Compare Registry Snapshots with Regshot
Regshot is a free program for the Windows operating system that enables you to compare two snapshots of the Windows Registry and directories.
Taking Windows Registry snapshots can help you analyze changes that have been made to the system during a set period of time. The time being of course the days, hours or minutes between the first and second snapshot.
Regshot is a software that enables you to take Windows Registry and folder snapshots, and compare two of the snapshots that have been crated with each other to find out what changed in the time between the creation of the first and second snapshot.
This can be useful to find out exactly what a software installer changed on a system for instance, or if files in a folder of interest were modified.
Regshot Review
Regshot is a portable program that comes as a 32-bit and 64-bit version both as ANSI and Unicode versions.
The interface is functional and provides you with the following configuration options:
- Select whether you want to compare the logs using a plain txt or HTML document.
- Add directories that you want included in the scan. Separate the paths of folders using ";".
- Set the output path for the data.
- Add a comment to the log.
- Create the 1st and 2nd snapshot of the Registry and, if selected, directories.
- Compare the two snapshots with each other, and have Regshot create the comparison log for you.
Once you are ready to create the first snapshot hit the 1st shot button to do so. Regshot gives you the option to create the first snapshot with or without saving it to the local system.
Saving enables you to load it at a later point in time. This can be useful if you want access to a default snapshot, for instance directly after the installation of the Windows operating system or the most recent update.
Another interest application for Regshot is to compare how well a program's uninstaller removes files and Registry information that were added during the software's installation. If the program recorded 1000 changes in total during the installation of a program on the machine, it should match that number during uninstallation and any variation of it may indicate leftover data.
If you don't save the snapshots, they will be lost when you close the program.
The same options are provided for the second snapshot. Once you have created or loaded two snapshots in Regshot, you may hit the compare button to have the program create a compare log file that highlights all differences in the two snapshot files.
The log file displays the date and time of both snapshots at the top, the computer name, and the name of the user used to run the program.
It then highlights the following information:
- Keys added or deleted highlighting any Registry key that got added or deleted.
- Values added or deleted highlighting Registry values added to keys or removed from keys.
- Values modified listing Registry keys and values that were modified.
The comparison file can be extremely large depending on when the two snapshots were created. It is therefore usually best to make sure the time between both snapshots is as short as possible to prevent the log file from filling with unrelated data.
Also, you may need to load the comparison file in a compatible program, as the size of it may be too large for it to be opened in the default text editor Notepad.
Closing Words
Regshot is a mighty useful program for Windows, not only to monitor the installation of software on the system, but also changes during Windows updates or simply monitoring what a program does while it is running.
Alternatives
We have reviewed quite a few Regshot alternatives in the past years. Here is a quick selection of programs that offer similar functionality:
- Event Monitor Service monitors file creations and deletions, the Registry, and several other events. It saves all information to a log that you can access at any time.
- Registry Alert is a free Registry monitoring program. On top of that, it can be configured to alert you whenever changes are made to monitoring keys.
- Registry Finder is an advanced Registry editor that ships with an option to list Registry changes by date and time.
- Reg From App puts the focus on specific applications. It monitors one application and displays all the changes it made to the Windows Registry.
- What Changed works in pretty much the same way as Regshot. Create two snapshots, and compare those. It does provide options to scan only select Registry hives and not all of them though.
@Martin Brinkmann: with all due respect, this is now such a basic function, esp. for people reading your articles, that this article is like explaining to the readers how to calculate 1+1.
Yes, I have to agree with this. I can’t imagine that there are many spreadsheet users who are computer literate enough to even casually read ghacks, but don’t know how to use a SUM function.
@Klass Vaak & Herman Cost
Ever thought that people might google it so this artice might show up in the search results. So..no it’s not useless. I think it’s a good strategy explaining stuff even if it’s just basic things. Every day there is a new user on the internet searching for this kind of tutorial.
@Malte: you make a good point, in principle. Nevertheless, nowadays telling people how to do a sum calculation, the simplest of the simple, in a spreadsheet is like teaching grandma to suck eggs.
If say an elderly person would be sitting in front of a spreadsheet wondering how to sum a number of cells, that person is unlikely to look it up on internet, but would ask one of her/his children.
And in any case, Ghacks is not a spreadsheet tricks and tips site, so it would not show up high in the ranking in a Google search.
I`m an elderly person. 71.
My experience in computers spans 50 years, focused on Unix internals, advanced degrees.
I look to the internet for answers, since my children hate me and wouldnt tell me “jack”, even if they knew the answer.
I dont know how to “suck eggs in principle”, or anything else for that matter. I’m retired and not interested in learning. Some other guy learned “the theory of sucking things.”
Never needed spreadsheets, always too darn busy. Thanks for this info. Now I know how to sum two cells.
Everyone starts somewhere.
I am an elderly person and I can use sum, sumif, sumifs and so on. My kids come to me for knowledge on how to use excel and other programs ;)
But then, I was in IT my entire career before I retired :)
There are basic sites, and there are advanced sites. GHacks used to be more for people with technical knowledge. You can’t be everything to everyone though that seems to be the trend these days. Since it’s all about clicks and click bait the wider the topics the more you can remain “relevant”…
However, that mentality tends to alienate the more technical people. I find myself spending less time here every month. It won’t be long before I stop coming here altogether.
I have no mobile or wireless technology.
Anything google or apple is insidious to me. And that accounts now for most of the content here.
As to this article. Avast, and all of their products are untrustworthy. There has been much controversy and negativity regarding their products. I would think a reputable site would be more careful in what they publish… err, sorry, advertise.
@Klaas Vaak: In Martin’s defense, it’s the day after Christmas, and some eggnog recipes pack a *real wallop*. Maybe we’re lucky he could type at all. ;-) More seriously, I don’t use Calc super-often, I typically type in the =SUM() function manually, and I’d actually *forgotten* where the Σ button is located in Calc. (The last time I was a heavy spreadsheet user, it was in an older version of Excel and I’m pretty sure the Σ button was somewhere on one of the “regular” toolbars.) So, the article actually did have a small payoff for me. Plus, there might be other intermediate or advanced users of other types of programs (graphics, audio, video, word-processing) who have never used a spreadsheet in their lives. It’s kind of hard to imagine, I know, but it’s possible.
You were not born with the knowledge you have now. You once had to learn too.
So get down off your high horse, grow up and show a little respect for others who need details.
Overall LO has become a good SW, what prevents me to use it is:
https://wiki.documentfoundation.org/Development/Calc/XMLSource
“it will not store the information about the data source once the data is imported”
Until that functionality is implemented I’m forced to use M$ Office (2003).
@SpywareFan: an interesting alternative for M$ Office is Softmaker’s FreeOffice.
@Klaas Vaak
I have the Softmaker’s Free Office Suite in my computer – – and I LOVE IT!
intelligencia
In the FreeOffice manuals there is no reference to XML data mapping functions.
Another vote for Softmaker’s Free Office, a very nice alternative to MS Office.
Yes, I use functions in Calc: Average, Min and Max. I use the mouse to select the cells.
I don’t usually have to use Sum.
Thanks for the info, and could we have more tips for LibreOffice?
I find that the documentation does not keep up with the changes in LibreOffice.
Also, it is hard to find info in the help documentation.
Thanks Martin for all your great work you put in to make our live easier. Have a nice and healthy 2021.
To all those complaining about this being a simple ‘101’ function: it’s Martin’s blog, he can write a deep-dive review of Windows Calculator if he so wishes. Do you pay his salary or something?
@ShintoPlasm: yes, it is Martin’s blog, but it is a public blog with a comments section, which means he invites people to comment. And having been an avid reader for several years now, I am pretty sure Martin does not expect commenters to agree with him all the time.
You do not help him with agreeing with everything willy-nilly and “honouring” him with praise. Martin, like everyone else in the world, is not perfect, therefore he can only learn from constructive criticism.
Unfortunately you look at constructive criticism as a complaint. I do not agree with you on that and will keep making constructive criticism because I believe in keeping this website one of the best ones – refraining from constructive criticism won’t do that.
Absolutely. People could rather than leaving constructive criticism just stop visiting the site. How is that in the best interest of the site’s authors?
A new way to sum with the latest version is to place the cursor under the numbers to be summed, then press Alt-=, then ENTER.
The SUM function doesn’t work. It just keeps putting the same total no matter what figures I enter.
I would like to know how to make the sum function work. I know how it should work and it works in excel. But when I put the sum function in, it will not make changes when I edit and change the data, the total remains the same
Ditto, Marty. Everyone starts somewhere. Thanks.
Instead of being snarky, maybe you could be helpful. I’d like to add two numbers in a cell;
In Excel, it would be
=5+6
I try that in this piece of crap software, and get a message “Invalid value.”
I used Excel a lot when I was working. Retired now seven years. Excel was great, especially for macros. I now use LibreOffice, which works similarly but the macros are difficult in comparrison to Excel. I couldn’t find anything on macros for Free Office, which was disappointing, so I uninstalled it. I find Zoho to be the most similar to Excel but there you’re stuck with your spreadsheets in the cloud which I didn’t like.
Um… When was this article posted? The date says today (August 23, 2023), but I’m seeing comments from 3 years ago.
I was going to amuse myself and check out the comments for this Avast AV sponsored post since there were so many comments. I thought it funny since they have an article bashing the product in 2019.
What do I see when I go to the comments? Ghacks pulled an “Amazon” and replaced an article on Excel SUM functions with a sponsored post to make it look like a good article.
Anyone and everyone who even has a clue about tech knows that Avast is utter garbage and focuses on spying on you and spamming you with ads these days. Just check out the bad article from 2019 on this very site! If you run Windows 10/11, you already have better antivirus than Avast built-in to Windows.
@graham
surely more importantly is why an ad for dodgy anti-virus has the whole thread on office suites instead.. something in the db is messed up.
On a slight tangent, does foobar2000 have a built in lyrics plug in? I mostly used Linux and Deadbeef, the closest alternative to Foobar there has a very old(and kinda broke) plug in.
If you want news then add this line in uBlock Origin:
ghacks.net##.hentry,.home-posts,.home-category-post:not(:has-text(/Martin Brinkmann|Mike Turcotte|Ashwin/))
@News filter,
> ghacks.net##.hentry,.home-posts,.home-category-post:not(:has-text(/Martin Brinkmann|Mike Turcotte|Ashwin/))
Thanks for the useful information.
Added line to My filters in uBlock Origin.
Magnificently,
I was able to clean up “all articles” by other authors on the Ghacks site.
It’s refreshing to be able to see only useful articles (instead of being buried among inferior articles) by clearing out the obtrusive articles.
Important note: changing policies through the program doesn’t save them automatically. You need to hit Ctrl+S (or go to File > Sve Policies)
What silly click bait article. Even the actual article is ridiculous.
“The launch of HarmonyOS for PC could pose a serious threat to Windows.”
Who cares what people in China use.
Don’t do drugs before working maybe.
What’s next? Look up the biggest Android fork in China and write pointless long article about it how it’ll take over Google’s Android.
HarmonyOS and Excel comments are mixed up.
HarmonyOS is not an open-source OS, only partially components.
P.S.
What is happening with these comments from other articles?
this is funny. it looks like the same base article, comments and all has been repurposed and edited or something for 3 (or more) different articles.
started off as something for some office suite… and then it was some antivirus thing.. and now it’s some iffy os.
wtf is that writer doing? no one reads or comments on the ad articles and he has to reuse old ones to make it look like it’s getting traction? (though it shows up as 0 comments on the homepage, so that can’t be it?)
“HarmonyOS does not have Google. Huawei’s HarmonyOS is a proprietary operating system..”
vs
“HarmonyOS is open-source, which means that it can be customized by developers and manufacturers.”
Both are quotes from the article. So which one is it, open source or proprietary?
Without windows-based videogames able to run, it’ll stay niche.
Huawei better put serious money into a harmonyOS port of Wine, DXVK or Proton if it wants its machine being more than web browsing thin clients.
I won’t trust a foreign OS.
Deeply foreign, I meant. In so many ways.
“I won’t trust a foreign OS.”
You trust Microsoft Windows, Google Android and Apple operating systems just because they are from businesses in your country ? Talk about blind nationalism.
Do not forget also that there is a world outside of USA and that for most of human beings, your favorite operating systems are also of a foreign origin, and as hostile towards them as they are towards yourself.
HAHAHAHA – did you really say “it could pose a serious threat to Microsoft’s Windows operating system”?
It won’t run programs or real games, so it will be useless.
I mean, there are some people who apparently love using tablets and phones for everything, but mostly are people who will barely do anything with their brain in life.
I mean, even if Photoshop, and others are available for iPad, do people think iPad is a threat for windows? not really, maybe for useless consumers who will just, like with a phone, be happy and move on, but not for professional industries which are the ones who matter the most, because are the ones who generate more revenue, since they buy the most expensive hardware and software.
Nothing consumer computing related really makes much money, unless it is data from users that get sold for AI or Ads.
Who knows where this comment is going to wind up. It’s in response to the article about Huawei’s HarmonyOS (HOS) operating system.
Two places in the article it says HOS is open-source. One place the article says HOS is proprietary. Uh, I’m pretty sure it can’t be both. Which is it? If there’s some fine distinction, somebody needs to explain it.
After all of these issues with Ghacks articles and misplaced postings, I’m reminded of this
https://www.ghacks.net/2019/10/07/ghacks-has-a-new-owner-and-that-is-a-good-for-everyone/
@vanp,
Note: I replied to you on September 6, 2023 at Around 2:20 pm, but it was still remain blocked after more than half a day, so I replaced the quoted URI scheme: https:// with “>>” and reposted.
The current ghacks.net is owned by “Softonic International S.A.” (sold by Martin in October 2019), and due to the fate of M&A, ghacks.net has changed in quality.
>> ghacks.net/2023/09/02/microsoft-is-removing-wordpad-from-windows/#comment-4573130
Many Authors of bloggers and advertisers certified by Softonic have joined the site, and the site is full of articles aimed at advertising and clickbait.
>> ghacks.net/2023/08/31/in-windows-11-the-line-between-legitimate-and-adware-becomes-increasingly-blurred/#comment-4573117
As it stands, except for articles by Martin Brinkmann and Ashwin, they are low quality, unhelpful, and even vicious. It is better not to read those articles.
>> ghacks.net/2023/09/01/windows-11-development-overview-of-the-august-2023-changes/#comment-4573033
By the way, if you use an RSS reader, you can track exactly where your comments are (I’m an iPad user, so I use “Feedly Classic”, but for Windows I prefer the desktop app “RSS Guard”).
RSS Guard: Feed reader which supports RSS/ATOM/JSON and many web-based feed services.
>> github.com/martinrotter/rssguard#readme
Regarding “Huawei’s HarmonyOS” you asked about, the developer has stated that it is planning to open source, however the actual situation has been shelved (no such movement).
HarmonyOS – Wikipedia
>> en.wikipedia.org/wiki/HarmonyOS
Therefore, it is “proprietary software”.
Moreover, both the company and its production base are in China. China, Russia, Israel, etc. are “Authoritarian state” and products and companies based in those countries are under state control, and privacy policies can become “famous and innocent.” Those products should be avoided.
Correction of sentence
Before correction: “famous and innocent.”
After correction: “nominal name only titular.”
owl, thanks again for the great info.
HarmonyOS doesn’t run Windows apps. It is no threat to Windows.
I agree.. i bet it cant even run wallpaper engine, it probably has the worst compatibility with software.
iam vary satisfied this work
http://crackscoop.com
ah, wonderful, this message/article cross-posting hasn’t been fixed.
Ignore my comments.
FIX THE F***ING COMMENT SECTION F***ERY, DAMMIT!
RIGHT F***ING NOW!!!!