Difference between revisions of "RegyKey"

From SpybotWiki
Jump to: navigation, search
m (info about HKCU)
 
(9 intermediate revisions by the same user not shown)
Line 1: Line 1:
Searches for the defined registry key and adds it to the results list, if found.
+
{{SbiCmdInfo
 +
|SYNTAX = RegyKey
 +
|PENAME = SpybotSD.exe
 +
|PEVERSION = 0.95 or later<br />1.5.3 for adv. file
 +
|GROUP = Registry
 +
|MINUPDATE = n/a
 +
|ADVFILEPARAMS = yes (sixth)
 +
|ADVREGPARAMS = yes (fifth)
 +
|ADVBUILDPARAMS = yes (fifth)
 +
|ADVSPECIALPARAMS = no
 +
}}Searches for the defined registry key and adds it to the results list, if found.
  
 
==Usage==
 
==Usage==
  RegyKey:[description],[rootkey],[keypath],[key],<advanced regy parameters>
+
  RegyKey:<description(string)>,<rootkey(enum)>,<keypath(string)>,<key(string)>[[,advanced registry parameters][,advanced file parameters]]
 +
 
 +
To flag any things located in HKEY_USERS, just add one rule with HKEY_CURRENT_USER as the root key. During a scan, rules for HKEY_CURRENT_USER will be applied to all detected users, not just the ''current'' one.
  
 
===Examples===
 
===Examples===
Line 12: Line 24:
 
# First, a description. Using a [[Description templates|description template]] instead of plain text is recommended so that the user will receive a localized version.
 
# First, a description. Using a [[Description templates|description template]] instead of plain text is recommended so that the user will receive a localized version.
 
# The root key, where HKEY_CURRENT_USER stands for all users actually.
 
# The root key, where HKEY_CURRENT_USER stands for all users actually.
# The path to the value, starting with a backslash. This may not include the actual subkey you want to remove.
+
# The path to the value, starting with a backslash. This may not include the actual subkey you want to remove. {{PathTemplates}}
# The name of the key to detect. You may use a [[AlgoPrefix|Algo-Prefix]] here. {{AlgoPrefix}}
+
# The name of the key to detect. You may use a [[AlgoPrefix|Algo-Prefix]] here. {{AlgoPrefix}} {{PathTemplates}}
# To refine detection, you can use [[Advanced registry parameters|advanced registry parameters]] to check the actual data of the value. You may use [[AlgoPrefix|Algo-Prefixes]] here. {{AlgoPrefix}}
+
# To refine detection, you can use [[Advanced registry parameters|advanced registry parameters]] to check the actual data of the value, as well as [[Advanced build parameters|advanced build parameters]]. You may use [[AlgoPrefix|Algo-Prefixes]] here. {{AlgoPrefix}} {{PathTemplates}}
 +
# Starting with 1.5.3, [[Advanced file parameters|advanced file parameters]] for [[:Category:Advanced_file_parameters_for_Flow_Control|Flow Control]] can be specified. {{PathTemplates}}
 +
 
 +
===Scan Results===
 +
* The identified registry key(s).
  
 
==See also==
 
==See also==
 +
* [[Advanced file parameters]]
 +
* [[Advanced build parameters]]
 +
* [[Advanced registry parameters]]
 
* [[AlgoPrefix]]
 
* [[AlgoPrefix]]
 
* [[Description templates]]
 
* [[Description templates]]
* [[Advanced registry parameters]]
 
  
 
===Similar commands===
 
===Similar commands===
Line 28: Line 46:
  
 
[[Category:SBI Commands]]
 
[[Category:SBI Commands]]
[[Category:SBI Commands (current)]]
 
[[Category:SBI Commands supporting AlgoPrefix]]
 

Latest revision as of 14:05, 29 May 2008

RegyKey
Group Registry
Main Application Version 0.95 or later
1.5.3 for adv. file
Required Update n/a
File Parameters yes (sixth)
Registry Parameters yes (fifth)
Build Parameters yes (fifth)
Special Parameters no

Searches for the defined registry key and adds it to the results list, if found.

Usage

RegyKey:<description(string)>,<rootkey(enum)>,<keypath(string)>,<key(string)>[[,advanced registry parameters][,advanced file parameters]]

To flag any things located in HKEY_USERS, just add one rule with HKEY_CURRENT_USER as the root key. During a scan, rules for HKEY_CURRENT_USER will be applied to all detected users, not just the current one.

Examples

RegyKey:"User settings",HKEY_CURRENT_USER,\SOFTWARE\,"Spyware"

Description

Detects a registry key and flags it for removal.

  1. First, a description. Using a description template instead of plain text is recommended so that the user will receive a localized version.
  2. The root key, where HKEY_CURRENT_USER stands for all users actually.
  3. The path to the value, starting with a backslash. This may not include the actual subkey you want to remove. PT
  4. The name of the key to detect. You may use a Algo-Prefix here. AP PT
  5. To refine detection, you can use advanced registry parameters to check the actual data of the value, as well as advanced build parameters. You may use Algo-Prefixes here. AP PT
  6. Starting with 1.5.3, advanced file parameters for Flow Control can be specified. PT

Scan Results

  • The identified registry key(s).

See also

Similar commands