The Registry can hold information about what is in the computer such as the hard drive and graphics cards. The other information it has is what documents you can collate, the personal settings, e.g., background, mouse settings and colour schemes and also it has the programmes which are on the computer, such as Word and Google Chrome.
The Spyware and Viruses and the rights of these, changes your Registry for malicious purposes, so Anti Virus and the other Anti programmes work on the principal that there shouldn’t be any unauthorised access to the Registry and that its own databases of all malicious programmes has helped to identify the unwanted programmes.
The Registry is a database and within the database it has pre-defined keys, such as HKey_Users which have the relevant files for the active user. If one user locked their account and another logged in, the HKey_Users will drop the locked account for now and load up the current account.
Changing the Registry is possible but risky and unless you know what you are doing, is not the best idea. If you are editing the Registry, for whatever reason, make sure there is a recent backup so you can restore the Registry if there is a mistake. I suggest before you get to this stage, you try System Restore which will not damage the computer as much as the Registry would. You can change anything on your computer by using the Registry such as the SubKeys, the values and rename a Subkey/value.
Information source (the internet)
Every operating system and application needs a place to store configuration settings and user preferences. As computers have become more complex, so have the methods of storing this data. The few settings needed by MS-DOS were stored in the plain text file CONFIG.SYS. DOS programs had to make their own arrangements for storing user settings.
Windows originally used INI files – text files organised in a simple format that could be read and written using special routines available to Windows programs. Windows had one configuration file, SYSTEM.INI, which was used for all the internal settings plus another, WIN.INI, for user preferences. Each application had an INI file, too, usually named after itself.
This system worked pretty well, and is still used by some Windows programs, but it turned out to have a few disadvantages. INI files were slow to access and limited in size to 64Kb. There was also just one INI file per program per computer, making it difficult to have different settings for each user of a computer.
So for Windows NT and Windows 95 Microsoft introduced the Registry. You can think of the Registry as a database for storing and accessing configuration data. Like all good databases the Registry can store different types of data. It is organised for fast and efficient access. Data is stored in a hierarchical manner rather like the folders on a hard disk. Registry data that is currently in use is cached in memory to provide better performance.
A Computer Registry–that is synonymous with Windows Registry–creates a database of information about all hardware, software, devices and programs installed on the computer. It is a repository of information about the computer’s configuration. It tracks any changes made to the settings.
Computer registry should not be edited manually. However when you observe any of the following errors, the registry would need a clean up:
The speed of the computer is not the same as it used to be earlier.
The computer faces frequent crash though there is no error or problem.
The system does not start or shut down normally.
It prevents addition or deletion of software.
The computer screen turns blue and you are unable to access any controls
This article describes the registry. This article also includes information about how to back up the registry, how to edit the registry, and lists references for more information.
Description of the registryThe Microsoft Computer Dictionary, Fifth Edition, def…
Description of the registry
The Microsoft Computer Dictionary, Fifth Edition, defines the registry as:
A central hierarchical database used in Microsoft Windows 98, Windows CE, Windows NT, and Windows 2000 used to store information that is necessary to configure the system for one or more users, applications and hardware devices.
The Registry contains information that Windows continually references during operation, such as profiles for each user, the applications installed on the computer and the types of documents that each can create, property sheet settings for folders and application icons, what hardware exists on the system, and the ports that are being used.
The Registry replaces most of the text-based .ini files that are used in Windows 3.x and MS-DOS configuration files, such as the Autoexec.bat and Config.sys. Although the Registry is common to several Windows operating systems, there are some differences among them.
A registry hive is a group of keys, subkeys, and values in the registry that has a set of supporting files that contain backups of its data. The supporting files for all hives except HKEY_CURRENT_USER are in the %SystemRoot%System32Config folder on Windows NT 4.0, Windows 2000, Windows XP, Windows Server 2003, and Windows Vista. The supporting files for HKEY_CURRENT_USER are in the %SystemRoot%ProfilesUsername folder. The file name extensions of the files in these folders indicate the type of data that they contain. Also, the lack of an extension may sometimes indicate the type of data that they contain.
Collapse this tableExpand this table
Sam, Sam.log, Sam.sav
Security, Security.log, Security.sav
Software, Software.log, Software.sav
System, System.alt, System.log, System.sav
System, System.alt, System.log, System.sav, Ntuser.dat, Ntuser.dat.log
Default, Default.log, Default.sav
In Windows 98, the registry files are named User.dat and System.dat. In Windows Millennium Edition, the registry files are named Classes.dat, User.dat, and System.dat.
Note Security features in Windows NT, Windows 2000, Windows XP, Windows Server 2003, and Windows Vista let an administrator control access to registry keys.
The following table lists the predefined keys that are used by the system. The maximum size of a key name is 255 characters.
Collapse this tableExpand this table
Contains the root of the configuration information for the user who is currently logged on. The user’s folders, screen colors, and Control Panel settings are stored here. This information is associated with the user’s profile. This key is sometimes abbreviated as “HKCU.”
Contains all the actively loaded user profiles on the computer. HKEY_CURRENT_USER is a subkey of HKEY_USERS. HKEY_USERS is sometimes abbreviated as “HKU.”
Contains configuration information particular to the computer (for any user). This key is sometimes abbreviated as “HKLM.”
Is a subkey of HKEY_LOCAL_MACHINESoftware. The information that is stored here makes sure that the correct program opens when you open a file by using Windows Explorer. This key is sometimes abbreviated as “HKCR.” Starting with Windows 2000, this information is stored under both the HKEY_LOCAL_MACHINE and HKEY_CURRENT_USER keys. The HKEY_LOCAL_MACHINESoftwareClasses key contains default settings that can apply to all users on the local computer. The HKEY_CURRENT_USERSoftwareClasses key contains settings that override the default settings and apply only to the interactive user. The HKEY_CLASSES_ROOT key provides a view of the registry that merges the information from these two sources. HKEY_CLASSES_ROOT also provides this merged view for programs that are designed for earlier versions of Windows. To change the settings for the interactive user, changes must be made under HKEY_CURRENT_USERSoftwareClasses instead of under HKEY_CLASSES_ROOT. To change the default settings, changes must be made under HKEY_LOCAL_MACHINESoftwareClasses. If you write keys to a key under HKEY_CLASSES_ROOT, the system stores the information under HKEY_LOCAL_MACHINESoftwareClasses. If you write values to a key under HKEY_CLASSES_ROOT, and the key already exists under HKEY_CURRENT_USERSoftwareClasses, the system will store the information there instead of under HKEY_LOCAL_MACHINESoftwareClasses.
Contains information about the hardware profile that is used by the local computer at system startup.
Note The registry in 64-bit versions of Windows XP, Windows Server 2003, and Windows Vista is divided into 32-bit and 64-bit keys. Many of the 32-bit keys have the same names as their 64-bit counterparts, and vice versa. The default 64-bit version of Registry Editor that is included with 64-bit versions of Windows XP, Windows Server 2003, and Windows Vista displays the 32-bit keys under the following node:
For more information about how to view the registry on 64-Bit versions of Windows, click the following article number to view the article in the Microsoft Knowledge Base:
305097 (http://support.microsoft.com/kb/305097/ ) How to view the system registry by using 64-bit versions of Windows
The following table lists the data types that are currently defined and that are used by Windows. The maximum size of a value name is as follows:
* Windows Server 2003, Windows XP, and Windows Vista: 16,383 characters
* Windows 2000: 260 ANSI characters or 16,383 Unicode characters
* Windows Millennium Edition/Windows 98/Windows 95: 255 characters
Long values (more than 2,048 bytes) must be stored as files with the file names stored in the registry. This helps the registry perform efficiently. The maximum size of a value is as follows:
* Windows NT 4.0/Windows 2000/Windows XP/Windows Server 2003/Windows Vista: Available memory
* Windows Millennium Edition/Windows 98/Windows 95: 16,300 bytes
Note There is a 64K limit for the total size of all values of a key.
Collapse this tableExpand this table
Raw binary data. Most hardware component information is stored as binary data and is displayed in Registry Editor in hexadecimal format.
Data represented by a number that is 4 bytes long (a 32-bit integer). Many parameters for device drivers and services are this type and are displayed in Registry Editor in binary, hexadecimal, or decimal format. Related values are DWORD_LITTLE_ENDIAN (least significant byte is at the lowest address) and REG_DWORD_BIG_ENDIAN (least significant byte is at the highest address).
Expandable String Value
A variable-length data string. This data type includes variables that are resolved when a program or service uses the data.
A multiple string. Values that contain lists or multiple values in a form that people can read are generally this type. Entries are separated by spaces, commas, or other marks.
A fixed-length text string.
A series of nested arrays that is designed to store a resource list that is used by a hardware device driver or one of the physical devices it controls. This data is detected and written in the ResourceMap tree by the system and is displayed in Registry Editor in hexadecimal format as a Binary Value.
A series of nested arrays that is designed to store a device driver’s list of possible hardware resources the driver or one of the physical devices it controls can use. The system writes a subset of this list in the ResourceMap tree. This data is detected by the system and is displayed in Registry Editor in hexadecimal format as a Binary Value.
A series of nested arrays that is designed to store a resource list that is used by a physical hardware device. This data is detected and written in the HardwareDescription tree by the system and is displayed in Registry Editor in hexadecimal format as a Binary Value.
Data without any particular type. This data is written to the registry by the system or applications and is displayed in Registry Editor in hexadecimal format as a Binary Value
A Unicode string naming a symbolic link.
Data represented by a number that is a 64-bit integer. This data is displayed in Registry Editor as a Binary Value and was introduced in Windows 2000.
Back up the registry
Before you edit the registry, export the keys in the registry that you plan to edit, or back up the whole registry. If a problem occurs, you can then follow the steps in the “Restore the registry” section to restore the registry to its previous state. To back up the whole registry, use the Backup utility to back up the system state. The system state includes the registry, the COM+ Class Registration Database, and your boot files. For more information about how to use the Backup utility to back up the system state, click the following article numbers to view the articles in the Microsoft Knowledge Base:
308422 (http://support.microsoft.com/kb/308422/ ) How to use the Backup utility that is included in Windows XP to back up files and folders
320820 (http://support.microsoft.com/kb/320820/ ) How to use the Backup utility to back up files and folders in Windows XP Home Edition
326216 (http://support.microsoft.com/kb/326216/ ) How to use the backup feature to back up and restore data in Windows Server 2003
Edit the registry
To modify registry data, a program must use the registry functions that are defined in the following MSDN Web site:
Administrators can modify the registry by using Registry Editor (Regedit.exe or Regedt32.exe), Group Policy, System Policy, Registry (.reg) files, or by running scripts such as VisualBasic script files.
Use the Windows user interface
We recommend that you use the Windows user interface to change your system settings instead of manually editing the registry. However, editing the registry may sometimes be the best method to resolve a product issue. If the issue is documented in the Microsoft Knowledge Base, an article with step-by-step instructions to edit the registry for that issue will be available. We recommend that you follow those instructions exactly.