Easily Monitor Windows Registry Changes with Regshot

Long ago, all the system and application configurations were stored in their respective directories, but this method was so clumsy. To solve this, Microsoft introduced Windows registry which virtually hosts all the settings and configurations. In fact, Windows registry is much like a database for all the configurations and settings. Since all the settings reside in one place, Windows registry is where you can do all kinds of advanced stuff like changing operating system configurations, hardware device settings, software settings, etc.

Moreover, every little change you make in your system, such as installing software or changing the wallpaper, is reflected and can be tracked in the Windows registry. Sometimes, tracking those changes will help you in debugging the problem from the root. So if you ever want to track the changes made to the Windows registry, here is a great tool to monitor those changes.

Regshot is a simple open source utility which is capable of taking snapshots of the Windows registry as needed and can compare them to find any alterations that happened while changes were made in the system. The changes include any new keys or values created, deleted and modified. You can download Regshot from its official Sourceforge.net website. Since it is a portable application, you can use it without any installation whatsoever.

1. Once you have downloaded the application, extract the contents onto your desktop using 7-zip or another equivalent tool. Now depending on your system architecture (32-bit or 64-bit), open up the relevant executable file. Don’t worry with the ANSI or Unicode stuff; just open the one you prefer.


2. As you can see, the user interface is mostly straight forward. If you need to, the first thing you can do is change the output directory. By default, the output directory is set to the “temp” folder located under “Appdata.” Once you are done setting up the output directory, you need to take an initial snapshot of the current Windows registry. To do that, click on the button “1st shot” and select the option “shot.”


3. Once you have done that, Regshot will scan the entire registry and will create a snapshot of the current state. If you look closely at the bottom of the Regshot window, you will notice that it displays overall data like the keys, values and time taken to execute the script. Don’t close the Regshot application yet.


4. Now proceed with the changes you want to make to the system before taking a second snapshot. For instance, I’m installing FileZilla FTP client.


5. Once you are done making the changes, navigate to the Regshot window and take a second snapshot by clicking on the “2nd shot” button and selecting the option “shot.”


6. Regshot again displays the overall modified data at the bottom of the window. Now to track the changes, simply click on the “Compare” button.


7. The above action will display all the results in the notepad detailing all the keys and values that are added, modified and deleted. In my case, the comparison of the two snapshots revealed that there is a total of 54053 changes made to the Windows registry. But do note that not all of them are because of the installation of software; most of the changes reflect the new installation and can be tracked down to the very last key.


That’s all there is to do, and it is that simple to use Regshot to monitor and track registry changes in Windows. Regshot is a simple yet powerful utility with a no-nonsense working style, and if used correctly, it makes your life easier tracking and debugging problems with Windows or other software.

Hopefully that helps, and do comment below to share your thoughts on this free and open-source application.