Windows Under the Hood

Unit Introduction to Computer Systems

  • Course Code: ICT 1001

  • Year: 2009

  • Institution: Bahrain Polytechnic

Overview

In this unit, students will cover key aspects of computer systems including the Registry, the Windows boot process, process management, and tools for programming in Windows.

The Windows Registry

What is the Registry?

  • The Registry is a comprehensive database that stores all essential information regarding the PC's hardware, network settings, user preferences, file types, and application data.

  • Windows keeps Registry files in the \%SystemRoot%\System32\config folder.

Accessing the Registry

  • Access to the Registry is provided through the Registry Editor, which can be opened by entering regedit in the command prompt or through the Start menu search bar.

Structure of the Registry

Root Keys

  • The Registry is organized in a hierarchical tree structure with five main root keys:

    • HKEY_CLASSES_ROOT: Contains information on registered file types and their associated applications.

    • HKEY_CURRENT_USER: Contains user-specific settings and configurations.

    • HKEY_USERS: Holds information for all users currently on the PC.

    • HKEY_LOCAL_MACHINE: Stores settings that apply to the physical machine irrespective of users.

    • HKEY_CURRENT_CONFIG: Contains information about the current hardware configuration.

Subkeys and Values

  • Root keys can contain subkeys, and each subkey may have subordinate subkeys or values. The Registry Editor displays root keys and subkeys on the left and their corresponding values on the right.

Registry Nomenclature

  • Registry paths are expressed in a specific syntax; for example, HKLM\SOFTWARE\Blizzard Technologies\World of Warcraft indicates the location of a specific value in the Registry.

  • Values stored can vary by data types:

    • String Value: Contains text data.

    • Binary Value: Stores binary data (1s and 0s).

    • DWORD Value: Specific binary values limited to 32 bits.

    • QWORD Value: Binary values limited to 64 bits.

Manual Registry Edits

  • It is crucial to backup the Registry before making any manual edits, as incorrect modifications can lead to application failure or system boot issues.

  • The Registry Editor has an Export feature that allows you to save the whole Registry or specific roots/subkeys.

Windows Boot Process

Overview of Boot Process

  • Windows supports both BIOS and UEFI boot processes.

    • BIOS-based boot: Scans for a bootable disk and loads the MBR (Master Boot Record) which in turn loads the boot sector pointing to bootmgr, and then winload.exe.

    • UEFI boot: Bootmgr loads directly without the need for MBR.

Critical Boot Files

  • Boot Configuration Data (BCD): Contains information about installed operating systems and their boot processes.

  • winload.exe: Extensive functionality includes loading the hardware abstraction layer, system Registry, and drivers before the operating system takes over.

Processes, Services, and Threads

Understanding Processes

  • Once a program is initiated, it is loaded into RAM as a process which instructs the CPU on tasks to execute.

  • Windows, as a multitasking operating system, can handle numerous processes concurrently.

Types of Processes

  • Applications: User-facing processes run on the screen.

  • Services: Background processes that provide support tasks without direct user interaction.

Task Manager Overview

Accessing Task Manager

  • To open Task Manager in Windows Vista/7:

    • Press CTRL+SHIFT+ESC

    • Search for "taskmgr" in the Start menu

    • Press CTRL+ALT+DELETE and select Task Manager.

Task Manager Features

  • Applications tab: Lists running programs; allows forced shutdowns and task switching.

  • Processes tab: Displays all processes running on the system along with resource usage stats such as CPU time and RAM.

  • Performances tab: Shows essential metrics like CPU usage and available physical memory.

Performance and Monitoring Tools

Reliability and Performance Monitor

  • Tools to analyze resource usage across metrics to help monitor system performance.

  • Objects and counters enable tracking of specific resources such as memory and disk activity.

Component Services

  • Allow for sharing data objects between applications on a local machine or network.

  • Often requires minimal manual interaction; only essential during troubleshooting or application needs.

Data Sources

  • ODBC (Open Database Connectivity): Standardized method for database access in various environments, managed through the ODBC Data Source Administrator.

Additional Topics

System Restore

  • Enables restoration to previous system states to address issues from system instability.

Safe Mode

  • Runs Windows with minimal drivers and services for troubleshooting issues during boot failures.