programming4us
           
 
 
Windows

Windows 7 : Getting to Know the Registry (part 2)

- Free product key for windows 10
- Free Product Key for Microsoft office 365
- Malwarebytes Premium 3.7.1 Serial Keys (LifeTime) 2019
12/3/2010 2:33:50 PM
Getting to Know the Registry’s Root Keys

The root keys are your Registry starting points, so you need to become familiar with what kinds of data each key holds. The next few sections summarize the contents of each key.

HKEY_CLASSES_ROOT

HKEY_CLASSES_ROOT—usually abbreviated as HKCR—contains data related to file extensions and their associated programs, the objects that exist in the Windows 7 system, as well as applications and their automation information. There are also keys related to shortcuts and other interface features.

The top part of this key contains subkeys for various file extensions. You see .bmp for bitmap (Paint) files, .txt for text (Notepad) files, and so on. In each of these subkeys, the Default setting tells you the name of the registered file type associated with the extension.  For example, the .txt extension is associated with the txtfile file type.

These registered file types appear as subkeys later in the HKEY_CLASSES_ROOT branch, and the Registry keeps track of various settings for each registered file type. In particular, the shell subkey tells you the actions associated with this file type. For example, in the shell\open\command subkey, the Default setting shows the path for the executable file that opens. Figure 2 shows this subkey for the txtfile file type.

Figure 2. The registered file type subkeys specify various settings associated with each file type, including its defined actions.

HKEY_CLASSES_ROOT is actually a copy (or an alias, as these copied keys are called) of the following HKEY_LOCAL_MACHINE key:

HKEY_LOCAL_MACHINE\Software\Classes

The Registry creates an alias for HKEY_CLASSES_ROOT to make these keys easier for applications to access and to improve compatibility with legacy programs.

HKEY_CURRENT_USER

HKEY_CURRENT_USER—usually abbreviated as HKCU—contains data that applies to the user that’s currently logged on. It contains user-specific settings for Control Panel options, network connections, applications, and more. Note that if a user has group policies set on his account, his settings are stored in the HKEY_USERS\sid subkey (where sid is the user’s security ID). When that user logs on, these settings are copied to HKEY_CURRENT_USER. For all other users, HKEY_CURRENT_USER is built from the user’s profile file, ntuser.dat (located in %UserProfile%).

Tip

How do you find out each user’s SID? First, open the following Registry key:

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\

Here you’ll find a list of SIDs. The ones that begin S-1-5-21 are the user SIDs. Highlight one of these SIDs and then examine the ProfileImagePath setting, which will be of the form %SystemDrive%\Users\ user, where user is the username associated with the SID.

Here’s a summary of the most important HKEY_CURRENT_USER subkeys:

AppEventsContains sound files that play when particular system events occur (such as maximizing of a window)
Control PanelContains settings related to certain Control Panel icons
Keyboard LayoutContains the keyboard layout as selected via Control Panel’s Keyboard icon
NetworkContains settings related to mapped network drives
SoftwareContains user-specific settings related to installed applications and Windows
HKEY_LOCAL_MACHINE

HKEY_LOCAL_MACHINE (HKLM) contains non-user-specific configuration data for your system’s hardware and applications. You’ll use the following three subkeys most often:

HardwareContains subkeys related to serial ports and modems, as well as the floating-point processor.
SoftwareContains computer-specific settings related to installed applications. The Classes subkey is aliased by HKEY_CLASSES_ROOT. The Microsoft subkey contains settings related to Windows (as well as any other Microsoft products you have installed on your computer).
SystemContains subkeys and settings related to Windows startup.
HKEY_USERS

HKEY_USERS (HKU) contains settings that are similar to those in HKEY_CURRENT_USER. HKEY_USERS is used to store the settings for users with group policies defined, as well as the default settings (in the .DEFAULT subkey) which get mapped to a new user’s profile.

HKEY_CURRENT_CONFIG

HKEY_CURRENT_CONFIG (HKCC) contains settings for the current hardware profile. If your machine uses only one hardware profile, HKEY_CURRENT_CONFIG is an alias for HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001. If your machine uses multiple hardware profiles, HKEY_CURRENT_CONFIG is an alias for HKEY_LOCAL_MACHINE\SYSTEM\ControlSet nnn, where nnn is the numeric identifier of the current hardware profile. This identifier is given by the CurrentConfig setting in the following key:

HKLM\SYSTEM\CurrentControlSet\Control\IDConfigDB

Understanding Hives and Registry Files

The Registry database actually consists of a number of files that contain a subset of the Registry called a hive. A hive consists of one or more Registry keys, subkeys, and settings. Each hive is supported by several files that use the extensions listed in Table 1.

Table 1. Extensions Used by Hive Supporting Files
ExtensionDescriptions
NoneA complete copy of the hive data.
.log1A log of the changes made to the hive data.
.log, .log2These files are created during the Windows 7 setup, but remain unchanged as you work with the system.

Note

To see all of these files, you must display hidden files on your system. In Windows Explorer, select Organize, Folder and Search Options, select the View tab, and then activate the Show Hidden Files, Folder, and Drives option. While you’re here, you can also deactivate the Hide Extensions for Known File Types check box. Click OK.

Table 2 shows the supporting files for each hive. (Note that not all of these files might appear on your system.)

Table 2. Supporting Files Used by Each Hive
HiveFiles
HKLM\BCD00000000%SystemRoot%\System32\config\BCD-Template%SystemRoot%\System32\config\BCD-Template.LOG
HKLM\COMPONENTS%SystemRoot%\System32\config\COMPONENTS

%SystemRoot%\System32\config\COMPONENTS.LOG

%SystemRoot%\System32\config\COMPONENTS.LOG1

%SystemRoot%\System32\config\COMPONENTS.LOG2
HKLM\SAM%SystemRoot%\System32\config\SAM

%SystemRoot%\System32\config\SAM.LOG

%SystemRoot%\System32\config\SAM.LOG1

%SystemRoot%\System32\config\SAM.LOG2
HKLM\SECURITY%SystemRoot%\System32\config\SECURITY

%SystemRoot%\System32\config\SECURITY.LOG

%SystemRoot%\System32\config\SECURITY.LOG1

%SystemRoot%\System32\config\SECURITY.LOG2
HKLM\SOFTWARE%SystemRoot%\System32\config\SOFTWARE

%SystemRoot%\System32\config\SOFTWARE.LOG

%SystemRoot%\System32\config\SOFTWARE.LOG1

%SystemRoot%\System32\config\SOFTWARE.LOG2
HKLM\SYSTEM%SystemRoot%\System32\config\SYSTEM

%SystemRoot%\System32\config\SYSTEM.LOG

%SystemRoot%\System32\config\SYSTEM.LOG1

%SystemRoot%\System32\config\SYSTEM.LOG2
HKU\.DEFAULT%SystemRoot%\System32\config\DEFAULT

%SystemRoot%\System32\config\DEFAULT.LOG

%SystemRoot%\System32\config\DEFAULT.LOG1

%SystemRoot%\System32\config\DEFAULT.LOG2

Also, each user has his or her own hive, which maps to HKEY_CURRENT_USER during logon. The supporting files for each user hive are stored in \Users\user, where user is the username. In each case, the ntuser.dat file contains the hive data, and the ntuser.dat.log1 file tracks the hive changes. (If a user has group policies set on her account, the user data is stored in an HKEY_USERS subkey.)
Other -----------------
- Windows 7 : Firing Up the Registry Editor
- Windows Azure : Managing Access Control Service Resources (part 2)
- Windows Azure : Managing Access Control Service Resources (part 1)
- Windows Azure : Access Control Service Management Portal
- Windows 7 : Reset a Broken Service
- Windows 7 : Make Windows Shut Down Services Faster
- Windows 7 : Disable Services for Faster Performance
- Windows 7 : Controlling Services with a Script
- Windows 7 : Controlling Services at the Command Prompt
- Windows 7 : Controlling Services with the Services Snap-In
- Windows Azure : Access Control Service Usage Scenarios (part 3)
- Windows Azure : Access Control Service Usage Scenarios (part 2)
- Windows Azure : Access Control Service Usage Scenarios (part 1)
- Windows Azure : Access Control Service - Claims-Based Identity Model
- Windows Azure : Access Control Service - Concepts and Terminology
- Windows 7 : Configuring the MMC - Creating a Custom Taskpad View
- Windows 7 : Configuring the MMC - Controlling Snap-Ins with Group Policies
- Windows 7 : Configuring the MMC - Adding a Snap-In
- Configuring the Microsoft Management Console : Reviewing the Windows 7 Snap-Ins
- Windows 7 : Enabling the Shutdown Event Tracker
 
 
 
Top 10
 
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 2) - Wireframes,Legends
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 1) - Swimlanes
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Formatting and sizing lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Adding shapes to lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Sizing containers
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 3) - The Other Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 2) - The Data Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 1) - The Format Properties of a Control
- Microsoft Access 2010 : Form Properties and Why Should You Use Them - Working with the Properties Window
- Microsoft Visio 2013 : Using the Organization Chart Wizard with new data
- First look: Apple Watch

- 3 Tips for Maintaining Your Cell Phone Battery (part 1)

- 3 Tips for Maintaining Your Cell Phone Battery (part 2)
programming4us programming4us