Difference between revisions of "Typelib"
(added info box) |
m (→Usage: fixed var names) |
||
(One intermediate revision by the same user not shown) | |||
Line 12: | Line 12: | ||
==Usage== | ==Usage== | ||
− | Typelib:< | + | Typelib:<name(string)>[,advanced build parameters] |
===Examples=== | ===Examples=== | ||
− | Typelib:" | + | Typelib:"MyMalware 1.0 Type Library" |
This will detect the following registry key: | This will detect the following registry key: | ||
− | [HKEY_CLASSES_ROOT\TypeLib\{ | + | [HKEY_CLASSES_ROOT\TypeLib\{77777777-4321-1234-AAAA-0000BBBBBBBB}] |
− | [HKEY_CLASSES_ROOT\TypeLib\{ | + | [HKEY_CLASSES_ROOT\TypeLib\{77777777-4321-1234-AAAA-0000BBBBBBBB}\1.0] |
− | @=" | + | @="MyMalware 1.0 Type Library" |
===Description=== | ===Description=== |
Latest revision as of 16:44, 22 February 2008
Typelib | |
Group | Registry |
Main Application | Version 1.3 or later |
Required Update | n/a |
File Parameters | no |
Registry Parameters | no |
Build Parameters | yes (second) |
Special Parameters | no |
Searches the registry for a typelib with the given name.
Usage
Typelib:<name(string)>[,advanced build parameters]
Examples
Typelib:"MyMalware 1.0 Type Library"
This will detect the following registry key:
[HKEY_CLASSES_ROOT\TypeLib\{77777777-4321-1234-AAAA-0000BBBBBBBB}] [HKEY_CLASSES_ROOT\TypeLib\{77777777-4321-1234-AAAA-0000BBBBBBBB}\1.0] @="MyMalware 1.0 Type Library"
Description
Detects COM type libraries.
- The first parameter has to be the name of the type library.
- The second, optional, parameter allows you to specify advanced build parameters.
Unless you're looking at random GUIDs, it is recommended that you use RegyKey, possible along with advanced registry parameters to do the name check.
Scan Results
- The identified type library registry keys.