So that we can do a quick risk assessment before making software available for deployment, we need a few simple tools to look at the changes made to a machine by adding new software, to give a quick pathway and testing procedure to add software to our “approved software list”. Digging back through our Windows XP tool kit we have a few options;
1.) XP Change Analysis Diagnostic Tool
Earlier today I came across a new tool that might be useful to InfoSec professionals. Though it is not a “security” tool, it can be used by support people to help better understand the modifications that may have occurred to a particular system. Once installed the tool will scan the computer looking for specific types of changes to the computer … 
After you have installed the diagnostic tool, click Start, click Run, type statechangediag.exe, and then click OK.
Modes of operation
You can run the diagnostic tool in wizard mode or in command line mode.
By default, the Change Analysis Diagnostic tool runs in wizard mode. In wizard mode, the tool installs itself and starts when the user connects to the download location. The wizard asks the user some basic questions and then gathers the requested data. When the wizard finishes, the tools displays information about what has changed on the computer. Then, the user can send the .xml file to the support professional for more analysis. The user can find the file by using the path that is provided when the wizard finishes. Typically, this location is the Drive:\Documents and Settings\User folder.
Command line mode
In command line mode, the Change Analysis Diagnostic tool provides the same functionality. However, this mode lets support professionals run the tool by using scripts and by using batch processing.
The command line mode supports the following options:
• The -nogui option changes to a console application instead of a GUI-based application.
• The -verbose option changes the output log to verbose.
• The -history option lets you specify a different number of days to start the scan. By default, this is 7 days.
The Change Analysis Diagnostic tool is intended only to help determine recent changes that may affect the user experience. The tool is a read-only program that can display information about changes to a computer that is running Windows XP. Therefore, consider the following points:
• The Change Analysis Diagnostic tool is not a security tool. For example, it cannot help remove malicious software.
• You cannot use the Change Analysis Diagnostic tool to automatically reverse system settings, to uninstall applications, or to remove any other software.
• The Change Analysis Diagnostic tool does not determine all changes to computers. The tool also does not correct all changes to computers.
• The Change Analysis Diagnostic tool does not recover any system components. The tool also does not modify any system components.
• The Change Analysis Diagnostic tool will not function in Safe Mode.
The Change Analysis Diagnostic tool requires Microsoft Windows XP Service Pack 2 (SP2). The tool also requires that restore points are created on the computer. The diagnostic tool cannot detect changes if system restore points are not present.
2.) Software Explorer
Software Explorer in Windows Defender allows you to view detailed information about software that is currently running on your computer that can affect your privacy or the security of your computer. You can see, for example, which programs run automatically when you start Windows and information about how these programs interact with important Windows programs and services. … 
3.) SysInternals tool kit
From Microsoft SysInternals ;
• Process Explorer for Windows v10.21
• Process Monitor v1.12
• AutoRuns for Windows v8.61
• PsTools v2.43
• ShareEnum v1.6
4.) Ghost AI Snapshot
Start AI Snapshot; Set to watch setup.exe for the Application in question.
Ghost builds an AIC file listing the differences between before the installation and after the installation as part of the snapshot. This AIC file documents a heap of information that is useful (and not so useful).
Browser Helper Objects (BHO’s), servers, services, new ports opened, certificate changes, interactions with XP security centre, install problems. P2P, traffic generation, java version rollback
The next trick is to create a workflow where the testing procedure can be performed quickly, the documentation created and filed correctly, and only items that raise a ‘risk flag’ are passed on for further evaluation. This will be the more difficult step.
 Microsoft XP Change Analysis Diagnostic Tool (2007-Mar-28) [SANS]
 The Change Analysis Diagnostic tool for Windows XP is available (2007-May-29) [MS]
 How to use the Windows Defender Software Explorer (13-Feb-2006) [MS]
 Microsoft Sysinternals [MS Technet]