REGA is a forensic tool that performs collection and analysis of the windows registry hives (GUI application). The tool will automatically search a target computer and quickly collect registry hive files (using RegEx).

The tool include the following feature:

• Intuitive GUI based application
• Automatically search a target computer and quickly collect registry hive files (using RegEx)
• Extract forensically meaningful information in pre-defined categories
• Decrypt and decode registry data to enhance the readability
• Rapid search with keywords and time periods
• Timeline analysis
• Create result reports (CSV format) 

During the incident response process it will be possible to have the following:

• Analyze windows installation information including:
  • Owner, Organization, Installation date, and so on
• Analyze user activities such as:
  • User accounts, Protected storage, Run commands, Search keywords
  • Typed URLs of internet explorer
  • Remote desktop connection, Network drive connection
  • Recently accessed folders and files
• Analyze system configuration information such as:
  • List of services and drives
  • Autoruns
• Analyze installed application and the usage history
  • Installed application, Application usage history
  • Application compatibility cache
  • Word process application usage history (Microsoft office 1997-2010 and Haansoft hangle 2000-2010)
• Analyze installed hardware and the usage history
  • Installed network interface cards
  • Installed hardware (device managers)
  • Installed storage devices (hdd, fdd, cd-rom, usb …)
• Reporting
  • Create result reports (analyzed information is saved in the CSV file format) 

You can read more and download this tool over here: http://forensic.korea.ac.kr/tools/20151030_REGA_Freeware.zip