Track changes in registry & filesystem

Some software come with hidden malware which goes undetected by many antivirus software. By analyzing the change made by the software installer to both your registry and file system, it can be much more easier to remove the hidden malware.

So how can you track the changes? So far there has been no straightforward tool, until today. TrackWinstall is a portable tool that creates a system snapshot, then launches the installer and finally shows you all the changes made by the installer.

It comes in two modes, One-Click Protocol and Two-Phase Mode.

    * One-Click Protocol(Simple Installs): Take snapshot of the system state, launches the specified installer, and then records the changes.
    * Two-Phase Mode(Complex Installs): Take snapshot of the system state, terminates, and records the changes on the next launch(after system restart).
If you want to exclude a add/exclude a certain file system, you can do so by going to Options. You can also skip Windows Update files to speed up the process.

once the system snapshot has been created, you don’t need to create it every time when installing applications. You can load it by clicking Load button on the main window.  you can download it here http://translate.google.com/translate?u=http%3A%2F%2Fwww.withopf.com%2Ftools%2Ftrackwinstall%2F&langpair=de%7Cen

[attachment deleted by admin]

the same effect could be achieved with regmon/Process monitor...

[Moderator]

Or Total Uninstall...which has been around since Win98.

yes ,but by running the installer through trackwinstall you are given a detailed view of what was files were added, what was modified and for example you installed a trial software you can identify certain registry keys that prevent you from reinstalling after the trial expired.i will post a screen of the report it gives.

[Moderator]

Same with Total Uninstall...

Same with Total Uninstall...

or registry monitor and file monitor or process monitor.

Of course regmon,filemon, and procmon don't have oversized buttons.


Additionally the idea of taking a "snapshot" is ridiculous, especially given that there are functions to monitor the registry for changes just as there are for files.

[Moderator]

No over-sized buttons ? ?.......Darn !

 

sorry you did not like it, i thought it was cool

given the fact that some of your other "reviews" have ended up being infested and or triggering AV programs I think it's safe to say that perhaps you should be a tad more careful what you use?

B.C said-  ( Additionally the idea of taking a "snapshot" is ridiculous, especially given that there are functions to monitor the registry for changes just as there are for files.)   looking at total uninstalls help file it seems a "snapshot" is what it does so are you saying that it too is ridiculous?

[attachment deleted by admin]

[Moderator]

I'm not...

I've used it for many years.

B.C said-  ( Additionally the idea of taking a "snapshot" is ridiculous, especially given that there are functions to monitor the registry for changes just as there are for files.)   looking at total uninstalls help file it seems a "snapshot" is what it does so are you saying that it too is ridiculous?

I never said I liked total uninstall...

i had never heard of Total Uninstall until Patios post and i have to say i am very impressed.and @ B.C. filemon and regmon were both new to me and both are apps that now i can not go without. so thanks Patio and B.C

actually, many of the tools you've found useful have pretty good Sysinternals equivalents. Some of them are a bit complicated, but they are more powerful (not as user friendly though- no "fit it now *censored*" buttons  )