1 / 16

Working with the Windows Registry

Working with the Windows Registry. Computer Club of the Sandhills November 12, 2012. Registry Definition. The registry was developed to overcome the restrictions of the INI and REG.DAT files. The registry is composed of two pieces of information:

miriam
Download Presentation

Working with the Windows Registry

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Working with the Windows Registry Computer Club of the Sandhills November 12, 2012

  2. Registry Definition • The registry was developed to overcome the restrictions of the INI and REG.DAT files. • The registry is composed of two pieces of information: • System-Wide Information – This is data about software and hardware settings. This information tends to be apply to all users of the computer. • User Specific Information – This is data about an individual configuration. This information is specific to a user’s profile.

  3. Registry Definition • The Microsoft Computer Dictionary defines the registry as: • A central hierarchical database used in the Microsoft Windows family of Operating Systems to store information necessary to configure the system for one or more users, applications and hardware devices. • The registry contains information that Windows continually references during operation, such as profiles for each user, the applications installed on the computer and the types of documents that each can crate, property sheet settings for folders and application icons, what hardware exists on the system and the ports that are being used.

  4. Details The registry is a database that is used by all windows operating systems that followed Win95. The registry is used by the Windows OS to store hardware and software configuration information, user preferences and setup information. A healthy registry is essential for proper windows performance and function, this is why the registry is usually attacked by viruses and other malicious software.

  5. Registry vs. File System The registry is analogous to a file system. File system: Folders Files Registry: Keys Keys have inside them either other keys or name/value pairs which correspond to object name and content.

  6. Registry Content The registry holds critical information about the system, the users of the system, and installed applications: Operating System version number, build number, and registered user. Information for every properly installed application, Information about the computer’s processor type and system memory. User-specific information (home directory, app. preferences) Security information such as user account names. Installed services Mapping from file names to programs/executables. Mapping network addressees to host machine names.

  7. Registry contents: Security Information the registry includes: • System Configuration • Devices on the System • User Names • Personal Settings and Browser Preferences • Web Browsing Activity • Files Opened • Programs Executed • Passwords

  8. Windows 9x Registry

  9. Modern Windows Registry

  10. Windows Security and Relative ID • The Windows Registry utilizes a alphanumeric combination to uniquely identify a security principal or security group. • The Security ID (SID) is used to identify the computer system. • The Relative ID (RID) is used to identity the specific user on the computer system. • The SID appears as: • S-1-5-21-927890586-3685698554-67682326-1005

  11. Registry Structure

  12. Registry Structure Registry has five top level branches or Hives: HKEY_CLASSES_ROOT COM server info, file associations, shortcuts HKEY_CURRENT-USER Logged in user name, desktop, start menu HKEY_LOCAL_MACHINE Hardware, software, preferences for all users HKEY_USERS Individual preferences for each user, represented by Security ID (SID) HKEY_CURRENT_CONFIG Links to part of HKEY_LOCAL_MACHINE for current hardware HKEY_DYN_DATA Links to part of HKEY_LOCAL_MACHINE for PlugAndPlay

  13. Registry Value Types REG_BINARY Raw binary data REG_DWORD 32 bit integers – often representing bools REG_SZ string REG_EXPAND_SZ Expandable string REG_MULTI_SZ Container for null separated strings

  14. Exporting and Importing In RegEdit select a key File Export Provide filespec info in resulting save dialog

  15. Using Regedit

  16. Using CCleanerhttp://www.piriform.com/ccleaner

More Related