The Windows Registry is the centralized configuration database for Windows NT and Windows 2000, as well as for applications. The Registry stores information about tuning parameters, device configuration, and user preferences.
On disk, the Windows Registry isn’t simply one large file but a set of discrete files called hives. Each hive contains a Registry tree, which has a key that serves as the root (i.e., starting point) of the tree. Subkeys and their values reside beneath the root.
Location of Windows registry files
The location of these registry hives are as follows:
HKEY_LOCAL_MACHINE \SYSTEM : \system32\config\system
HKEY_LOCAL_MACHINE \SAM : \system32\config\sam
HKEY_LOCAL_MACHINE \SECURITY : \system32\config\security
HKEY_LOCAL_MACHINE \SOFTWARE : \system32\config\software
HKEY_USERS \UserProfile : \winnt\profiles\username
HKEY_USERS.DEFAULT : \system32\config\default
HKEY_LOCAL_MACHINE \SAM : \system32\config\sam
HKEY_LOCAL_MACHINE \SECURITY : \system32\config\security
HKEY_LOCAL_MACHINE \SOFTWARE : \system32\config\software
HKEY_USERS \UserProfile : \winnt\profiles\username
HKEY_USERS.DEFAULT : \system32\config\default
Some hives are volatile and don’t have associated files. The system creates and manages these hives entirely in memory; the hives are therefore temporary in nature. The system creates volatile hives every time the system boots. Examples are:
HKEY_LOCAL_MACHINE \HARDWARE : Volatile hive
HKEY_LOCAL_MACHINE \SYSTEM \Clone : Volatile hive
HKEY_LOCAL_MACHINE \SYSTEM \Clone : Volatile hive
These files are database files, and only RegEdit, Regedit32 and the Kernel32 can read them. The primary tool in Windows 7 for working directly with the registry is Registry Editor. To access it, simply type Regedit in Start Menu Search Bar and hit Enter !
No comments:
Post a Comment