Hives
The (last known good) Registry is stored in Registry Hives: Six of them are located in C:\Windows\System32\Config\ default SAM SECURITY software system userdiff There is one more hive for each user located in C:\Windows\\Documents and Settings\
Root Keys
Root Keys: Keys are like folders for files. Each key -- and in turn, each sub-key -- can contain sub-keys, one default value, and as many other values as needed.
HKEY_LOCAL_MACHINE -- (HKLM) contains information about hardware, and settings that apply globally. HKEY_CLASSES_ROOT -- (HKCR) contains file associations, OLE information and other system settings. HKEY_CURRENT_CONFIG -- settings specific to the current hardware configuration. HKEY_USERS -- (HKU) contains settings specific to all "logged on" users of the machine. HKEY_CURRENT_USER (HKCU) -- contains settings specific to the current user (the one with control).
Notice that there are really only 2 root keys. The others are sub-sets or pointers for sections of the 2 root keys. Do not confuse root keys with Registry hives. Hives are where the registry information is stored when Windows is not running. In a sense, the Directory is a dynamic thing that exists only in memory. Building the Registry Windows builds most of the Directory when it boots up, and the rest when you log on. Windows gets most of its information from the registry hive files. Information about hardware is obtained from the hardware and hardware drivers (files) when Windows boots. The registry is dynamic. Changes are retained in memory and recorded in *.log files. Windows also uses the *.log files to write the changes to the hives when you restart Windows. The Registry is primarily there to coordinate the operation of Windows, hardware and the installed programs. Editing is merely a subsidiary aspect of the Registry.
0 comments:
Post a Comment