Windows Registry in depth-Part 1

The Windows registry is a directory which stores settings and options for the operating system for Microsoft Windows 32-bit versions, 64-bit versions and Windows Mobile.




This is one of the least understood aspects of the windows OS.It's basically a database of all the values and settings required by windows as well as several softwares in order to function properly.It was specifically developed in order to overcome the drawbacks of .ini files which were the earlier means of storing the settings(Even now some settings are stored in .ini files..excellent example for this is boot.ini file)

To open windows registry...Just run "regedit" in the run dialog box

Registry Concepts



Hives


Hives are nothing but the top levels in registry.There are typically 5 different hives. They are:

Hive struct

Each hive is associated with a certain functions

  • HKEY_CLASSES_ROOT (HKCR):stores information about registered applications, such as file associations.

  • HKEY_CURRENT_USER (HKCU):stores settings that are specific to the currently logged-in user.This is infact a mirror to subkey of HKEY_USERS hive that corresponds to the user;that means the changes in HKCU is reflected in HKEY_USERS and vicevarsa

  • HKEY_LOCAL_MACHINE (HKLM):It is considered as the important hive in registry. it stores all the system related settings which are common to all the users.It also stores info regarding Hardware.

  • HKEY_USERS (HKU): As explained in HKCR, this has settings which are specific for different users of the computer. Each user is alloted a separate key within HKU

  • HKEY_CURRENT_CONFIG: This is rather interesting hive in windows registry.It contains the info generated during runtime.The settings are not specifically stored permanently on disk.They are renewed or generated at boot-time



Key's


The structure of windows registry is similar to the folders structure.Just imagine the Hives as drives,Keys as top folders,Sub keys as sub folders whithin a folder and last but not least values as files.

Key structure

Take for example the above structure in the snapshot
The full path of the above structure is

HKEY_CURRENT_CONFIG\Software\Fonts
or
HKCC\Software\Fonts

Here HKEY_CURRENT_CONFIG or HKCC is the hive Software the key Fonts the subkey and FONTS.FON the value(String value)

Values


The actual setting is stored in these entities. There are basically 3 major type of values
value


  • String value(REG_SZ):Stores in the value in string or chars format.We can also include the Unicode chars in it

  • Binary Value(REG_Binary):Stores the value in Binary form. Usually major system and hardware setting are stored in this format.

  • DWORD Value(REG_DWORD):Stores the value in either Octal or decimal number format



There are 2 more(Expandable and Multi String value) but they are not so commonly used.

Creating a new value or sub key is easy.Just navigate where you want to create a new key or value and right click and select the appropriate option.To edit or add the contents to the value double click on the value and fill up the value

To be continued........... :)

About This Blog

There is something for everyone. !! A tech blog on various topics. Let it be devops, programming etc; we have it all covered here in layman terms :)

Total Pageviews

Back to TOP