Thursday, May 29, 2008

What Is a Windows System Registry?


The system registry is one of the most important parts of a Windows-based computer system. Not to be tampered with lightly, the registry is a system-defined database used by the Windows operating system to store configuration information. Most Windows applications write data to the registry during installation, and system components store and retrieve configuration data through the registry. The data stored in the registry varies according to the version of Microsoft Windows.



Windows is what is known as a "graphical user interface", allowing users to point and click their way through various icons to change settings via various checkboxes and menus. However, there is another way to customize virtually everything in the operating system all from a single point - the System Registry. In fact, some options can only be set via the System Registry - the choice simply doesn't exist in the graphical menus.



The data is stored in the registry in a tree structure format, for those who have never opened the Registry Editor, you'd find its layout is similar to what you would see when you open your Windows Explorer. Each node within the registry tree contains a key which may have both subkeys and data entries (called values). Depending on the application you run, the application may need only the associated key while others may need the value data set for that specific key. A hive in the registry is a group of keys, subkeys, and values in the registry that has a set of supporting files containing backups of its data. The Windows boot process automatically retrieves data from these supporting files.




...



Almost all software installed on the PC will impact the System Registry. Preferences regarding hardware, options, and other software settings will all be added to the huge database of the Registry. Thus the System Registry isn't just the central nervous system for the Operating System (OS), it's the central nervous system for the OS and any applications installed to that OS.

The System Registry is also where malware "registers" itself to run on the system, or makes other modifications that can have a critical impact on the functioning of your PC. Thus, familiarizing yourself with the System Registry is not just a good way to tweak your PC, it's essential if you wish to be able to manually defend it.

The System Registy operates much like Windows Explorer. That is to say, top tier items are folders known as keys which, when expanded, display various second tier items, also known as keys. Additional third-tier keys may also be contained within second tier keys, etc. In other words, just as Windows has folders and subfolders, the registry has keys and subkeys. Within those keys are values. To see the values a particular key contains, you first select (highlight) the key in the left pane, and the value(s) will appear in the right pane.

When a key is collapsed - that is to say, all the other keys within it are not visible - a + sign will appear to the left of the key name in the left pane. Clicking the + sign will expand that key. The key will now have a - sign to the left of it and second tier keys will be seen below it. When a + sign appears to the left of a key name, it means that other keys are contained within it.

1 comment:

Anonymous said...

Keep up the good work.