What is Registry?
Whenever you download and install a new program or software, its data and information are created in the registry as a subkey. This registry term is also known as Windows Registry. In other words, Windows Registry is a hierarchical database that holds configurations and settings for the hardware, installed software, operating system, and user preferences of the Windows operating system. It keeps data in the form of keys, subkeys, and values.
Modifying the Registry should be done carefully because changes can affect how installed applications and the operating system behave. Incorrect modifications to the Registry may result in complete system failure. The Windows Run dialogue box's regedit command allows users to access the Registry. They can view, edit, and remove keys and values. But, it's crucial to remember that making changes to the Registry without the necessary information can be a dangerous step in losing all the data, so backup your data and proceed with caution if you edit the Registry.
What are the Keys and Values in the Windows Registry?
There are two elements, keys and values, in the Windows Registry that are used to store and organize data. They are essential for keeping configuration settings for the operating system, applications, hardware, etc. They are often organized hierarchically. Here is an overview of the Windows Registry's keys and values:
- Keys: The main folders in the Windows Registry are called keys. They work as upper-level containers that arrange data. They are similar to file system folders. Paths and names are used to represent keys. A standard structure of a path is like HKEY_LOCAL_MACHINE\Software\Microsoft\Windows, where Windows refers to the subkey of the subkey Microsoft of the subkey Software of the root key HKEY_LOCAL_MACHINE. There are seven predefined root keys, which are pointed out here:
- HKEY_LOCAL_MACHINE or HKLM
- HKEY_CURRENT_CONFIG or HKCC
- HKEY_CLASSES_ROOT or HKCR
- HKEY_CURRENT_USER or HKCU
- HKEY_USERS or HKU
- HKEY_PERFORMANCE_DATA (In Windows NT)
- HKEY_DYN_DATA (In Windows 9x)
- Values: Values are informational entries kept in Registry keys. They include particular data about preferences, settings, configurations, and other information. Every value has a name and an associated data type, which commands how the information is used and illustrated.
Here are the data types for Registry values:
- String (REG_SZ)
- Binary (REG_BINARY)
- DWORD (REG_DWORD)
- QWORD (REG_QWORD)
- Expandable String (REG_EXPAND_SZ)
- Multi-String (REG_MULTI_SZ)
How to Access Windows Registry Editor?
You can view and edit the registry, which holds essential Windows configurations, system settings, and other data, by accessing the Windows Registry Editor. Here are some ways through which you can access the Registry Editor:
Using Run Dialogue Box:
- Press the Win + R keys, type regedit, and click on the OK button.
- After that, confirm by pressing the Yes button in the opened pop-up.
- A normal registry window will look like the below image.
Using Search Bar:
- In the Search bar, type regedit and click on Registry Editor.
Using CMD:
- Search for cmd or command prompt in the Start Menu and hit Enter.
- Now, type regedit and click the Enter button.
Using Powershell:
- In the Search Menu, type PowerShell and hit the Enter button.
- Here, type regedit and hit Enter.
File Location of Windows Registry
Windows Registry files are located in various folders within the Windows file system. The registry's files can be found in the %SystemRoot%\System32\Config directory. The directory where the Windows operating system is installed—typically C:\Windows is indicated by the %SystemRoot% variable. These are the 5 main files known as hives: Sam, System, Software, Default, Security, and Ntuser.dat.
- System: Holds information about the hardware and software configuration unique to the system.
- Software: Consists of Windows operating system configuration data and settings for installed applications.
- Security: Stores data about safety, such as user rights, policies, and access control.
- Default: This consists of the initial configurations when creating a new user account.
- Ntuser.dat: Every user that logs into the system has a unique registry hive with special configurations and settings. These are stored in files called NTUSER.DAT in the user profile folders that correspond to them, usually found in C:\Users\Username.
These files are arranged into hive files and are essential registry parts. Despite their separate appearances, they combine to form the registry database, home to various user preferences, system configurations, settings, and other critical information for the Windows operating system and its applications.
It is not appropriate for users to access and modify these files directly. To make changes, it is safer to use Windows' Registry Editor rather than directly editing these files, which can cause instability or corruption in the system if done carelessly.
How to Backup Windows Registry?
It is necessary to be cautious while backing up the registry. Store backups in a secure in a secure location and away from making any changes in the registry unless essential. There are two methods to backup that we are going to provide you here.
Using Registry Editor
- Search for Registry Editor in the Search bar.
- After that, click on Yes to confirm opening the Registry Editor.
- Select the computer from the top if you want a full backup.
- Also, you can select the specific branch to export.
- Now, click on the File menu and select the Export option.
- After that, choose the location where you want to save.
- Give a name to the backup file and select All from the backup range.
- Finally, click on Save.
Using Command Prompt
- Press the Window key + X and select Command Prompt or Windows Powershell.
- Type reg export <key_path> <backup_location> and hit Enter.
- Now, replace the <key_path> with the path of the key.
- Also, replace <backup_location> with the backup location.
- Lastly, ensure the backup file where you have saved.
What is Hives in Windows Registry?
In the Windows OS, the registry is designed into a hierarchical database system that keeps the information about configuration settings and options for the system's hardware, software, users, etc. The registry is divided into logical sections known as hives. There are five main hives in Windows Registry, which are as follows:
- HKEY_CLASSES_ROOT (HKCR):
It stores file extensions associated with programs and information about registered applications, file types, etc.
- HKEY_CURRENT_USER (HKCU):
It contains configuration information for the currently logged-in user. It stores
user-specific settings data such as environment variables, desktop settings, and application settings.
- HKEY_LOCAL_MACHINE (HKLM):
It details the local machine's configuration and holds relevant data for all computer users, including security, software, and hardware settings.
- HKEY_USERS:
HKEY_USERS contains subkeys related to user profiles on the system. In addition, stores configuration information for each user account logged in.
- HKEY_CURRENT_CONFIG:
It keeps information about the current hardware configuration.
Conclusion
The Windows registry is an essential element in the Microsoft Windows Operating System. However, users must be cautious while making any changes or modifications in the registry. Throughout this article, we have discussed all the terms related to the registry, such as keys and values, how to access it, the file location of the registry, how to backup, etc.