3 Tools To Monitor & Examine The Windows Registry

Ryan Dube 06-11-2014

The Windows registry is one of the most poorly understood parts of the Windows operating system. Understanding it, and using appropriate tools to manage it, can make the difference in having a well-functioning computer.


Whatever version of Windows you’re using, the registry remains a core piece of how software “plugs in” to the OS. For many years, it’s been the secret weapon for many IT technicians. It is a place where, if you know what you’re doing, you can increase performance of your PC Top 5 Freeware Registry Cleaners That Improve PC Performance Cleaning the registry will rarely improve Windows performance and it's risky. Yet many swear by registry cleaners. You too? At least use one of these tools because they're the safest you will find. Read More . Of course, if you don’t know what you’re doing, you might not see any performance increase at all Using Registry Cleaner: Does Is It Really Make a Difference? Advertisements for registry cleaners are all over the Web. There’s an entire industry out there bent on convincing inexperienced computer users that their registry needs fixing, and that, for ten easy payments of $29.95, their... Read More  or you can actually cause the dreaded blue screen of death 11 Tips to Help You Fix the Windows 10 Blue Screen Error What is a blue screen in Windows? How do you fix blue screen errors? Here are several fixes for this common Windows problem. Read More .

Don’t worry, you don’t have to be a PC guru to gain the benefits of registry tweaks. Several tools can simplify the registry, and help you find and repair any issues that might be causing problems for your computer.

Windows Registry Basics

Managing the Windows registry in either Windows 7, Windows 8, or Windows 10 boils down to using the built-in Regedit tool. Launching Regedit works the same in all versions of Windows. You can either search for it (this is where Windows versions differ slightly) or you can press Windows key + R to open the Run dialog, type regedit, and click OK or hit Enter.


Picture the windows registry as the “Project Manager” for Windows. It manages custom elements of all software installed on the system, such as what users can or can’t do when logged into an application. This is especially useful when you’re looking into why Windows itself is behaving unexpectedly. Many times, the secret lies deep inside the registry, where some random registry key got edited – sometimes by a virus – and it’s causing the sort of problems you’re seeing.


One of the more thorough examples of using the registry – complete with a list of really cool registry hacks – is Chris Hoffman’s recent article explaining how the Windows registry works What Is the Windows Registry and How Do I Edit It? If you need to edit the Windows registry, making a few quick changes is easy. Let's learn how to work with the registry. Read More .

You’ll want to be very careful any time you try to customize the registry in the way that Chris described – or using any of the tools described below. However, by using one of the tools below, monitoring or customizing the Windows registry gets a little bit easier, especially for users who are new to tweaking registry settings.

Monitor Registry Changes With Regshot

The great thing about the Windows registry is that it is a very powerful way to affect the entire operating system. That is also its ultimate weakness. All it takes is a small “tweak” to an important entry in the registry, and it can completely alter how your operating system performs.

This is why Regshot, an open-source registry compare utility, makes it to the top of this list of registry tools.



Regshot lets you take a snapshot of your entire registry when you know your computer is operating at peak efficiency. This might be just after you did a virus scan 4 Free Virus Scanners' Accuracy Compared Read More , or when you’ve updated Windows with the latest Microsoft patches 3 Reasons Why You Should Be Running The Latest Windows Security Patches & Updates The code that makes up the Windows operating system contains security loop holes, errors, incompatibilities, or outdated software elements. In short, Windows isn't perfect, we all know that. Security patches and updates fix the vulnerabilities... Read More .  It has the added bonus of taking a snapshot of important directories (like your core Windows directory), so you can compare later to see if any changes were made there as well.

Once you have the “1st shot” file saved, at any point in time you can run the utility again, click the “2nd shot” button, and then run the “Compare” function to see any changes.  You can actually test this out after installing new software on your computer. This utility will show you all of the registry and Windows directory changes that were made.

Examine The Registry With The Reg Command

One very useful command line tool that’s built right into Windows is the “Reg” command. Launch the command window (via Search or Accessories or press Windows key + R, enter cmd, and hit Enter), and you can make use of this fast and effective tool to query the values of registry keys, add or change key values, or even export and import keys.


The only catch with using this tool is that you’ll need a list of keys that you want to monitor or change before issuing the commands.  For example, if you want to monitor the Common Files Directory that the Windows Operating system currently uses, you can check that key by typing in:

Reg query HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion /v CommonFilesDir

The resulting key value gets displayed when you hit the enter key.



If you want to regularly monitor important registry values to see if any of them get changed as a result of viruses or other malicious software 10 Steps To Take When You Discover Malware On Your Computer We would like to think that the Internet is a safe place to spend our time (cough), but we all know there are risks around every corner. Email, social media, malicious websites that have worked... Read More , you could create a batch job that queries all of those keys and outputs them to a data file, like this:

reg query HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion /v CommonFilesDir >> c:\temp\registryinfo.txt
reg query HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion /v ProgramFilesDir >> c:\temp\registryinfo.txt
reg query HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion /v ProgramFilesPath >> c:\temp\registryinfo.txt
reg query HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion /v SM_GamesName >> c:\temp\registryinfo.txt

The resulting output file will look like below.


Using the “reg” command, you can also add new values by typing:

reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\TestKey

Obviously, there’s not much point in adding a “TestKey” value in that registry domain, but it shows how you can quickly add a key anywhere in the registry with just one single command line.

With the “reg” command, you can also use the “export” function to take a snapshot of important sections of the registry. This is as easy as typing “reg export”, followed by the path of the key or the domain folder. For example, to take a snapshot of the entire CurrentVersion registry domain, you would type:

reg export HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion c:\temp\CurrentVersionExport.txt

Once you’ve saved these snapshot files, you can import them later by using the “reg import [Filename]” command. This is a convenient way to fix important sections of the registry after some software update or virus infection has corrupted it.  This is obviously a more “manual” approach to managing and protecting the registry, but for anyone who prefers the command-line or batch job approach over using pre-made applications – this is the perfect solution.

Manage Your Registry Better With Registrar

Considering the importance of your registry, maybe it should be “managed” rather than just checked occasionally for problems. Clearly meant for more advanced PC users, a free tool called Registrar offered by Resplendence – the maker of a number of high quality Windows tools – is a fantastic solution. It provides more functional access to your registry than the Windows regedit utility.

At first glance, it looks just like you’re using regedit, but there’s a toolbar filled with features.


What you’ll find when you start exploring your registry with this tool, is that it gives you much more flexibility and management over the registry when compared to regedit. Conduct easy search and replace operations, bookmark important registry keys for constant monitoring later, and best of all, descriptions for registry keys and values (and the ability to add your own).


You can see how useful these descriptions are when you double click a key. Unlike regedit, which simply shows you the name of the key and the value while editing, Registrar shows you the key and value, but also what category that key falls under, and a thorough description if it’s available.


Bookmarking important keys for easy monitoring is as simple as right clicking a key or folder, and choosing the “Bookmark” option.


This is especially useful for those critical Windows OS keys that you know viruses particularly target, like the Startup and Scheduler keys. You can find a full list of most commonly targeted registry keys over at the Symantec website.

Do You Keep A Backup Of Your Registry?

As you can see, there are some pretty useful tools and utilities for monitoring your registry and making sure it’s clean. It’s a good idea to at least take a snapshot so that if your registry gets hacked, you can figure out what made things go south. You will also have a way to recover things back to the way they were before. Considering how significantly small changes to the registry can impact your computer performance and operation, taking a snapshot and monitoring your registry is a very good insurance policy.

Do you keep an eye on your computer registry? What tools do you use to do so? Share your own tricks and advice in the comments section below.

Image Credits: 3d cube Via Shutterstock

Related topics: Anti-Malware, Windows Registry.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Lukman
    December 26, 2015 at 10:15 am

    A year on and this article is still relevant. Great job! It's absolutely top-notch. Thank you for the recommendation.

  2. Alejandro
    November 18, 2014 at 12:39 am

    Hi there, i would add Active Registry Monitor to the list. Good job.

  3. firstclass
    November 6, 2014 at 10:59 pm

    Interesting! Thanks!

  4. David
    November 6, 2014 at 9:22 pm

    I would also recommend Process Monitor (procmon) by SysInternals as a good registry tool. Process Monitor can be used to watch in real time or record reads and writes to the registry and can be filtered.