Sysinternals Registry Monitor Tutorial

Written by mihaj on 12.07.2006

Quick Description

Today I'll write about very useful tool â€“ Registry Monitor, which was mentioned in my previous article. Itâ€™s great tool for exploring Windows Registry.

First, you need to obtain it. Go to Sysinternals website and download it. The program is, as all Mark Russinovich and Bryce Cogswell tools, standalone and compact. When you run the program you get something like this:

Regmon

This is Registry Monitor main window. It's very basic and clear. If we look at the toolbar from left to right we have several buttons.

	Save Button: Save entries to log file.
	Open Button: Load entries from log file.
	Capture Button: When this button is pressed and capture is turned on, then the program captures registry changes.
	Auto scroll button: If clicked and auto scroll turned on, then the list is scrolled automatically, in other words, list position is always at the bottom.
	Clear Button: By clicking this button you clear the list.
	Time Format Button: Change time format in the list.
	Filter Button: This opens new window, where you can input different parameters to filter your list.
	History Depth Filter: You can choose how many entries are shown at the time. 0 means that all entries are retained.
	Find Button: Search for results.
	Jump Button: Select item from the list and click this button. You'll jump to registry at selected item position with regedit.

Filter Usage

If you click on Filter button you'll be prompted with this window:

Regmon Filter 1

Here you can define many parameters, which will help you to isolate certain entry. In Include input filed you see star (*). This means that all entries are captured by program and this can lead to a mess. If you are looking for specific entry you can try using a process name, like in example bellow. It says: Â»I want to capture all entries where process explorer does something. Â« Of course you can use anything you like. You can also input registry path or value name you want to monitor. And to be more specific you can tick boxes bellow, and tell the program to capture only entries of values that are written or read from registry, etc. You have also Exclude input field. With these possibilities you can create good filter, to find the thing you want.

Regmon Filter 2

That is basically everything you need to know about Registry Monitor. Remember, this program offers you many different scenarios, on how to find specific entire. True power of tweak hunting is revealed by using Registry Monitor and VMware. Happy hunting!!

Show-the-Comments™ (4 so far)

Comments:

[04.06.10 @ 10:57] anyc10 had this to say:

baidu [url=http://www.xxx.com]sina[/url]

[04.06.10 @ 10:58] anyc10 had this to say:

thanks for sharing!we had wholesale NFL jerseys and discount jerseys,you can click cheap jerseys or wholesale jerseys to our website.

[05.06.10 @ 10:52] yhandy had this to say:

For one thing, perhaps they vintage rolex are short of money and want to earn some money in Shanghai rolex women to cope with their difficulties. For another, they find it easier to make a rolex Lady-Datejust Pearlmaster living in Shanghai than in the countryside. Perhaps the prime reason is that they admire the urban life rolex oyster perpetual date and want to live in Shanghai permanently.From the foregoing, the rural population is getting bigger and bigger in Shanghai and it has caused serious social problems. Therefore, the government should take rolex stainless effective measures to restrict the rural population in Shanghai. lxf

[28.06.10 @ 07:33] stody had this to say:

a short period of soul searching later he decides to try boston red sox jerseys and coach purses. He goes back to the baseball course and completes an excellent game of baseball,with Vibram five fingers. Next he challenges the baseball pro and beats him easily with Five fingers. He spends every possible moment of the next year playing baseball at every course he manages to get to and having a wonderful time of Vibram five. After a year he finds himself back at the same course where he found ugg boots tall. Out of curiosity he slices one into the woods so he can talk to her.

Ladies like to use Ghd straighteners and Ghd hair straighteners to iron their beautiful long hair,but childrents like to wear Authentic jerseys,and they occasionally wear Sports jerseys,don’t like Ugg boots and Ugg boots classic

Hair straighteners is famous for all over the world, but Nhl jerseys and Hockey jerseys just are famous in US, which are the same as Women's ugg boots classic and Women's ugg boots.

Post-a-Comment™