RefreshPC is a freeware tool that promises to reset your Windows Registry and Windows Services to its default values. Source
hmmm, i think the "reviewer" was too lazy. even if this thing is virus free i'd be cautious about using it. it might screw up your registry big time.
MBAM on-demand scan revealed nothing. I tested in the Win7 vm and it seems harmless, although I have no idea which registry entries and services it resets to default, because all i did was install and run it. I didn't notice anything broken afterward, as I ran several programs successfully. A re-boot is advised after it's run.
a good tool to see before and after changes is Systracer. the free (Trial) version is somewhat limited but serviceable enough.
Microsoft's Attack Surface Analyzer would also show all changes made. Compatible with Windows 7, Windows Vista, Windows Server 2008 R1 or Windows Server 2008 R2. Also Sysinternal's Process Explorer would give a dynamic analysis of changes made.
This sort of utility doesn't interest me that much, which is why I ran it only briefly, but if someone wants, I can test more thoroughly, probably with Systracer for a more detailed analysis.
This might be a handy tool if we knew exactly what it reset. But not knowing I will likely not use it.
It "might" be something to "think" about using after a malware infection, and/or something/s screwed up. In theory it sounds like a nice idea/tool, except, what about ALL the Reg entries that your Apps & AV etc would have made since you got your comp. They would ALL be reset, leading to i imagine All sorts of "potential" problems, i would have thought. So it's interesting to hear wat0114's account when he tried it !
It would be nice if someone would run it immediately after a fresh install of Windows and post the results.
Here is a mostly complete list of the Applications differences (Wilders limits a file size of 300kB max). The registry changes is a much larger list. BTW, I did notice after running the Refresh that the default visual effects were restored. Once again, it doesn't seem to break anything, but I can't honestly notice a difference in performance either. I erased anything that may have looked to contain private info I agree. It certainly would probably not hurt, as long as the malware is rendered completely inactive, although I'm quite against malware removal by conventional means. I'd rather wipe the disk clean then restore an image.
Other way to notice changes without allowing them to be permanent would be using Sandboxie + Buster Sandbox Analyzer.