RegistryReport is a free registry forensic analysis tool that shows information about the operating system, installed software, the last user activity, the user settings and many other details from raw Windows NT 5 Registry files "SYSTEM", "SOFTWARE", "SAM" and "NTUSER.DAT" (Windows 2000 or higher).
You can configure the amount of information for each category in the settings dialog. Over the graphical user interface you can save, print and search the generated report. The report can be copied or saved as RTF or plain text.
RegistryReport doesn't process the Registry files of the running operating system.
RegistryReport is designed to work with Guidance EnCase or X-Ways Forensics (see "Additional Downloads").
Multiple File Finder X-Tension for X-Ways Forensics
This X-Tension for X-Ways Forensics finds and export files. The contained definition file finds Windows NT 5 Registry files and add them to a report table. It can also export these files to an user defined folder. After the search process it can run RegistryReport and start the report generation automatically.
The changelog for this application is available in the German version of this page only.