Presentation of isas

Presented by gopinathan.rmISAS

Microsoft Registry Editor

The Registry is the heart and soul of Microsoft Windows XP and can be called as “building block of OS” . Simply put, the registry is nothing more than your computer's settings.

Lineage of Registry

MS−DOS

Every application that ran on MS−DOS was responsible for managing its own settings.

Microsoft Windows 3.0

This version provided INI files for storing settings. Every application had its own INI files.

Windows 3.1

Registry was introduced as a tool for storing OLE (object linking and embedding) settings.

And Windows 95 & Windows NT 3.5 expanded the registry to the configuration database that Windows XP uses now.

See the contrast between the two extreme ends

Microsoft windows registry 3.11

Microsoft Windows registry vista

Some of its main functions ……………..

I. The registry contains the configuration data that makes the operating system work.

II. It enables you to customize Windows XP in ways you can't through the user interface.

III. The registry enables developers to organize configuration data in ways that are impossible with INI files.

IV. Windows XP and every application that runs on Microsoft's latest desktop operating system do absolutely nothing without consulting the registry first.

V. For each and every double−click , Windows XP consults the registry to figure out what to do with it.

VI. When a device is installed , Windows XP assigns resources to the device based on information in the registry and then stores the device's configuration in the registry.

VII. When an application such as Microsoft Word 2002 is being run , the application looks up your preferences in the registry.

Who uses registry ? This might be question arising in everybody’s mind, when dealing

with this topic …….

This built-in facility of Microsoft Windows Xp is used by,

Power users IT professionals Hackers

Power users

Mastering the registry has concrete advantages for power users,

Backing up settings is a bit easier They can customize Windows XP and its

applications

For example, they can redirect your Favorites folder to a different place, improve your Internet connection's performance.

IT professionals

Policy management is a biggest feature and IT professionals use policies to configure computer and user settings to a standard, and users can't change those settings.

Some of those features include: Deployment customization Folder redirection Hardware profiles Offline files Performance monitoring Roaming user profiles Windows Management Instrumentation

Hackers

Many optimization and "hacking" tools are available to modify this portion of the Windows operating system; it is preferable not to use them unless one has a knowledge of registry workings or wishes to learn more about the registry.

Resource hacking Gain unauthorized access to remote computer Software cracking Etc and the list goes on and on

Terminologies

%USERPROFILE% represents the current user profile folder. Thus, if you log on to the computer as gopi and your profile folders are in C:\Documents and Settings\ gopi i.e. %USERPROFILE% to C:\Documents and Settings\ gopi.

%SYSTEMDRIVE% is the drive that contains Windows XP's system files. That's usually drive C.

%SYSTEMROOT% is the folder containing Windows XP. In a clean installation, this is usually C:\Windows

Warning !

Registry is a great paradox .On the one hand, it's the central place for all of Windows XP's configuration data. On the other hand, the fact that the registry is so critical, also makes it one of the operating system's weaknesses. If the registry fails, Windows XP fails.

Getting started !

Click on Start button

Then on Run from menu

Run dialogue box will appear

In the Open text box type the command “regedit” or “regedt32.exe”

Structure of the Registry

The structure of Windows XP's registry is so similar to the structure of its file system

In the editor's left pane, which is called the key pane, just as Windows Explorer's left pane. Each folder in the key pane is a registry key.

In the editor's right pane, which is called the value pane, you see a key's values.

ILUSTRATION

Basics of Registry Keys

Keys are so similar to folders (Registry Editor even uses the same icon for keys as Windows Explorer uses for folders) that they have the same naming rules.

A key's name is limited to 256 Unicode characters, and you can use any ASCII character in the name other than a backslash (\), asterisk (*), and question mark (?).

In addition, Windows XP reserves all names that begin with a period for its own use.

Root keys

HKEY_CLASSES_ROOT HKEY_CURRENT_USER HKEY_LOCAL_MACHINE HKEY_USERS HKEY_CURRENT_CONFIG

Abbreviations used here -

HKEY_CLASSES_ROOT HKCR

HKEY_CURRENT_USER HKCU

HKEY_LOCAL_MACHINE HKLM

HKEY_USERS HKU

HKEY_CURRENT_CONFIG HKCC

Values

Each key contains one or more values. A value's name is similar to a file's name. A value's type is similar to a file's extension, which

indicates its type. A value's data is similar to the file's actual

contents.

Parts of a value

Name Every value has a name. The same rules for naming keys apply to values: up to 256 Unicode

characters except for the backslash (\), asterisk (*), and question mark (?), with Windows XP reserving all names that begin with a period. Within each key, value names must be unique, but different keys can have values with the same name.

Type Each value's type determines the type of data that it contains. For example, a REG_DWORD value contains a double-word number, and a

REG_SZ value contains a string.

Data Each value can be empty or null or can contain data. A value's data can be a maximum of 32,767 bytes, but the practical limit

is 2 KB. The data usually corresponds to the type, except that binary values can

contain strings, double−words, or anything else for that matter.

Default value

Default value is displayed as (Default). Default value is almost always a string

type. In most cases, the default value is null

and Registry Editor displays its data as (value

not set). When instructions require that you

HKEY_CURRENT_USER

Contains the root of the configuration information for the user who is currently logged on. The users folders, screen colors and control panel settings are stored here. This information is referred to as a users profile.

HKEY_USERS

Contains the root of all user profiles on the computer. HKEY_CURRENT_USER is a sub-key of HKEY_USERS.

HKEY_LOCAL_MACHINE

Contains the configuration particular to the computer (for any user).

HKEY_CLASSES_ROOT

It is sub-key of HKEY_LOCAL_MACHINE\SOFTWARE. The information stored here ensures that the correct program opens when you open a file by using windows explorer.

HKEY_CURRENT_CONFIG

Contains information about the hardware profile used by the local computer at system startup.

Editing the registry

Programs or scripts

The registry can be edited through

the APIs of the Advanced

Windows 32 Base API Library

(advapi32.dll). Some

programming languages, like

Visual Basic , Perl, VBScript, enable registry editing

from scripts.

Command line editingThe registry can be manipulated

from the command line

with the reg.exe utility. It is included in

Windows XP and Windows Vista

and can be downloaded

separately for previous versions.

Using registry editor – Manual editing

Using registry editor and customizing your computer Disable right click Disable Run from start menu Disable Volume Disable Control panel Creating a System key Disable Appearance tab Disable Settings tab Disable Screen saver tab Disable Password changing

Disable right click

Description Value Path

To Disable using right click

NAME:NOVIEWCONTEXTMENU

TYPE:DWORD

VALUE:1/0

HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENT VERSION\POLICIES\EXPLORER

Disable Run from start menu


To disable run from start menu

NAME:NORUN

TYPE:DWORD

VALUE:1/0


Disable volume


To disable using a volume

To disable all drives

NAME:NODRIVES

TYPE:DWORD

VALUE:A: 1B: 2C: 4D: 8E: 16F: 32 etc 6FFFFFF


Disable control panel


To disable control panel

NAME:NOCONTROLPANEL

TYPE:DWORD

VALUE:0\1


Create a system key

Open registry editor Go to the path:

HKEY_CURRENT _USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENT VERSION\POLICIES

Make a right click In the pop menu select New and then Key Name it as System

Disable appearance tab


To disable appearance tab

NAME:NODISPAPPEARANCEPAGE

TYPE:DWORD

VALUE:0\1

HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENT VERSION\POLICIES\SYSTEM

Disable settings tab


To disable settings tab

NAME:NODISPSETTINGSPAGE

TYPE:DWORD

VALUE:0\1


Disable screensaver tab


To disable screen saver tab

NAME:NODISPSCRSAVPAGE

TYPE:DWORD

VALUE:0\1


Disable changing password


To disable changing password

NAME:DISABLECHANGEPASSWORD

TYPE:DWORD

VALUE:0\1


Registry Management Tools

Hundreds of third−party and shareware registry tools are available. You learn about many of them throughout this book. Some tools I use more often than others, though, and here's an introduction to them:

Registry Editor This is the primary tool you use to edit settings in the registry.

Console Registry Tool for Windows (Reg.exe) This command−line registry tool supports most of the capabilities of Registry

Editor. The significance of this tool is that it allows you to script edits in batch files.

WinDiff This tool comes with the Windows XP Support Tools, which you install from \

Support\Tools on the Windows XP CD. Most of the Windows 2000 Resource Kit tools still work well in Windows

XP, and you can download many of them from Microsoft's Web site at http://www.microsoft.com/windows2000/techinfo/reskit/tools/default.asp.

Thank you

Presentation of isas

Documents

Transcript of Presentation of isas