What is A Registry
In computing, the registry refers to a data base which houses the options and settings of an operating system like Microsoft Windows and all installed applications. The concept of registry is linked to the logic of Microsoft operating systems, which retain all of its settings in a small number of files.
The registry of Microsoft Windows
On Windows, the registry has been introduced since version 3.0 and Windows has allowed the elimination of management through the INI file information concerning:
* Driver settings
* Hardware Profiles
* Software settings installed
* User Profiles
* File type associations
* Type libraries, interfaces and classes for COM
* Security policy systems and users
The registry is organized in a hierarchy originating from some major sections, each node of the hierarchy is that key, and each node can contain one or more data elements, such values, one anonymous (a legacy compatibility ).
The Keys to the first level (key root, root keys) have the entire name in capitals with “HKEY” prefix, the abbreviation handle to a key (which originates from the Windows API), (mis) translated as handle a key, and their names are usually abbreviated as an acronym of three or four letters, prefixed with “HK”.
The path of a key is specified with a syntax similar to file paths in Windows, then using the “\” (backslash) as a separator, for example, HKEY_CURRENT_USER \ Software \ Microsoft \ Windows identifies the key contained in key Microsoft Windows contained in software, content to turn the main key HKEY_CURRENT_USER.
Similarly, a value is identified by the path name of the value attached to himself, as in HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Version, which identifies the value of versions in the Windows key etc.
A value can be:
* A string of characters (string value, technically REG_SZ)
* An arbitrary sequence of bytes (binary value, REG_BINARY)
* A 32-bit number (which then allows values from 0 to 4,294,967,295, which is 232 to 1) (DWORD Value REG_DWORD)
* A group of character strings (multi-string value, REG_MULTI_SZ)
* A string containing references to environment variables (string value expansion, related to the replacement of dynamic environment variables (expansion) given at the time of reading the same value; technical name REG_EXPAND_SZ)
* A value amorphous (i.e., of any kind as defined, denoted REG_NONE)
Are also defined some other types of value but are used only in particular contexts, such as to store the configuration of a Plug and Play drivers (various technical names, includin:
In HKEY_CLASSES_ROOT (abbreviated as HKCR) are stored information about registered applications, such as associations of file types and OLE classes. Starting with Windows 2000, HKCR is a merge (dynamic) to HKLM \ Software \ Classes and HKLM \ Software \ Classes. If a given value exists in both structures, one present in HKLM \ Software \ Classes has precedence.
Abbreviated HKCU, HKEY_CURRENT_USER is where I store all data in the records of active user profile.
HKEY_LOCAL_MACHINE Abbreviated HKLM, contains settings common to all users of the system. In his System sub key stores the hardware configuration of your computer.
In the key HKEY_USERS (abbreviated to HKU) are the key HKEY_CURRENT_USER all users connected to the system.
HKEY_CURRENT_CONFIG, abbreviated HKCC, is where it is collected for volatile session. This root key is present only in the register of the versions of Windows derived from Windows NT.
Abbreviated HKDD, HKEY_DYN_DATA contains performance statistics that can be viewed with the monitor system (ctfmon.exe). This root key is present only in operating systems based on Windows 95 (95, 98 and ME).
Continue : Registry | Part 2