No, you do not want to disable the Event Log! The log is an important
source of information about 'stuff' that happens on your computer.
Problems and errors are often recorded in the Event Log, the log can be an
invaluable troubleshooting tool, it is almost always one of the first
place to look when problems arise. You should familiarize yourself with
the Event Viewer and make it a habit of taking a look in there once in a
while, you might get early warnings of impending problems or be warned of
things going on that would otherwise go unnoticed on your machine. To
launch the Event Viewer enter eventvwr in the Start menur Run box.
Atomicity: A transaction is a unit of work in which a series of
operations occur between the BEGIN TRANSACTION and END TRANSACTION
statements of an application. A transaction executes exactly once and is
atomic — all the work is done or none of it is.
Atomicity and Hive Recovery in the Registry
The Registry ensures atomicity of individual actions. This means that any
change made to a value (to set, delete, or save) either works or does not
work: The result will not be a corrupted combination of the old and new
configuration even if the system stops unexpectedly because of power
failure, hardware failure, or software problems. For example, if an
application sets a value for an entry and the system shuts down while this
change is being made, when the system restarts, the entry will have either
the old value or the new value, but not a meaningless combination of both
values. In addition, the size and time data for the key containing the
affected entry will be accurate whether the value was changed or not
changed.
Flushing Data
In Windows NT, data is written to the Registry only when a flush occurs,
which happens after changed data ages past a few seconds, or when an
application intentionally flushes the data to the hard disk.
The system performs the following flush process for all hives (except for
the System hive):
1. All changed data is written to the hive's .log file along with a map
of where it is in the hive, and then a flush is performed on the .log
file. All changed data has now been written in the .log file.
2. The first sector of the hive file is marked to indicate that the
file is in transition.
3. The changed data is written to the hive file.
4. The hive file is marked as completed.
Note If the system shuts down between steps 2 and 4, when the hive is next
loaded at startup (unless it's a profile hive that is loaded at logon),
the system sees the mark left in step 2, and proceeds to recover the hive
using the changes contained in the .log file. That is, the .log files are
not used if the hive is not in transition. If the hive is in transition,
it cannot be loaded without the .log file.
A different flush process is used for the System hive because it is an
important element during system startup and is used too early during
startup to be recovered as described in the previous flush process.
The System.alt file contains a copy of the data contained in the System
file. During the flush process, changes are marked, written, and then
marked as done. Then the same flush process is followed for the System.alt
file. If there is a power failure, hardware failure, or software problems
at any point during the process, either the System or System.alt file
contains the correct information.
The System.alt file is similar to a .log file except that at load time,
rather than having to reapply the logged changes, the system just switches
to System.alt. The System.alt file is not needed unless the System hive is
in transition.
http://www.microsoft.com/resources/...rkstation/reskit/en-us/23_regov.mspx?mfr=true
Windows NT Workstation Resource Kit: Overview of the Windows NT Registry
http://msdn.microsoft.com/en-us/library/aa719484(VS.71).aspx
ACID Properties
John