0\1] [ 1-2>P\E] (Tasksbar Start ) 0 > 1 / &B / ' %6 4)

Document [ NoSMMyDocs DWORD ] [ 0\1 ] [ 1-2>P\E ] (Start Menu My Documents %6 4) My Picture [ NoSMMyPictures ] [ DWORD ] [ 0\1 ] [ 1-2>P\E ] (Start Menu My Pictures %6 4) Control Panel [ NoControlPanel ] [ DWORD ] [ 0\1 ] [ 1-2>P\E ] (Start Menu Control Panel %6 4) Recent Document [ NoRecentDocsMenu ] [ DWORD ] [ 0\1 ] [ 1-2>P\E ] (Start Menu Recent Document %6 4 }7/ 5 %6 3 4 " 08w 9 9 : 7% 0&! / 0 0 5 0 5 4 J ) Help [ NoSMHelp ] [ DWORD ] [ 0\1 ] [ 1-2>P\E ] Search [ NoFind DWORD ] [ 0\1 ] [ 1-2>P\E ] AllProgram [ NoStartMenuMorePrograms ] [ DWORD ] [ 0\1 ] [ 1-2>P\E ] ShutDownBox [ NoClose ] [ DWORD ] [ 0\1 ] [ 1-2>P\E ] C.P,Pr,N.C [ NoSetFolders ] [ DWORD ] [ 0\1 ] [ 1-2>P\E ] (C.P=ControlPanel,Pr=Printer,N.C=NetworkConnection ) (Value 7 1=Default, 0=Remove)

Display Properties manage 0 $# Items [ Value ] [ Name ] [ Data ] [ Type ] [ Value ] [ Path ] Theme & Appear; [ NoDispAppearancePage ] [ DWORD ] [ 0\1 ] [ 1-2>P\S ] ( 5 " 70 0 $ w t :8 ! 28 6 7 ) Desktop [ NoDispBackgroundPage ] [ DWORD ] [ 0\1 ] [ 1-2>P\S ] ( 5 " 70 0 $ w t :8 ! 28 6 7 ) ScreenSaver [ NoDispScrSavPage ] [ DWORD ] [ 0\1 ] [ 1-2>P\S ] ( 5 " 70 0 $ w t :8 ! 28 6 7 ) Setting [ NoDispSettingPage ] [ DWORD ] [ 0\1] [ 1-2>P\S ] __________________

window registry (n) Desktop 1 Function 6 $ t$ 3 Items [ Value Name ] [ Data Type ] [ Value ] [ Path ] NoR-Click [ NoViewContextMenu ] [ DWORD ] [ 0\1 ] [ 1-2>P\E ] (Desktop 1 R-Click ) 0 5 0 > ) TooTip [ ShowInfoTip ] [ DWORD ] [ 1\0 ] [ 1>P\Advanced ] ( }7/ 5 % # > 0 6 t F 7&/&B ! 7 $ 2 &B# / / : 0 %6 #6 ) (28 Default 1 {6F 0 !" 0' /' /' 7 3 ) - 9 # 5 Desktop &B Wall Paper 0 #6 &B / > &B/' F Display Properties >& 5 Positon Stretch, Center, Tile 2" 6 t & 3 5 ' % Icon 7/&B ( /0 5 #6 28 " 5 :3 % 2 $ 0 28 6 7 4 For â&#x20AC;&#x201C;X Wallpaperoriginx SZ from 0 to 1000 HKCU\Control Panel\Desktop (value 0 / 1000 7 w t 2 0 ) 3 4) For â&#x20AC;&#x201C;Y Wallpaperoriginy SZ from 0 to 800 HKCU\Control Panel\Desktop (value 0 / 800 7 w t 2 0 ) 3 4) 2 % 5# / (400 x 300) > U 9 2 ' 4 ' % 1 / 0 5 3 4 Desktop 1 My Computer &B Popup Menu $ ! 3 ( 9 / Default ! U 9 2 Value Name & 2" 4 Value 5 0 4 Path 0 7 ) 3 4 5 0 7 : 2 $%' 7 3 4) Items [ Value Name ] [ Data Type ] [ Value ] [ Path ] Manage [ NoManageMyComputerVerb ] [ DWORD ] [ 0\1 ] [ 1-2>P\E ] (Desktop 1 / &B My Computer R-Click ) 0 60 &BPopup Menu >& Manage $%t > % 5 4) NetWorkDirve [ NoNetConnectDisconnect ] [ DWORD ] [ 0\1 ] [ 1-2>P\E ] Properties [ NoPropertiesMyComputer ] [ DWORD ] [ 0\1 ] [ 1-2>P\E ] CMD [ Default ] [ SZ ] [ C:\Windows\System32\cmd.exe ]

[HKEY_CLASS_ROOT\CLISD\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\Shell\ CommandPrompt\Command] 90 5/' /' ' 3 4 Popup Menu >& cmd >' > 4 DeviceMgr [ Default ] [ SZ ] [ C:\Windows\System32\Devmgnt.exe ] [HKEY_CLASS_ROOT\CLISD\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\Shell\ Device Manager\Command] Device Manager >' > 4 }7/ 5>' > 3 4 # # 2 #6 F ' #6 073 8 3 4 Defreg [ Default ] [ SZ ] [ C:\Windows\System32\Dfrg.exe ] [HKEY_CLASS_ROOT\CLISD\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\Shell\Disk Menagement\Command] Defreg 0 &B Shortcut 4 Taskbar 1 Function 6 Manage 0 3 Items [ Value Name ] [ Data Type ] [ Value ] [ Path ] TaskPrties [ NoSetTaskbar ] [ DWORD ] [ 0\1 ] [ 1-2>P\E ] (TaskBar R-Click ) U 9 10 &B Popup Menu >& Taskbar and Start Menu Porperties Dialog Box 2" 0 5 > ) TootTip sLongDate SZ â&#x20AC;&#x153;0 2 &B B >' 0 2 2 >' 4 F0F # ) $ #6 :8 ! 5 / %6 U 9 >' â&#x20AC;? 1-2>P\E ( 5 Task Bar &B ' % 7/ !" &B Time > 0 $ &B ( /5F0 F# ) ) Tooltip $ 4) Windows Media Player Manage 0 3 Items [ Value Name ] [ Data Type ] [ Value ] [ Path ] [HKEY_CURRENT_USER\Software\Microsoft\MediaPlayer\P layer\RecentFileList] Delet 0 4 (Windows Media Player ' > &B Video File 7 / 0 ) 0 5) CloseDvd [ EnableDVDUI ] [ REG SZ ] [ Yes(or)No ] [HKEY_CURRENT_USER\Software\Microsoft\MediaPlayer\P layer\Settings] ( 5 Windows Media Player /&B DVD ' 0 5 > 4)

Logon Screen Manage 0 3 Items [ Value Name ] [ Data Type ] [ Value ] [ Path ] LogonTitle [ LegalNoticeCaption ] [ REG ]_[ SZ ] [ Eg. Warning Notic ] LogonText [ LegalNoticeText ] [ REG_SX ] [ Eg. Hacker Yathar, YaungSein & Princeakarit are very Dangerous For IT World. ] [HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\Cu rrentVersion\WinLogon] ( 5 Windows &B Logon Screen # 3 2 0 &B 2 % $ 4 2 0 > &B / 7 5) LogonText [ LogonPrompt ] [ REG_SZ ] [ EG. Sai Kyaw Swar Wai is Handsome Man. ] [HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\Cu rrentVersion\WinLogon] KeyBoard & Mouse Â&#x192; Function 6 Manage 0 $# Items [ Value Name ] [ Data Type ] [ Value ] [ Path ] NoWinKey [ NoWinKeys ] [ REG_DWORD ] [ 0\1 ] [ 1-2>P\E ] (Keyboard &B Windows Key (ctrl /&B alt &5#0 ) 2" $ t0 5 > 4 285 WinodwsKey+R ! Run Dialogbox 10 3 4) 0 6/ 0 $#"t 6/' 6 Items [ Value Name ] [ Data Type ] [ Value ] [ Path ] ChangeWinVersion [ Version ] [ REG_SZ ] [Eg. Winodws 8 ] [ 2>C ] (Windows 6 t $ 0&> 4) ChangeCPU [ ProcessNameString ] [ REG_SZ ] [ Eg. Core i7 ] [HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\Cen tralProcessor\0] ( 5 CPU 6 t $ > 4 My Computer R-Click > U 9 60 &B Properties &B System Properties F DirectX Diagnostic Tool Dialogbox 2 ) :8 4 $ > &B & 1 / 4 run /27 3 systeminfo 2 / 2 ) ) 2 > U 9 ! $# 0 5 0 5 4 >8 2$% 5 / 50 3 4 DisableAdd/Remove [ NoAddRemovePrograms ] [ REG_DWORD ] [ 0\1 ] [ 12>P\Uninstall ]

(Control Pannel >& &B Add or Remove Program 2" $ t0 5 0 > 4) Registry [ DisableRegistryTools ] [ DWORD ] [ 0\1 ] [ 1-2>P\S ] ( 9 # 5 / #/ (Script $% 5 $ t$ $# ) U 9 2 #6 3 4 Registry 0" 27 50 5 4) NoAutoRun [ Autorun ] [ REG_DWORD ] [ 0\1 ] [HKEY_LOCAL_MACHINE\SYSTEM\CurrnetControlSet\Servic es\CDRom] (CD\DVD Rom Auto Run ) > 4 2 5 2" 0 5:8 4 : 0 50&! autorun killer 7 1 / ) Flashy Virus 7 $% 1 2 " " 6 Items [ Value Name ] [ Data Type ] [ Value ] [ Path ] TaskManager [ DisableTaskMgr ] [ DWORD ] [ 0\1 ] [ 1-2>P\S ] (TaskManager %7 50 5 $ t0 $# F Background Process 7 $ 0 5) FolderOption [ NoFolderOptions ] [ DWORD ] [ 0\1 ] [ 1-2>P\E ] (Folder Option %6 > $# F Hidden File 7 0 5 0) Run [ NoRun ] [ DWORD ] [ 0\1 ] [ 1-2>P\E ] Registry [ DisableRegistryTools ] [ DWORD ] [ 0\1 ] [ 1-2>P\S ] ( 9 # 5 / #/ (Script $% 5 $ t$ $# ) U 9 2 #6 3 4 Registry 0" 27 50 5 4)

w 9 h4 Registry $ t$ 9 BackUp 0 > 4( 2 !& 0 5â&#x20AC;Śâ&#x20AC;Śâ&#x20AC;Śâ&#x20AC;Ś) m4 Registry $ t$ &B / 2 > 2 5 5 Path 1 /&B$ t$ 0 User 3 & 6 t 2 3 4 Path 2 /&B$ t$ 3 ! 5 User 0" 6 t 2 3 4 n4 Registry $ t$ U 9 27 &B # #6 tB Setting 7b Refresh 0 " /&B Effect 2 U 9 #6 tB Setting 7 5 Restart #6 2 Effect 2 ( 7 3 4 __________________

Windows Registry Script 6 U 9 $ t$ $# 9 #/ }7/ 5 Windows Registry Script U 9 $ t$ â&#x20AC;Ś.. Script 3 ! U 9 0' 0/ 5 27 /&BF / 0' U 9 2 08 7 0' 073 3 0 5 > /&B4 2 : / 0' 073 3 4 }7/ 5 Windows &B Operation System &B Command Propt (cmd) 2" U 9 $ t$ 27 $% 3 4 Script % 5 5 >" " Note Pad & 2" $ t 5{6 4 Script 9 2 2 5 0 7/&B 2 $ t2 5 0 7 > $ $ #6 3 4 Script 3 528b 0 &B Registry Setting #6 0 7 2 > 3 4 d //&B 5 Registry Editor >& 27 &B 0 ! 5 ! 5 54 / # 5 0 # &B !" &B Subkey Value Name, Data Type, Data 7 0' 2 / 3 4 /' 3 # #& ) 3 5 Script ) 27 Manual $ #6 5 :8 4 Script /&B$ ! $# b 073 8F $ / !/ 3 4 # Script >& 3 5 Parameter 7 $ $ 5 3 4 2 #6 0 7 54 1. @echo off 5 Script &B 2 &B 0" 4 }7/ 5 Win+R ) 0 Run Dialogbox 60 3 4 &B 9 >& cmd 0 5 >' 0 U 9 Enter # 0 Windows Command Prompt 10 3 4 &B 9 Cmd &B Dos Mode ! C:\Documents and Settings\Admin &B / w 9 1 / 0 5 3 4 }7/ 5 Script 7/&B 0 0 &B #6 / $ 0 /&B 0 0 0 5 @echo off ! >' 0 $# $% 5 > C:\Documents and Settings\Admin / 6 / 3 4 2. echo 5 % $ 0 2 Dos Mode Output($ ) $ 3 5 / &B B 2" 3 4 $ 20 &B / echo &B / : #6 U 9 3 4 z 4 Sai Kyaw Swar Wai is handsome boy. #6 3 ! 5â&#x20AC;Ś b9b echo Sai Kyaw Swar Wai is handsome boy.

5â&#x20AC;Śâ&#x20AC;Śâ&#x20AC;Ś.. 3. echo. echo / %8 5(.) 0 5 $# 0 4 / 7 ' 0 5 #6&0 &B 2 : &4 4. :_ Full Column & Under Score 2 Â&#x2019; ) # &B Keyword 5 Script # &B # ! 2 4 # z 3 5{6 4 5. color color ! 5 5{6 â&#x20AC;Śâ&#x20AC;Ś. Background Color /&B 0" Color 7 4 z //&B 0A ! B 0 / #" Background, / A 0" $ 4 3 0 5 6 0 & A 0" >& > 3 ! 5 Background b Default $% &B / & $% / 0 5 3 4 7/&B 2 0 5 keyword 7 2 #6 3 ! cmd >& color/? ! U 9 >' U 9 ' 0 5 ) 3 4 6. set val= 5 $ /' /' ( 3 4 0 /&B 5 / 0' 27 4 $ $ 3 ! user Input # 27 0 &B # &B 9 Input Val ! &B / # //&B 2 3 0 5 $ 4 Variable 6 t 6 t &B / String 6 t &$% 3 0 5 $ 4 9 / set ! &B keyword 2$% 3 5 val 5 w t 0 5 3 4 7. set /p val= > /' 8 &4 5 User Input # >' % 5 4 /p &B 7 2 > &B input b program 0 0 :8 4 val 5 4 8. if 5 / # 2 U 9 0 5 user input 27 0 &B # 2 > / : 0 F 2 > b : 0 ! if

/&B 3 4 2 5:8 {6 â&#x20AC;Ś. 0 ( 0$% 27 0 5 3 4 / 0' 2 &B08 7 % 5 54 / 0' &B28 7 % 5 5 ! 5 / â&#x20AC;Śâ&#x20AC;Ś.. (285 &B / /I 0 ( if /I ) ! Input A = a , w 9 w 9 F 2 2 0 0 3 F 2 : 5 73 7 :8 5{6 F MZ Â? /' (Â?8Â?8 ) 0 5) 9. cls 5 2/ 5 4 Screen ( / cls 2" 0 F / U 9 2 &4 10. pause 5 # # 0 U 9 0 5 / &B #6 / $ 2% 5 &B 0" &4 9 0" 0 >' 0 â&#x20AC;&#x153;Press any key to continueâ&#x20AC;? ! 10 0 5 3 4 11. goto 5 :3 27 0& #& 54 27 #6 &B # z #& 7 $ 3 4 #Â&#x2039; > > &B â&#x20AC;&#x153; :_ â&#x20AC;? # z #7& 27 &B0 4 12. call ! 5 #1 5 / 4 0 program / #6 ! > &B / Program # 0 #1 4 call Hide 1.cmd ! Hide 1.cmd ! B& % run 0 5 3 4 ( $# (call) &B x 7 5 2 F 5 5/&B ! 23 7 ) 3 4 ) 13. exit 0 program />7 3 0 5 $ 4 (MZ exiter /&B0" (0" ) 2 ! 4 $ & >7 / &B >7 b Mafia /&B >7 $% / 3 4 14. reg add 0 5 w 9 3 4 d 0' b 3 4 add ! 5 F >' 5 / 4 reg 7 >' &B # 2" 3 4 285 0' ! 5 &( 0 #7& ) Parameter 0 7F 2 #6 0 7 3 4 2" 6 /v, /ve, /t, /d, /f 5$% 3 4 /v - 5 Value # / ' #6 &B # 2" 3 4 reg add &B / : #6 U 9 3 4 / U 9 285 / & : #6 U 9 >' #6 &B reg &B Value >' 3 4

/ve - 5 Value Name User 4 &B Default & 2" 3 ! &B # 2" 3 4 /t - 5 Value &B Data Type $ 4 Data Type (p) 6 t >& :3 Data type 2" 3 ! /t #"U 9 $ 3 4 z - REG_DWORD $ 3 ! /t reg-dword ! U 9 /t / : #6 U 9 $ 3 4 /t ! &B 2 0 :8 ! 5 285 &B Default Data Type $% B& REG_SZ 0 5 & 2 27 $% 3 4 /d - 5 DATA $ 4 >" " 285 / : #6 U 9 3 4 /f - 5 data # >' &$% $% F %6 &$% $% $ t0 &B # 3# 2 > &B / % # # / 0 5 3 4 &B 9 / % %6 0 0 5 program user $ / 3 4 /f >' > 5 /&B / %6 0 0 5 $ &4 15. reg delete 3 4 %6 5 reg %6 4 reg add # # >' 3 ! Value name /v, Data type /t, /d 5 $% />' reg / % >' 0 5 4 reg delete 5 /v # %6 /&B 0" 0 3 4 / % %6 0 0 5 #6 5 0 ' /f >' 0 4 ! &â&#x20AC;Śâ&#x20AC;Śâ&#x20AC;Śâ&#x20AC;Śâ&#x20AC;Śâ&#x20AC;Śâ&#x20AC;Ś. 7 0" b Script 3 5 Parameter 0 7 &4 # 20 F 0' 073 8 :8 4 7% U 9 5 : / 0& 2 z9 3 > :8 4 2" 0 & 2 4 # 2 $ t : w 8'9 3 4 b Script 0 0 :8 4 }7/ 5 Script (Program) # # Program # /&B 2 0 5 /' 3 $ $ #6 3 4 Program # Input , Process , Output ! U 9 2" 6 t 3 4 Input = User >' Process = 7/ 6= 0 ! Output = 0 ! #6 7 $ 2 92" 6 t 06z 2 5 z 3 4 U 9 # ' 54 0 0 27 &B /' 0 7 5 92" 6 t 0' &4 R 5{6 â&#x20AC;Ś.. Input ------------Ă Process -------------Ă Output 92 : 5 3 4 3 - 0 3 - $% 27 3 4

Output-----------Ă Input----------Ă Process------------Ă Output 5 $% ) 7 #6$ 3 4 User 7 #63 #7 5 3 4 User 7 #63 0 &B (Input) 7/ 6= 0 0 3 4 $ ! &B $% 27 3 4 9 5 3 3 5 Script :3 0 0 27 0&F $ / 5 & >' 7>' F %6 7 %6 0 4 2' $% 5 Script # w !7&> 2 5 3 4 Psuedo Code & Flow Chart 7 5 !7& /&B4 7 !7&#6 3 ! 5 9 % 0 4 ( b $ 0 )4 & U 9 0 ' 0 {6 â&#x20AC;Śâ&#x20AC;Śâ&#x20AC;Śâ&#x20AC;Ś. > z9 !" //&B Run Command %6 ' 3 4 # ' $ ! %6 :8 {6 4 ' U 9 %6 54 2 7 Note Pad >& 8 >' 0 4 @echo off color 0a :-main echo. echo. set /p val= Do you want to hide Run Dialogbox(y/n)? if /I "%val%"=="y" goto -Hide if /I "%val%"=="n" goto -Quit goto:-main :-Hide echo. echo. reg add hkcu\software\microsoft\windows\currentversion\pol icies\explorer /v NoRun /t reg_dword /d 1 echo. echo. pause exit

:-Quit exit 0 8 U 9 notepad >&>' F / U 9 w t &B/ ' U 9 .cmd /&B2 0 4 z norun.cmd 54 2 0 &B % 0 ' 0 27 " 0 /&B 1 /0 5 3 4 0 ) #6 ) 0 Do you want to hide Run Dialogbox(y/n)? ! 0 10 0 5 3 4 / / #" 1 / /&B4 Run #6 3 ! y 0 5 0 U 9 Enter # 0 4 ! 5 The operation completed successfully Press any key to continueâ&#x20AC;Ś ! 10 U 9 9 # # ) 0 /&B cmd 0& 0 0 6 27 0 5 3 4 n ) U 9 Enter # 0 3 ! 5 # ' cmd 27 $% 3 4 y , n b &B $# 0" # # >' 3 ! 5 &B 9 2 2 > 0&0& 1 / $% 3 4 __________________ Script 2 #6 & 08 7 7 & Script 7 $ 3 Script b 3 2 2 & Script 38 U 9 & 9 Script >& Command or Code 7 : : 0 ! U 9 2 & 28 3 3 b U 9 #6 #6 3 {6 4 z 1/ @echo off 2/ color 0a

3/ :-main 4/ echo. 5/ echo. 6/ set/p val = Do you want to hide Run Dialogbox (y/n)? 7/ if/I"%val%"=="y" goto -Hide 8/ if/I"%val%"=="y" goto -Quit 9/ goto :-main 10/ :-Hide 11/ echo. 12/ echo. 13/ reg add hkcu\software\microsoft\windows\currentversion\pol icies\ explorer /v Norun /t reg_dword /d 1 14/ echo. 15/ echo. 16/ pause 17/ exit 18/ :-Quit 19/ exit ---End ---0 (h) - "@echo off" Program $% 3 4 9 0 " Display Window ( >7 ( 7$% / 3 4 9 0" & 7 3 $ #6 0 0 $ 4 0 (m) - "color 0A" 0 BB > Program #" / F 0 " 2" 3 0 B $ 4 0 / (n) - ":-main" 0 B > 3 4 Program 073 8 / Subprogram

7#7&U 9 0 3 4 9Program Input | Process /&B Output | Program % B | (n) #7&U 9 3 0 B z > 3 4 0 (n) b Program # $% 3 4 28B main 0 B ' > 3 0 B $ 4 w t / ' 0 B 3 4 0 (o)(p) - "echo." ! 6z 07 (m) $# U 9 1 #6 0 B 2" > 4 0 (f)(Â&#x;)(Â ) - Input 4 User !9 Input 3 F & 9 Input val ! & / /&B % 38 3 4 User >' 3 Input b "y" or "n" &$% 3 0 B $ 4 Input b "y" ( 2 2 w 9 w 9 ) Hide ! & subprogram 27 3 0 B 0 (Â&#x;) $ 4Input b "n" ( 2 2 w 9 w 9 ) Quit ! & subprogram 27 3 0 B 0 (Â ) $ 4 0 (ÂĄ) - User 27 0 & Input b "y" 0' b F "n" 0' b 80 #7/ & $ / 1 subprogram main $ / 27 % B $ 4 0 (h ) - Subprogram Hide $% 3 0 5 $ 4 0 (hh)(hm) - 6z 07 m 0 (hn) - Process 4 User Hide 0 #6 3 0 B $ & 7 Run Box 0 User $ 0 & Registry Setting 7 Registry > >' 4 0 (ho)(hp) - 6z 07 m 0 (hf) - Program />7 % B w t #0 # # ) 0 B Output > >' > 4 90 >' 0' 3 4 >' Program #6 #6 27 $% 3 4 0 (hÂ&#x;) - Program % B > 4 0 (hÂ ) - Subprogram Quit $% 3 0 B $ 4

0 (hยก) - User "n" 7 0 0 B 0 0 :& Program / % B >' > 4 9 Script Program :3 0 20&! U 9> 3 4 ------------------------------------------------------------------------ >8 #}7/ &B Introduction to WINDOWS REGISTRY ! & >& 4 ------------------------------------------------------------------------Ref -mysteryzillion mysteryzillion