windows registry How to Monitor Changes in Windows Registry with RegShot

[SURbit]

How to Monitor Changes in Windows Registry with RegShot

 

With a Minimalistic free program called RegShot.

 

Downloading RegShot

 

RegShot is available through its SourceForge project page and downloads as a compressed .7z file. Programs like WinRAR, 7-Zip and WinZip should be able to handle this file format by default.

Upon opening the archive, you’ll find a few different versions of RegShot. Those marked “RegShot-x64” should be used on a computer running a 64-bit operating system, while “RegShot-x86” versions should be used on a 32-bit operating system.

The difference between the “ANSI” and “Unicode” files is how they handle character encoding. If your language settings have non-Latin characters (e.g. Russian, Korean, or Chinese), you may wish to use the Unicode version.

 

 

If you’re not sure whether your computer is running a 32- or 64-bit operating system, open Windows Explorer, right click “This PC” (called “My Computer” on Windows 7 and earlier) and select “Properties.”

Usage

 

RegShot’s utility is not fully visible until you run it twice, first before installing software and again afterwards. RegShot takes a “snapshot” of the registry allowing you to compare any changes made.

 

Opening the program will yield the above screen – as you can see, the design is very straightforward.

 

 

Click “1st Shot” to view a few options. “Shot” will temporarily snapshot the registry, whereas “Shot and save” will retain the log for the future. “Load” will allow you to revisit an older snapshot that was saved.

 

Whether you choose “Save” or “Save and shot,” RegShot will begin its task. Along the bottom of the window, it will show how many keys have been logged and the time it has taken. Estimating how long it will take is very difficult – it took just under a minute in our testing.

 

Go ahead and install your chosen software; you’ll be surprised at just what is changed in the background.

 

 

Run RegShot again by clicking “2nd Shot” and selecting to either “Shot” or “Shot and save.” Leave the program to complete its snapshotting; again it may take a few seconds to complete the process.

 

 

Select the comparison format you wish to use. HTML is undoubtedly more aesthetically pleasing but takes longer to open. Both formats have their own uses. Note that if you choose only to temporarily snapshot the registry, you will only be able to view one of the two methods and will have to perform another scan to be able to view the other. While not a major issue, it’s a small hindrance you should be aware of.

 

Whatever the case, you can save the files if you wish to, or you can discard them.

 

Conclusion

&

RegShot takes an interesting part of modern computer usage and makes it relatively simple to monitor. The amount of keys changed, removed or added to the registry with an average software installation is quite surprising.

 

Given that the program itself does not require installation, it can be a worthwhile download: installing a suite of programs like Microsoft Office would likely show major internal changes to the registry.

SOURCE

 

SourceForge project page and download

 

 

[dabourzannan]

First thank you for this post. What I would like to know if this program can show the hidden keys, because when uninstalling trial software those keys remains and over time it could make a problem.