Paraglider BartPE Plugins

Utility to monitor registry and file changes

This utility is a modified version of RegShot 1.7.2. It was modified by Paraglider. The original unmodified RegShot can be found at http://tianwei.digitalnuke.com . The main difference between the original version and this version is in the format of the log file produced. This version writes the registry changes in NT4 registry file format.

RegShot is a small registry compare utility that allows you to quickly take a snapshot of your registry and optionally selected directories then compare it with a second one after doing system changes or installing a new software product. The changes report is produced in a text file and contains a list of all registry and file modifications that have taken place between the two snapshots. The registry snapshot can be saved in a special *.hiv file ( not a Windows registry hive file ) for future use.

Usage:

  1. CLICK "1st shot" BUTTON It pops up a menu which contains several items:

    1. "Shot" to take a snapshot only,and it will not be kept if you exit regshot program;

    2. "Shot and save..." to take a snapshot of your registry and save the whole registry to a "hive" file and you can keep it in your harddisk for future use; NOTE:"hive" files are too big!

    3. "Load..." to load a "hive" file previous saved. If you want to monitor your file system ,just check the "Scan Dir [dir..]" checkbox and input the folder names below it. Note: Regshot has the ability to scan multiple folders,Just separate them with ";",Regshot also scan the subfolders of the current folders you entered. Note:This version only save your registry to "hive" file,it does NOT include the folders you scaned!

  2. INSTALL and / or RUN the program which may change your windows registry,or may change the file system

  3. CLICK "2nd shot" BUTTON

  4. INPUT YOUR COMMENT for this action into the "comment field",eg:"Changes made after winzip started". COMMENT will only be saved into compare log files not into "hive" files

  5. CLICK "compare" BUTTON Regshot will do the compare job now(auto detect which shot is newer). When it is finished, Regshot will automatically load the compare LOG as you defined above. The log files are saved in the directory where "Output path" is defined,default is your Windows Temp Path. Tne name of the log file will be the "comment" which was input. If the "comment field" is empty or invalid, the LOG will be named "~res.txt".

  6. CLICK "Clear" BUTTON You will clear the two snapshots previous made from memory and begin a new job. Note:"Clear" does not erase the log files!

  7. TO QUIT Regshot,just hit "Quit" button

  8. New to 1.7+: regshot.dat now changed to regshot.ini, skipdirs and skip registry keys are included. exe size are smaller!