在注册表的某些关键项(譬如:System、Root),连Administrator都没有权限进行修改,因为只有“system”有权限。
【警告】切勿企图进行注册表上层权限覆盖低层权限的方式来使Administrator或其他用户夺权,这样会导致很多Windows服务都无法打开!!!甚至Windows就此挂掉!
(像我这个傻B刚才就进行了上面的操作。。。。。。 如果像我这样操作了,就要看我上一条博客,把注册表权限恢复默认。)
【正确操作】
使用 psexec.exe,以 system 身份打开 regedit.exe,这样便可以直接修改,
命令:
psexec.exe -i -d -s regedit.exe
psexec属于Windows内部工具之一,这些强力的瑞士军刀可以从这里下载:
http://technet.microsoft.com/en-us/sysinternals/bb795533.aspx
---------------------------- 分割线 ---------------------------------
下面附带Windows内部工具的英文原版说明 和 Google自动翻译的中文(以便搜索引擎进行索引)
Sysinternals Process Utilities
Autoruns
See what programs are configured to startup automatically when your system boots and you login. Autoruns also shows you the full list of Registry and file locations where applications can configure auto-start settings.
Handle
This handy command-line utility will show you what files are open by which processes, and much more.
ListDLLs
List all the DLLs that are currently loaded, including where they are loaded and their version numbers. Version 2.0 prints the full path names of loaded modules.
PortMon
Monitor serial and parallel port activity with this advanced monitoring tool. It knows about all standard serial and parallel IOCTLs and even shows you a portion of the data being sent and received. Version 3.x has powerful new UI enhancements and advanced filtering capabilities.
ProcDump
This new command-line utility is aimed at capturing process dumps of otherwise difficult to isolate and reproduce CPU spikes. It also serves as a general process dump creation utility and can also monitor and generate process dumps when a process has a hung window or unhandled exception.
Process Explorer
Find out what files, registry keys and other objects processes have open, which DLLs they have loaded, and more. This uniquely powerful utility will even show you who owns each process.
Process Monitor
Monitor file system, Registry, process, thread and DLL activity in real-time.
PsExec
Execute processes remotely.
PsGetSid
Displays the SID of a computer or a user.
PsKill
Terminate local or remote processes.
PsList
Show information about processes and threads.
PsService
View and control services.
PsSuspend
Suspend and resume processes.
PsTools
The PsTools suite includes command-line utilities for listing the processes running on local or remote computers, running processes remotely, rebooting computers, dumping event logs, and more.
ShellRunas
Launch programs as a different user via a convenient shell context-menu entry.
VMMap
See a breakdown of a process‘s committed virtual memory types as well as the amount of physical memory (working set) assigned by the operating system to those types. Identify the sources of process memory usage and the memory cost of application features.
------------------- Google自动翻译 --------------------------
Autoruns
看到哪些程序被配置为当你的系统启动和您登录自动启动。自动运行也表明你的注册表和文件地点,应用程序可以配置自动启动设置的完整列表。
Handle
这个方便的命令行实用工具将告诉你哪些文件是由开放哪些进程,等等。
ListDLLs
列出所有当前加载的DLL,包括在那里它们被装入及其版本号。 2.0版打印已加载模块的完整路径名。
PortMon
监测与这种先进的监测工具,串行和并行端口活动。它知道所有的标准串行和并行的IOCTL ,甚至告诉你发送和接收的数据的一部分。 3.x版具有强大的新UI增强功能和先进的过滤功能。
ProcDump
这个新的命令行实用工具旨在捕获其他方式难以处理的转储进行隔离和重现CPU峰值。它也可作为一般的进程转储创建实用程序,也可以监控并生成转储过程中,当一个进程有一个挂起的窗口或者未处理的异常。
Process Explorer
找出哪些文件,注册表项和其他对象的进程已经打开,他们已加载哪些DLL等。这种独特而强大的工具,甚至会告诉你谁拥有每一个过程。
Process Monitor
在实时监控文件系统,注册表,进程,线程和DLL活动。
PSEXEC
远程执行程序。
PSGETSID
显示计算机或用户的SID。
PsKill
终止本地或远程进程。
PsList
显示有关进程和线程的信息。
PsService
查看和控制服务。
PsSuspend
挂起和恢复过程。
PSTOOLS
该PSTOOLS套件包括命令行实用程序用于列出在本地或远程计算机上运行的进程,远程运行进程,重新启动电脑,倾倒事件日志,等等。
ShellRunas
通过方便的外壳上下文菜单项启动程序以不同的用户。
VMMap
看的过程的认可的虚拟记忆体分类的数目,以及物理内存量(工作集)由操作系统分配给那些类型。识别进程的内存使用量和应用程序功能的内存成本的来源。