SlideShare a Scribd company logo

Windows xp and registery

Download as PPT, PDF
P
parekhjigarh

presentation on Windows and basics registry. These slides deals with the basic terms and working of windows registry under Windows O.S. Windows tricks by registry.

Software
1 of 29
By Parekh Jigar H 10MCA059
Registry is a hierarchical database of windows Many changes are made to the system configurations through various Control Panel applets and applied to Registry
Type Description REG_BINARY Binary data. Displays binary data in hexadecimal notation REG_DWORD Double-word values 32 bits. REG_EXPAND_SZ Variable-length text to store long string REG_NONE Values with no defined type. REG_LINK A link. You can’t create REG_LINK values
REG_DWORD_BIG_ENDIAN REG_DWORD_LITTLE_ENDIAN REG_FULL_RESOURCE_DESCRIPTOR REG_MULTI_SZ REG_QWORD REG_QWORD_BIG_ENDIAN REG_QWORD_LITTLE_ENDIAN REG_RESOURCE_LIST REG_RESOURCE_REQUIREMENTS_LIST REG_SZ Some data types can be used in only 64 bit windows Some are for only Windows
Each time Windows XP starts, Registry is loaded into memory from files on the hard drive … Changes become effective immediately Only on rare occasions is rebooting the system required
The Registry is stored not in one file, but rather in several Each contains a discrete body of keys, subkeys and values known as a hive Complete listing of path and filenames are found in Registry at subkey: HKEY_LOCAL_MACHINESYSTEMCurrentControlSetCon trolhivelist
The five highest-level keys (HKEY) in the Registry are:  HKEY_CLASSES_ROOT  HKEY_CURRENT_USER  HKEY_LOCAL_MACHINE  HKEY_USERS  HKEY_CURRENT_CONFIG
Abbreviations for the root keys are: HKEY_CLASSES_ROOT—“HKCR” HKEY_CURRENT_USER—“HKCU” HKEY_USERS—“HKU” HKEY_LOCAL_MACHINE—“HKLM” HKEY_CURRENT_CONFIG—“HKCC”
Container for information pertaining to application associations based on file extensions and COM object data
Container for profile for whichever user is currently logged on Contents are built each time a user logs on by copying appropriate subkey from the HKEY_USERS key
Controls the local computer, establishing configuration of hardware and operating system environment Includes information about the hardware devices, installed applications, device drivers, kernel services, physical settings Dependent on physical composition of the hardware and software present on machine
Main 5 sub keys of HKLM HARDWARE SAM SECURITY SOFTWARE SYSTEM All these subkeys except HARDWARE are saved to hive files in %systemroot%system32config
HARDWARE- Sub key containing data related directly to physical devices installed on a computer SAM –Security Account Manager Location where user accounts and group memberships are defined SECURITY: security policy on the local machine Applies to all local users
SOFTWARE: It serves as a container for data about installed software and mapped file extensions Resides in a hive file named SOFTWARE in %systemroot%System32config directory
SYSTEM It stores data required to boot Windows XP:  Startup parameters  Loading order for device drivers  Service startup credentials (settings and parameters)  Basic operating system behavior
Contains profiles for all current users who have ever logged onto system Each time system boots builds the key: Loads a default user profile file and locally stored copies of either "Ntuser.dat" or "Ntuser.man" from user's profile directory (Documents and Settings%username%) HKEY_USERS.Default node is location for the default (new) user settings
Container for data that pertains to whatever hardware profile is currently in use Links to the: HKLMSYSTEMCurrentControlSetHardwareProfilesCurrent Maintained for backward compatibility Not strictly required by Windows XP
Registry key Logging and backup file HKLMSAM Sam, Sam.log,Sam.sav HKLMSECURITY Security, Security.log, Security.sav HKLMSOFTWARE Software, Software.log, Software.sav HKLMSYSTEM System, System.alt, System.log, System.sav HKU.Default Default, Default.sav, Default.log HKCU Ntuser.dat, Ntuser.dat.log
The Registry file extensions: No extension - the actual storage file itself (the hive file) .alt -The backup file for the subkey Only HKLMSYSTEM has a backup file .log -log files record all successful and failed changes to Registry Verifies all modifications are completed .sav -copies of original key values after the text portion of Windows XP installation
Name Default Path AppData %UserProfile%Application Data Personal %UserProfile%My Documents Desktop %UserProfile%Desktop Cookies %UserProfile%Cookies Cache %UserProfile%Local SettingsTemporary Internet Files Recent %UserProfile%Recent HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerUser Shell
GUIDs are numbers that uniquely identify objects such as computers, program components, and devices. All GUIDs have the same interesting format. They’re 16- byte hexadecimal numbers in groups of 8, 4, 4, 4, and 12 digits (0 through 9 and A through F). A dash divides each group of digits, and curly brackets enclose the whole number
ActiveX Cache {88C6C381-2E85-11D0-94DE-444553540000} Computer Search Results {1F4DE370-D627-11D1-BA4F-00A0C91EEDBA} History {FF393560-C2A7-11CF-BFF4-444553540000} Internet Explorer {871C5380-42A0-1069-A2EA-08002B30309D} My Computer {20D04FE0-3AEA-1069-A2D8-08002B30309D} My Documents {450D8FBA-AD25-11D0-98A8-0800361B1103} My Network Places {208D2C60-3AEA-1069-A2D7-08002B30309D} Offline Files {AFDB1F70-2A4C-11D2-9039-00C04F8EEB3E} Programs {7BE9D83C-A729-4D97-B5A7-1B7313C39E0A} Recycle Bin {645FF040-5081-101B-9F08-00AA002F954E} Search Results {E17D4FC0-5564-11D1-83F2-00A0C90DC849}
Desktop.ini is the feature of windows that allowws to change Folder background, folder tool-tip text, folder icon [.ShellClassInfo] IconFile=2.ico IconIndex=0 InfoTip="Parekh's tooltip folder" [{BE098140-A513-11D0-A3A4-00C04FD706EC}] iconarea_image=s1.jpg IconArea_Text=0xFFFFFFFF Make folder and file to system file
The .inf files specify the program files required for components to run on 32-bit versions of Windows. By using the setup engine built into Windows, .inf files can take advantage of the setup engine's small size, as well as functions of the Windows operating system such as copying files, adding registry entries, and creating shortcuts. The .inf files can also provide limited platform independence and specify limited software dependencies.
By default all .inf files are stored in C:windowssysteminf [Version] Signature=$CHICAGO$ [DefaultInstall] AddReg=Reg.Settings [Reg.Settings] Add registery keys Format to add key Rootkey, subkey, keyname, flag, value
flags 0x00000000. Value is REG_SZ. This is the default if you omit flags. 0x00000001. Value is REG_BINARY. 0x00010000. Value is REG_MULTI_SZ. 0x00020000. Value is REG_EXPAND_SZ. 0x00010001. Value is REG_DWORD. 0x00020001. Value is REG_NONE.
Microsoft Tweak UI is a must-have tool for anyone customizing Microsoft Windows XP or Windows Server 2003 (Windows). It allows users to customize settings that wouldn’t be available in the operating system’s user interface without editing the registry
HKEY_LOCAL_MACHINE Software Microsoft Windows CurrentVersion Explorer Shell Icons 2= Applications Generic 3= Closed Folder 4= Open Folder 7= Removable Drive 8= Hard Drive 9= NetWork Drive 31= Recycle Bin Empty 32= Recycle Bin Full 33= Dial-up Network 34= DeskTop 35= Control Panel 36= Start Menu's Programs
Internet Self Experiments

Recommended

Windows registry forensics
Windows registry forensicsWindows registry forensics
Windows registry forensicsTaha İslam YILMAZ
 
FORENSIC ANALYSIS OF WINDOWS REGISTRY AGAINST INTRUSION
FORENSIC ANALYSIS OF WINDOWS REGISTRY AGAINST INTRUSIONFORENSIC ANALYSIS OF WINDOWS REGISTRY AGAINST INTRUSION
FORENSIC ANALYSIS OF WINDOWS REGISTRY AGAINST INTRUSIONIJNSA Journal
 
How to remove conduit search and other toolbars — extended guide
How to remove conduit search and other toolbars — extended guideHow to remove conduit search and other toolbars — extended guide
How to remove conduit search and other toolbars — extended guideJudy Halliwell
 
10 resource kit remote administration tools
10 resource kit remote administration tools10 resource kit remote administration tools
10 resource kit remote administration toolsDuggesh Talawar
 
Pace IT - Troubleshooting OS part 2
Pace IT - Troubleshooting OS part 2Pace IT - Troubleshooting OS part 2
Pace IT - Troubleshooting OS part 2Pace IT at Edmonds Community College
 
Microsoft Management Console
Microsoft Management ConsoleMicrosoft Management Console
Microsoft Management ConsoleRaghu nath
 
Malware 2.0
Malware 2.0Malware 2.0
Malware 2.0NullBound
 
Isys20261 lecture 05
Isys20261 lecture 05Isys20261 lecture 05
Isys20261 lecture 05Wiliam Ferraciolli
 

Recommended

Windows registry forensics
Windows registry forensicsWindows registry forensics
Windows registry forensicsTaha İslam YILMAZ
 
FORENSIC ANALYSIS OF WINDOWS REGISTRY AGAINST INTRUSION
FORENSIC ANALYSIS OF WINDOWS REGISTRY AGAINST INTRUSIONFORENSIC ANALYSIS OF WINDOWS REGISTRY AGAINST INTRUSION
FORENSIC ANALYSIS OF WINDOWS REGISTRY AGAINST INTRUSIONIJNSA Journal
 
How to remove conduit search and other toolbars — extended guide
How to remove conduit search and other toolbars — extended guideHow to remove conduit search and other toolbars — extended guide
How to remove conduit search and other toolbars — extended guideJudy Halliwell
 
10 resource kit remote administration tools
10 resource kit remote administration tools10 resource kit remote administration tools
10 resource kit remote administration toolsDuggesh Talawar
 
Pace IT - Troubleshooting OS part 2
Pace IT - Troubleshooting OS part 2Pace IT - Troubleshooting OS part 2
Pace IT - Troubleshooting OS part 2Pace IT at Edmonds Community College
 
Microsoft Management Console
Microsoft Management ConsoleMicrosoft Management Console
Microsoft Management ConsoleRaghu nath
 
Malware 2.0
Malware 2.0Malware 2.0
Malware 2.0NullBound
 
Isys20261 lecture 05
Isys20261 lecture 05Isys20261 lecture 05
Isys20261 lecture 05Wiliam Ferraciolli
 
Windows Kernel-
Windows Kernel-Windows Kernel-
Windows Kernel-Parth Desai
 
Cara format dan install 2
Cara format dan install 2Cara format dan install 2
Cara format dan install 2engrsurif
 
HIREN'S BOOT
HIREN'S BOOTHIREN'S BOOT
HIREN'S BOOTCristian421
 
Registry Repair
Registry RepairRegistry Repair
Registry Repair2040test
 
Computer Forensics & Windows Registry
Computer Forensics & Windows RegistryComputer Forensics & Windows Registry
Computer Forensics & Windows Registrysomutripathi
 
Hbcd
HbcdHbcd
HbcdYhorledy Cardenas
 
Registry Forensics
Registry ForensicsRegistry Forensics
Registry ForensicsSomesh Sawhney
 
Seminar Topic Registry (M.Tech)
Seminar Topic Registry (M.Tech) Seminar Topic Registry (M.Tech)
Seminar Topic Registry (M.Tech) Yashpal Rathore
 
TO Hack an ASP .NET website?
TO Hack an ASP .NET website? TO Hack an ASP .NET website?
TO Hack an ASP .NET website? Positive Hack Days
 
Hack ASP.NET website
Hack ASP.NET websiteHack ASP.NET website
Hack ASP.NET websitePositive Hack Days
 
Windows Registry Forensics - Artifacts
Windows Registry Forensics - Artifacts Windows Registry Forensics - Artifacts
Windows Registry Forensics - Artifacts MD SAQUIB KHAN
 
Vlan capture setup
Vlan capture setupVlan capture setup
Vlan capture setup東原 李
 
Fundamentals of Physical Memory Analysis
Fundamentals of Physical Memory AnalysisFundamentals of Physical Memory Analysis
Fundamentals of Physical Memory AnalysisDmitry Vostokov
 
WindowsRegistry.ppt
WindowsRegistry.pptWindowsRegistry.ppt
WindowsRegistry.pptAliAshraf68199
 
Bh Win 03 Rileybollefer
Bh Win 03 RileybolleferBh Win 03 Rileybollefer
Bh Win 03 RileybolleferTimothy Bollefer
 
Gg steps
Gg stepsGg steps
Gg stepsHari Prasath
 
Oracle Basics and Architecture
Oracle Basics and ArchitectureOracle Basics and Architecture
Oracle Basics and ArchitectureSidney Chen
 
Computer technicians-quick-reference-guide
Computer technicians-quick-reference-guideComputer technicians-quick-reference-guide
Computer technicians-quick-reference-guideShathees Rao
 
FOISDBA-Ver1.1.pptx
FOISDBA-Ver1.1.pptxFOISDBA-Ver1.1.pptx
FOISDBA-Ver1.1.pptxssuser20fcbe
 
ATS SmartFR
ATS SmartFRATS SmartFR
ATS SmartFRHoang Le Van
 
Electronic document management system
Electronic document management systemElectronic document management system
Electronic document management systemBiodor Bonifacio
 
Session 8 Tp 8
Session 8 Tp 8Session 8 Tp 8
Session 8 Tp 8githe26200
 

More Related Content

Viewers also liked

Cara format dan install 2
Cara format dan install 2Cara format dan install 2
Cara format dan install 2engrsurif
 
Registry Repair
Registry RepairRegistry Repair
Registry Repair2040test
 
Computer Forensics & Windows Registry
Computer Forensics & Windows RegistryComputer Forensics & Windows Registry
Computer Forensics & Windows Registrysomutripathi
 

Viewers also liked (6)

Windows Kernel-
Windows Kernel-Windows Kernel-
Windows Kernel-
 
Cara format dan install 2
Cara format dan install 2Cara format dan install 2
Cara format dan install 2
 
HIREN'S BOOT
HIREN'S BOOTHIREN'S BOOT
HIREN'S BOOT
 
Registry Repair
Registry RepairRegistry Repair
Registry Repair
 
Computer Forensics & Windows Registry
Computer Forensics & Windows RegistryComputer Forensics & Windows Registry
Computer Forensics & Windows Registry
 
Hbcd
HbcdHbcd
Hbcd
 

Similar to Windows xp and registery

Seminar Topic Registry (M.Tech)
Seminar Topic Registry (M.Tech) Seminar Topic Registry (M.Tech)
Seminar Topic Registry (M.Tech) Yashpal Rathore
 
Windows Registry Forensics - Artifacts
Windows Registry Forensics - Artifacts Windows Registry Forensics - Artifacts
Windows Registry Forensics - Artifacts MD SAQUIB KHAN
 
Vlan capture setup
Vlan capture setupVlan capture setup
Vlan capture setup東原 李
 
Fundamentals of Physical Memory Analysis
Fundamentals of Physical Memory AnalysisFundamentals of Physical Memory Analysis
Fundamentals of Physical Memory AnalysisDmitry Vostokov
 
Oracle Basics and Architecture
Oracle Basics and ArchitectureOracle Basics and Architecture
Oracle Basics and ArchitectureSidney Chen
 
Computer technicians-quick-reference-guide
Computer technicians-quick-reference-guideComputer technicians-quick-reference-guide
Computer technicians-quick-reference-guideShathees Rao
 
FOISDBA-Ver1.1.pptx
FOISDBA-Ver1.1.pptxFOISDBA-Ver1.1.pptx
FOISDBA-Ver1.1.pptxssuser20fcbe
 
Electronic document management system
Electronic document management systemElectronic document management system
Electronic document management systemBiodor Bonifacio
 
Session 8 Tp 8
Session 8 Tp 8Session 8 Tp 8
Session 8 Tp 8githe26200
 
Acceleration of Statistical Detection of Zero-day Malware in the Memory Dump ...
Acceleration of Statistical Detection of Zero-day Malware in the Memory Dump ...Acceleration of Statistical Detection of Zero-day Malware in the Memory Dump ...
Acceleration of Statistical Detection of Zero-day Malware in the Memory Dump ...Igor Korkin
 
TechEd NZ 2014: Azure and Sharepoint
TechEd NZ 2014: Azure and SharepointTechEd NZ 2014: Azure and Sharepoint
TechEd NZ 2014: Azure and SharepointIntergen
 
Pandora FMS: DB2 Enterprise Plugin
Pandora FMS: DB2 Enterprise PluginPandora FMS: DB2 Enterprise Plugin
Pandora FMS: DB2 Enterprise PluginPandora FMS
 

Similar to Windows xp and registery (20)

Registry Forensics
Registry ForensicsRegistry Forensics
Registry Forensics
 
Seminar Topic Registry (M.Tech)
Seminar Topic Registry (M.Tech) Seminar Topic Registry (M.Tech)
Seminar Topic Registry (M.Tech)
 
TO Hack an ASP .NET website?
TO Hack an ASP .NET website? TO Hack an ASP .NET website?
TO Hack an ASP .NET website?
 
Hack ASP.NET website
Hack ASP.NET websiteHack ASP.NET website
Hack ASP.NET website
 
Windows Registry Forensics - Artifacts
Windows Registry Forensics - Artifacts Windows Registry Forensics - Artifacts
Windows Registry Forensics - Artifacts
 
Vlan capture setup
Vlan capture setupVlan capture setup
Vlan capture setup
 
Fundamentals of Physical Memory Analysis
Fundamentals of Physical Memory AnalysisFundamentals of Physical Memory Analysis
Fundamentals of Physical Memory Analysis
 
WindowsRegistry.ppt
WindowsRegistry.pptWindowsRegistry.ppt
WindowsRegistry.ppt
 
Bh Win 03 Rileybollefer
Bh Win 03 RileybolleferBh Win 03 Rileybollefer
Bh Win 03 Rileybollefer
 
Gg steps
Gg stepsGg steps
Gg steps
 
Oracle Basics and Architecture
Oracle Basics and ArchitectureOracle Basics and Architecture
Oracle Basics and Architecture
 
Computer technicians-quick-reference-guide
Computer technicians-quick-reference-guideComputer technicians-quick-reference-guide
Computer technicians-quick-reference-guide
 
FOISDBA-Ver1.1.pptx
FOISDBA-Ver1.1.pptxFOISDBA-Ver1.1.pptx
FOISDBA-Ver1.1.pptx
 
ATS SmartFR
ATS SmartFRATS SmartFR
ATS SmartFR
 
Electronic document management system
Electronic document management systemElectronic document management system
Electronic document management system
 
Session 8 Tp 8
Session 8 Tp 8Session 8 Tp 8
Session 8 Tp 8
 
Acceleration of Statistical Detection of Zero-day Malware in the Memory Dump ...
Acceleration of Statistical Detection of Zero-day Malware in the Memory Dump ...Acceleration of Statistical Detection of Zero-day Malware in the Memory Dump ...
Acceleration of Statistical Detection of Zero-day Malware in the Memory Dump ...
 
Freefixer log
Freefixer logFreefixer log
Freefixer log
 
TechEd NZ 2014: Azure and Sharepoint
TechEd NZ 2014: Azure and SharepointTechEd NZ 2014: Azure and Sharepoint
TechEd NZ 2014: Azure and Sharepoint
 
Pandora FMS: DB2 Enterprise Plugin
Pandora FMS: DB2 Enterprise PluginPandora FMS: DB2 Enterprise Plugin
Pandora FMS: DB2 Enterprise Plugin
 

Recently uploaded

buds n tech IT solutions
buds n tech IT solutionsbuds n tech IT solutions
buds n tech IT solutionsmonugehlot87
 
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样umasea
 
What is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsWhat is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsJheuzeDellosa
 
cybersecurity notes for mca students for learning
cybersecurity notes for mca students for learningcybersecurity notes for mca students for learning
cybersecurity notes for mca students for learningVitsRangannavar
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...MyIntelliSource, Inc.
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...gurkirankumar98700
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software DevelopersVinodh Ram
 
Engage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The UglyEngage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The UglyFrank van der Linden
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataBradBedford3
 
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...Christina Lin
 
XpertSolvers: Your Partner in Building Innovative Software Solutions
XpertSolvers: Your Partner in Building Innovative Software SolutionsXpertSolvers: Your Partner in Building Innovative Software Solutions
XpertSolvers: Your Partner in Building Innovative Software SolutionsMehedi Hasan Shohan
 
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio, Inc.
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantAxelRicardoTrocheRiq
 
Implementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureImplementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureDinusha Kumarasiri
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...MyIntelliSource, Inc.
 
What is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWhat is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWave PLM
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...kellynguyen01
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxTier1 app
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackVICTOR MAESTRE RAMIREZ
 

Recently uploaded (20)

buds n tech IT solutions
buds n tech IT solutionsbuds n tech IT solutions
buds n tech IT solutions
 
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
 
What is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsWhat is Binary Language? Computer Number Systems
What is Binary Language? Computer Number Systems
 
cybersecurity notes for mca students for learning
cybersecurity notes for mca students for learningcybersecurity notes for mca students for learning
cybersecurity notes for mca students for learning
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software Developers
 
Engage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The UglyEngage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The Ugly
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
 
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
 
XpertSolvers: Your Partner in Building Innovative Software Solutions
XpertSolvers: Your Partner in Building Innovative Software SolutionsXpertSolvers: Your Partner in Building Innovative Software Solutions
XpertSolvers: Your Partner in Building Innovative Software Solutions
 
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service Consultant
 
Implementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureImplementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with Azure
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
 
What is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWhat is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need It
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
 
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStack
 

Windows xp and registery

  • 1. By Parekh Jigar H 10MCA059
  • 2. Registry is a hierarchical database of windows Many changes are made to the system configurations through various Control Panel applets and applied to Registry
  • 3. Type Description REG_BINARY Binary data. Displays binary data in hexadecimal notation REG_DWORD Double-word values 32 bits. REG_EXPAND_SZ Variable-length text to store long string REG_NONE Values with no defined type. REG_LINK A link. You can’t create REG_LINK values
  • 4. REG_DWORD_BIG_ENDIAN REG_DWORD_LITTLE_ENDIAN REG_FULL_RESOURCE_DESCRIPTOR REG_MULTI_SZ REG_QWORD REG_QWORD_BIG_ENDIAN REG_QWORD_LITTLE_ENDIAN REG_RESOURCE_LIST REG_RESOURCE_REQUIREMENTS_LIST REG_SZ Some data types can be used in only 64 bit windows Some are for only Windows
  • 5. Each time Windows XP starts, Registry is loaded into memory from files on the hard drive … Changes become effective immediately Only on rare occasions is rebooting the system required
  • 6. The Registry is stored not in one file, but rather in several Each contains a discrete body of keys, subkeys and values known as a hive Complete listing of path and filenames are found in Registry at subkey: HKEY_LOCAL_MACHINESYSTEMCurrentControlSetCon trolhivelist
  • 7. The five highest-level keys (HKEY) in the Registry are:  HKEY_CLASSES_ROOT  HKEY_CURRENT_USER  HKEY_LOCAL_MACHINE  HKEY_USERS  HKEY_CURRENT_CONFIG
  • 8. Abbreviations for the root keys are: HKEY_CLASSES_ROOT—“HKCR” HKEY_CURRENT_USER—“HKCU” HKEY_USERS—“HKU” HKEY_LOCAL_MACHINE—“HKLM” HKEY_CURRENT_CONFIG—“HKCC”
  • 9. Container for information pertaining to application associations based on file extensions and COM object data
  • 10. Container for profile for whichever user is currently logged on Contents are built each time a user logs on by copying appropriate subkey from the HKEY_USERS key
  • 11. Controls the local computer, establishing configuration of hardware and operating system environment Includes information about the hardware devices, installed applications, device drivers, kernel services, physical settings Dependent on physical composition of the hardware and software present on machine
  • 12. Main 5 sub keys of HKLM HARDWARE SAM SECURITY SOFTWARE SYSTEM All these subkeys except HARDWARE are saved to hive files in %systemroot%system32config
  • 13. HARDWARE- Sub key containing data related directly to physical devices installed on a computer SAM –Security Account Manager Location where user accounts and group memberships are defined SECURITY: security policy on the local machine Applies to all local users
  • 14. SOFTWARE: It serves as a container for data about installed software and mapped file extensions Resides in a hive file named SOFTWARE in %systemroot%System32config directory
  • 15. SYSTEM It stores data required to boot Windows XP:  Startup parameters  Loading order for device drivers  Service startup credentials (settings and parameters)  Basic operating system behavior
  • 16. Contains profiles for all current users who have ever logged onto system Each time system boots builds the key: Loads a default user profile file and locally stored copies of either "Ntuser.dat" or "Ntuser.man" from user's profile directory (Documents and Settings%username%) HKEY_USERS.Default node is location for the default (new) user settings
  • 17. Container for data that pertains to whatever hardware profile is currently in use Links to the: HKLMSYSTEMCurrentControlSetHardwareProfilesCurrent Maintained for backward compatibility Not strictly required by Windows XP
  • 18. Registry key Logging and backup file HKLMSAM Sam, Sam.log,Sam.sav HKLMSECURITY Security, Security.log, Security.sav HKLMSOFTWARE Software, Software.log, Software.sav HKLMSYSTEM System, System.alt, System.log, System.sav HKU.Default Default, Default.sav, Default.log HKCU Ntuser.dat, Ntuser.dat.log
  • 19. The Registry file extensions: No extension - the actual storage file itself (the hive file) .alt -The backup file for the subkey Only HKLMSYSTEM has a backup file .log -log files record all successful and failed changes to Registry Verifies all modifications are completed .sav -copies of original key values after the text portion of Windows XP installation
  • 20. Name Default Path AppData %UserProfile%Application Data Personal %UserProfile%My Documents Desktop %UserProfile%Desktop Cookies %UserProfile%Cookies Cache %UserProfile%Local SettingsTemporary Internet Files Recent %UserProfile%Recent HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerUser Shell
  • 21. GUIDs are numbers that uniquely identify objects such as computers, program components, and devices. All GUIDs have the same interesting format. They’re 16- byte hexadecimal numbers in groups of 8, 4, 4, 4, and 12 digits (0 through 9 and A through F). A dash divides each group of digits, and curly brackets enclose the whole number
  • 22. ActiveX Cache {88C6C381-2E85-11D0-94DE-444553540000} Computer Search Results {1F4DE370-D627-11D1-BA4F-00A0C91EEDBA} History {FF393560-C2A7-11CF-BFF4-444553540000} Internet Explorer {871C5380-42A0-1069-A2EA-08002B30309D} My Computer {20D04FE0-3AEA-1069-A2D8-08002B30309D} My Documents {450D8FBA-AD25-11D0-98A8-0800361B1103} My Network Places {208D2C60-3AEA-1069-A2D7-08002B30309D} Offline Files {AFDB1F70-2A4C-11D2-9039-00C04F8EEB3E} Programs {7BE9D83C-A729-4D97-B5A7-1B7313C39E0A} Recycle Bin {645FF040-5081-101B-9F08-00AA002F954E} Search Results {E17D4FC0-5564-11D1-83F2-00A0C90DC849}
  • 23. Desktop.ini is the feature of windows that allowws to change Folder background, folder tool-tip text, folder icon [.ShellClassInfo] IconFile=2.ico IconIndex=0 InfoTip="Parekh's tooltip folder" [{BE098140-A513-11D0-A3A4-00C04FD706EC}] iconarea_image=s1.jpg IconArea_Text=0xFFFFFFFF Make folder and file to system file
  • 24. The .inf files specify the program files required for components to run on 32-bit versions of Windows. By using the setup engine built into Windows, .inf files can take advantage of the setup engine's small size, as well as functions of the Windows operating system such as copying files, adding registry entries, and creating shortcuts. The .inf files can also provide limited platform independence and specify limited software dependencies.
  • 25. By default all .inf files are stored in C:windowssysteminf [Version] Signature=$CHICAGO$ [DefaultInstall] AddReg=Reg.Settings [Reg.Settings] Add registery keys Format to add key Rootkey, subkey, keyname, flag, value
  • 26. flags 0x00000000. Value is REG_SZ. This is the default if you omit flags. 0x00000001. Value is REG_BINARY. 0x00010000. Value is REG_MULTI_SZ. 0x00020000. Value is REG_EXPAND_SZ. 0x00010001. Value is REG_DWORD. 0x00020001. Value is REG_NONE.
  • 27. Microsoft Tweak UI is a must-have tool for anyone customizing Microsoft Windows XP or Windows Server 2003 (Windows). It allows users to customize settings that wouldn’t be available in the operating system’s user interface without editing the registry
  • 28. HKEY_LOCAL_MACHINE Software Microsoft Windows CurrentVersion Explorer Shell Icons 2= Applications Generic 3= Closed Folder 4= Open Folder 7= Removable Drive 8= Hard Drive 9= NetWork Drive 31= Recycle Bin Empty 32= Recycle Bin Full 33= Dial-up Network 34= DeskTop 35= Control Panel 36= Start Menu's Programs