Windows Registry is an important database in Windows operating systems that stores settings for systems, hardware, and applications. The registry serves as a configuration center that allows Windows to operate properly.
The main functions of the Registry include storing system and application settings, managing hardware and drivers, and managing security and user preferences. Understanding the Registry is essential for advanced users as it can help in troubleshooting, customizing the system, and improving performance.
However, changing the Registry without sufficient knowledge can make the system unstable. Therefore, it is important to have a good understanding of the Registry before making changes.
What is Windows Registry?
The Windows Registry is a hierarchical database that stores the settings and configurations of the operating system, hardware, and installed applications. The registry helps Windows recognize devices, set user preferences, and perform various system functions properly.
Basic Terms in the Windows Registry
- Hives – The main set of files that store Registry data, such as SAM, SOFTWARE, SYSTEM, SECURITY, dan DEFAULT.
- Keys – A folder structure in the Registry that contains certain settings, similar to directories in a file system.
- Values – Data stored in keys, contains specific information in various formats such as REG_DWORD, REG_SZ, dan REG_BINARY.
Windows Registry Structure: Understanding Registry Hives
Hives is an important part of Windows Registry that stores configuration data for systems and applications. The name “hive” comes from Windows NT developers who love bees, so they use the term. Hives serve as a place to store keys and values needed by the operating system.
Hives are stored in the main location in the %SYSTEMROOT%\System32\Config folder. Here, the main Registry files can be found, which contain the essential configurations for the operating system and installed applications.
Types of Registry Hives and Their Functions
Here are the types of Registry hives and their functions:
1. SAM (Security Accounts Manager)
It stores information about user accounts and groups, including usernames, unique identifiers for domains, and passwords, in hashed form. These hives are usually invisible unless the user has administrative permissions.
2. SECURITY
This hive contains security settings and policies when users connect to the domain. Like SAM, it cannot be accessed without administrative permission.
3. SOFTWARE
Stores information about the apps installed on the system, including settings and configurations for each app. The keys are organized by vendor name.
4. SYSTEM
Contains keys related to system configuration, hardware settings, and details about the installed device. It includes important information for startup and hardware setup.
5. DEFAULT
Stores the default system configuration information that is used when a new user is created or when the system is first installed.
6. HARDWARE & DRIVERS
This hive is not stored as a permanent file, it is created every time the computer is turned on and deleted during shutdown. It contains information about the hardware detected during the active session.
Registry Keys and Values: Data Structure in the Windows Registry
Registry Key is an entry in the Windows Registry that serves as a container for grouping related values. Each key can have a subkey and contain one or more values. Meanwhile, Values are the data stored in the key, providing specific information about the settings or configuration. In other words, a key is a structure that organizes data, while values are the contents of that structure.
Types of Key Registry
Here are the main types of Key Registry and their functions:
1. HKEY_CLASSES_ROOT (HKCR)
Stores information about file associations and application settings, including data about file types and associated programs.
2. HKEY_CURRENT_USER (HKCU)
Contains settings specific to the active user, including the location of the user’s shell folders (such as Documents and Images), as well as the control panel settings and application configuration.
3. HKEY_LOCAL_MACHINE (HKLM)
Stores system and application settings that apply to all users on the computer, including keys for Windows, drivers, and installed applications.
4. HKEY_USERS (HKU)
Contains a configuration for each user account in the system, where each user has a subkey that stores their preferences and settings.
5. HKEY_CURRENT_CONFIG (HKCC)
Stores information collected when the computer is turned on and is only relevant for the currently active session. This data will be deleted when the computer is turned off.
6. HKEY_PERFORMANCE_DATA
Stores system performance data provided by the Windows kernel, drivers, installed applications, and services. This data is temporary and disappears when the computer is turned off.
Types of Registry Values
Registry Values have various types of data that can be stored in keys. Here are the commonly used types of values:
- REG_BINARY: Stores raw binary data. Used for hardware and driver settings.
- REG_DWORD: A 32-bit integer value, often used to define parameters for strings, settings, drivers, and configuration options.
- REG_QWORD: 64-bit integer value, similar to REG_DWORD but with greater capacity.
- REG_SZ: Fixed string, storing plain text.
- REG_EXPAND: String values of extensible length, are also used to store environment variables.
- REG_MULTI_SZ: A double-string array that can contain a list of values, usually separated by a comma or space.
- REG_RESOURCE_LIST: A list of resources in a nested array; this is used by the device driver.
- REG_RESOURCE_REQUIREMENTS_LIST: A list of the array of hardware resources used by the device driver.
- REG_FULL_RESOURCE_DESCRIPTOR: A nested array used to store a list of resources for physical hardware.
- REG_LINK: Symbolic link to other Registry keys. They specify the root key and the target key.
- REG_NONE: Data that doesn’t have a specific type.
Important Locations in the Windows Registry
Control Panel Settings
The settings associated with the Control Panel can be found in the following locations:
HKEY_CURRENT_USER > Control PanelHere, there are Registry values related to input, accessibility, and desktop view settings for active users. It includes a variety of preferences that affect the experience of using Windows.
Installed App Configuration
Information about installed apps can be accessed through two main locations:
HKEY_CURRENT_USER > SoftwareSaves settings and configurations for apps installed on active user accounts. This includes specific preferences for specific applications.
HKEY_LOCAL_MACHINE > SoftwareStores information about all the apps installed on the system, including settings that apply to all users. This is an important location for administrators to manage applications across the system.
Windows Settings
Windows-related settings can be found in the following locations:
HKEY_CURRENT_USER > Software > Microsoft > Windows > CurrentVersionSaves specific settings for the version of Windows used by the current user. It includes system and application configurations that affect the user experience.
HKEY_LOCAL_MACHINE > Software > Microsoft > Windows > CurrentVersionSaves global settings for versions of Windows that apply to all users. It includes important information about system and hardware configurations.
Editing and Managing the Registry
Editing the Windows Registry can affect the performance and stability of the system. Therefore, do it with caution. Here are the basic steps to securely edit the Registry:
- Before changing anything, back up the Registry first. Open the Registry Editor (press Win + R, type regedit, and then press Enter). Select “File” > “Export” to save a copy of the Registry.
- Access the Registry Editor in the same way as the first step. Make sure you have administrative access rights.
- Search for the key you want to edit by exploring the hives and keys structure. Use the left pane to help with navigation.
- Right-click on the key or value you want to change, select “Modify”, and enter the new value as needed.
- When you’re done, close the Registry Editor and restart your computer if necessary to apply the changes.
Editing the Registry has considerable risks, such as:
- Errors while editing can make the system unstable or even unable to boot.
- Incorrect settings can lead to data loss or application configuration.
- Changing security settings in the Registry can make the system more vulnerable to attacks.
Therefore, always make a backup before changing anything and only edit the values that you understand.