Registry Editing

How to Use the Registry Editor in Vista and other Techniques

warning   Warning
Misuse of the registry can lead to problems resulting in the need to reinstall Vista. Unlike many other programs, there is no 'Undo' function in the registry. Any changes made take effect immediately and cannot be undone except by the same method. Proceed with caution.

information   Information
The posts that I shall be referring to are E-mail Fonts and word 2007 send to buttton greyed out. I have chosen these because the first can be edited by a standard user (as well as a user with administrative credentials) whereas the second example can only be edited by a user with administrative credentials (or an administrator). I have also included a 3rd example, this time 'Typical Values' for illustration purposes.


Method 1 Registry Editor

To invoke the registry editor, click the start orb and type 'regedit' into the search box. If you need to use the program with administrative privileges, right click on the program and supply the necessary credentials, otherwise press enter/return. The program will appear as shown below (note that this is condensed for the Tutorial).

Capture1.JPG

The next two images show the registry editor opened at the appropriate location for each of the examples.

Example 1 E-mail Fonts
Capture101.JPG

Example 2 word 2007 send to button greyed out
Capture102.JPG

The following sequence shows how to create and modify keys and data using the registry editor. For this example, I am going to firstly create a new key under 'HKEY_CURRENT_USER' (HKCU). Open the registry editor by following the above instructions and right click on HKCU. Highlight 'New' on the menu that appears and then click on 'Key' in the subsequent menu.

Capture103.JPG

The result is shown below. Note that you can rename this key just as you would any other file/folder, but for this Tutorial I am leaving the names to their defaults.

Capture1031.JPG

Repeat the above, this time right click on the new key that has been created. Again, highlight 'New' in the menu that appears and then click on the required data type in the subsequent menu. Note that you could also click on 'Key', and this would create a sub-key under the original one.

Capture1032.JPG

The image below shows the registry editor after creating a default entry for the first type of data.

Capture1033.JPG

This image shows default entries for all file types.

Capture1034.JPG

The following code shows the above image as a '.reg' file.

Code:
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\New Key #1]
"New Value #1"=""
"New Value #2"=hex:
"New Value #3"=dword:00000000
"New Value #4"=hex(b):00,00,00,00,00,00,00,00
"New Value #5"=hex(7):00,00
"New Value #6"=hex(2):00,0

Again, this shows the above image in a different form, this time illustrating the 'reg query' command.

Code:
Microsoft Windows [Version 6.0.6001]
Copyright (c) 2006 Microsoft Corporation.  All rights reserved.
C:\Users\Dwarf>reg query "HKCU\New Key #1"
HKEY_CURRENT_USER\New Key #1
    New Value #1    REG_SZ
    New Value #2    REG_BINARY
    New Value #3    REG_DWORD    0x0
    New Value #4    REG_NONE    0000000000000000
    New Value #5    REG_MULTI_SZ
    New Value #1    REG_EXPAND_SZ
C:\Users\Dwarf>

This table shows the types of data that are supported in the registry.

Capture1035.JPG
(Image taken from pg 1051 of 'Windows Vista In Depth', published by Que).

The following images illustrate the sequence when modifying data in the registry. In the right hand panel, right click the appropriate name (in this case 'New Value #1') and select 'Modify...'.

Capture1036.JPG

In the dialogue box that appears, enter the appropriate data. Note that some dialogue boxes are slightly different, but the same principal applies.

Capture1037.JPG

Click 'OK', and the following image shows the result of this change.

Capture1038.JPG

Example 3 Typical Values
Capture1039.JPG



Method 2 Registry Files (.reg suffix)

Example 1 E-mail Fonts

Code:
Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows Mail\Mail]

"Font Size"=dword:00000009
"Font Name"="Arial"

Code:
Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows Mail\Mail]

"Font Size"=dword:0000000c
"Font Name"="Batang"
Example 2 word 2007 send to button greyed out
Code:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Messaging Subsystem]
"MAPI"="1"
"CMC"="1"
"CMCDLLNAME"="Mapi.dll"
"CMCDLLNAME32"="Mapi32.dll"
"MAPIX"="1"
"MAPIXVER"="1.0.0.1"
"OLEMessaging"="1"
Example 3 Typical Values
Code:
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\New Key #1]
"New Value #1"="Example Data"
"New Value #2"=hex:fe,dc,ba,98,76,54,32,10
"New Value #3"=dword:fdb97531
"New Value #4"=hex(b):10,32,54,76,98,ba,dc,fe
"New Value #5"=hex(7):54,00,68,00,69,00,73,00,20,00,69,00,73,00,20,00,61,00,20,\
  00,66,00,75,00,72,00,74,00,68,00,65,00,72,00,20,00,65,00,78,00,61,00,6d,00,\
  70,00,6c,00,65,00,00,00,6f,00,66,00,20,00,6d,00,6f,00,72,00,65,00,20,00,64,\
  00,61,00,74,00,61,00,00,00,00,00
"New Value #6"=hex(2):25,00,54,00,65,00,6d,00,70,00,25,00,00,00

To create these files, use 'Notepad'. The file MUST be structured as shown in the examples. Give the file a meaningful name and save it with a '.reg' suffix. I suggest that you save these files in the 'Public Documents' folder. To enter the data in the file into the registry, simply click on it. Note that you might need to be using an account with administrative privileges (the right click, 'Run as administrator' option DOES NOT work with '.reg' files).



Method 3 Batch Files (.bat suffix)

I shall include command-line instructions here, since a batch file is basically a sequence of command-line instructions arranged so that they are executed one after another. To invoke the editor, click on the start orb and type 'cmd' into the search box and press enter/return.
The basic command you will use here is 'REG ADD', and the code below illustrates the syntax of this command.

Code:
Microsoft Windows [Version 6.0.6001]
Copyright (c) 2006 Microsoft Corporation.  All rights reserved.
C:\Users\Dwarf>reg add /?
REG ADD KeyName [/v ValueName | /ve] [/t Type] [/s Separator] [/d Data] [/f]
  KeyName  [\\Machine\]FullKey
           Machine  Name of remote machine - omitting defaults to the
                    current machine. Only HKLM and HKU are available on remote
                    machines.
           FullKey  ROOTKEY\SubKey
           ROOTKEY  [ HKLM | HKCU | HKCR | HKU | HKCC ]
           SubKey   The full name of a registry key under the selected ROOTKEY.
  /v       The value name, under the selected Key, to add.
  /ve      adds an empty value name (Default) for the key.
  /t       RegKey data types
           [ REG_SZ    | REG_MULTI_SZ | REG_EXPAND_SZ |
             REG_DWORD | REG_BINARY   | REG_NONE      ]
           If omitted, REG_SZ is assumed.
  /s       Specify one character that you use as the separator in your data
           string for REG_MULTI_SZ. If omitted, use "\0" as the separator.
  /d       The data to assign to the registry ValueName being added.
  /f       Force overwriting the existing registry entry without prompt.
Examples:
  REG ADD [URL="file://abc/HKLM/Software/MyCo"]\\ABC\HKLM\Software\MyCo[/URL]
    Adds a key HKLM\Software\MyCo on remote machine ABC
  REG ADD HKLM\Software\MyCo /v Data /t REG_BINARY /d fe340ead
    Adds a value (name: Data, type: REG_BINARY, data: fe340ead)
  REG ADD HKLM\Software\MyCo /v MRU /t REG_MULTI_SZ /d fax\0mail
    Adds a value (name: MRU, type: REG_MULTI_SZ, data: fax\0mail\0\0)
  REG ADD HKLM\Software\MyCo /v Path /t REG_EXPAND_SZ /d ^%systemroot^%
    Adds a value (name: Path, type: REG_EXPAND_SZ, data: %systemroot%)
    Notice:  Use the caret symbol ( ^ ) inside the expand string
C:\Users\Dwarf>

Occaisionally you will need to use 'REG QUERY', and the code below illustrates the syntax of this command.
Code:
Microsoft Windows [Version 6.0.6001]
Copyright (c) 2006 Microsoft Corporation.  All rights reserved.
C:\Users\Dwarf>reg query /?
REG QUERY KeyName [/v [ValueName] | /ve] [/s]
          [/f Data [/k] [/d] [/c] [/e]] [/t Type] [/z] [/se Separator]
  KeyName  [\\Machine\]FullKey
           Machine - Name of remote machine, omitting defaults to the
                     current machine. Only HKLM and HKU are available on
                     remote machines
           FullKey - in the form of ROOTKEY\SubKey name
                ROOTKEY - [ HKLM | HKCU | HKCR | HKU | HKCC ]
                SubKey  - The full name of a registry key under the
                          selected ROOTKEY
  /v       Queries for a specific registry key values.
           If omitted, all values for the key are queried.
           Argument to this switch can be optional only when specified
           along with /f switch. This specifies to search in valuenames only.
  /ve      Queries for the default value or empty value name (Default).
  /s       Queries all subkeys and values recursively (like dir /s).
  /se      Specifies the separator (length of 1 character only) in
           data string for REG_MULTI_SZ. Defaults to "\0" as the separator.
  /f       Specifies the data or pattern to search for.
           Use double quotes if a string contains spaces. Default is "*".
  /k       Specifies to search in key names only.
  /d       Specifies the search in data only.
  /c       Specifies that the search is case sensitive.
           The default search is case insensitive.
  /e       Specifies to return only exact matches.
           By default all the matches are returned.
  /t       Specifies registry value data type.
           Valid types are:
             REG_SZ, REG_MULTI_SZ, REG_EXPAND_SZ,
             REG_DWORD, REG_BINARY, REG_NONE
           Defaults to all types.
  /z       Verbose: Shows the numeric equivalent for the type of the valuename.
Examples:
  REG QUERY HKLM\Software\Microsoft\ResKit /v Version
    Displays the value of the registry value Version
  REG QUERY [URL="file://abc/HKLM/Software/Microsoft/ResKit/Nt/Setup"]\\ABC\HKLM\Software\Microsoft\ResKit\Nt\Setup[/URL] /s
    Displays all subkeys and values under the registry key Setup
    on remote machine ABC
  REG QUERY HKLM\Software\Microsoft\ResKit\Nt\Setup /se #
    Displays all the subkeys and values with "#" as the seperator
    for all valuenames whose type is REG_MULTI_SZ.
  REG QUERY HKLM /f SYSTEM /t REG_SZ /c /e
    Displays Key, Value and Data with case sensitive and exact
    occurrences of "SYSTEM" under HKLM root for the data type REG_SZ
  REG QUERY HKCU /f 0F /d /t REG_BINARY
    Displays Key, Value and Data for the occurrences of "0F" in data
    under HKCU root for the data type REG_BINARY
  REG QUERY HKLM\SOFTWARE /ve
    Displays Value and Data for the empty value (Default)
    under HKLM\SOFTWARE
C:\Users\Dwarf>
Note that in both cases, the line containing '\\ABC\...' is an example of the syntax of the command, and that the link is non-existant.

Example 1 E-mail Fonts
Code:
@ECHO OFF
REG ADD "HKCU\Software\Microsoft\Windows Mail\Mail" /v "Font Size" /t REG_DWORD /d 0x00000009 /f
REG ADD "HKCU\Software\Microsoft\Windows Mail\Mail" /v "Font Name" /t REG_SZ /d Arial /f
START WinMail
Code:
@ECHO OFF
REG ADD "HKCU\Software\Microsoft\Windows Mail\Mail" /v "Font Size" /t REG_DWORD /d 0x0000000c /f
REG ADD "HKCU\Software\Microsoft\Windows Mail\Mail" /v "Font Name" /t REG_SZ /d Batang /f
START WinMail

Example 2 word 2007 send to button greyed out
Code:
@ECHO OFF
REG ADD "HKLM\SOFTWARE\Microsoft\Windows Messaging Subsystem" /v MAPI /t REG_SZ /d 1 /f
REG ADD "HKLM\SOFTWARE\Microsoft\Windows Messaging Subsystem" /v CMC /t REG_SZ /d 1 /f
REG ADD "HKLM\SOFTWARE\Microsoft\Windows Messaging Subsystem" /v CMCDLLNAME t/ REG_SZ /d Mapi.dll /f
REG ADD "HKLM\SOFTWARE\Microsoft\Windows Messaging Subsystem" /v CMCDLLNAME32 /t REG_SZ /d Mapi32.dll /f
REG ADD "HKLM\SOFTWARE\Microsoft\Windows Messaging Subsystem" /v MAPIX /t REG_SZ /d 1 /f
REG ADD "HKLM\SOFTWARE\Microsoft\Windows Messaging Subsystem" /v MAPIXVER /t REG_SZ /d 1.0.0.1 /f
REG ADD "HKLM\SOFTWARE\Microsoft\Windows Messaging Subsystem" /v OLEMessaging /t REG_SZ /d 1 /f

Example 3 Typical Values
Code:
@ECHO OFF
REG ADD "HKCU\New Key #1" /v "New Value #1" /t REG_SZ /d "Example Data" /f
REG ADD "HKCU\New Key #1" /v "New Value #2" /t REG_BINARY /d FEDCBA9876543210 /f
REG ADD "HKCU\New Key #1" /v "New Value #3" /t REG_DWORD /d 0xfdb97531 /f
REG ADD "HKCU\New Key #1" /v "New Value #5" /t REG_MULTI_SZ /d "This is a further example\0of more data" /f
The other values are best entered using either Method 1 or Method 2.

To create these files, use 'Notepad'. The file MUST be structured with the syntax as shown in the examples. Give the file a meaningful name and save it with a '.bat' suffix. I suggest that you save these files in the 'Public Documents' folder. To enter the data in the file into the registry, simply click on it. If you get an error, right click on the file and select 'Run as administrator'. When you provide administrative credentials, the file should execute. Of course, you could use an account with administrative privileges.

Illustrating the connection between Method 2 and Method 3.

This is demonstrated by Example 2 word 2007 send to button greyed out (see the link at the beginning of this Tutorial).

Extract from the webpage referred to in the above mentioned link from Microsoft.

Capture.JPG

This extract represented as an exported registry file of the key in question.

Code:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Messaging Subsystem]
"MAPI"="1"
"CMC"="1"
"CMCDLLNAME"="Mapi.dll"
"CMCDLLNAME32"="Mapi32.dll"
"MAPIX"="1"
"MAPIXVER"="1.0.0.1"
"OLEMessaging"="1"

The code representing this extract.

Code:
@ECHO OFF
REG ADD "HKLM\SOFTWARE\Microsoft\Windows Messaging Subsystem" /v MAPI /t REG_SZ /d 1 /f
REG ADD "HKLM\SOFTWARE\Microsoft\Windows Messaging Subsystem" /v CMC /t REG_SZ /d 1 /f
REG ADD "HKLM\SOFTWARE\Microsoft\Windows Messaging Subsystem" /v CMCDLLNAME t/ REG_SZ /d Mapi.dll /f
REG ADD "HKLM\SOFTWARE\Microsoft\Windows Messaging Subsystem" /v CMCDLLNAME32 /t REG_SZ /d Mapi32.dll /f
REG ADD "HKLM\SOFTWARE\Microsoft\Windows Messaging Subsystem" /v MAPIX /t REG_SZ /d 1 /f
REG ADD "HKLM\SOFTWARE\Microsoft\Windows Messaging Subsystem" /v MAPIXVER /t REG_SZ /d 1.0.0.1 /f
REG ADD "HKLM\SOFTWARE\Microsoft\Windows Messaging Subsystem" /v OLEMessaging /t REG_SZ /d 1 /f

The first line, '@ECHO OFF', is a command that turns off the command-echoing (displaying the command on screen as it is executed). This is OPTIONAL.
The next 7 lines operate in the same way, so I shall describe the 1st one. The first part of the line is 'REG ADD'. This is a command line instruction to add or modify registry data. The next part, "HKLM\SOFTWARE\Microsoft\Windows Messaging Subsystem" is the address of the variable that is going to be added or modified. The '/v' indicates that the following data is the variable name, in this case 'MAPI'. Following the variable name, '/t' indicates the type of variable, in this case 'REG_SZ' (a 'string' variable). The next item, '/d', indicates that the following data is going to be stored or placed into this variable. In this case, the data is '1'. Finally, the '/f' forces the data to be written to the registry without a prompt.


 

Attachments

  • Regedit.png
    Regedit.png
    7 KB · Views: 363
Last edited by a moderator:
Back
Top