The Windows registry is a directory within your computer that stores settings and options for the operating system for Microsoft Windows. The registry contains information and settings for all the hardware, most non-operating system software, operating system software, users, preferences of the PC, and many more settings.
Whenever you make changes within your Control Panel settings, file associations, system policies, or installed software, the changes are copied and stored within your computers registry. The registry also provides a window into the operation of the kernel, exposing runtime information such as performance counters and currently active hardware.
The Registry replaces most of the text-based .ini files that are used in Windows 3.x and MS-DOS configuration files, such as the Autoexec.bat and Config.sys. Although the Registry is common to several Windows operating systems, there are some differences among them.
Any computer registry contains two distict types of elements; Keys and Values
Registry Keys are similar to folders – in addition to values, each key can contain subkeys, which may contain further subkeys, and so on. Keys are referenced with a syntax similar to Windows’ path names, using backslashes to indicate levels of hierarchy.
|HKEY_CLASSES_ROOT||Points to branch of Hkey_Local_Machine that describes certain software settings. This key displays the same data as it did in Windows 3.1 – essential information about OLE and association mappings to support drag-and-drop operations, Windows 95 shortcuts (which are, in fact, OLE links), and core aspects of the Windows 95 user interface.|
|HKEY_CURRENT_USER||This key points to a branch of Hkey_Users for the user who is currently logged on|
|HKEY_LOCAL_MACHINE||Contains computer-specific information about the type of hardware installed, software settings, and other information. This information is used for all users who log on to this computer|
|HKEY_USERS||Contains information about all the users who log on to the computer, including both generic and user-specific information. The generic settings are available to all users who log on to the computer. The information is made up of default settings for applications, desktop configurations, and so on. This key contains sub keys for each user that logs on to this computer|
|HKEY_CURRENT_CONFIG||Points to a branch of Hkey_Local_Machine\Config that contains information about the current configuration of hardware attached to the computer|
|HKEY_DYN_DATA||Points to a branch of Hkey_Local_Machine that contains the dynamic status information for various devices as part of the Plug and Play information. This information may change as devices are added to or removed from the computer. The information for each device includes the related hardware key and the device’s current status, including problems|
Registry Value Types
Registry Values are name/data pairs stored within keys. Values are referenced separately from keys. Value names can contain backslashes which would lead to ambiguities were they referred to like paths.
|REG_SZ||A constant string value|
|REG_EXPAND_SZ||An “expandable” string value that can contain environment variables|
|REG_BINARY||Binary data (any arbitrary data)|
|REG_DWORD / REG_DWORD_LITTLE_ENDIAN||A DWORD value, a 32-bit unsigned integer (numbers between 0 and 4,294,967,295 [232 - 1]) (little-endian)|
|REG_DWORD_BIG_ENDIAN||A DWORD value, a 32-bit unsigned integer (numbers between 0 and 4,294,967,295 [232 - 1]) (big-endian)|
|REG_LINK||Symbolic link (UNICODE)|
|REG_MULTI_SZ||A multi-string value, which is an array of strings|
|REG_RESOURCE_REQUIREMENTS_LIST||Resource Requirements List|
|REG_QWORD / REG_QWORD_LITTLE_ENDIAN||A QWORD value, a 64-bit integer (either big- or little-endian, or unspecified)|