Reading RegHive

If it doesn't fit elsewhere, it goes here
Post Reply
Posts: 8
Joined: Sat Dec 06, 2008 12:01 pm

Reading RegHive

Post by kencl » Sat Dec 06, 2008 12:07 pm

Hi Folks,

I'm looking through the sandboxed file copies. I'm wondering is there a way to read the RegHive and RegHive.LOG files? I'd like to see what keys are being modified. Thanks.

Posts: 5121
Joined: Sun Apr 27, 2008 5:24 pm
Location: Ohio, USA

Post by Guest10 » Sat Dec 06, 2008 12:32 pm

For sandboxed programs, while the RegHive files still exist, you can just look in the normal Registry under the key:
HKEY_USERS\Sandbox_(your name)_(sandbox name)
None of the normal Registry keys are being modified, unless you have told Sandboxie to allow access to that Registry key with the OpenKeyPath setting.
For programs that are actually installed into a sandbox folder, majoMo is developing SandboxDiff to provide a list of file and registry changes that a program makes when installed.
Win 10 Home 64-bit (w/admin rights) - Zone Alarm Pro Firewall, MalwareBytes Premium A/V, Cyberfox, Thunderbird
Sandboxie user since March 2007

Post Reply

Who is online

Users browsing this forum: No registered users and 2 guests