The Windows Registry - Part 1

• Home Page
• Free Newsletters
  • Dec 1, 2008
  • Nov 15, 2008
  • Oct 15, 2008
  • Oct 1, 2008
  • Sept 15, 2008
  • Aug 1, 2008
  • July 1, 2008
  • June 15, 2008
  • Older Newsletters
• Computer Forum
• Computer Articles
  • Windows Vista
  • Windows XP
  • Home Server
  • Ubuntu Linux
  • General Computer
  • Computer Security
  • Internet and Email
  • Microsoft Office
• Free Software
  • Security Software
    • AntiVirus
    • AntiSpyware
    • Firewall
    • Scan and Remove
    • Other Tools
  • PC Maintenance
    • Clean and Tune
    • Backup Software
    • Uninstallers
    • Other Tools
  • PC Utility
    • Disk and File
    • System Utilities
    • Desktop / Gadgets
    • Miscellaneous
  • Internet and Email
    • Browsers
    • Email Software
    • Other Tools
  • Audio and Video
    • Players
    • Rip and Burn
    • Convert and Edit
    • Copy and Record
    • Other Tools
  • Photos and Image
    • View and Organize
    • Edit
    • Other Tools
  • Productivity
    • Home and Office
    • Organizers
• Dave's Picks
  • Antivirus / Firewall
  • Audio and Video
  • Desktop Software
  • Internet and Email
  • PC Hardware
  • PC Maintenance
  • PC Utility
  • Photos and Image
  • Spyware / Malware
• Links
  • General Computer
  • Free Software
  • Windows Vista
  • Spyware Info
  • Software Vendors
  • Virus Info
  • Computer Security
  • Email Security
  • General Interest
  • Personal Websites
• Broadband Test
• Please Donate
• Sitemap
• Site Policies
• About Us

You have heard about it. You have been warned about the dangers of messing with it. What is it?

The Windows registry is a central database for the Windows operation system. Settings and information that control hardware configuration, operating system configuration, installed software configuration, and user preferences are all stored in the registry. If you make a change to a program setting, or something as simple as changing display settings, it is likely those changes are stored in the Windows registry. The registry is very important to Windows! Even with the dire warnings of gloom and doom when editing the registry aren't anything to be afraid of. In fact you interact with it daily, you just didn't know it.

With that said, the registry is full of thousands of entries. The chances of one tiny mistake bringing Windows to it's knees is slim, but possible. It is always a good idea to have a current disk image before jumping into the registry.

Now that I've scared the pants off you feel free to follow along as I discuss the registry, just don't make any changes.

To view or edit the registry Windows includes a program called RegEdit. In Windows 2000 and XP click Start>Run and enter regedit.exe in the run box and then click OK. In Vista click Start and type "regedit" in the search box, at the bottom of the Start Menu, followed by the Enter key. The window below will open.

It's very apparent that all this HKEY stuff in the left hand column is gibberish. Computer refers to your computer and each entry under that is a specific section or hive. Let's take a look at each hive and see what it does.

• HKEY_CLASSES_ROOT -  storage for information about registered programs and file associations.
• HKEY_CURRENT_USER - storage for settings specific to the current user. If your computer is set up with multiple user accounts this is where the settings for each user are kept.
• HKEY_LOCAL_MACHINE - storage for settings that apply to all users of the computer.
• HKEY_USERS - storage for subkeys which correspond to the HKEY_CURRENT_USER keys for each user account.
• HKEY_CURRENT CONFIG - storage for keys generated during boot. This hive is actually created when the computer boots and is not stored on your hard drive.

The Windows registry is actually made up of several files named SAM, SOFTWARE, SECURITY, and SYSTEM (notice no file extension) located in the c:\windows\system32\config folder. There is also a file named NTUSER.DAT, which is located in c:\Documents and Settings\<your user name> for Windows XP and c:\Users\<your user name> for Windows Vista. These files relate to the above hives.

• NTUSER.DAT - contains the HKEY_CURRENT_USER hive.
• SAM - contains the HKEY_LOCAL_MACHINE\SAM hive.
• SECURITY - contains the HKEY_LOCAL_MACHINE\SECURITY hive.
• SOFTWARE - contains the HKEY_LOCAL_MACHINE\SOFTWARE hive.
• SYSTEM - contains all other sub hives of THE HKEY_LOCAL_MACHINE hive.

We know where the files are and what they do. Let's go back to Regedit and look around. Click the arrow next to HKEY_CLASSES_ROOT and you will see something similar to the picture below.

These are all of the file extensions which have been registered on your computer. File extensions tell Windows which program to use for a specific file type.

Scroll down (a lot of scrolling) to txtfile. This is the entry responsible for how your computer handles text files.

This is a screenshot of my registry. Yours will be similar, but different. Next to txtfile you will see another arrow. Clicking this arrow will expand the tree below the txtfile entry. Under shell you will see that I use a program named EditPad Lite to view and edit text files. Yours will most likely be notepad.exe.

You will notice the second column is labeled Type. Here is a list of common Types and what they represent:

• REG_BINARY - The value will be in Binary format. Usually used for hardware component entries.
• REG_DWORD - These values are commonly a "0" for a disabled option or a "1" for an enabled option.
• REG_SZ - These values are stored in a readable format like the one above.

Take a few minutes and look around the registry. You will be amazed at the complexity and might even be surprised that you recognize, even vaguely, some of the entries! When you are finished just click on the "X" in the upper right corner of regedit to close it.

Continue to Part 2