Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

The Structure Of system32\config\system


  • Please log in to reply
5 replies to this topic

#1 WinEggDrop

WinEggDrop

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:37 AM

Posted 05 November 2004 - 01:49 AM

I want to know the structure of system32\config\system on NT platform so I can read the data from that file.

Thanks in advance

BC AdBot (Login to Remove)

 


#2 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,593 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:11:37 AM

Posted 05 November 2004 - 03:22 PM

They are hive files. You will not be able to read them when windows is loaded.

Information can be found here:

http://msdn.microsoft.com/library/default....se/registry.asp

#3 WinEggDrop

WinEggDrop
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:37 AM

Posted 05 November 2004 - 09:03 PM

It must be able to access it because the system restore the registry,it uses these files located at systemroot\config to restory the registry.I just don't know how.Any one knows?

#4 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,593 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:11:37 AM

Posted 06 November 2004 - 01:06 AM

From what I understand you can not access those files directly while windows is running, but you can access the registry and export hives using programming APIs.

http://support.microsoft.com/kb/q145679/

System restore exports hives from the live registry not by accessing those files directly, but by using the above apis to export the information as hives, and stores those copies in c:\_restore c:\system volume information

#5 WinEggDrop

WinEggDrop
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:37 AM

Posted 06 November 2004 - 08:42 PM

I am sure those files are acceptable while the system is running because I have tested some software which can copy those files while the system is running.

#6 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,593 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:11:37 AM

Posted 07 November 2004 - 05:28 PM

What software have you used that can do this?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users