The Windows Registry is a veritable treasure trove of data that can be valuable, or even critical, to an investigation. As such, analysts need to have some familiarity with the Registry, and what can be found within the various hive files. Other resources have provided considerable background information on the Registry itself, as well as what can be found within the Windows XP Registry hive files. Every new version of Windows brings a new application-level structure to the Registry, and this information needs to be explored, documented, and understood.