Hi, I'm one of the authors of hivex, a program for reading Windows registry hive files: http://libguestfs.org/hivex.3.html The library can't currently read ReactOS hive files. I'm *very* hestitant to say anyone is "wrong" here since the documentation for hive files is obviously non-existent, but it appears that ReactOS doesn't fill in the end_pages field in the header, and instead relies on the size of the file itself. For example, a hive downloaded from a fresh ReactOS install: hivex_open: header fields: file version 1.3 sequence nos 3 3 (sequences nos should match if hive was synched at shutdown) original file name (only 32 chars are stored, name is probably truncated) root offset 0x70 + 0x1000 ** end of last page 0x1000 + 0x1000 (total file size 0x22000) checksum 0x8dc38fdf (calculated 0x8dc38fdf) Notice that "end of last page" field is 0x1000, versus a completely different file size. hivex currently refuses to read past the end_pages limit, and we are able to read every Windows hive that has ever been thrown at us. If I hack hivex so that it ignores end_pages and simply uses the size of the file as a guide, then hivex can successfully read the whole of the file. However I'm a bit unwilling to make this change to hivex just for ReactOS, since it works fine with real Windows already. So I wonder if this could just be a mistake in ReactOS or if there's some deeper reason that I'm missing. TIA, Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones virt-df lists disk usage of guests without needing to install any software inside the virtual machine. Supports Linux and Windows. http://et.redhat.com/~rjones/virt-df/ _______________________________________________ Ros-dev mailing list Ros-dev(a)reactos.org http://www.reactos.org/mailman/listinfo/ros-dev