Skip to main content

8 Tools to Track Registry and File Changes by installing a software

By

1. Regshot unicode
Regshot is a long running utility that can quickly take a before and after snapshot of the system registry. Also in the more recent unicode version it’s gained the ability to monitor for file changes using CRC32 and MD5 file checksums although this function is turned off by default and you have to go to File -> Options -> Common Options -> and tick “Check files in the specified folders” to enable it. Only the Windows folder is entered into the list of watched folders so you have to enter any others yourself through the Folders tab. This version also added the Connect to remote registry option.
RegShot
Regshot is very much a “hands on” utility and is more for experienced or advanced users to quickly check for system changes between two different points in time. Simply create the 1st shot, install the software or run the program you want to watch, and then press 2nd shot. After comparing the differences in the 1st and 2nd shots, it will open an HTML log in your browser listing all the detected changes. Being only a few hundred KB and portable, Regshot is an extremely valuable tool to have around. The original Regshot is still very slowly being developed and there is a recent beta with separate 32 / 64-bit and ANSI / Unicode versions that can be found at SourceForge.
2. InstallWatch Pro
InstallWatch Pro is quite an old utility which works in a similar way to RegShot in that it tracks any changes made to your registry and files between 2 given points in time although this program is more specifically designed for tracking installs. The program is quite detailed in what it can track and includes additions, deletions, or modifications to files and directories, INI files and the system registry.
InstallWatch Pro
The good thing about InstallWatch is the easy to read way in which the results are displayed because it behaves just like a standard Explorer window with an expanding tree view of the sections on the left. While the program is running it will detect if you run a setup installer and ask to create a before snapshot, or you can simply click the Snapshot button on the toolbar. After install, it will ask to create the after snapshot or you can use the Analyze button. The result can then be browsed or individual sections can be exported to text or HTML. All installs are instantly accessible from the tree view and there is also a useful search function.
3. SpyMe Tools
This utility has something the others in the list don’t which is a function to monitor a drive or folder in real time for file changes and could prove a useful addition when doing a bit of troubleshooting. SpyMe Tools is a quite an old program but is still perfectly capable at creating before and after snapshots to watch an install or software for changes. It does have one drawback though because there is only the facility to snapshot either files or registry, not both together, changeable in the Current Mode option on the toolbar.
SpyMe Tools monitor installation
Like InstallWatch Pro the interface looks a lot like Explorer so you should feel at home navigating around. The way SpyMe Tools works is slightly awkward because you have to click the Scan button and save the snapshot, install or run the software to track, then click the Scan button again and save another snapshot with a different name. Both are then tested for changes using the Compare button and the results will show in the window. The differences between the 2 snapshots can be saved as a text file. SpyMe Tools is also a portable program.
4. InCtrl5
InCtrl5 is an incredibly old tool dating way back to the year 2000 but some users may have heard or used it before, and it can still do a job with a little bit of effort. There are one or two issues with it though which require a bit of knowledge to use the program effectively. First, unsurprisingly InCtrl5 will need to be run in compatibility mode for Windows Vista, 7 or 8. Secondly, there is an issue with it’s output results for 64-bit users as it won’t display the Software\Wow6432Node registry keys as coming from there, but will instead show them as coming from simply Software, something to watch out for.
InCtrl5
Using the program is pretty easy and it will track changes to the registry, drives and folders, ini files and also specific text files. Inclusions and exclusions can be configured by using the What to track buttons. After selecting the installer you want to track, it will create the before snapshot for you. Then you install the software and press the Install Complete button to create the after snapshot and the analysis, which could take a little while. The result will then open up a window where it can be viewed or saved as HTM, TXT or CSV files formats.
5. InstallSpy 2
Although not quite as old as InCtrl5 above, InstallSpy dates back to 2003 but could prove useful because of the massive amount of options available for monitoring. This tool is good for not just for tracking file and registry changes during an install, but also for general execution of programs through the monitoring of shell events like file type association or attribute changes, drive or media insertion and removal, server disconnect, folder sharing and a lot more.
InstallSpy
InstallSpy runs according to a series of wizard like steps from 1 to 7. The 1st step is used to load the setup installer or application to monitor, or if you just want to track changes between 2 points in time, click the Yes button. Then proceed through the steps following what it tells you to do until the before and after snapshots have been analyzed and the differences report file opened as an HTML document. There can be quite a lot of entries in the report file because of the amount of configuration options available so it might be a wise idea not to turn everything on thinking you’ll get a better report because of it.
6. SysTracer
The full version of SysTracer isn’t a free tool but there is a restricted free version available. Some things including the comparing and exporting of snapshots is limited and you also can only create 5 snapshots at a time, although you can reset that by using the portable version and deleting the folder after using the program, then extracting it again. Apart from the standard files and registry, SysTracer can track a number of other items during a snapshot including system services, drivers, startup applications, running processes and loaded dlls.
systracer
SysTracer can also has a remote scan option to take snapshots of network computers although it does need installing to use this mode. Simply go to the Snapshots tab and click Take snapshot to start the tracing process. You can then select the areas of the system to scan and once complete (it will take a minute or 2), install your application. Then click the Take Snapshot button again to create the the after snapshot, followed by the Compare button at the bottom. The Registry, Files and Applications tabs can be individually analyzed and exported, or the whole list can be exported to HTML from the Snapshots tab. There are separate 32-bit and 64-bit versions available.
7. WhatChanged
Although it’s a pretty basic tool, we thought WhatChanged was worth a mention because it’s a small self contained portable executable of under 100KB and can record the changes from selected parts of the registry and drives or folders from the single window. The program is quite similar to Regshot in its operation and easy to use, a text file with the differences will be created on completion.
whatchanged
By default both the registry and file scanning options are turned off, so you simply turn on what you need and configure the drives/folders or areas of the registry you want to track, then press the Step #1 baseline snapshot button. Then after the software install, press the Step #2 Compare button to get the after snapshot and comparison text file result. The downside of WhatChanged is the very slow speed of the 2nd snapshot and compare which can take several minutes. It will create 4 or 5 text snapshot files in the same folder as the executable which can be deleted afterwards or by using the Clean temp files button.
8. TrackWinstall
TrackWinstall offers two kinds of snapshot from its main window. The one click mode where it will create the before snapshot, ask you to install the software, and then create the after snapshot with the comparison between the two at the end. And the second mode offers a 2 phase process which will create the first snapshot and then save it. Then you can install the software or perform other tasks such as having to reboot, and then return to TrackWinstall when you’re ready to take the second snapshot and complete the process.
trackwinstall
You can choose to enable or disable registry tracking and custom locations can be set for file tracking. By default file tracking is horribly slow because 2 of the 3 default locations (\Windows and \Common Files) are set up to record MD5 checksums which adds several minutes to each snapshot creation. You can delete these folders and add them in again using the quicker time stamp mode but these changes never get saved and have to be re-entered next time you run the program. You can’t save the information in the compare differences window but can instead copy the data to a text editor etc, right clicking any entry will search Google for it. TrackWinstall is completely portable with separate 32 and 64-bit versions available.


Labels:

Comments

  1. AnonymousThursday, July 02, 2020 1:15:00 PM

    This is a blatant theft of https://www.raymond.cc/blog/tracking-registry-and-files-changes-when-installing-software-in-windows/. Get original content or delete your waste of a blog.

    ReplyDelete

Post a Comment

share your thoughts ....

Popular posts from this blog

20 Windows Keyboard Shortcuts You Might Not Know

By
Global Windows Shortcuts Win+1, 2, 3, 4, etc. will launch each program in your taskbar. It is helpful then to keep your most used programs at the beginning of your task bar so you can open them one right after another. This also works in Windows Vista for the quick launch icons. Win+Alt+1, 2, 3, etc. will open the jump list for each program in the taskbar. You can then use your arrows to select which jump list option you want to open. Win+T will cycle through taskbar programs. This is similar to just hovering over the item with your mouse but you can launch the program with Space or Enter. Win+Home minimizes all programs except current the window. This is similar to the Aero shake and can be disabled with the same registry key. Win+B selects the system tray which isn’t always useful but can come in very handy if your mouse stops working. Win+Up/Down maximizes and restores down the current window so long as that window has the option to be maximized. It is exactly t...
Post a Comment
Read more

what is LOREM ipsum and why do designers use it

By
What is Lorem Ipsum? Lorem Ipsum  is simply dummy text of the printing and typesetting industry. Lorem Ipsum has been the industry's standard dummy text ever since the 1500s, when an unknown printer took a galley of type and scrambled it to make a type specimen book. It has survived not only five centuries, but also the leap into electronic typesetting, remaining essentially unchanged. It was popularised in the 1960s with the release of Letraset sheets containing Lorem Ipsum passages, and more recently with desktop publishing software like Aldus PageMaker including versions of Lorem Ipsum. Why do we use it? It is a long established fact that a reader will be distracted by the readable content of a page when looking at its layout. The point of using Lorem Ipsum is that it has a more-or-less normal distribution of letters, as opposed to using 'Content here, content here', making it look like readable English. Many desktop publishing packages and web page editors now...
Post a Comment
Read more

Java API call Example using GSON, org.json.json and Jackson [ Simple Get Call] and parsing result as JSON

By
import com.fasterxml.jackson.databind.JsonNode ; import com.fasterxml.jackson.databind.ObjectMapper ; import com.google.gson.* ; import org.json.JSONArray ; import org.json.JSONObject ; import java.io.* ; import java.net.HttpURLConnection ; import java.net.URL ; public class APICALL { public static void main (String[] args) throws IOException { // String url="https://mocki.io/v1/19a50724-c2e5-46a1-b457-543462cdfde2"; String url= "https://jsonplaceholder.typicode.com/users" ; String line ; StringBuilder resp= new StringBuilder() ; System. out .println(url) ; HttpURLConnection con= (HttpURLConnection) new URL(url).openConnection() ; con.setRequestMethod( "GET" ) ; con.setRequestProperty( "Accept" , "application/json" ) ; System. out .println(con.getResponseMessage()) ; System. out .println(con.getContentType()) ; InputStream inputStream=con.getInput...
Post a Comment
Read more

How to Put Google Adsense Below Post Title in Blogger?

By
Adsense is used by majority of expert bloggers for their website monetization because it is a cookie based contextual advertising system that shows targeted ads relevant to the content and reader. As bloggers are paid on per click basis, they try various ad placements on the blog to  increase the revenue  and get maximum clicks on the ad units. Well, on some blogs, you might have seen Adsense ad units placed below the post title. Do you know why? It is because the area just below the post title gets the most exposure and is the best place to put AdSense ad units to increase  Click Through Rate (CTR). Even though ads below post title work like a charm but this doesn’t mean that it will work for you as well. If you want to find out the best AdSense ads placement for your blog, try experimenting by placing ads at various locations such as header, sidebar, footer, etc. You can try other  blog monetization methods  as well to effectively monetize y...
Post a Comment
Read more

Google hoaxes and easter egges

By
Easter eggs [ edit ] Google has added many  Easter eggs  to its products and services. Calculator [ edit ] The Calculator accepts many  humorous units of measurement , including the  Beard-second  (5 nm),  Potrzebie  (2.2633 mm),  Smoot  (5 ft, 7 inches), ngogn (11.5938151 ml), blintz (36.4253863 g),  donkeypower  (250.033167 W); and the prefixes  hella - (10^27), furshlugginer- (10^6), etc. The Calculator recognizes a number of strings as numbers. They can be entered by themselves or used in expressions. They must be entered without quotation marks. When used in an expression, the phrases must be entered in lowercase. In addition to mathematical and scientific constants like  pi ,  e  and  Avogadro's number  the Calculator also accepts: "the answer to the ultimate question of life, the universe, and everything"  equals  42  as does  "the answer to life, the...
Post a Comment
Read more

remove virus without antivirus

By
want  to remove virus without antivirus here it is Start->Run->type cmd in each drive type attrib /s /d it will display the list of all files in that drive along with folders.concntrate on files having SHR attribute.normally virus files have two characteristics 1.SHR attribute 2.Queer name like amvo.exe,r6r.exe,autorun.inf etc. Noteme system files also have this attribute like MSDOS.SYS,IO.SYS etc so before deleting googling about that file will help. to delete these files type c:\>del /f /s /a >> to view the content of files with .inf,.vbs,.c etc i.e files which r not batch files or executables.goto explorer n then goto the required drive or folder n type the filename with extension it wil open up in notepad. >>there is another method also.goto the required location n type attrib -s -h -r filename then use gui to see that hiiden file.if it is not n exe or .bat or then open it with notepad.Here you will get some information like a file na...
Post a Comment
Read more

Creating an Executable Jar File

By
Creating a jar File in  Eclipse In  Eclipse  Help contents, expand "Java development user guide" ==> "Tasks" ==> "Creating JAR files."  Follow the instructions for "Creating a new JAR file" or "Creating a new runnable JAR file."The  JAR File  and  Runnable JAR File  commands are for some reason located under the  File menu: click on  Export...  and expand the  Java  node. Creating a jar File in  JCreator You can configure a "tool" that will automate the jar creation process.  You only need to do it once. Click on  Configure/Options . Click on  Tools  in the left column. Click  New , and choose  Create Jar file . Click on the newly created entry  Create Jar File  in the left column under  Tools . Edit the middle line labeled  Arguments:  it should have cvfm $[PrjName].jar manifest.txt *.class Click OK. Now set...
Post a Comment
Read more

Streamlining Java Web Application Deployment with React WAR Generator

By
In the ever-evolving world of web development, managing builds and deployments can often be cumbersome and error-prone. Today, we're excited to introduce a tool designed to simplify and streamline this process: the React WAR Generator . What is the React WAR Generator? The React WAR Generator is a Python-based tool that automates the creation of WAR (Web Application Archive) files for Java web applications. It caters specifically to frontend projects built with React or similar frameworks, making it easier to package and deploy your web applications to a Tomcat server. Key Features Profile-Based Builds : With support for multiple profiles ( dev , test , prod , default ), you can build your application according to different environments and configurations. Version File Generation : Optionally generate a version file that integrates versioning information directly into your TypeScript files, ensuring your build versions are always up-to-date. Tomcat Deployment : Simplify your deploy...
Post a Comment
Read more

Samsung mobile cheat codes

By
* Software version: *#9999# * IMEI number: *#06# * Serial number: *#0001# * Battery status- Memory capacity : *#9998*246# * Debug screen: *#9998*324# – *#8999*324# * LCD kontrast: *#9998*523# * Vibration test: *#9998*842# – *#8999*842# * Alarm beeper – Ringtone test : *#9998*289# – *#8999*289# * Smiley: *#9125# * Software version: *#0837# * Display contrast: *#0523# – *#8999*523# * Battery info: *#0228# or *#8999*228# * Display storage capacity: *#8999*636# * Display SIM card information: *#8999*778# * Show date and alarm clock: *#8999*782# * The display during warning: *#8999*786# * Samsung hardware version: *#8999*837# * Show network information: *#8999*638# * Display received channel number and received intensity: *#8999*9266# * *#1111# S/W Version * *#1234# Firmware Version * *#2222# H/W Version * *#8999*8376263# All Versions Together * *#8999*8378# Test Menu * *#4777*8665# GPSR Tool * *#8999*523# LCD Brightness * *#8999*377# Error LOG Menu *...
Post a Comment
Read more

keyboard-shortcuts-that-work-in-all-web-browsers

By
Each major web browser shares a large number of keyboard shortcuts in common. Whether you’re using Mozilla Firefox, Google Chrome, Internet Explorer, Apple Safari, or Opera – these keyboard shortcuts will work in your browser. Each browser also has some of its own, browser-specific shortcuts, but learning the ones they have in common will serve you well as you switch between different browsers and computers. This list includes a few mouse actions, too. Tabs Ctrl+1-8 – Switch to the specified tab, counting from the left. Ctrl+9 – Switch to the last tab. Ctrl+Tab – Switch to the next tab – in other words, the tab on the right. (Ctrl+Page Up also works, but not in Internet Explorer.) Ctrl+Shift+Tab – Switch to the previous tab – in other words, the tab on the left. (Ctrl+Page Down also works, but not in Internet Explorer.) Ctrl+W, Ctrl+F4 – Close the current tab. Ctrl+Shift+T – Reopen the last closed tab. Ctrl+T – Open a new tab. Ctrl+N – Open a new browser window....
Post a Comment
Read more