Full Disclosure mailing list archives

Re: Windows Registry Analzyer

From: "Dave Korn" <davek_throwaway () hotmail com>
Date: Thu, 3 Mar 2005 19:51:09 -0000

"Cassidy Macfarlane" wrote in message
news:6C822FACDE1C534CA72836EC615EFC4D3E58 () mail dm.local...

You can, of course, use regmon (sysinternals.com) to monitor the
registry 'live' while changes are being made, however it sounds like you
want a product that would analyse the reg, then re-analyse after
installation, and report on changes.

This would indeed be a handy tool.  Anyone know of anything better than
regmon for this purpose?


  Yes, absolutely.  It's called "InCtrl5" and it is *exactly* what you both
want.

  You run it once, it snapshots the state of the registry, the entire
contents of your HD, and the content of all the various text files such as
autoexec.bat / win.ini / boot.ini / autoexec.nt (etc).  Then it exits.  You
install whatever it is you wanted to install, then run it again; it takes
another snapshot, then compares the two and makes you a nice report showing
*every* change to your system - registry keys and values added, deleted or
modified; files and directories added, deleted or modified; and any changes
to those startup-script text files.

  It needn't be an install.  It'll tell you whatever differences there are
between the before and after snapshots.  What you do in between those two
times is up to you.  For instance it's quite interesting to take a snapshot,
do a reboot, and run the comparison when the machine boots up again, to see
how much volatile stuff gets changed every time you reboot windows.  Or you
can *un*install something, and by checking against the original installation
report (or by snapshotting, installing, running, then uninstalling the app
straight away before finally getting the comparison report) see if it's left
any traces behind.

  It's incredibly useful.  You'll have to google for it though.  It was
originally given away by some PC magazine or other, but they've restricted
access to their archives now.  See what you can find.

    cheers,
      DaveK
-- 
Can't think of a witty .sigline today....



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

RE: Windows Registry Analzyer, (continued)
- RE: Windows Registry Analzyer Aditya Deshmukh (Mar 03)
- RE: Windows Registry Analzyer Cassidy Macfarlane (Mar 03)
  - Re: Windows Registry Analzyer Danny (Mar 03)
    - Re: Windows Registry Analzyer Eric Windisch (Mar 03)
    - Re: Windows Registry Analzyer Dave Korn (Mar 03)
    - Re: Re: Windows Registry Analzyer Michael Holstein (Mar 03)
    - Re: Re: Windows Registry Analzyer Eric Windisch (Mar 03)
    - Re: Windows Registry Analzyer Raoul Nakhmanson-Kulish (Mar 04)
    - RE: Re: Windows Registry Analzyer Aditya Deshmukh (Mar 05)
  - Re: Windows Registry Analzyer Dave King (Mar 03)
  - Re: Windows Registry Analzyer Dave Korn (Mar 03)
    - Re: Re: Windows Registry Analzyer Michael Holstein (Mar 03)
  - RE: Windows Registry Analzyer Aditya Deshmukh (Mar 03)
    - Re: Windows Registry Analzyer joey (Mar 03)
- RE: Windows Registry Analzyer Todd Towles (Mar 03)
- RE: Re: Windows Registry Analzyer Handy, Mark (IT) (Mar 03)
  - RE: Re: Windows Registry Analzyer Ron DuFresne (Mar 04)
- RE: Windows Registry Analzyer Davison, Nigel (Mar 04)