You are on page 1of 20

Windows Registry

&
Organization of OS
in Windows
Understanding the Windows Registry
Registry
A database that stores hardware and software

configuration information, network connections, user


preferences, and setup information

For investigative purposes, the Registry can contain valuable


evidence
Registry: A Wealth of Information
Information that can be recovered include:
System Configuration
Devices on the System
User Names
Personal Settings and Browser Preferences
Web Browsing Activity
Files Opened
Programs Executed
Passwords
Where the Registry is stored

For Windows NT 4.0, Windows 2000, Windows XP, and


Windows Server 2003, the Registry files are stored in the
following directories:

Systemroot\System32\Config
Systemroot\Profiles\Username
How to edit the Registry

To view the Registry, you can use:


Regedit (Registry Editor) program for Windows

systems
Regedt32 for Windows 2000 and XP

To launch this program you should click on the Start


button, then click on the Run option, and in the field type
regedit.exe and press the OK button. This will launch
the Registry Editor.
Structure of the Registry

The Registry is a hierarchical structure similar to what you


see when looking at a directory/file tree on your computer.
You have a main key, with Keys, Subkeys and then
Values.
Keys and Values
Keys - Keys are containers that can either contain values or
further subkeys.

Subkeys themselves, can contain further subkeys.

Keys are similar to folders in that they can contain further


subkeys or the file, or what we call values in the Registry.

Values - Values contain the actual data that is being stored in


a Key or a Subkey.
Keys and Values
Organization of the Registry

Local
Machine

Current Current
Config Registry User
(Hkey)

Classes
Users
Root
Registry Organization
KEY Description
HKEY_CLASSES_ROOT Contains information in order that
the correct program opens when
executing a file with Windows
Explorer.
HKEY_CURRENT_USER Contains the profile (settings) about
the user that is logged in.

HKEY_LOCAL_MACHINE Contains system-wide hardware


settings and configuration
information.
HKEY_USERS Contains the root of all user profiles
that exist on the system.

HKEY_CURRENT_CONFIG Contains information about the


hardware profile used by the
computer during start up.
Operating-System Structures

System Components
Operating System Services
System Calls
System Programs
System Structure
Virtual Machines
Common System Components
Process Management
Main Memory Management
File Management
I/O System Management
Disk Management
Operating System Services
Additional functions exist not for helping the user, but rather
for ensuring efficient system operations.
Program execution
I/O operations
File System manipulation
Communication
Error Detection
Resource Allocation
Protection
System Calls
System calls provide the interface between a running
program and the operating system.
A system call is the programmatic way in which a
computer program requests a service from the kernel of
the operating system it is executed on.

System Programs
System programs provide a convenient environment for
program development and execution.
System Structure -Simple Structure
MS-DOS written to provide the most functionality in
the least space
Not divided into modules

Although MS-DOS has some structure, its interfaces

and levels of functionality are not well separated


MS-DOS Layer Structure
System Structure Layered Approach
The operating system is divided into a number of layers
(levels), each built on top of lower layers. The bottom layer
(layer 0), is the hardware; the highest (layer N) is the user
interface. Layer N
User interface
.
.
.
Layer 1

Layer 0
hardware
Virtual Machines (VM)

A virtual machine (VM) is an emulation of a computer


system. Virtual machines are based on computer
architectures and provide functionality of a physical
computer.
The resources of the physical computer are shared to create
the virtual machines.
System Models
Non-virtual Machine Virtual Machine

processes

processes

processes processes

Programming
interface kernel kernel kernel

kernel Virtual machine

hardware hardware

(a) (b)
Thank You!!!

Submitted to: Submitted by:


Mr. Neeraj Dhawan Vaibhav Vijay
Ritik Patni
Shubhendu Mal
Rishav Ranjan
Virendra Singal
Pankaj Agarwal

You might also like