Note: To get a better understanding of Windows Registry basics, read this guide.
If you’re somewhat familiar with the Windows Registry, you’ve no doubt seen references to HKCR, HKCU, HKLM, HKU, and HKCC. These abbreviations represent the five root keys in the Windows Registry:
- HKEY_CLASSES_ROOT (HKCR)
- HKEY_CURRENT_USER (HKCU)
- HKEY_LOCAL_MACHINE (HKLM)
- HKEY_USERS (HKU)
- HKEY_CURRENT_CONFIG (HKCC)
This guide explains the basics on what each root key represents and what settings you can expect to find under each. I wrote this guide to help clarify the fundamentals of the registry and provide insight into what each root key does.
HKEY_CLASSES_ROOT
HKEY_CLASSES_ROOT or HKCR is an alias (i.e. a reference) to HKEY_LOCAL_MACHINE\Software\Classes. A separate root key is added mainly so software developers have direct access to this data without dipping in to HKLM. HKCR contains data related to applications, shortcuts, and file extension associations. When we open HKEY_CLASSES_ROOT, we see:
The Shell subkey stores actions for each file type.
HKEY_CURRENT_USER
HKEY_CURRENT_USER or HKCU is built from %UserProfile%\ntuser.dat (to view this file, you’ll need to enable viewing of protected system files.) HKCU contains data specific to each user with a log on account on your PC. Here’s what we see when we expand HKCU:
A little digging through this key yields data like application events (i.e. program sounds), keyboard layout, mapped network drives, application preferences (Software), and other user-specific settings.
HKEY_LOCAL_MACHINE
HKEY_LOCAL_MACHINE or HKLM hardware and software configuration data that is “global” or pertinent to the PC regardless of which user is logged on. Here’s what HKLM looks like:
System Contains subkeys and settings related to Windows startup.
HKEY_USERS
HKEY_USERS or HKU is the home of group policy settings. Any Group Policy based rules are stored under this root key. When you log on, these settings are copied over to HKCU.
When you expand HKU, you’ll see a .DEFAULT folder as well as entries for each user/log on ID. The .DEFAULT folder contains the base settings for new users when they first logon, S-1-5-21- folders contain settings for user IDs:
You can cross reference these IDs with HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\ where you’ll find the same list of SIDs. Click on one of the S-1-5-21- folders, and check out the ProfileImagePath key’s data value to see the owner of the profile.
HKEY_CURRENT_CONFIG
HKEY_CURRENT_CONFIG or HKCC contains the current hardware profile settings. Like HKCR, HKCC is an alias to HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001 (Note: If your PC has multiple hardware profiles, they are numbered ControlSet002, ControlSet003 etc.)
Well that’s about it for the basics of the Windows Registry; now you know the foundation of the root keys, I’m hoping the registry seems a little less daunting?
What did I miss? Let us know in the comments.
About Rich
Rich is the owner and creator of Windows Guides; he spends his time breaking things on his PC so he can write how-to guides to fix them.
- Web
- |
- |
- |
- |
- Google+
- |
- More Posts (1019)
Good read, thanks Rich
Very informative
Truely a good post… :)
Can anyone please help me,I keep on getting a small square window in the centre of the screen with HKCU in it,I keep on closing it but it keeps returning,even when Internet Explorer window is open,or any other window is ope.