1 / 16

Windows Under the Hood

Windows Under the Hood. The Registry. Stores information on everything Windows Found in WindowsSystem32config if you want to know Rarely do we go straight to the Registry; use Device Manager, Control Panel Regedit or Regedt32 will get you to same place; Start | Run

vevay
Download Presentation

Windows Under the Hood

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Windows Under the Hood

  2. The Registry • Stores information on everything Windows • Found in Windows\System32\config if you want to know • Rarely do we go straight to the Registry; use Device Manager, Control Panel • Regedit or Regedt32 will get you to same place; Start | Run • Be careful, you can break Windows easily

  3. Registry Root Keys • HKEY_CLASSES_ROOT; class objects, file associations, type of icon, program to open it • HKEY_CURRENT_USER; current user preferences, desktop color and pattern • HKEY_USERS; All users for the computer • HKEY_LOCAL_MACHINE (HKLM); system’s non-user-specific configurations • HKEY_CURRENT_CONFIG; hardware currently being used

  4. Registry Edits • Use either program: REGEDIT or REGEDT32 • Make a backup before you change anything (File | Export) – use .REG extension • Be careful of value types if adding key(s) • Saves are automatic; no recovery from deletes

  5. Types of Data in Registry • String value: any form of data • Binary value: Ones and zeros • Dword value: Binary but limited to 32-bits • Qword value: Binary but limited to 64-bits

  6. XP Boot Process • System files start the boot process • NTLDR, boot.ini, and ntdetect.com (ntbootdd.sys); on system partition • Edit boot.ini from System | Advanced |Startup and Recovery • Later files: ntoskrnl.exe, hal.dll, Registry, device drivers and winlogon.exe found in boot partition (Windows)

  7. System Partition Files • NTLDR – MBR starts it; reads Boot.ini to find Windows installations • Boot.ini uses Advanced RISC Computing (ARC) naming system to identify partitions; edit from System applet in Control Panel • Ntldr starts protected mode and then calls on ntdetect.com to find hardware

  8. Vista/7 Boot • 32-bit BIOS scans for master boot record; loads boot sector; bootmgr • 64-bit UEFI loads bootmgr directly • Bootmgr asks which OS to load using Boot Configuration Data (BCD) file. Edit with bcdedit.exe; then loads winload.exe; then the OS kernel • Vista/7 boot files and the system files must all reside on the same partition

  9. Processes, Services and Threads • Applications are processes loaded into RAM; have a window and end when you close the window • Processes without need for a window are called Services

  10. Task Manager • One-stop place for Applications, Processes and Services • CTRL-SHIFT-ESC, CTRL-ALT-DELETE, Start|Run | taskmgr • Click View | Select Columns for Process Identifier (PID) • Can log off a user from Users tab if they did not

  11. Task Manager, 2 • Applications tab; shows all running applications; go here to force application to stop • Processes tab; everything is a process; can end processes but for some, Windows won’t allow you to end them • Performance tab; quick check of what is going on – CPU use and memory use • Networking and Users tabs; not really exciting; can see how busy network is

  12. Services Applet • Control Panel |Administrative Tools | Services • Click on Services button in Services pane of Task Manager • Run services.msc • Can start, or stop, a service from here; Windows will not let you stop critical services • This has services in alphabetic order where Task Manager does not

  13. Performance Console • Object is a system component that is given a set of characteristics and is a single entity • Counters track specific information about objects • Lots of counters; not many books on the Console, read over Michael’s section

  14. Performance – Vista and 7 • Reliability and Performance Monitor in Vista • Performance Monitor in 7 • Start with Performance Information and Tools in Control Panel • Wander with it to get a sense of what it can tell you – we will do that in lab sessions

  15. Honorable Mention • Component Services: Allows sharing of objects between programs • Data Sources: Open DataBase Connectivity (ODBC); sharing of databases among programs

More Related