Welcome to Bindars Registry Information

Hover over How to... for a menu
How to...  

Read the standard registry warning and disclaimer

About the Windows Registry

What is the Windows Registry?

The Registry is a database used to store settings and options for the 32 bit versions of Microsoft Windows since Windows 95. It contains information and settings for all the hardware, software, users, and preferences of the PC. Whenever a user makes changes to a Control Panel setting, or File Associations, System Policies, installed software or almost anything else, the changes are reflected and stored in the Registry.

The physical files that make up the registry are stored differently depending on your version of Windows; under Windows 95 & 98 it is contained in two hidden files in your Windows directory, called USER.DAT and SYSTEM.DAT, for Windows Me there is an additional CLASSES.DAT file, while under Windows NT/2000/XP the files are contained separately in the %SystemRoot%\System32\Config directory. You can not edit these files directly, you must use a tool commonly known as a "Registry Editor" to make any changes.

It is very unfortunate that Microsoft has chosen to deal with the Registry and Registry editing as a "black art," leaving many people in the dark as to the real uses of all the settings in the systems. Microsoft's refusal to adequately, and publicly, supply information about the correct settings is extremely frustrating and adds further mystery to the registry. Certainly, more damage has and will be done because of a lack of information than because of too much information.

 

The Structure of the Registry:

The Registry has a hierarchal structure, although it looks complicated the structure is similar to the directory structure on your hard disk, with Regedit being somewhat similar to Windows Explorer.

Windows Registry

Each main branch, denoted by a folder icon in the Registry Editor, is called a Hive (also known as a Root Key), and Hives contains Keys. Each key can contain other keys (sometimes referred to as sub-keys), as well as Values. The values contain the actual information stored in the Registry. There are three types of values; String, Binary, and DWORD (in later versions REG_MULTI_SZ and REG_EXPAND_SZ were added) - the use of these depends upon the context of the entry.  As a matter of fact I have seen many instances where a registry key/value on one computer was a String and the identical key/value on another system was a DWORD.  In some instances you can use either/or.

There are six main branches, each containing a specific portion of the information stored in the Registry. They are as follows:

  • HKEY_CLASSES_ROOT - This branch contains all of your file association mappings to support the drag-and-drop feature, OLE information, Windows shortcuts, and core aspects of the Windows user interface.
  • HKEY_CURRENT_USER - This branch links to the section of HKEY_USERS appropriate for the user currently logged onto the PC and contains information such as logon names, desktop settings, and Start menu settings.
  • HKEY_LOCAL_MACHINE - This branch contains computer specific information about the type of hardware, software, and other preferences on a given PC, this information is used for all users who log onto this computer.
  • HKEY_USERS - This branch contains individual preferences for each user of the computer, each user is represented by a SID sub-key located under the main branch.
  • HKEY_CURRENT_CONFIG - This branch links to the section of HKEY_LOCAL_MACHINE appropriate for the current hardware configuration.
  • HKEY_DYN_DATA - This branch points to the part of HKEY_LOCAL_MACHINE, for use with the Plug-&-Play features of Windows, this section is dynamic and will change as devices are added and removed from the system.

The six sections listed above are the very top levels.

The levels below them are referred to as follows;

  •  Key  Similar to a folder in Windows Explorer. It can contain additional folders and one or more values. Think of a key as sections within an outline.
  •  Subkey  A child that appears under another key (the parent). This concept is similar to folders and subfolders in Windows Explorer. Subkeys are similar to subsections in an outline.
  •  Branch  Represents a particular subkey and everything it contains. A branch can start at the very top of the Registry, but it usually describes a key and all of its contents. In an outline, a branch is a section and everything that appears below it.
  •  Value entry  An order pair with a name and a value. Value entries are analogous to files in Windows Explorer.

Each registry value is stored as one of five main data types:

  1. REG_BINARY - This type stores the value as raw binary data. Most hardware component information is stored as binary data, and can be displayed in an editor in hexadecimal format.
  2. REG_DWORD - This type represents the data by a four byte number and is commonly used for boolean values, such as "0" is disabled and "1" is enabled. Additionally many parameters for device driver and services are this type, and can be displayed in REGEDT32 in binary, hexadecimal and decimal format, or in REGEDIT in hexadecimal and decimal format.
  3. REG_EXPAND_SZ - This type is an expandable data string that is string containing a variable to be replaced when called by an application. For example, for the following value, the string "%SystemRoot%" will replaced by the actual location of the directory containing the Windows NT system files. (This type is only available using an advanced registry editor such as REGEDT32)
  4. REG_MULTI_SZ - This type is a multiple string used to represent values that contain lists or multiple values, each entry is separated by a NULL character. (This type is only available using an advanced registry editor such as REGEDT32)
  5. REG_SZ - This type is a standard string, used to represent human readable text values.

Visitors to this page since April 05, 2006  

Visitors to this page since April 05, 2006   Hit Counter