How can I tell what changes are made to the registry?

A. Using the regedit.exe program it is possible to export portions of the registry. This feature can be used as follows:

  1. Start the registry editor (regedit.exe)
  2. Select the key you want to monitor
  3. From the Registry menu select "Export registry file"
  4. Enter a file name (notice if you want to export the whole registry just select the "Export Range All") and click OK
  5. Perform the change (install some software or change a system parameter)
  6. Rerun steps 1 to 4 using a different file name
  7. Run the two files through a comparison utility (for example windiff.exe)
  8. If you are using windiff, select Compare Files from the File menu and you will then be prompted to select the 2 files to compare.
  9. Once compared a summary will be displayed stating if there are differences, to view the changes double click on the message
  10. Press F8 to view the next change (or select next change from the view menu)
  11. You have now found what changed!

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish