Eternal Bliss
Crash Course on Registry.
Thu Dec 17 18:20:04 1998


Hi to All,

In this project, everyone is so interested about how to registry works.
I searched through my files and found this piece of info that will be of
interest. Words in bold are my comments. A few points after the article as well.

-------------------------------------
The Windows 95 Registry is a unified database for storing system and
application configuration data in a hierarchical form.
Its role is to replace the .INI files used by older Windows 3.xx
versions. All data from the system initialization files: SYSTEM.INI,
WIN.INI, CONTROL.INI etc., is now contained into the Registry, together
with most of the other system settings.
All Windows 95 specific programs (32bit applications) now store their
initialization data into the Registry instead of into .INI files.
The actual Registry files are: SYSTEM.DAT and USER.DAT (and their
automatically created backups from the last successful Win95 startup:
SYSTEM.DA0 and USER.DA0), located in the Windows 95 folder (default is
Windows). For write-protection purposes, all these four files have the
following attributes: hidden, read-only and system.


Registry Structure


When you run the Registry Editor (RegEdit.exe, located in your Windows
folder), you'll see the following Registry expandable subtrees under the
"My Computer" header:

+ HKEY_CLASSES_ROOT: Contains software settings about drag-and-drop
operations, handles shortcut information, and other user interface
information. There is a subkey here for every file association that
has been defined.

+ HKEY_CURRENT_USER: Contains information regarding the currently
logged-on user (see also HKEY_USERS below).
+ AppEvents: Settings for assigned sounds to play for system and
applications sound events.
+ Control Panel: Control Panel settings, similar to system.ini,
win.ini and control.ini in Windows 3.xx.
+ InstallLocationsMRU: Contains the paths for the Startup folder
programs.
+ Keyboard layout: Specifies current keyboard layout.
+ Network: Network connection information.
+ RemoteAccess: Current log-on location information, if using Dial-Up
Networking.
+ Software: Software configuration settings for the currently
logged-on user.

+ HKEY_LOCAL_MACHINE: Contains information about the hardware and
software settings that are generic to all users of this computer.
Subkeys include:
+ Config: Configuration information/settings.
+ Enum: Hardware device information/settings.
+ Hardware: Serial communication port(s) information/settings.
+ Network: Information about network(s) the user is currently logged
onto.
+ Security: Network security settings.
+ Software: Software specific information/settings.
+ System: System startup and device driver information and operating
system settings.

+ HKEY_USERS: Contains information about desktop and user settings for
each user that logs onto the same Windows 95 system. Each user will have
a subkey under this heading. If there is only one user, the subkey is
".default".

Therefore, HKEY_USERS is some sort of mirror to HKEY_CURRENT_USER

+ HKEY_CURRENT_CONFIG: Contains information about the current hardware
configuration, pointing to HKEY_LOCAL_MACHINE.

Therefore, HKEY_CURRENT_CONFIG is some sort of mirror to HKEY_LOCAL_MACHINE

+ HKEY_DYN_DATA: Contains dynamic information about the plug-and-play
devices installed on the system. The data here changes if devices are
added or removed on-the-fly.

* BEWARE: When you add/delete/modify a Registry item/value/key/string by
running RegEdit, IT WILL NOT PROMPT YOU FOR CONFIRMATION ON
SAVING THE CHANGES OR BEFORE CLOSING THE REGISTRY EDITOR!
-------------------------------------

Sandman:"It's highly possible that some software author WILL find a way to do
insert this 'second duplicate key' without requiring the original key, in which
case REGMON,REGVIEW won't show this!!.."

So, it is impossible for anyone to create the 2nd duplicate key because it will
be mirrored to HKEY_CURRENT_USER.
I've tried adding a key to
HKEY_USERS.DEFAULTSoftwareNetscapeNetscapeNavigator
and it appears automatically in HKEY_CURRENT_USER. 8)

Also, if you notice in Reg Crawler, you can either search in HKEY_CURRENT_USER or
HKEY_USERS but NOT both.

Merry Christmas!