发表新帖
发表新帖

Tracking changes in Windows registry

前端 未结
关注
10 778
暗喜
暗喜 2020-12-12 18:58

Is there a way to track changes in Windows registry? I\'d like to see what changes in the registry are made during installation of various programs.

10条回答
  • 轮回少年
    轮回少年 (楼主)
    2020-12-12 19:56

    When using a VM, I use these steps to inspect changes to the registry:

    1. Using 7-Zip, open the vdi/vhd/vmdk file and extract the folder C:\Windows\System32\config
    2. Run OfflineRegistryView to convert the registry to plaintext
      • Set the 'Config Folder' to the folder you extracted
      • Set the 'Base Key' to HKLM\SYSTEM or HKLM\SOFTWARE
      • Set the 'Subkey Depth' to 'Unlimited'
      • Press the 'Go' button

    Now use your favourite diff program to compare the 'before' and 'after' snapshots.

    0 讨论(0)
 看不清?
提交回复
热议问题