I have began to using a virtual machine for testing or validating software tools or researching registry changes with USB devices. Is there some type of software out there that will show registry changes? My main purpose for this is to have a clean install of XP in VM and then attach different devices or install software and see what changes are made in the registry. Thanks.
Have a look at Procmon and InCtrl5.
I'd look at Regshot, too, as an option.
Todd, I applaud your approach and hope that you intend to share your results.
One caveat that caught some AV companies a while back…be sure to distinguish between changes made by the device or software you installed, and those made by the shell. This can be dependent upon the OS, of course (ie, XP vs. Win2K3), but it's a good thing to keep in mind.
I was thinking about this a lot this week… is there a site which is has such information on for a wide range of software?
Kind of like a central database, where you can search for software, and it displays what changes are made using that software?
Minesh
Sounds like you've got a project ….
-David
Have a look at Procmon and InCtrl5.
Yes -
"Regmon is a Registry monitoring utility that will show you which applications are accessing your Registry, which keys they are accessing, and the Registry data that they are reading and writing - all in real-time. This advanced utility takes you one step beyond what static Registry tools can do, to let you see and understand exactly how programs use the Registry. With static tools you might be able to see what Registry values and keys changed. With Regmon you'll see how the values and keys changed"