For many computer users - with its complex hierarchical framework, not to mention the confusing registry lingo - taking on the task of understanding the inner workings and structure of a computer systems' registries can seem unapproachable and far too complex a task. If you were to visualize your computer system as a living, breathing organism, you could certainly view its registry as vital to its existence. Without its registry, your computer system could not perform the many important tasks that you expect and rely on it to initiate for you every day.
As technologies advance, computers continue to grow more and more endemically essential and are increasingly becoming an even more central part of our everyday lives; thus, so should our basic knowledge and general comprehension of them continue to grow. In truth, gaining a general understanding of your registry's hives, keys, subkeys, and their values is not only useful and helpful, but it is also not as difficult a task as you would expect.
Defining Registry Values
Your computer's registry is a hierarchical structure, very much like a data tree, with your hives at the top echelon, followed by your registry keys, subkeys, and lastly, their values. This last tier of the hierarchical framework of your registry, which can be located within your keys and subkeys, compromises what are called your 'registry values.' It may be helpful to think of your registry keys as folders, your subkeys as subfolders, and their contained value(s) as files or the data contained within your computer's registry.
Both the registry keys and subkeys – which are located within your registry's hives – can contain either further subkeys or their contained values. Thus, registry values are the inner layer of your registry, and though, generally speaking, most values contain a binary, strings, and DWORD values, there are quite a few different types of registry values. Registry values, then, are the actual data contained within your computer's registry; they are name/data pairs contained within your registry's keys and subkeys.
Registry keys and values are referred to separately, and each and every registry value possesses a unique name in which its letter case is insignificant. Registry values are able to hold arbitrary data of both variable encoding and length. This data is correlated with a symbolic type – which can also be considered as a numeric constant – which defines how this data is parsed.
The following lists the different, standard types of registry values - with the particular value listed first, followed by its brief type definition:
- REG_BINARY – Binary data value, in any form.
- REG_DWORD – This references a 32-bit number value.
- REG_DWORD_LITTLE_ENDIAN – A 32-bit number value, in little-endian format.
- REG_DWORD_BIG_ENDIAN – A 32-bit number value, in big-endian format.
- REG_EXPAND_SZ – This value type is a null-terminated string that holds unpredicted references to different environmental variables and is either an ANSI or a Unicode string based on whether you employ ANSI or Unicode functions.
- REG_LINK – This type of value is a null-terminated Unicode string that holds the target path for a symbolic link, which was created by calling the function, RegCreateKeyEx, with REG_OPTION_CREATE_LINK.
- REG_MULTI_SZ – this value type is a sequence of null-terminated strings that are terminated by an empty string (see, \0).
- REG_NONE – This value has no defined type.
- REG_QWORD – This value is a 64-bit number.
- REG_QWORD_LITTLE_ENDIAN – This value is a 64-bit number, in little-endian format.
- REG_SZ – This value is a null-terminating string, either an ANSI or a Unicode string depending on whether you employ ANSI or Unicode functions.