Presentation is loading. Please wait.

Presentation is loading. Please wait.

A Look under the Hood Chapter 8 The registry is a database that includes settings for: Device drivers Services Installed applications Operating system.

Published byBethany Haynes Modified over 8 years ago

Similar presentations

Presentation on theme: "A Look under the Hood Chapter 8 The registry is a database that includes settings for: Device drivers Services Installed applications Operating system."— Presentation transcript:

1 A Look under the Hood Chapter 8 The registry is a database that includes settings for: Device drivers Services Installed applications Operating system components, User preferences Avoid directly editing the registry, because you can cause severe damage. The Control Panel applets provide a safe way to edit the registry.

2 McGraw-Hill/Irwin© 2006 The McGraw-Hill Companies, Inc. All rights reserved. 2 Understanding the Registry Automatic registry changes occur when: Created during Windows Setup and modified Windows starts up or shuts down Changes are made with a Control Panel applet A new device is installed Changes to Windows configuration Changes are made to user desktop preferences An application is installed or modified Changes are made to preferences in any application

3 McGraw-Hill/Irwin© 2006 The McGraw-Hill Companies, Inc. All rights reserved. 3 Understanding the Registry Viewing the Registry Structure View as a hierarchical structure Use REGEDIT.EXE or REGEDT32.EXE Navigation similar to disk folders root keys — five folders at the top subtrees — root keys and their contents subkey — key that exists within another key value entries — settings within a key

4 McGraw-Hill/Irwin© 2006 The McGraw-Hill Companies, Inc. All rights reserved. 4 Understanding the Registry Most of the registry is saved in several Registry files, called hives: SYSTEM, SOFTWARE, SECURITY, SAM, DEFAULT, and NTUSER.DAT. SYSTEM Information used at startup, including device drivers to be loaded, the order of their loading and configuration settings, the starting and configuring of services, and other settings SOFTWARE Configuration settings for software installed on the local computer SECURITY Local security policy settings for the computer

5 McGraw-Hill/Irwin© 2006 The McGraw-Hill Companies, Inc. All rights reserved. 5 Understanding the Registry Registry Files (continued) SAM Local security accounts database DEFAULT User desktop settings used when no user is logged on NTUSER.DAT User profile for a single user The first time a user logs on the NTUSER.DAT file from the DEFAULT USER folder is used File is saved in the top-level personal folder

6 McGraw-Hill/Irwin© 2006 The McGraw-Hill Companies, Inc. All rights reserved. 6 Understanding the Registry Data Types in Value Entries Format of the data within a key Page 383 The Short List  REG_BINARY (raw binary shown in Hex)  REG_DWORD (double word 4 bytes)  REG_EXPAND_SZ (single string)  REG_MULTI-SZ (multiple strings  REG_SZ (sequence of characters, human readable)

7 McGraw-Hill/Irwin© 2006 The McGraw-Hill Companies, Inc. All rights reserved. 7 Understanding the Registry Permanent Portions of the Registry: Registry Hives HKEY_LOCAL_MACHINE\SYSTEM HKEY_LOCAL_MACHINE\SOFTWARE HKEY_LOCAL_MACHINE\SECURITY HKEY_LOCAL_MACHINE\SAM HKEY_USERS\.DEFAULT HKEY_CURRENT_USER and HKEY_USER Page 383

8 McGraw-Hill/Irwin© 2006 The McGraw-Hill Companies, Inc. All rights reserved. 8 Understanding the Registry Temporary Portion of the Registry HKEY_LOCAL_MACHINE\Hardware contains the temporary portion of the registry, the information gathered during hardware detection during each Windows startup. It is not saved to a file

9 McGraw-Hill/Irwin© 2006 The McGraw-Hill Companies, Inc. All rights reserved. 9 Working with Device Drivers Working with Signed vs. Unsigned Device Drivers Code signing of device drivers (driver signing) Windows uses file signature verification Administrator can control how Windows reacts to unsigned drivers Driver Signing Options Ignore Warn Block

10 McGraw-Hill/Irwin© 2006 The McGraw-Hill Companies, Inc. All rights reserved. 10 Working with Device Drivers Disconnecting a Plug-and-Play Device Can disconnect USB and IEE 1394 external plug-and-play devices while powered up First warn Windows using the Safely Remove Hardware icon in the System Tray Safely Remove Hardware dialog box Stop a Hardware Device dialog box

11 McGraw-Hill/Irwin© 2006 The McGraw-Hill Companies, Inc. All rights reserved. 11 Working with Device Drivers Using Device Manager to Manage Device Drivers View and change device properties Update device drivers Configure device settings Uninstall devices Available since Windows 95 (except NT) Roll back a driver update in Windows XP System | Hardware | Device Manager button

12 McGraw-Hill/Irwin© 2006 The McGraw-Hill Companies, Inc. All rights reserved. 12 Device Drivers Working with Device Drivers Code signing is designed to avoid problems caused by badly written code. It involves a digital signature, provided by Microsoft as a seal of approval of program code. Windows uses a process called file signature verification to check for code signing, and an administrator can configure what action Windows takes when it detects code that does not contain a digital signature. Configure with the Driver Signing button located on the Hardware page of the System applet. Step-by-Step 8.01 Getting to Know Device Manager Page 389

13 McGraw-Hill/Irwin© 2006 The McGraw-Hill Companies, Inc. All rights reserved. 13 Working with Device Drivers Hardware Profiles Include registry keys that contain: Settings defining the devices that must be started during Windows startup The list of files associated with each device Configuration settings for each device Profile 1 is created during Windows installation Defines all the existing hardware at the time of installation Every device is enabled

14 McGraw-Hill/Irwin© 2006 The McGraw-Hill Companies, Inc. All rights reserved. 14 Working with Device Drivers Hardware Profiles (continued) On a desktop computer, you will probably always have a single hardware profile View, create, copy, rename, and modify hardware profiles by clicking the Hardware Profiles button on the Hardware page in System Properties If two or more hardware profiles, Windows startup pauses and displays the Hardware Profile /Configuration Recovery menu Useful on a laptop with a docking station Step-by-Step 8.02 Experiment with Visual Effects Page 395

15 McGraw-Hill/Irwin© 2006 The McGraw-Hill Companies, Inc. All rights reserved. 15 Managing Performance in Windows Windows Performance Settings (continued) Processor Scheduling Programs Background Services Memory Usage Programs System Cache Virtual Memory Custom size System managed size No paging file

16 McGraw-Hill/Irwin© 2006 The McGraw-Hill Companies, Inc. All rights reserved. 16 Managing Performance in Windows Performance Monitoring Frequently done on network servers Not usually done on Windows desktop computers Few performance monitoring tools in desktop Oss System Monitor Gathers and displays performance data Monitors counters belonging to objects Displays results in report, graph, or histogram Performance Logs and Alerts Create alerts Create counter logs Create trace logs

17 McGraw-Hill/Irwin© 2006 The McGraw-Hill Companies, Inc. All rights reserved. 17 Windows File Systems Windows NTFS File System Available since Windows NT, excluding Windows 9x Logical structure: Master File Table Includes a transaction processing system Allocates disk space more efficiently than FAT NTFS5 theoretically supports a volume size of 256TB Actual hardware limit is 2TB Offers file and folder security through permissions Pre-Windows 2000 NTFS is now called NTFS4 Since NTFS4 is supports file compressions NTFS5 supports file encryption and indexing

18 McGraw-Hill/Irwin© 2006 The McGraw-Hill Companies, Inc. All rights reserved. 18 Windows File Systems File Systems for CDs and DVDs CD-ROM File System (CDFS) for CD-ROMS Writeable CDs (CD-R) Rewriteable CDs (CD-RW) Universal disk format (UDF) DVD ROMs DVD-R DVD-RW DVD-RAM driver (new in Windows XP) Supports 4.7GB DVD-RAM disk standard

19 McGraw-Hill/Irwin© 2006 The McGraw-Hill Companies, Inc. All rights reserved. 19 The Windows Startup Process Windows Boot and System Files Boot files — reside in the root of drive C: System files — reside in the folder in which Windows is installed (default location is C:\Windows or C:\WINNT) System partition — contains the boot files Boot partition — contains the system files In most cases they are both drive C: Sometimes C: is system and D: or E: is boot

20 McGraw-Hill/Irwin© 2006 The McGraw-Hill Companies, Inc. All rights reserved. 20 The Windows Startup Process Windows Boot Files Located in C:\ BOOT.INI BOOTSECT.DOS(not always present) NTBOOTDD.SYS(not always present) NTDETECT.COM NTLDR Windows System Files CSRSS.EXEsystemroot\SYSTEM32\ Device drivers systemroot\SYSTEM32\DRIVERS HAL.DLL systemroot\SYSTEM32\

21 McGraw-Hill/Irwin© 2006 The McGraw-Hill Companies, Inc. All rights reserved. 21 The Windows Startup Process Windows registry files loaded during system startup DEFAULT The default user profile until user logon SAM The security accounts data base SECURITY The security hive of the registry SOFTWARE The software hive of the registry SYSTEM The system hive of the registry

22 McGraw-Hill/Irwin© 2006 The McGraw-Hill Companies, Inc. All rights reserved. 22 The Windows Startup Process Phases of the Startup Process Phase I: Power-on Self-Test CPU loads BIOS programs beginning with POST POST:  Tests system hardware  Determines the amount of memory present  Verifies devices required for OS startup are working  Loads configuration settings from CMOS memory  Briefly displays information on the screen

23 McGraw-Hill/Irwin© 2006 The McGraw-Hill Companies, Inc. All rights reserved. 23 The Windows Startup Process Phases of the Startup Process (continued) Phase II: Initial Startup CMOS settings used to locate drive with boot files Loads MBR from first physical sector of the hard disk MBR code loads the boot sector from the primary active partition of the first hard disk Boot code from the boot sector loads NTLDR

24 McGraw-Hill/Irwin© 2006 The McGraw-Hill Companies, Inc. All rights reserved. 24 The Windows Startup Process Phases of the Startup Process (continued) Phase III: Boot Loader Phase NTLDR (the boot loader) takes control  Switches the processor to protected mode  Starts the files system code  Reads the BOOT.INI file  In some cases, displays the OS Selection menu  If a Windows NT family OS is selected, NTLDR remains in control and moves to the next phase

25 McGraw-Hill/Irwin© 2006 The McGraw-Hill Companies, Inc. All rights reserved. 25 The Windows Startup Process Phases of the Startup Process (continued) Phase IV: Detect and Configure Hardware NTLDR starts NTDETECT.COM NTDETECT.COM scans the hardware and gives the list to NTLDR for later inclusion in the registry

26 McGraw-Hill/Irwin© 2006 The McGraw-Hill Companies, Inc. All rights reserved. 26 The Windows Startup Process Phases of the Startup Process (continued) Phase V: Kernel Loading NTLDR looks in BOOT.INI for location of NTOSKRNL NTLDR starts NTOSKRNL.EXE (the kernel) NTLDR passes on the hardware information NTLDR loads HAL.DLL NTLDR loads SYSTEM NTLDR loads drivers required at startup Kernel scans the registry for other components

27 McGraw-Hill/Irwin© 2006 The McGraw-Hill Companies, Inc. All rights reserved. 27 The Windows Startup Process Phases of the Startup Process (continued) Phase V: Kernel Loading (continued) Kernel loads and initializes the components Kernel starts SMSS.EXE SMSS.EXE loads the kernel-mode Windows subsystem Windows switches from text mode to graphics mode Session manager starts user-mode Windows subsystem Session manager creates pagefile.sys Session manager starts the Windows logon service

28 McGraw-Hill/Irwin© 2006 The McGraw-Hill Companies, Inc. All rights reserved. 28 The Windows Startup Process Phases of the Startup Process (continued) Phase VI: Logon WINLOGON supports logging on and logging off WINLOGON starts SERVICES.EXE WINLOGON starts LSASS.EXE The Begin Logon prompt appears WINLOGON responds to Ctrl-Alt-Delete by displaying the Logon to Windows dialog box

29 McGraw-Hill/Irwin© 2006 The McGraw-Hill Companies, Inc. All rights reserved. 29 The Windows Startup Process Phases of the Startup Process (continued) Phase VI: Logon (continued) User enters a user name and password Logon scripts are run Startup programs for various applications are run Non-critical services are started Programs and services are started from several locations  Various registry settings  Startup folders created in the profiles for All Users and for currently logged on user

30 McGraw-Hill/Irwin© 2006 The McGraw-Hill Companies, Inc. All rights reserved. 30 The Windows Startup Process Modifying System Startup with the BOOT.INI File Contains the locations of systemroot Contains location for system files of an alternate OS Text file that can be edited directly or indirectly

31 McGraw-Hill/Irwin© 2006 The McGraw-Hill Companies, Inc. All rights reserved. 31 The Windows Startup Process Modifying System Startup with the BOOT.INI File (continued) Lines beginning with "Multi" provide location of systemroot. [boot loader] timeout=30 default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS [operating systems] multi(0)disk(0)rdisk(0)partition(2)\WINDOWS= "Microsoft XP" /fastdetect

32 McGraw-Hill/Irwin© 2006 The McGraw-Hill Companies, Inc. All rights reserved. 32 Troubleshooting Windows Problems Proactive Tasks Keeping Windows Updated Windows XP Service Pack 2 Configuring Automatic Update Working with Windows Update Using Runas Command-line program for running a single command using a user account other than the one currently logged on. Use when logged on as an ordinary user, and needing to run a single command requiring administrative rights Step-by-Step 8.03 Create and Test a Runas Shortcut Page 409

33 McGraw-Hill/Irwin© 2006 The McGraw-Hill Companies, Inc. All rights reserved. 33 Troubleshooting Windows Problems Create Startup Disks for Windows NT/2000/XP Only contain the boot files Cannot start up Windows completely unless the system files are located on the hard disk Use when boot files are damaged on the hard drive Start with this disk to bypass the hard disk boot files Format floppy disk in Windows Copy to the floppy: NTLDR, NTDETECT.COM, BOOT.INI, and NTBOOTDD.SYS (if present) Step-by-Step 8.04 Creating and Testing a Windows Startup Disk Page 411

34 McGraw-Hill/Irwin© 2006 The McGraw-Hill Companies, Inc. All rights reserved. 34 Troubleshooting Windows Problems Back up Data Files and the Registry Before making changes, back up data files and registry Back up a portion of the registry using Regedit Back up entire registry using a backup program  Third-party backup programs  More options; and a greater variety of media  Windows Backup (NTBACKUP)  NT version only backs up to tape  Windows 2000/XP versions back up to any hard disk or network location (providing permissions allows) Step-by-Step 8.05 Configuring an Alert Page 414

35 McGraw-Hill/Irwin© 2006 The McGraw-Hill Companies, Inc. All rights reserved. 35 Troubleshooting Windows Problems Troubleshooting with Event Viewer Event Logs System Events  OS Components  Drivers, services, etc. Application events  Office suites, etc.  Windows components that run in the GUI  Events recorded by Dr. Watson applet Security events  Only logged if auditing turned on and events selected

36 McGraw-Hill/Irwin© 2006 The McGraw-Hill Companies, Inc. All rights reserved. 36 Troubleshooting Windows Problems Troubleshooting with Event Viewer (continued) Configuring and Saving Event Logs Properties for each log file allow setting of maximum size and action to take when the log file is full Actions: clear each log file, save log file to view later, open a previously saved log file, and create multiple views Use context menu of log file to access actions

37 McGraw-Hill/Irwin© 2006 The McGraw-Hill Companies, Inc. All rights reserved. 37 Troubleshooting Windows Problems Solving Problems by Modifying the Registry Modified automatically when … Windows Setup is run A new device is installed A device is configured Changes are made though Control Panel applets A change is made in the OS or an application Direct Registry modification is part of some problem solutions, only do this when there is no other choice Step-by-Step 8.06 Modifying the Registry Page 420

38 McGraw-Hill/Irwin© 2006 The McGraw-Hill Companies, Inc. All rights reserved. 38 Troubleshooting Windows Problems Last Known Good Configuration Recovery Startup option in Windows NT family of OSs Selects the last configuration changes set before the last successful user logon How to: Windows 2000 and Windows XP Press F8 after the POST and before Windows “splash” screen appears Select Last Known Good Configuration Step-by-Step 8.07 Using Safe Mode Page 424

39 McGraw-Hill/Irwin© 2006 The McGraw-Hill Companies, Inc. All rights reserved. 39 Troubleshooting Windows Problems Troubleshooting Device Problems Device manager shows a yellow exclamation mark next to a device with a problem Problem may be hardware, driver, or the ability of the OS to automatically configure it Double-click device icon to open Properties Use Troubleshoot button to find problem resolution Step-by-Step 8.08 Working with Device Manager Page 427

40 McGraw-Hill/Irwin© 2006 The McGraw-Hill Companies, Inc. All rights reserved. 40 Troubleshooting Windows Problems Recovery Options Advanced options beyond Safe Mode Emergency Repair Process Recovery Console System Restore Automated System Recovery (ASR)

Download ppt "A Look under the Hood Chapter 8 The registry is a database that includes settings for: Device drivers Services Installed applications Operating system."

Similar presentations

Windows Vista Boot process. All the computer running Windows vista have the same start up sequence: Power-on self test (POST) phase Initial startup phase.

Windows Vista Boot process. All the computer running Windows vista have the same start up sequence: Power-on self test (POST) phase Initial startup phase.
DIT314 ~ Client Operating System & Administration CHAPTER 4 CONFIGURING HARDWARE DEVICES AND STARTUP PROCESS Prepared By : Suraya Alias.

DIT314 ~ Client Operating System & Administration CHAPTER 4 CONFIGURING HARDWARE DEVICES AND STARTUP PROCESS Prepared By : Suraya Alias.
计算机系 信息处理实验室 Lecture 5 Startup and Shutdown

计算机系 信息处理实验室 Lecture 5 Startup and Shutdown
MCITP Guide to Microsoft Windows Server 2008 Server Administration (Exam #70-646) Chapter 3 Configuring the Windows Server 2008 Environment.

MCITP Guide to Microsoft Windows Server 2008 Server Administration (Exam #70-646) Chapter 3 Configuring the Windows Server 2008 Environment.
Installing Windows XP Professional Using Attended Installation Slide 1 of 35Session 9 Ver. 1.0 CompTIA A+ Certification: A Comprehensive Approach for all.

Installing Windows XP Professional Using Attended Installation Slide 1 of 35Session 9 Ver. 1.0 CompTIA A+ Certification: A Comprehensive Approach for all.
Troubleshooting Windows. Failure to boot Is it hardware (OS not found)? Hard drive failure Is the system powered on? Is the power supply OK? Is the system.

Troubleshooting Windows. Failure to boot Is it hardware (OS not found)? Hard drive failure Is the system powered on? Is the power supply OK? Is the system.
The Windows Registry Adapted from

The Windows Registry Adapted from
Chapter 3: Configuring the Windows Vista Environment.

Chapter 3: Configuring the Windows Vista Environment.
2.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 2: Installing Windows Server.

2.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 2: Installing Windows Server.
MCDST 70-271: Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 8: Troubleshooting Storage Devices and Display Devices.

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 8: Troubleshooting Storage Devices and Display Devices.
MCDST 70-271: Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 4: Troubleshoot System Startup and User Logon Problems.

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 4: Troubleshoot System Startup and User Logon Problems.
Hands-On Microsoft Windows Server 2003 Administration Chapter 10 Monitoring and Troubleshooting Windows Server 2003.

Hands-On Microsoft Windows Server 2003 Administration Chapter 10 Monitoring and Troubleshooting Windows Server 2003.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 5: Managing File Access.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 5: Managing File Access.
11 INSTALLING WINDOWS XP Chapter 2. Chapter 2: Installing Windows XP2 INSTALLING WINDOWS XP  Prepare a computer for the installation of Microsoft Windows.

11 INSTALLING WINDOWS XP Chapter 2. Chapter 2: Installing Windows XP2 INSTALLING WINDOWS XP  Prepare a computer for the installation of Microsoft Windows.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 12: Managing and Implementing Backups and Disaster Recovery.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 12: Managing and Implementing Backups and Disaster Recovery.
A+ Guide to Software, 4e Chapter 5 Troubleshooting Windows 2000/XP Startup.

A+ Guide to Software, 4e Chapter 5 Troubleshooting Windows 2000/XP Startup.
Administering Windows 7

Administering Windows 7
Chapter 16 Chapter 16: Troubleshooting. Chapter 16 Learning Objectives n Develop your own problem-solving strategy n Use the Event Viewer to locate and.

Chapter 16 Chapter 16: Troubleshooting. Chapter 16 Learning Objectives n Develop your own problem-solving strategy n Use the Event Viewer to locate and.
Hands-On Microsoft Windows Server 2003 Chapter 2 Installing Windows Server 2003, Standard Edition.

Hands-On Microsoft Windows Server 2003 Chapter 2 Installing Windows Server 2003, Standard Edition.
A+ Guide to Managing and Maintaining Your PC, 7e Chapter 15 Tools for Solving Windows Problems.

A+ Guide to Managing and Maintaining Your PC, 7e Chapter 15 Tools for Solving Windows Problems.

Similar presentations

Ads by Google