Difference between revisions of "SBI Commands"

From SpybotWiki
Jump to: navigation, search
(New page: SBI Commands are OpenSBI instructions, defined inside .sbi text files, that tell Spybot - Search & Destroy how it has to detect malware that you wish to be removed....)
 
 
(One intermediate revision by the same user not shown)
Line 1: Line 1:
SBI Commands are [[OpenSBI]] instructions, defined inside [[SBI file format|.sbi text files]], that tell Spybot - Search & Destroy how it has to detect malware that you wish to be removed. You should take a look at the [[:Category:SBI Commands|list of SBI Commands]] to get a rough overview of what's possible.
+
SBI Commands are [[OpenSBI]] instructions, defined inside [[SBI file format|.sbi text files]], that tell Spybot - Search & Destroy how it has to detect malware that you wish to be removed.  
 +
 
 +
Commands usually have parameters; and these parameters are displayed in a comma-separated list, where parameters that contain spaces need to be quoted. It has become common style to quote everything except for registry root keys (HKEY_LOCAL_MACHINE etc.).
 +
 
 +
File:"This is a file entry","<$WINDIR>\Hello.txt","filesize>10"
 +
 
 +
An important thing to remember is that quotes within quotes need to be escaped with quotes. Sounds complicated? Let's see another example:
 +
 
 +
File:"<$FILE_EXE>","<$WINDIR>\Malware.exe","filesize=13937,'''""'''field[version]=CompanyName|Malware Inc.'''""'''"
 +
 
 +
You can take a look at the [[:Category:SBI Commands|list of commands]] to get a rough overview of available commands, and at the [[:Category:Advanced file parameters|list of file parameters]] for details on parameters within parameters.
 +
 
 +
==See also==
 +
* [[Description templates]]
 +
* [[Path templates]]
 +
* [[:Category:SBI Commands]]
 +
* [[:Category:Advanced file parameters]]

Latest revision as of 09:56, 19 February 2008

SBI Commands are OpenSBI instructions, defined inside .sbi text files, that tell Spybot - Search & Destroy how it has to detect malware that you wish to be removed.

Commands usually have parameters; and these parameters are displayed in a comma-separated list, where parameters that contain spaces need to be quoted. It has become common style to quote everything except for registry root keys (HKEY_LOCAL_MACHINE etc.).

File:"This is a file entry","<$WINDIR>\Hello.txt","filesize>10"

An important thing to remember is that quotes within quotes need to be escaped with quotes. Sounds complicated? Let's see another example:

File:"<$FILE_EXE>","<$WINDIR>\Malware.exe","filesize=13937,""field[version]=CompanyName|Malware Inc."""

You can take a look at the list of commands to get a rough overview of available commands, and at the list of file parameters for details on parameters within parameters.

See also