.Reg is THE file extension associated with the Windows 8 registry
editor. The purpose of such files is to merge, or tattoo settings into
the registry. What makes the whole process transparent is that .reg
files are text based, thus you can open them with Notepad and make changes.
My mission is to assist you in creating your own.reg files, but let me start with an
example to illustrate the registry settings, and the type of file I am going
to analyze.
Double-clicking a .reg file is just like using regedit to make changes, but
it's much quicker than drilling down through the HKEY labyrinths.
However, these .reg files only yield satisfactory results if you know their
contents, or trust their source.
As I mentioned earlier, you can edit
the .reg files with Notepad, one reason is to
make adjustments, for example, change "AutoAdminLogon"="0",
to "AutoAdminLogon"="1". When you save a .reg file there is no
significance to the actual filename, I just choose names that reflect their task,
AutoAdminOn.reg, or AutoAdminOff.reg, however, you must always remember that .reg
extension. To deliver the payload some people prefer to right-click the .reg file and
'Merge', but I prefer the double-click method.
Another alternative to double-clicking .reg files is to use
the Windows 8 regedit's
'Import' facility. One benefit of using this
more long-winded technique is that you can appraise the sister command 'Export
registry', and thus create your own .Reg files. Another reason for
using regedit to import .reg files is to overcome an error message when you
double-click the .reg file. In some
circumstances you could employ a script to import .reg file. The
structure of the command is: regedit /s path to .reg file.
Time spent creating .reg files is repaid if you need to re-apply the
settings regularly, or you need to copy the values to multiple machines.
A bonus of using .reg files to change settings in the registry is they are
self-documenting. Yet, bear in mind there are alternatives, namely
using Group Policies.
Guy Recommends: A Free Trial of the Network Performance Monitor
(NPM)
SolarWinds'
Orion performance monitor
will help you discover what's happening on your network. This
utility will also guide you through troubleshooting; the dashboard will
indicate whether the root cause is a broken link, faulty equipment or
resource overload.
What I like best is the way NPM suggests solutions to network
problems. Its
also has the ability to monitor the health of individual VMware
virtual machines. If you are interested in troubleshooting, and creating
network maps, then I recommend that you try NPM now.
Making your own.reg files is straightforward, especially if you employ the
time-honoured technique of dissecting an existing file. Here are the
most important factors:
Understand the Windows 8 .Reg Format Making a simple
data change from 1 to 0 is unlikely to cause a big problem. But before
you start making wholesale changes to .reg files there are a few items of
syntax that it pays to understand.
The 1st Line - Windows Registry Editor The very first line of the .reg file must contain the name of the Windows 8
registry editor, this is a clue that regedit is the engine that processes
these files. For XP and later the best, or correct name, is 'Windows
Registry Editor Version 5.00'. Older registries such as Windows 95 and
NT 4.0 used 'REGEDIT4', thus to support backwards compatibility you could
still use 'Regedit4'. Incidentally, even though Windows 8's regedit
reports to be version 6.2, as shown in its Help / 'About'
menu, the .reg files that regedit creates are Version 5.00 - strange but true!
Importance of Blank Lines Curiously, there is a blank line between the
Registry Editor Version, and the path statement in its [square brackets].
You would also need another blank line to introduce each additional path statement.
However, if you go for complex .reg files I strongly recommend creating a
series of
single path units, get them working, and only then bolt them together - with
blank lines between sections.
[Path] Statement The [square] type of brackets
enclosing
the registry path are significant. If you need clarification of the
path, try
opening regedit and comparing the path statement with what you see in the
GUI. Incidentally, the .reg import engine understands the abbreviation
HKLM for HKEY_LOCAL_MACHINE.
Understanding the path syntax makes it easy to use .reg files for deleting
registry keys; the crucial point is to place the minus sign inside the
square bracket: [-HKEY xyz...] . Beware that this will delete all the
values and the data entries in the named key.
The Body of a .reg File If you examine the registry with regedit you will soon spot different
types of values, for example REG_SZ and DWORD. In the .reg files think
of REG_SZ (string values), as the default. Thus
"Userinit"="C: \\Windows\\ system32\\ userinit.exe,"
means that Userinit is a REG_SZ, and accepts a string value.
Note 1: REG_SZ data values, to the right of the equals sign ARE encased in speech marks.
"CachedLogonsCount"="10" (Contrast with DWORD below).
My point is that if you are scripting DWORD, then you need to indicate
that type of value explicitly for example
"ShutdownFlags"=DWORD:00000005. Note 2:
DWORD data should NOT be encased in speech marks.
REG_DWORDS take only hexadecimal numbers, whereas REG_SZ are more flexible and take text or decimal
numbers.
A final 'gotcha'. When you are using notepad's 'Save as',
please remember to
manually add the .reg file extension, otherwise you end up with a useless
.txt file.
; Comments If you create your own .reg
file, then it is desirable to place judicious comments, you can do this by preceding the
description line with a semi-colon.
Windows Registry Editor Version 5.00
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"AutoAdminLogon"="0" ; Created by Guy Thomas. Purpose to set Auto Logon
; Created by Guy Thomas. Purpose to set Auto Logon.
Monitor Your Network with the Real-time Traffic Analyzer
The main reason to monitor your network is to check that
your all your servers are available. If there is a network problem you
want an interface to show the scope of the problem at a glance.
Even when all servers and routers are available, sooner or later you will be curious to
know who, or what, is hogging your precious network's bandwidth. A GUI
showing the top 10 users makes interesting reading.
Another reason to monitor network traffic is to learn more about your
server's response times and the use of resources. To take the pain out of
capturing frames and analysing the raw data, Guy recommends that you download a copy of
the SolarWinds
free Real-time NetFlow Analyzer.
Many programs' installation routines call for .reg files to insert specific
registry
settings that ensure their application runs smoothly. Equally,
browser
hijackers and other malware exert their evil control via injecting .reg
files into the unsuspecting registry. Hence the need for diligence in
checking the provenance of programs, and the desirability of only installing
software with valid certificates.
Remember that unlike clicking in a GUI, there are no internal checks on
the consequences of changing the registry values.
Export a Branch My best advice is always export at least the branch of the registry you are working with
currently.
In addition to producing a useful file, exporting the registry has the
pleasant side effect of concentrating my mind on the area of the registry I
am working on, for instance, is it Local_Machine or Current_User?
Exporting the whole registry would be even safer, but you have to trade-off
security with speed of
import / export.
Backup the Whole Machine? Most experts cover
themselves by recommending you backing up the whole
machine before touching the registry, but I never do. Instead, I ask myself,
'If my registry hack cripples
the machine to the point that it won't boot, how will I logon to effect a
restore?' To my logic, a whole system backup is merely an illusion of safety
when it comes to tweaking the registry, thus, if
I have any concerns then I experiment with the registry on a test machine such as an old laptop.
I confess this attitude maybe arise from a personality trait, I prefer to live life on the
edge, with heightened awareness of danger, rather than coasting along in my
restrictive safety bubble. My point is that if you believe that if you
cripple the registry then you are in dire straights, then it focuses the
mind to extra take with what you are doing.
Remote Registry Editing In 15 years of tweaking the
registry I only once made a serious mistake, and that was deleting a whole
section in HKEY_LOCAL_MACHINE. I recovered using remote registry
editing, and imported the missing control set. What I learned from the
experience is that if I think about doing something risky in the registry,
before I start I fire up a second machine, and from the File menu select:
'Connect Network Registry' - back to the research machine.
.Reg is a file extension associated with the Windows 8 registry
editor. The purpose of such files is to merge settings into the
registry. Time spent creating .reg files is repaid when you need to
re-apply the settings regularly, or you need to copy the values to multiple
machines.
If you like this page then please share it with your friends
Guy Recommends:
SolarWinds' NPM - Network Performance Monitor
SolarWinds' performance monitor is designed for detecting network outages,
making it easy to see what's working, and what needs your attention.
This utility guides you through creating network maps; it also helps
identifying whether the
root cause is faulty equipment, or resource overload. Give NPM a try.
