IgNiTeD SoUL

Registry: it is hierarchical database which contains information of software /hardware and user profile setting .

Files responsible for making registry:

1)user.dat

2)system.dat

User.dat:this file is responsible for updating user information in registry.

System.dat: this file is responsible for updating hardware /software information in the registry.

How to open registry:

Start—run—regedit.

Registry structure:
Registry is made up of hives.

There are six hives:
1)HKEY_CLASSES_ROOT
2)HKEY_CURRENT_USER
3)HKEY_LOCAL_MACHINE
4)HKEY_USERS
5)HKEY_CURRENT_CONFIG
6)HKEY_DYN_DATA.

HKEY_CLASSES_ROOT:—THIS HIVE CONTAINS INFORMATION ABOUT PROGRAM ASSOCIATED WITH FILE TO OPEN.

HKEY_CURRENT _USER:–THIS FILE CONTAINS INFORMATION ABOUT USER WHO IS CURRENTLY LOGGED ON .

HKEY_LOCAL_MACHINE:—THIS HIVE CONTAINS INFORMATION OF ALL HARDWARE AND SOFTWARE.

HKEY_CURRENT_ CONFIG:–THIS FILE CONTAINS INFORMATION CURRENT HARDWARE PROFILE LOADED

HKEY_USERS:–THIS FILE CONTAINS INFORMATION ABOUT DEFAULT USERS.

HKEY_DYN_DATA:–THIS FILE CONTAINS INFORMATION ABOUT PROGRAMS WHICH ARE LOADED INTO MEMORY ALWAYS.

how to restore registry:

scanreg:this is a registry tool which is used to restore registry
of previous dates

how to use this command:

1)open the computer in dos mode:

2)scanreg /restore.

3)select the date.

how to export or import registry:

start–run –regedit—registry—export/import.