Search The Windows Registry

Prior to searching a Windows Registry, users must first add the registry to their project using the following procedures.

To process registry files form the local or remote disk or image users should highlight the windows system directory in content view, right-click and choose "Add to Registry Viewer". The default system directory on a Windows NT 4.0 system is Winnt. In Windows XP the default system directory is Windows. Once the user selects "Add to Registry Viewer" as seen below.

 

 

ProDiscover will scan the directory structure and extract the files needed to process the registry view allowing the registry to be viewed as seen below.  

 

 

Once the desired registry has been added to the current project, users can search the registry for keywords using the "Search" option from the ProDiscover button bar.

 

 

Search results will be displayed as seen below in the "Registry Search Results" tree-view item.