Мониторинг изменений в реестре - Monitors - Каталог файлов

		Воскресенье, 05.05.2024
	Crack-Tool

Главная | Регистрация | Вход

Приветствую Вас Гость | RSS

Меню сайта

Категории

Analyzers [9]

Assemblers [1]

Crackers [1]

Crypto [1]

Debuggers [11]

Decompilers [6]

Disassemblers [2]

Dongles and LMs [0]

EXE Tools [7]

Monitors [7]

Packers [8]

Patchgens [2]

Protectors [3]

Resources [7]

Special-Tools [6]

Tools [2]

Unpackers [8]

Crack-Tools [0]

Graphics [12]

Other [16]

Наш опрос

Статистика

Онлайн всего: 1

Гостей: 1

Пользователей: 0

Главная » Файлы » Monitors

Мониторинг изменений в реестре

	27.03.2024, 15:08
Regshot v2.0.1.70 Утилита для снятия снимков реестра, сравнения и определения отличий (изменений реестра). Уже давно существует аналогичная утилита, последнюю версию regshot 1.8.2 можно взять здесь. Она бесплатна, и существует с исходным кодом. Но мне не очень понравилось её работа. Она написана с помощью голого API, поэтому имеет такой вид как Windows 98, а все прелести стилей Windows XP она не использует. Конечно, внешний вид - это не самое главное. Отчёт, который она формирует не достаточно читабельный, и не соответствует формату REGEDIT4. Поэтому, когда нужно использовать информацию из отчёта для модификации параметров реестра, то приходится вручную конвертировать её в нужный формат. Что достаточно утомительно. Собственно поэтому, я решил переписать утилиту. Но немного помучившись, принял другое решения - написать её с нуля, используя более передовые технологии программирования. В результате получилась почти такая же утилита Regshot 2.0 unicode, выглядит примерно также (но в стиле Windows XP), делает примерно тоже самое, но немного быстрее, и появились дополнительные возможности. Утилита не интегрируется в систему, т.е. она не записывает ничего в реестр, а необходимые параметры хранятся в файлах regshot.ini и language.ini (для поддержки других языков). Утилита умеет делать снимки реестра. Снимки может сохранять в файл, чтобы в последствие снятый снимок можно было загрузить снова. Так же может сравнивать два снимка с формированием отчёта по изменениям содержимого реестра. Отчёт формируется только в HTML формате для придания ему большей читабельности. Кроме отчёта в процессе сравнения формируются два файла (UNDO.reg и REDO.reg) в формате REGEDIT5 для приведения реестра в состояние соответствующее снимку 1 и снимку 2 соответственно. Руками уже ничего править не нужно, в файлах уже всё записано, какие новые параметры и разделы удалить, и какие изменённые и удалённые параметры восстановить. Кроме этого можно включить по желанию генерацию INF-файлов, содержащих информацию об изменениях реестра. ---------------------------------------------------------------------------------------------------------------- Regshot 1.9 умеет сравнивать реестр и файловую систему (можно выбраные каталоги) Regshot 2..0 сравнивает только реестр но создаёт готовые файлы undo.reg и redo.reg для отката или повтора изменений нужно в настройках поставить "сохранять .REG" иначе будет .TXT Regshot 2.1 сравнивает но не сохраняет файл отката (пустые файлы - глюк в программе) RegShot 2.1.0.17: http://soft.oszone.net/program/5336/RegShot/ / screen v2.1.0.29 Bug in v2.1: http://forum.oszone.net/post-1183399.html#post1183399 Bug in v2.1: http://forum.ru-board.com/topic.cgi?forum=5&topic=0540&start=380#2 Bug in v2.1: http://forum.ru-board.com/topic.cgi?forum=5&topic=0540&start=420#10 ---------------------------------------------------------------------------------------------------------------- Homepage: http://regshot.yeah.net/ Homepage: http://regshot.ist.md/ Homepage: http://www.czechcup.com/regshot/index.php Homepage: http://regshot.blog.googlepages.com/regshot Homepage: http://regshot.ru/20/ / http://regshot.ru/21/ Download: http://regshot.ru/20/download.html / http://regshot.ru/21/download.html Homepage: http://sourceforge.net/projects/regshot / http://regshot.sourceforge.net/ Скачать: Regshot v2.0.1.68 Скачать: Regshot v2.0.1.70 Regshot v2.0.1.70 (Lupo PenSuite Team) It is a small registry compare utility that allows you to quickly take a snapshot of your registry and then compare it with a second one (done after doing system changes or installing a new software product). The changes report can be produced in text or HTML format and contains a list of all modifications that have taken place between the first and second snapshot. In addition, you can also specify folders (with subfolders) to be scanned for changes as well. Source: http://www.lupopensuite.com/db/regshot2.htm Скачать: Regshot v2.0.1.70 X-Regshot v2.0.1.70 [Rev4] (winPenPack) [It] Permette di rilevare le differenze nel registro di Windows in seguito all'installazione o all'esecuzione di un programma. Consente inoltre di monitorare tutte le directory impostate dall'utente. [En] Regshot is an open-source(GPL) registry compare utility that allows you to quickly take a snapshot of your registry and then compare it with a second one - done after doing system changes or installing a new software product. Versione/Version: Software [2.0.1.70] - X-Launcher [1.4.2] - INI [rev4] Licenza Software/Software License: GNU General Public License Licenza Launcher/Launcher License: winPenPack License Agreement Lingua/Language: Multilingual Modifiche/Changes: [rev2] migliorata traduzione italiana (by ZioZione) e preimpostazione settaggi [rev3] backup settaggi originali differenziato per versione [rev4] modifica nome software Source: http://www.winpenpack.com/en/download.php?view.1170 Forum: http://www.winpenpack.com/main/e107_plugins/forum/forum_viewtopic.php?33750 Forum: http://www.winpenpack.com/en/e107_plugins/forum/forum_viewtopic.php?13391 Скачать: X-Regshot v2.0.1.70 [Rev4] Regshot v1.8.2 (Paraglider) Utility to monitor registry and file changes This utility is a modified version of RegShot 1.7.2. It was modified by Paraglider. The original unmodified RegShot can be found at http://tianwei.digitalnuke.com . The main difference between the original version and this version is in the format of the log file produced. This version writes the registry changes in NT4 registry file format. RegShot is a small registry compare utility that allows you to quickly take a snapshot of your registry and optionally selected directories then compare it with a second one after doing system changes or installing a new software product. The changes report is produced in a text file and contains a list of all registry and file modifications that have taken place between the two snapshots. The registry snapshot can be saved in a special .hiv file ( not a Windows registry hive file ) for future use. Usage: 1.CLICK "1st shot" BUTTON It pops up a menu which contains several items: A."Shot" to take a snapshot only,and it will not be kept if you exit regshot program; B."Shot and save..." to take a snapshot of your registry and save the whole registry to a "hive" file and you can keep it in your harddisk for future use; NOTE:"hive" files are too big! C."Load..." to load a "hive" file previous saved. If you want to monitor your file system ,just check the "Scan Dir [dir..]" checkbox and input the folder names below it. Note: Regshot has the ability to scan multiple folders,Just separate them with ";",Regshot also scan the subfolders of the current folders you entered. Note:This version only save your registry to "hive" file,it does NOT include the folders you scaned! 2.INSTALL and / or RUN the program which may change your windows registry,or may change the file system 3.CLICK "2nd shot" BUTTON 4.INPUT YOUR COMMENT for this action into the "comment field",eg:"Changes made after winzip started". COMMENT will only be saved into compare log files not into "hive" files 5.CLICK "compare" BUTTON Regshot will do the compare job now(auto detect which shot is newer). When it is finished, Regshot will automatically load the compare LOG as you defined above. The log files are saved in the directory where "Output path" is defined,default is your Windows Temp Path. Tne name of the log file will be the "comment" which was input. If the "comment field" is empty or invalid, the LOG will be named "~res.txt". 6.CLICK "Clear" BUTTON You will clear the two snapshots previous made from memory and begin a new job. Note:"Clear" does not erase the log files! 7.TO QUIT Regshot,just hit "Quit" button 8.New to 1.7+: regshot.dat now changed to regshot.ini, skipdirs and skip registry keys are included. exe size are smaller! Homepage: http://www.paraglidernc.com/6901.html Homepage: http://www.paraglidernc.com/plugins/regshot.htm Download page: http://www.paraglidernc.com/plugins/plugins.htm Download direct: http://www.paraglidernc.com/Files/RegShot1820b.cab Скачать: Regshot v1.8.2* Regshot v1.9.0.281 Regshot - is an open-source (LGPL) registry compare utility that allows you to quickly take a snapshot of your registry and then compare it with a second one - done after doing system changes or installing a new software product. ~Regshot v1.9.0.281 и Regshot v1.9.1.321 Beta c допиленым переводом. [?] / [d] ~SourceCode UnDoReg - small utility to "undo" registry changes basing on RegShot reports. [?] / [?] / [?] / [?] Homepage: http://code.google.com/p/regshot/ Homepage: http://sourceforge.net/projects/regshot/ / http://regshot.sourceforge.io/ Скачать: Regshot v1.9.0.281 Скачать: Regshot v1.9.1.321 Beta Randys Regshot v3.0.1 (from Primo) Regshot - is a small, free, registry and folder/file compare utility that allows you to take a snapshot of your system and then compare it with a second one, done after doing system changes or installing a new software product. The changes report can be produced in TEXT or HTML format and contains a list of all modifications that have taken place between snapshot 1 and snapshot 2. To use CHKUNIN to check changes, Regshot's output file must be in English and a .TXT file, not an html file. Regshot gives you the ability to ignore up to 99 folders if you want to. ----------------------------------------------------------------------- Primo (PRogram Installation MOnitor, a Regshot fork) - Monitor what is changed on your system when you install a program and then delete it. Homepage: https://sourceforge.net/projects/program-installation-monitor/ Viewing Regshot v3.0.1: https://www.oldergeeks.com/downloads/file.php?id=2422 Скачать: Randys Regshot v3.0.1 Скачать: Program Installation Monitor Regshot Advanced v3.0.0 by skydive241 Regshot advanced - is a tool to monitor and log filesystem and registry changes for example done by an installer. Its main purpose is to detect things modified or added by tools running on windows systems. Its use is very simple: do the first shot before e.g. an installer runs, do the second shot directly after installation, and last, compare the shots. BUT Regshot advanced got a plethora of configuration possibilities and produces log files in various formats: • Plain TXT files • HTML files • CMD files (only for undoing the changes) • Easy parsable text files called "UNL" • REG files undoing or repeating the registry changes • NSIS installer and uninstaller files, directly usable by the appropriate compiler (see great open source installer nsis) • Innosetup installer and uninstaller files, directly usable by the appropriate compiler (see great open source installer innosetup) Installation and usage of Regshot advanced Installation and usage of Regshot advanced is fairly easy: just compile (or use the assets) and start the program by double clicking its exe file. Regshot advanced doesn't create any own registry data or file outside its directory (except for the chosen log files of course). Latest news: • March, the 21st 2021: Switching to a template system, some fixes, new release • February, the 28nd 2021: Some fixes, new release • February, the 22nd 2021: Initial release Source: https://github.com/skydive241/Regshot-Advanced Скачать: Regshot Advanced v3.0.0 RegFromApp v1.33 RegFromApp - monitors the Registry changes made by the application that you selected, and creates a standard RegEdit registration file (.reg) that contains all the Registry changes made by the application. You can use the generated .reg file to import these changes with RegEdit when it's needed. System Requirements: This utility works on Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows 8, and Windows 10. Older versions of Windows are not supported. There is a separated version for x64 applications. Using RegFromApp: RegFromApp doesn't require any installation process or additional dll files. In order to start using it, simply run the executable file - RegFromApp.exe After running it, select the process that you want to inspect, and click Ok. After clicking Ok, each time that the selected process writes a value into the Registry, the main window of RegFromApp will display the written value in Windows .reg file format. You can copy & paste the desired values to another Registry file, or alternatively, you can save the entire Registry changes into a .reg file by using the 'Save As' option. RegFromApp Display Modes: Starting from version 1.10, RegFromApp can work in 2 display modes: • Show Last Modified Values (The default mode): In this mode, RegFromApp displays the last Registry changes made by the selected process. • Show Original Values: In this mode, RegFromApp displays the original Registry values, as they were before the changes made by the selected process. Homepage: https://www.nirsoft.net/utils/reg_file_from_application.html Скачать: RegFromApp v1.33 RegistryChangesView v1.27 RegistryChangesView - is a tool for Windows that allows you to take a snapshot of Windows Registry and later compare it with another Registry snapshots, with the current Registry or with Registry files stored in a shadow copy created by Windows. When comparing 2 Registry snapshots, you can see the exact changes made in the Registry between the 2 snapshots, and optionally export the Registry changes into a standard .reg file of RegEdit. System Requirements: This utility works on any version of Windows, starting from Windows XP and up to Windows 10. Both 32-bit and 64-bit systems are supported. Examples for useful things you can do with this tool: • You can create a Registry snapshot before installing a new software and then after the installation is completed, compare this Registry snapshot with the current Registry and see all Registry changes made by the installer (Be aware that you'll also see some changes made by Windows or other programs in the same time). If there are Registry changes that you don't like, you can generate a .reg file to revert back the changes. • If you make a change in Windows configuration from the GUI of Windows and you want to see how to make this change in the Registry, simply create a Registry snapshot before making the config change and then after the configuration change, compare this Registry snapshot with the current Registry and optionally generate a .reg file that makes this configuration change. • If there is unwanted change in the Registry of your system but you don't have any previous snapshot, you can compare the current Registry with a shadow copy created by Windows and try to locate the unwanted Registry changes. • You can also use this tool as a simple way to backup the Registry. The snapshot created by RegistryChangesView simply contains Registry hive files with the same name as the original one (ntuser.dat, SYSTEM, SOFTWARE, and so on...) Start Using RegistryChangesView: RegistryChangesView doesn't require any installation process or additional DLL files. In order to start using it, simply run the executable file - RegistryChangesView.exe After running RegistryChangesView, the main options window is displayed, which allows you to choose 2 Registry snapshots to compare. For every snapshot , you can choose one of the following data sources: 'Current Registry', 'Saved Registry Snapshot', and 'Shadow Copy'. You can choose any combination you want, as long as 'Data Source 1' is not identical to 'Data Source 2'. For example: you can choose to compare the Registry of 2 different shadow copies, compare a shadow copy with current Registry, compare a saved Registry snapshot with current Registry, compare a saved Registry snapshot with another saved Registry snapshot, and so on... If you want to generate a new Registry snapshot, simply choose 'Saved Registry Snapshot' in the data source combo-box and then click the 'Create Registry Snapshot' button. In the 'Create Registry Snapshot' window choose the folder to save the Registry Snapshot, click the 'Create Snapshot' button, and wait a few seconds to create the snapshot. You can also create a new Registry snapshot from the main window by pressing F8 (File -> Create Registry Snapshot). After choosing the 2 Registry data sources to compare , you should also set the following options: • Direction: This field determines how the 2 Registry snapshots are compared. For example: if the direction you choose is 'Registry Data Source 1 => Registry Data Source 2', every Registry key or value that exists on the second snapshot but doesn't exist on the first snapshot will be displayed as 'Added Key' or 'Added Value'. But if you choose the opposite direction ('Registry Data Source 2 => Registry Data Source 1'), every Registry key or value that exists on the second snapshot but doesn't exist on the first snapshot will be displayed as 'Removed Key' or 'Removed Value'. The direction field also affects the way that .reg file is generated ('Export Selected Items To .Reg File' and 'Copy As .Reg File Format' options). if the direction you choose is 'Registry Data Source 1 => Registry Data Source 2', the generated .reg file will make the changes from snapshot 1 to snapshot 2. if the direction you choose is 'Registry Data Source 2 => Registry Data Source 1', the generated .reg file will make the changes from snapshot 2 to snapshot 1. • Hives to compare: Allows you to choose which Registry hives to compare. For example, If you only want to see the Registry changes on HKEY_CURRENT_USER, you should select the 'HKEY_CURRENT_USER' and 'HKEY_CURRENT_USER\Software\Classes' hives and deselect all others. After choosing all option, click the 'Ok' button. RegistryChangesView will compare the 2 Registry data sources you chose and the result will be displayed on the main window. Homepage: https://www.nirsoft.net/utils/registry_changes_view.html Скачать: RegistryChangesView v1.27 Скачать: RegistryChangesView v1.28 Скачать: RegistryChangesView v1.30 RegChange v2.6 RegChange - Узнать какие изменения были в реестре после установки программы Утилита Registry Change отслеживает изменения в системном реестре Windows (от XP до 10), вносимые при инсталляции некоторыми программами. Сама она бесплатна и проста в использовании. Работает просто, как раз-два-три: делает снимок указанных ветвей реестра (HKEY_CURRENT_USER, HKEY_LOCAL_MACHINE или выборочных) до установки какой-либо сторонней программы, у которой Вы захотите посмотреть какие определенные данные она копирует в реестр, потом запускает ее (или пользователь совершает иные действия) и сравнивает слепки реестра, сохраняя результаты в текстовом файле - т.е. легко узнать "куда программа лезет". Вы можете также сделать снимок реестра, чтобы потом (например, после перезагрузки компьютера или через несколько дней) проанализировать его c помощью RegChange и узнать какие ключи и значения добавились в систему либо были удалены. Домашняя страница: http://www.alonewolfsoft.narod.ru/page07.htm Домашняя страница: http://alonewolfsoft.ru/registry_change.htm Скачать: RegChange v2.6 Registry Live Watch v1.0 Registry Live Watch - is a free, lightweight and portable tool to monitor activity on a registry key. The tool can run minimized at the system tray (notification area) and monitor a registry key (also sub keys and vlues) for different kind of changes. Registry Live Watch is consuming a very small amount of resources. This program is not changing any registry settings, it is only a monitoring tool that watch the registry on a read only mode. Registry Live Watch is a tool for pc users that knows and understand the windows registry. Registry Live Watch was tested on Windows XP Pro and Windows 7 Ultimat but should run on other Windows versions. Homepage: http://leelusoft.blogspot.com/2009/11/registry-live-watch-10.html Homepage: http://leelusoft.altervista.org/registry-live-watch.html Скачать: Registry Live Watch v1.0 LeeLu Monitors AIO v1.3 LeeLu Monitors AIO - is a collection of different LeeLu Soft monitoring tools developed over the years. When hovering with your mouse cursor over the buttons, a description will appear in the main window. LeeLu Monitors AIO is a portable application, after the first installation you can copy LMAIO.exe to a different computer or USB drive and run it without the need to install it again. The installation package will also extract user guides for all the monitoring tools into the target folder. And that is not all, each of the monitoring utilities can be extracted as a stand-alone and portable application that you can run from your USB stick or on a different computer. This collection includes: - Watch 4 Folder 2.5.1 - a folder activity monitoring and automation tool. - NOFMonitor 1.0 - monitors a folder for changes in the files count. - Watch 4 Idle 1.2 - monitors your computer for idle and resume from idle. - Registry Live Watch 1.1 - monitors your Windows registry for changes. - Clipboard Rules 1.0 - Monitors your clipboard for specific text strings. - MemDash 1.0 - a simple applet that display a graphical presntation of the various memory aspects. - Watch 4 Size 1.0 - Monitor for changes in a folder size - Watch 4 Start 1.0 - Monitor Windows startup locations You can also extract each monitoring utility as a stand alone and portable application, just right click on any of the launch buttons and select to extract. This will extract the selected utility to the folder from which you executed LMAIO.exe. Homepage: http://leelusoft.blogspot.com/2014/07/leelu-monitors-aio-13.html Homepage: http://leelusoft.altervista.org/leelu-monitors-aio.html Скачать: LeeLu Monitors AIO v1.3 MJ Registry Watcher v1.2.8.8 MJ Registry Watcher - is a simple registry, file and directory hooker/poller, that safeguards the most important startup files, registry keys and values, and other more exotic registry locations commonly attacked by trojans. It has very low resource usage, and is set to poll every 30 seconds by default, although you can adjust this to anywhere between 0 and 9999. A configuration file stores all your settings for future use. MJRW not only polls the system, but it also hooks it, so that most changes to keys, files and directories are reported instantaneously. Key deletions are still caught by the polling loop though, since they cannot be hooked. Exactly which keys and files are protected can be completely configured by the user, although the sets I supply with MJRW will cover most standard PCs. There is an additional automatic registry backup system that takes a snapshot of the entire registry about every 28 days and stores it in the directory MJRegBackup. The filename is of the form MJRegBackup_yyyymmdd.reg where yyyy is the year, mm is the month and dd is the day. The last 15 snapshots are kept. They can be restored from a menu option : this can be used in Safe Mode as administrator to rescue a non-booting PC. It should only be used as a last resort : it saved my PC when I accidentally knocked out the video drivers during an over-zealous session in the registry, cleaning out "LogMeIn"! To install it, extract the files with pathnames, and you'll have a self-contained .exe file with a small help text file, the keys and files lists, alert sounds, and a couple of exclusion files in the MJRegWatcher directory. Set the properties for RegWatcher.exe to run it as administrator, so that it can interface to the registry properly. It may run in Accept mode without this step. To do this, go to the RegWatcher.exe file in Explorer, right-click to Properties, and go to the Compatibility tab. Check the admin box. Whenever the PC is restarted, you may have to OK MJRW to start with admin rights. Unless you disable UAC, the only way round this is to use the task scheduler to launch MJRW with administrator rights and set it to run at log on. Launch RegWatcher.exe and then, use the Options, Settings, Automatic Startup Options screen to install it either just for the current user, or, on Windows 11, for all users. From this screen, you can also choose which key set to start it up with, or you can remove the autostart key with the uninstall option. There is also a service mode which is documented in the help file as follows :- Homepage: https://jacobsm.com/mjsoft.htm#rgwtchr Скачать: MJ Registry Watcher v1.2.8.8 SpyMe Tools v1.5.0 SpyMe Tools - is very useful in detecting Registry and Disk changes. If any application installs spyware, adware, dlls, programs, files, or any other type of file, picture, or program, etc. or changes the Registry's content, you will be able to see exactly where the modification occurred so you can take measures. It seems like more and more programs are attempting to install spyware, advertisements, or other garbage without your knowledge, but with this software you will know everything that is added or removed. To detect Registry/Disk changes the program will create Dumps of the actual states of Registry/Disk. This means that at any time you can open the Dump file and view the contents of the Registry/Disk just as they were when you've scanned the Registry/Disk. The program can compare two different dump files so you'll see exactly what changed in the Registry/Disk between the two scans. You can also use the program to backup your Registry. The program can restore old states of Registry keys using the data in the Dump files. To prevent other persons from viewing your scanned files you may encrypt them so that a password will be required whenever someone tries to open them. SpyMe Tools also includes a Real time Disk/Registry monitor so you may spot the changes in real time.(Real time Disk monitor works only on NT platform, including Win2k and Win XP). What's new Version 1.5.0: - IMPROVED Registry Snapshot speed. - Snapshot files open (a lot) faster. - Changed Registry Snapshot file format (old snapshot files(v. 1.4) can be converted to the new format). - Take snapshot of multiple subkeys & directories. - Filter results displayed in realtime file monitor. - Log actions to a log file. - Can now delete new keys/undo key deletions and restore old key contents in Registry while in Comparison Mode. - Added progress view for scanning & comparison processes. - See what's changed in new versions before choosing to update program. - Changed some icons. - Fixed some bugs in the comparing algorithm. - Fixed displaying correct key/folder paths in Scan Dump Files. Homepage: http://www.lcibrossolutions.com/spyme_tools.htm Скачать: SpyMe Tools v1.5.0 RegSpy v1.72 RegSpy - is a windows registry utility that spies on registry changes made by a program you have selected. It can be very useful for you. RegSpy will help You to track all little changes in your system registry made by other programs. With RegSpy, you can: - Make a quick Snapshot and Rollback of registry changes for a selected application. - See changes of the registry in a convenient and usual form (RegEdit like). - Spy on an application you select. - Perform a quick call to RegEdit for viewing the real registry keys state. This program has an important difference from other registry trackers. It tracks selected processes only . This doubles the advantage of using RegSpy because it: • First - Minimizes CPU usage. • Second - Decreases the possibility of a system fault. In the worst case only the RegSpy and/or the process tracked will be broken. • Other important difference are that RegSpy will show you the changes to the system registry in a convenient and informative format, like RegEdit. • In addition RegSpy can save SnapShots of all registry changes tracked. The file will not be a lifeless curiosity of many megabytes in an unknown format. It will be a simple and complete file in JS or VB format. And, you can repeat all steps, performed or tracked by mouse click in Windows Explorer. System Requirements: Windows 95/98/NT/2000/ME/XP Homepage: http://www.utils32.com/regspy.htm Скачать: RegSpy v1.72 InstallWatchPro v2.5c InstallWatch - records modifications made to your PC during the installation of software, hardware, or configuration changes. Homepage: http://www.epsilonsquared.com/ Скачать: InstallWatchPro v2.5c LastBit RegSnap Pro v7.0.2089 RegSnap - is a tool that can help you analyze changes made to the Windows Registry. Using RegSnap snapshots of registry values can be created and compared. This now only allows for a comparison of what all keys were modified, deleted, and/or added but also furnish system critical information, such as file listings say in Windows System directories. Lucid HTML reports are generated. Alongside .reg files are also generated (these are backups of system registry values) using which the registry changes can be undone and any older/changed version can be applied. RegSnap Pro version supports command line interface, Object Linking and Embedding (OLE) Automation (i.e. it could be accessed and used from within other programs of your choice) and can connect to a remote registry. The 'regedit' alike Graphical User Interface (GUI) allows browsing through saved registry values. RegSnap comes in two different versions, Standard and Professional. Professional version has following additional features over the Standard version (keeping intact all features of standard version) : • Command line mode • OLE Automation support (i.e. RegSnap Pro is scriptable from Visual Basic or any other Automation client) • Remote registry connection System requirements: • Windows 95/98/Me or NT 4.0/Windows- 2000/XP/2003 • IE v4.0 or higher • 128 Mb RAM would suffice, but 512Mb recommended. (Given more memory, RegSnap works faster.) Homepage: http://www.lastbit.com/regsnap/default.asp Homepage: http://www.webdon.com/regsnap/default.asp Homepage: http://www.soft4you.com/regsnap/default.asp Homepage: http://www.passwordtools.com/regsnap/default.asp Скачать: LastBit RegSnap Pro v7.0.2089 Advanced Registry Tracer v2.11 Advanced Registry Tracer (ART) - is a utility designed for analyzing changes made to the Windows Registry. ART does this by making 'snapshots' of the Registry and saving them in its database, which you can later browse through at your convenience. You can compare any two snapshots and get a list of keys and data which are new, deleted or modified. ART can compare the entire Registry or any key of the Registry. It can also exclude keys of the Registry from comparison results. With ART you can create undo/redo files (to rollback changes, for example). To view the current state of a key or to modify it, you can use ART's Jump to Regedit function. The contents of any key can be exported to a standard .reg file (either new or old format). Advanced Registry Tracer is very useful for detecting Trojan viruses and eliminating problems caused by software and hardware installs and uninstalls. In contrast to Registry monitoring software (such as RegMon and Win-Expose Registry) and most uninstallers (CleanSweep, Uninstall, etc.), ART compares full copies of the Registry that were made at different times, while the software mentioned above simply monitors access to the Registry. Advanced Registry Tracer lets you track (and undo!) each and every change to the Registry without affecting your system performance. ART lets you create filters so you can very easily compare specific keys. In this way you can safely experiment with registry tweaks that are normally represented as REG files and also create your own tweak data base! Here is a brief list of what ART can do: • Works under Windows 95, Windows 98, Windows Me, Windows NT 4.0, Windows 2000 and XP. • Scans different copies of the Registry and saves the results into a special file so you can browse or search through them "off-line". • Scans the Registry of a remote computer. • Compares different copies of the Registry. • Compares individual branches of different copies of the Registry. • Undoes and Redoes Registry changes based on comparison results: directly from the program or by generating standard REG files. • Exports and/or imports any key of the Registry into or from the old REG file format (regedit 4) to or from the new one (regedit 5). • Fast searches of Keys, Values and/or Data (with advanced options that make it possible to search according to a key's date (NT) and value datatype. Now you can easily find such exotic types as REG_FULL_RESOURCE_DESCRIPTOR, REG_RESOURCE_REQUIREMENTS_LIST (W2000,XP). • Bookmarks frequent searches. • Opens any key in the RegEdit. • Has an optional command-line interface for automated Registry scanning and comparing. • Conveniently navigates between corresponding keys of different Registry copies and comparison results. • Adds comments to each copy of the Registry scanned. • Includes full install and uninstall support. • Supports XP style. Homepage: http://www.elcomsoft.com/art.html Скачать: Advanced Registry Tracer v2.11* Registry Monitor v7.04 (for NT,2000,XP) [Regmon] Regmon - is a Registry monitoring utility that will show you which applications are accessing your Registry, which keys they are accessing, and the Registry data that they are reading and writing - all in real-time. This advanced utility takes you one step beyond what static Registry tools can do, to let you see and understand exactly how programs use the Registry. With static tools you might be able to see what Registry values and keys changed. With Regmon you'll see how the values and keys changed.. Regmon works on Windows NT/2000/XP/2003, Windows 95/98/Me and Windows 64-bit for x64. Note: Filemon and Regmon have been replaced by Process Monitor on versions of Windows starting with Windows 2000 SP4, Windows XP SP2, Windows Server 2003 SP1, and Windows Vista. Filemon and Regmon remain for legacy operating system support, including Windows 9x. Homepage: http://www.sysinternals.com/ Homepage: http://www.sysinternals.com/Utilities/Regmon.html Homepage: https://docs.microsoft.com/ru-ru/sysinternals/downloads/regmon Homepage: https://learn.microsoft.com/en-us/sysinternals/downloads/regmon Скачать: Registry Monitor v7.04 SysTracer v1.0.0.11 SysTracer是一款适合于中高级电脑用户使用的安全辅助工具，它可以跟踪并监视进程对整个系统的修改行为，包括文件操作，注册表操作，内存操作和危险行为。SysTracer可以监视全部进程，或者用户指定的某一个进程及其子进程，并提供监视日志以帮助用户对特定进程的行为进行分析。一、SysTracer的特性： 1.跟踪监视全部系统进程或者指定的某一个进程及其子进程。 2.通过日志方式记录文件写操作以及类似于机器狗病毒的直接写磁盘操作。 3.通过日志方式记录注册表写操作 4.通过日志方式记录危险的进程行为，比如加载驱动，在其它进程中创建远线程等。 5.跟踪指定进程时自动备份下该进程修改或者删除的文件，以便于恢复。 6.可以判断出某些高危险行为并冒泡提示用户。比如机器狗穿透感染，IEFO劫持等。 v1.0.0.11更新日志 (2011.1.16) - 启动时不自动运行全局监控模式 - 合并连续的相同日志 - 修改驱动几个可能导致蓝屏的问题 v1.0.0.10更新日志 - 修改一个退出时可能导致蓝屏的BUG Homepage: http://www.sysreveal.com/systracer/ \| http://www.sysreveal.com/category/systracer/ Скачать: SysTracer v1.0.0.11 EaseFilter Registry Filter v5.3.4.1 Registry filter driver is a kernel-mode driver that filters registry calls, it provides you an easy way to develop Windows application for registry monitoring and protection, track the registry change and prevent the registry from being changed by unauthorized processes or users. With the EaseFilter Registry Filter Driver, it enables your application to protect Windows core registry keys and values and to prevent potentially damaging system configuration changes, besides operating system files. By registering a RegistryCallback routine in the registry filter driver, it can receive notifications of each registry operation before the configuration manager processes the operation. A set of REG_XXX_KEY_INFORMATION data structures which contain information about each registry operation will return to your user mode application, your application can allow the registry access or change to authorized processes or users, and deny the registry access to unauthorized processes or users. Registry access monitoring To be notified of registry operations, it needs to register the RegistryCallback routine with REG_NOTIFY_CLASS which specifies the type of registry operation that the configuration manager is passing to a RegistryCallback routine, When the configuration manager calls a driver's RegistryCallback routine, it passes aREG_NOTIFY_CLASS enumeration value to the routine. The configuration manager also passes a notification-specific structure that contains information about the notification. The RegistryCallback routine can inspect the contents of the input and output buffers that are supplied for registry operations. Track the registry key changes To track the registry key changes, register these "Reg_Post_Create_Key, Reg_Post_Delete_Key, Reg_Post_Set_Value_Key, Reg_Post_Delete_Value_Key, Reg_Post_SetInformation_Key, Reg_Post_Rename_Key, Reg_Post_Create_KeyEx, Reg_Post_Restore_Key,Reg_Post_Replace_Key" notification classes. When the registry key, value or security was modified, the callback routine will be invoked with a data structure that contains information that is specific to the type of registry operation. Registry protector To block the registry changes by unauthorized processes, register these "Reg_Pre_Create_Key, Reg_Pre_Delete_Key, Reg_Pre_Set_Value_Key, Reg_Pre_Delete_Value_Key, Reg_Pre_SetInformation_Key, Reg_Pre_Rename_Key, Reg_Pre_Create_KeyEx, Reg_Pre_Restore_Key, Reg_Pre_Replace_Key" notification classes. When the registry key, value or security is going to be modified, the callback routine will be invoked with a data structure that contains information that is specific to the type of registry operation, If a RegistryCallback routine returns a status value "STATUS_ACCESS_DENIED" for a pre-notification, this registry operation will be blocked and the error code will be returned. Registry key virtualization Modifying registry calls to create virtual registry key or value: To register pre-notification, RegistryCallback routine can modify a registry operation's output parameters or return value. Additionally, to handle the virtual registry key or value, the RegistryCallback routine can return your own customized data instead of allowing the registry to handle the operation. Homepage: https://www.easefilter.com/Forums_Files/RegMon.htm Homepage: https://www.easefilter.com/Forums_Files/Comprehensive-file-security-sdk.htm GitHub: https://github.com/EaseFilterSDK/File-Security-SDK Скачать: EaseFilter Registry Filter v5.3.4.1 Blue Project SysTracer Pro v2.10.0.109 SysTracer - is a system utility tool that can scan and analyze your computer to find changed (added, modified or deleted) data into registry and files. SysTracer can scan your system and record information about: • changed files and folders • modified registry entries • installed programs • system services • system drivers • applications that are configured to run at computer startup • running processes • loaded dlls • opened files, folders and registry • opened TCP and UTP ports Each scan operation performed with SysTracer generates a binary image file representing a snapshot of your system. Recording the snapshot usually takes a few minutes depending on your system complexity. You can choose to scan only specific parts from folders or registry, in order to speed up the recording process. By comparing snapshots from before and after a new program installation or execution, you can determine which files or registry entries were added, changed, or deleted. You can create as many snapshots as you may want or need, and you can compare anytime any pair of them, having the possibility to export differences to HTML and PDF. SysTracer Pro SysTracer Pro is an enhanced version of SysTracer. SysTracer Pro have advanced functionality like exporting and importing snapshots, useful in order to compare snapshots taken on different computers. With SysTracer Pro you can search for files, folders and registry information into recorded snapshots. SysTracer Pro have command line support, for automating recording snapshots and exporting snapshots differences. Visit SysTracer features section for a detailed comparison matrix between SysTracer and SysTracer Pro. Homepage: http://www.blueproject.ro/systracer/ Скачать: Blue Project SysTracer Pro v2.10.0.107 / Rus Скачать: Blue Project SysTracer Pro v2.10.0.109 Registrar Registry Manager Pro v9.20 Build 920.30816 Retail Registrar Registry Manager - is an advanced and complete suite of tools that allows you to safely maintain your local registry as well as the registries on the systems of your network. Since many years, Registrar Registry Manager has been the expert's choice in registry management. This software offers solutions for backing up and restoring registries, fast background search and replace, a bookmark editor with categories which supports key coloring and adding descriptions to registry keys and values, detailed property pages, tools for easy navigation. The program offers multi-level undo so all registry changes can be individually undone. The software offers a registry defragmenter as well as a registry monitor which logs registry access by the system and other applications in detail. It provides security editors which allow you to set access permissions on your registry keys. An advanced registry compare tool allows you to check the differences between two keys in detail. Registry files can be edited in a separate registry window. Advanced Registry Manager for administrators and power users for Windows 11/10/8.1/8/7/Vista/XP/2022/2016/2012/2008/2003/2000 (x86 and x64) File size: 9.17 MB Homepage: http://www.resplendence.com/registrar Скачать: Registrar Registry Manager Pro v9.20.30816
1 2 3 4 5 Категория: Monitors \| Добавил: Metabolic
Просмотров: 81 \| Рейтинг: 0.0/0