Sometimes it can be useful to monitor the changes that take place in your registry —particularly the changes that occur as the result of installing a new program or device. Windows Vista does not provide a registry monitoring tool, unfortunately. Using native Windows tools, the best you can do is employ the venerable command-line program Fc.exe to compare registry export files that you create before and after an important registry change. Export a .txt file or .reg file from the branch of the registry that you expect to change (or the entire registry if you’re not sure), install the program or driver (or do whatever it is whose registry effects you want to monitor), repeat the export process (using a different file name), and then, at a command prompt, type
fc /u before.reg after.reg > regcomp.txt
(Substitute the actual names of your snapshot files for before.reg and after.reg.)
The /U switch, which tells Fc to use Unicode, is necessary because .reg files use Unicode. The > symbol saves Fc’s output to a text file, which you can then inspect in Notepad or another text editor.
If that process seems like too much work (it certainly does to us), take a look at Active Registry Monitor, a product by SmartLine Software that is available at http://www.vistaio. com/2602. Active Registry Monitor lets you create any number of before-and-after snapshots of your registry and highlights all differences between any two snapshots.
To track registry changes in real time, we recommend the Sysinternals utility Process Monitor (the successor to the venerable Regmon) (http://www.vista-io.com/2603). The Process Monitor can tell you exactly which processes have read or written to your registry and when each such operation has occurred. Filtering commands let you restrict the program’s output to particular sections of the registry or to particular kinds of operations. For example, if you expect a program to be making changes to keys within HKCU\Software, you can limit Process Monitor’s output to writes within that key.
November 12th, 2007 at 11:25 am
it should be possible to create a batch, to automate this.
But hence where in 2007 and i forgot nearly all batch commands.
But you already hint me..
this is what i have:
if !exist before.reg // check for backup-file
create before.reg //we have to make a dump of the registry here. don’t know how to
create after.reg // dump the current state of the registry,, same problem
fc.exe /u before.reg after.reg > regcomp.txt //this should work
For registry commands: Use REG export, I suppose.. Windows Say this (in dutch)
REG EXPORT naam_sleutel bestandsnaam
>REG EXPORT key_name filename
naam_sleutel HOOFDSLEUTEL\Subsleutel (alleen lokale computer)
>key_name PARENTKEY\Childkey (works only localy)
HOOFDSLEUTEL [ HKLM | HKCU | HKCR | HKU | HKCC ]
>PARENTKEY [ HKLM | HKCU | HKCR | HKU | HKCC ]
Subsleutel De volledige naam van een registersleutel onder de geselecteerde HOOFDSLEUTEL
Childkey Sumbit the full name of de registrykey, under the selected PARENTKEY
bestandsnaam De naam van het schijfbestand waarnaar moet worden geëxporteerd
filename The filename to which it has to be exported
Voorbeeld:
>EG:
REG EXPORT HKLM\Software\MijnCo\MijnToep AppBkUp.reg
Hiermee worden alle subsleutels en waarden van de sleutel MijnToep
geëxporteerd naar het bestand AppBkUp.reg
>All the childkeys of MijnToep will be exported to AppBkUP.reg