Mikep7779 Posted November 2, 2005 Posted November 2, 2005 I have a .exe that is souposed to add some "tweaks" to my registry, how do i find out what it is acctualy adding?
cluberti Posted November 2, 2005 Posted November 2, 2005 For an .exe, you could look at the source, decompile it (not likely), or debug it while it's running (assuming you understand machine code and call stacks).If you want a high-level overview, download filemon and regmon (from www.sysinternals.com) and run both, then run your .exe, then stop both regmon and filemon. They'll give you a snapshot of what just happened on your system, both on the filesystem and in the registry. It's best to run those when NOTHING else is running, short of Windows itself, because they're VERY verbose. Less is more, in this instance, if you want to see what is actually happening.
Mikep7779 Posted November 2, 2005 Author Posted November 2, 2005 For an .exe, you could look at the source, decompile it (not likely), or debug it while it's running (assuming you understand machine code and call stacks).If you want a high-level overview, download filemon and regmon (from www.sysinternals.com) and run both, then run your .exe, then stop both regmon and filemon. They'll give you a snapshot of what just happened on your system, both on the filesystem and in the registry. It's best to run those when NOTHING else is running, short of Windows itself, because they're VERY verbose. Less is more, in this instance, if you want to see what is actually happening.worked like a charm
cluberti Posted November 3, 2005 Posted November 3, 2005 We use these tools a lot for exactly this type of thing
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now