Welcome to Scribd!

Skip carousel

Linea Análisis Del Registro de Windows

Uploaded by

cristian solarte

0% found this document useful (0 votes)

19 views3 pages

Original Title

Linea Análisis del Registro de Windows

Copyright

Available Formats

DOCX, PDF, TXT or read online from Scribd

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Report this Document

Copyright:

Available Formats

Download as DOCX, PDF, TXT or read online from Scribd

Flag for inappropriate content

0% found this document useful (0 votes)

19 views3 pages

Linea Análisis Del Registro de Windows

Uploaded by

cristian solarte

Copyright:

Available Formats

Download as DOCX, PDF, TXT or read online from Scribd

Flag for inappropriate content

Jump to Page

You are on page 1of 3

Search inside document

Especialización Seguridad Informatica – 2021

Análisis del Registro de Windows

Definir cada línea del registro de Windows de su máquina que significa y para
qué sirve;
Table Registry Paths and Corresponding Files

Registry Path File Path

HKEY_LOCAL_MACHINE\System %WINDIR%\system32\config\System
HKEY_LOCAL_MACHINE\SAM %WINDIR%\system32\config\Sam
HKEY_LOCAL_MACHINE\Security %WINDIR%\system32\config\Security
HKEY_LOCAL_MACHINE\Software %WINDIR%\system32\config\
Software
HKEY_LOCAL_MACHINE\Hardware Volatile hive
HKEY_LOCAL_MACHINE\System\ Volatile hive
Clone
HKEY_USERS\User SID User profile (NTUSER.DAT);
“Documents and Settings\User(changed to “Users\User” on Vista)
HKEY_USERS\.Default %WINDIR%\system32\config\default

SYSTEM\CurrentControlSet\Control\ComputerName\ActiveComputerName

SYSTEM\ControlSet00x\Control\Windows

SOFTWARE\Microsoft\Windows NT\CurrentVersion

SYSTEM\CurrentControlSet\Control\TimeZoneInformation

SYSTEM\CurrentControlSet\Services\lanmanserver\Shares

$$$PROTO.HIV\ControlSet001\Services\lanmanserver\Shares
LastWrite time: Fri Aug 20 15:19:35 2004 (UTC)

SYSTEM\CurrentControlSet\Services\lanmanserver\parameters

SECURITY\Policy\PolAdtEv

SOFTWARE\Microsoft\WZCSVC\Parameters\Interfaces\{GUID}

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services
Especialización Seguridad Informatica – 2021

HKLM\ Software \Microsoft\Windows\CurrentVersion\Runonce

HKLM\ Software\Microsoft\Windows\CurrentVersion\
Policies\Explorer\Run HKLM\ Software\Microsoft\Windows\CurrentVersion\Run
HKCU\Software\Microsoft\WindowsNT\CurrentVersion\Windows\Run
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce

HKEY_LOCAL_MACHINE\Software\Classes\Exefile\Shell\Open\command

HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor\AutoRun25.

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs26

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\27.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution

Options

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Enum\USBSTOR

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\DeviceClasses

HKEY_LOCAL_MACHINE\System\MountedDevices

Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2

SAM\SAM\Domains\Account\Users\{RID}

Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{GUID}\Count

\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU

Software\Microsoft\Internet Explorer\TypedURLs

Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU41

Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts

Software\Microsoft\Search Assistant\ACMru

Software\Microsoft\Internet Explorer\Explorer Bars\

Software\Microsoft\Windows\CurrentVersion\Explorer\Map Network Drive MRU

Especialización Seguridad Informatica – 2021

Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2

Software\Microsoft\Windows\CurrentVersion\Explorer\ComputerDescriptions

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
SystemRestore

HKEY_CURRENT_USER\Software\Microsoft\MediaPlayer\Player\RecentFileList

Windows Registry
Document60 pages
Windows Registry
Akhil M P
No ratings yet
Registry Tutorial
Document19 pages
Registry Tutorial
Chiddarthan Dhavidan
No ratings yet
Windows Registry Forensics
Document21 pages
Windows Registry Forensics
Shafeeque Olassery Kunnikkal
No ratings yet
Technical overview of the Windows Registry
Document89 pages
Technical overview of the Windows Registry
Prabhastha Lankathilaka
No ratings yet
Registry Editor Tricks
Document12 pages
Registry Editor Tricks
Vaibhav Shukla
No ratings yet
Practical Windows Forensics - Cheat Sheet
Document4 pages
Practical Windows Forensics - Cheat Sheet
kv
No ratings yet
SMF: Old Dog Learning New Tricks: Ibm Z Systems 2016 Fall Naspa
Document32 pages
SMF: Old Dog Learning New Tricks: Ibm Z Systems 2016 Fall Naspa
Özgür Hepsağ
No ratings yet
Floating Point vs Integer Data Types in Java
Document25 pages
Floating Point vs Integer Data Types in Java
sneh agarwalla
97% (31)
Delphi3000 Articles
Document107 pages
Delphi3000 Articles
SaadEdinNajem
100% (1)
Windows Error Codes (MSDN)
Document457 pages
Windows Error Codes (MSDN)
SergeyChepurin
50% (2)
Connectivity Set Up - SAP EWM and S4 HANA
Document5 pages
Connectivity Set Up - SAP EWM and S4 HANA
Aruna Das
No ratings yet
Exadata Performance
Document35 pages
Exadata Performance
sdranga123
No ratings yet
PCWB Essential Buyer's Guide
Document110 pages
PCWB Essential Buyer's Guide
equanet
No ratings yet
ZXUN USPP (V4.13.20) Universal Subscriber Profile Platform Hardware Description
Document133 pages
ZXUN USPP (V4.13.20) Universal Subscriber Profile Platform Hardware Description
Em KaaPeeM
No ratings yet
Computer Education 7 Learning Module: Pagadian Diocesan Schools
Document2 pages
Computer Education 7 Learning Module: Pagadian Diocesan Schools
rick
No ratings yet
Securing Windows Server 2008: Prevent Attacks from Outside and Inside Your Organization
From Everand
Securing Windows Server 2008: Prevent Attacks from Outside and Inside Your Organization
Aaron Tiensivu
No ratings yet
Windows Security Monitoring: Scenarios and Patterns
From Everand
Windows Security Monitoring: Scenarios and Patterns
Andrei Miroshnikov
No ratings yet
Registry Editor
Document15 pages
Registry Editor
vinayakgupta8356
No ratings yet
SQL Express 2019 Log - Registry Items
Document1,106 pages
SQL Express 2019 Log - Registry Items
it
No ratings yet
Eliminar Virus Proxy
Document1 page
Eliminar Virus Proxy
Julio Perez
No ratings yet
Windows Registry Information For Advanced Users
Document11 pages
Windows Registry Information For Advanced Users
maniacr3v0
No ratings yet
Ntbtlog
Document19 pages
Ntbtlog
Gnasty
No ratings yet
Eliminal Conhoy - Exe
Document1 page
Eliminal Conhoy - Exe
Felix Molero
No ratings yet
Log
Document1 page
Log
cristos25
No ratings yet
Registry Key Warnings
Document30 pages
Registry Key Warnings
tritih
No ratings yet
SQL Express 2019 (Update) Log - Registry Items
Document644 pages
SQL Express 2019 (Update) Log - Registry Items
it
No ratings yet
Hunting Malware With Volatility v2.0
Document40 pages
Hunting Malware With Volatility v2.0
akronareaguy
No ratings yet
WhatChanged Snapshot2 Registry HKCU
Document1 page
WhatChanged Snapshot2 Registry HKCU
dekkezurd
No ratings yet
ntbtlog
Document37 pages
ntbtlog
kaygmtv135626377
No ratings yet
Tech Note 508 - Troubleshooting App Server Processes
Document5 pages
Tech Note 508 - Troubleshooting App Server Processes
Saasi
No ratings yet
What Is Registry
Document8 pages
What Is Registry
satish_ssuryawanshi
No ratings yet
XP Run Commands - Also Work On Vista and Windows 7, 8.
Document3 pages
XP Run Commands - Also Work On Vista and Windows 7, 8.
Monoc
No ratings yet
Ntbtlog
Document52 pages
Ntbtlog
dudanisu
No ratings yet
CMD Exe
Document15 pages
CMD Exe
ovex
No ratings yet
Figure 7: Export Inventory Management System Data Topology Diagram
Document16 pages
Figure 7: Export Inventory Management System Data Topology Diagram
Devika Rani
No ratings yet
CC 20200627 103932
Document19 pages
CC 20200627 103932
Fika Aditya
No ratings yet
Virus Scan Exclusions For Microsoft Products
Document19 pages
Virus Scan Exclusions For Microsoft Products
sontogu
No ratings yet
Hardening Win8
Document61 pages
Hardening Win8
Oageng Escobar Baruti
No ratings yet
MBRCheck 04.12.12 16.30.06
Document4 pages
MBRCheck 04.12.12 16.30.06
jasmina_cip
No ratings yet
Windows Registry
Document19 pages
Windows Registry
Danstan Akwiri
No ratings yet
Blancco File Eraser Administrators Manual en US
Document24 pages
Blancco File Eraser Administrators Manual en US
Salvador Quezada
No ratings yet
XP Env Vars
Document2 pages
XP Env Vars
Vlad Varna
No ratings yet
Module 011 Log Analysis
Document19 pages
Module 011 Log Analysis
Rakesh Pandey
No ratings yet
Converter Log Analysis
Document18 pages
Converter Log Analysis
Chakradhar Kaveri
No ratings yet
SDSDFFSD
Document25 pages
SDSDFFSD
yuihwebfyiwebuifbweu
No ratings yet
Ntbtlog
Document32 pages
Ntbtlog
Victor Fernandez
No ratings yet
System32 Exe Fajlovi Objasnjenja
Document7 pages
System32 Exe Fajlovi Objasnjenja
snowyns
No ratings yet
Registry Trash Keys Finder (Version 3.9.3.x) CLEANUP of JAN 09 2015 8-20 AM
Document1 page
Registry Trash Keys Finder (Version 3.9.3.x) CLEANUP of JAN 09 2015 8-20 AM
k2tz2013
No ratings yet
Devart-Register x64 DownLoadLy - Ir
Document2 pages
Devart-Register x64 DownLoadLy - Ir
h4leluy4h
No ratings yet
Windows 10 Pro 64-bit Computer Specs
Document62 pages
Windows 10 Pro 64-bit Computer Specs
Csongor Dobos
No ratings yet
Check Driver Installation
Document4 pages
Check Driver Installation
Zachary Campos
No ratings yet
PCSuite Cleaner Log
Document10 pages
PCSuite Cleaner Log
Sayed Asif
No ratings yet
Resolve P2V Migration Issues with HyperV 0x0000007B Error
Document7 pages
Resolve P2V Migration Issues with HyperV 0x0000007B Error
aliprosmetic
No ratings yet
Speccy Report - ADMINISTRATOR
Document81 pages
Speccy Report - ADMINISTRATOR
Muhammad Osman Khan
No ratings yet
Ntbtlog
Document24 pages
Ntbtlog
TriệuKimDuy
No ratings yet
GameRanger Launch Log
Document7 pages
GameRanger Launch Log
Bruno Trindade
No ratings yet
Windows Registry Analysis PDF
Document62 pages
Windows Registry Analysis PDF
Shaik Abdul Muneer
No ratings yet
What Changed Snapshot1 Registry HKLM
Document6,762 pages
What Changed Snapshot1 Registry HKLM
karenmiina159
No ratings yet
Root Key Functions and Registry Examination
Document13 pages
Root Key Functions and Registry Examination
Vitalis Mutsimba
No ratings yet
MBRCheck 01.225 15.22.54
Document5 pages
MBRCheck 01.225 15.22.54
Cosmin Raduta
No ratings yet
Windows Folders
Document2 pages
Windows Folders
api-237050669
No ratings yet
Win32 Morto.a Malware PDF
Document6 pages
Win32 Morto.a Malware PDF
vishalpunjabi
No ratings yet
ControlSet001 ConfigFlags 113023 3451
Document8 pages
ControlSet001 ConfigFlags 113023 3451
ambataliana0
No ratings yet
Wireshark Display Filters
Document315 pages
Wireshark Display Filters
Kaushal Kishor
No ratings yet
Windows Cmds
Document8 pages
Windows Cmds
Tech Admin
No ratings yet
How To Update Non-Domain Computers Using WSUS
Document2 pages
How To Update Non-Domain Computers Using WSUS
tony
No ratings yet
Windows Registry Analysis
Document62 pages
Windows Registry Analysis
Syeda Ashifa Ashrafi Papia
No ratings yet
STOPDecrypter Log
Document4 pages
STOPDecrypter Log
Anak Imuy
No ratings yet
How To Fix "MySQL Server Has Gone Away" (Error 2006)
Document1 page
How To Fix "MySQL Server Has Gone Away" (Error 2006)
SetyawanWawan78
No ratings yet
DX Diag
Document50 pages
DX Diag
ahmad muhajirin
No ratings yet
Getting Started
Document70 pages
Getting Started
Fernando Duarte
No ratings yet
Computer Architecture and Organization
Document2 pages
Computer Architecture and Organization
Shah Hussain
No ratings yet
Aws-Solutions-Architect - Template 10
Document1 page
Aws-Solutions-Architect - Template 10
Shawn Shaw
No ratings yet
Transcend T Sonic 650 Manual
Document43 pages
Transcend T Sonic 650 Manual
ananthkrk
No ratings yet
C Character Set and Data Types
Document30 pages
C Character Set and Data Types
Sana Mahmood
No ratings yet
ASMO 2021 Technical Guide
Document2 pages
ASMO 2021 Technical Guide
Nancy Kawilarang
No ratings yet
En Productsheet I3sixty R
Document4 pages
En Productsheet I3sixty R
Nicoleta Niţă
No ratings yet
System Restore Methods
Document2 pages
System Restore Methods
Shekhar
No ratings yet
Factory Reset Cisco DCM
Document5 pages
Factory Reset Cisco DCM
Ryan
No ratings yet
Getting Started With SAP UI 5
Document6 pages
Getting Started With SAP UI 5
Yanming Cao
No ratings yet
TAO1221 Computer Architecture and Organization
Document2 pages
TAO1221 Computer Architecture and Organization
TAN SOO CHIN
No ratings yet
5 Capacity Planning
Document35 pages
5 Capacity Planning
inder
No ratings yet
Novo10 Hero II User Manual
Document37 pages
Novo10 Hero II User Manual
Silvia Mabel Alvarez
No ratings yet
Midterm 2
Document8 pages
Midterm 2
Ly Dieu Vu
No ratings yet
Akash Singh
Document2 pages
Akash Singh
Rajat Ratna
No ratings yet
IT224 Chapter 15 Multiple Choice and Exercises
Document6 pages
IT224 Chapter 15 Multiple Choice and Exercises
ashwini
No ratings yet
9780198079064
Document62 pages
9780198079064
Sanjid Elahi
No ratings yet
Wireless Sensor Networks for Battlefield Soldier Monitoring
Document6 pages
Wireless Sensor Networks for Battlefield Soldier Monitoring
Bharathi Raju
No ratings yet
Technical Alert Duplication Partition
Document3 pages
Technical Alert Duplication Partition
AsdrúbalChavesUlloa
No ratings yet
Device Load Monitor With Programmable Meter For Energy Audit
Document3 pages
Device Load Monitor With Programmable Meter For Energy Audit
Mandeep G Kashyap
No ratings yet