Yeah, everyone know about computer now, but there just a few that know about Regedit. In this post, I will tell you about Regedit and their function.
Before I give you information about Regedit, I will show you my experiments with Regedit:
Is there something wrong about picture above ? How about these ?
Yeah, it's all because of Regedit. If you understand about it, you can do it better than me. What is Regedit, and why Regedit looks so important ?
Regedit (Registry Editor) is a hierarchical database that stores configuration settings and options on Microsoft Windows operating systems (I'm not sure about Mac OS and other operating system). It contains settings for low-level operating system components as well as the applications running on the platform: the kernel, device drivers, services, SAM, user interface and third party applications all make use of the Registry. I think that's why some of viruses damaging the content of Regedit.
CONTENTS
Regedit contains two basic elements, keys and values. Keys are similar to folders: in each keys there are some subkeys, in subkey there are more further subkeys, and so on. Keys are referenced with a syntax similar to Windows' path names, using backslashes to indicate levels of hierarchy. E.g. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows refers to the subkey "Windows" of the subkey "Microsoft" of the subkey "Software" of the HKEY_LOCAL_MACHINE key.
HKEY
There are 6 HKEY (in registry, HKEY means Handle to Key) in Regedit, with My Computer as the root directory. There are:
HKEY_LOCAL_MACHINE(HKLM), contains configuration system. Configuration system of hardware and software saved here.Everything tin these HKEY will apply to every user in the computer.HKEY_CURRENT_USER(HKCU), contains configuration by logon user. Everything about preference of logon user (like desktop, color, and other that user can customize it) saved here.HKEY_USERS(HKU) contains subkeys corresponding to the HKEY_CURRENT_USER keys for each user profile actively loaded on the machine, though user hives are usually only loaded for currently logged-in users.HKEY_CLASSES_ROOT(HKCR) stores information about registered applications, such as file associations and OLE Object Class IDs, tying them to the applications used to handle these items. On Windows 2000 and above, HKCR is a compilation of user-based HKCU\Software\Classes and machine-based HKLM\Software\Classes. If a given value exists in both of the subkeys above, the one in HKCU\Software\Classes takes precedence. The design allows for either machine- or user-specific registration of COM objects. The user-specific classes hive, unlike the HKCU hive, does not form part of a roaming user profile.HKEY_CURRENT_CONFIG(HKCC) contains configuration for hardware and operating system that got from booting process. Information that stored here didn't saved permanently to registry and will lost when booting process.HKEY_DYN_DATA, This key is used only on Windows 95, Windows 98 and Windows Me (not available on Windows XP and Vista). It contains information about hardware devices, including Plug and Play and network performance statistics. The information in this hive is also not stored on the hard drive. The Plug and Play information is gathered and configured at startup and is stored in memory.
VALUES
Values are name/data pairs that stores within keys. Values are referenced separately from keys (just like files). Kind of values can you show here:
| List of Registry Value Types | ||
|---|---|---|
| 0 | REG_NONE | No type |
| 1 | REG_SZ | A string value |
| 2 | REG_EXPAND_SZ | An "expandable" string value that can contain environment variables |
| 3 | REG_BINARY | Binary data (any arbitrary data) |
| 4 | REG_DWORD / REG_DWORD_LITTLE_ENDIAN | A DWORD value, a 32-bit unsigned integer (numbers between 0 and 4,294,967,295 [232 – 1]) (little-endian) |
| 5 | REG_DWORD_BIG_ENDIAN | A DWORD value, a 32-bit unsigned integer (numbers between 0 and 4,294,967,295 [232 – 1]) (big-endian) |
| 6 | REG_LINK | symbolic link (UNICODE) |
| 7 | REG_MULTI_SZ | A multi-string value, which is an array of unique strings |
| 8 | REG_RESOURCE_LIST | Resource list |
| 9 | REG_FULL_RESOURCE_DESCRIPTOR | Resource descriptor |
| 10 | REG_RESOURCE_REQUIREMENTS_LIST | Resource Requirements List |
| 11 | REG_QWORD / REG_QWORD_LITTLE_ENDIAN | A QWORD value, a 64-bit integer (either big- or little-endian, or unspecified) (Introduced in Windows 2000) |
(you can click anything linked there, I don't really know about that..)
Yeah, it's just tutorial about Regedit. Maybe I'll post about registry again later. See ya, and hope you like it..
.jpg)
0 komentar:
Posting Komentar
Kalau habis membaca, ngga seru rasanya kalau tidak dikomentari..
Maka dari itu, bagi yang mau berkomentar, silakan post komentar anda di sini..
Dan terima kasih telah berkunjung..