able/windows-nt
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
windows-nt/Source/XPSP1/NT/sdktools/regdiff/regdiff.txt
CryptoAlgo Inc b3cac27891 Add source files
2020-09-26 16:20:57 +08:00

132 lines
5.7 KiB
Plaintext
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

Regdiff is a tool that allows you to snapshot the registry, compare the
snapshot to the current state, look at what the differences are using the
registry editor, save the differences to a file, and later merge or unmerge
the changes back into/from the registry. Such a tool is useful for quick
resetup of applications you frequently have to reload after updating your
NT system. Its also useful for simply finding out what any particular
operation changes in the registry.
Here's how you would use regdiff to help you quickly reinstall excel:
1) load your new NT with fresh hives.
2) run
regdiff -s c:\cleansnp
this will save the current registry state into c:\cleansnp
3) now do your typical excel installation routine
4) Now that excel is all set run
regdiff -d c:\cleansnp
this finds out what differences there are between the current registry
contents and your snapshot file c:\cleansnp.
5) Now, check out your changes using regedt32.exe and look at the
HKEY_LOCAL_MACHINE\regdiff node. You will probably find "Add"
and "Del" subkeys off of this node. The "Add" node shows all keys
and values that were added to the registry since your snapshot and
the "Del" node shows what has been removed. If the same value or
key is in both nodes it means these parts have changed.
At this point you may notice some random changes that took place
in the registry since you last took your snapshot that have nothing
to do with your installation actions. You can use regedt32.exe to
edit the regdiff tree as needed so your diff information just
contains what is pertinent.
6) Now save the diff information to a file. run:
regdiff -w c:\exceldif
7) You may notice that you cannot delete this file. This is because it
is loaded into the registry at this time. To unload it from the registry
run:
regdiff -r
8) Now you have a record of the exact changes that were made to the registry
during your installation. Lets say you want to remove these changes
from the registry. Run:
regdiff -l c:\exceldif -u -r
This just loaded the c:\exceldif diff info from the file into the registry
and used that information to unmerge the changes from the registry. regdiff
then removed/unloaded the diff information from the registry. An inspection of
the registry will show all changes you made during installation have been
removed. You may also see the progman group it created disappear.
9) Lets say you have now picked up a new NT with clean hives and you need
to use excel via your email. You have the excel files on your disk but
the registry is not set up so your double click on an email excel
spreadsheet doesn't work. Run:
regdiff -l c:\exceldif -m -r
This replaces the changes referenced in the c:\exceldif file into the
registry and then removes the diff information from the registry.
10)At this point you might want to install other apps. To get an
accurate diff that is not dependent on your previous install do this:
regdiff -l c:\exceldif -u // to remove your excel instalation changes
install another app (say VC++)
regdiff -d c:\cleansnp -w c:\vcppdif
regdiff -l c:\exceldif -m // restores the excel changes.
11) Using this tool you can literally build up a batch file of all the
diffs you want to have installed into your registry each time you
pick up a new NT build.
12) If you want a little feedback from regdiff on what its doing during
operation, you can specify the -v flag. If you think
there is a bug, you can use the -@ flag to get extensive information
on what regdiff is doing.
13) regdiff employs an inclusion and exclusion list to allow finer control
over its operation. The default lists are set up to work well for
general use but you may have some particular things you want to explore.
To alter these lists create a text file that lists all the keys or values
you want included or excluded and reference them on the command line
along with the -i or -x flags. BE CAREFUL here. For instance, maybe
you only want to snapshot a tiny part of the registry so your snapshot
file is smaller. YOU SHOULD USE THE SAME INCLUSION LIST WITH YOUR DIFFS
THAT YOU USED WITH YOUR SNAPSHOT! If your lists change between your
snapshots, diffs, and merges, you may come up with erroneous results.
Your lists can contain '?' characters for wild character matching.
(Useful for \ControlSet005 type nodes.)
regdiff usage:
-s <snapfile>
save current registry contents to snapfile.
-d <snapfile>
create diff information from current registry state and <snapfile>.
-l <difffile>
load diff information into registry from <difffile>.
-w <difffile>
write diff information to <difffile> from registry when done.
-e erase input file(s) after done.
-m merge diff information into current registry.
-u unmerge diff information from current registry.
-r remove diff information from registry when done.
-x <exceptions file>
use <exceptions file> to bypass diff, merge or unmerge on certain keys.
-i <inclusions file>
use <inclusions file> to snap or diff only certain keys.
-v verbose output on.
-@ Debug mode.
-b break on errors.
-n neuter - don't really do merges/unmerges. (for safe testing)
<snapfile> and <difffile> should not have extensions on FAT partitions.
diff information is kept in HKEY_LOCAL_MACHINE\regdiff
The default inclusions list is:
HKEY_LOCAL_MACHINE\SYSTEM
HKEY_LOCAL_MACHINE\SOFTWARE
HKEY_CURRENT_USER
The default exceptions list is:
HKEY_LOCAL_MACHINE\SYSTEM\Clone
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\CacheLastUpdate
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet???

Reference in a new issue View git blame Copy permalink