Difference between revisions of "RegyValue"

Revision as of 13:23, 18 February 2008

Searches for the defined registry value and adds it to the results list, if found.

RegyValue:<description>,<rootkey>,<keypath>,<key>[,advanced regy parameters]

RegyValue:"Settings",HKEY_LOCAL_MACHINE,"\Software\Microsoft\Windows\CurrentVersion\","HidingSpywareValue"

Detects a registry value and flags it for removal.

First, a description. Using a description template instead of plain text is recommended so that the user will receive a localized version.
The root key, where HKEY_CURRENT_USER stands for all users actually.
The path to the value, starting with a backslash. PT
The name of the value to detect. You may use a Algo-Prefix here. AP PT
To refine detection, you can use advanced registry parameters to check the actual data of the value. You may use Algo-Prefixes here. AP PT

@@ Line 2: / Line 2: @@
 ==Usage==
-  RegyValue:[description],[rootkey],[keypath],[key],<advanced regy parameters>
+  RegyValue:<description>,<rootkey>,<keypath>,<key>[,advanced regy parameters]
 ===Examples===
@@ Line 15: / Line 15: @@
 # The name of the value to detect. You may use a [[AlgoPrefix|Algo-Prefix]] here. {{AlgoPrefix}} {{PathTemplates}}
 # To refine detection, you can use [[Advanced registry parameters|advanced registry parameters]] to check the actual data of the value. You may use [[AlgoPrefix|Algo-Prefixes]] here. {{AlgoPrefix}} {{PathTemplates}}
+===Scan Results===
+* The identified registry value(s).
 ==See also==
@@ Line 28: / Line 31: @@
 [[Category:SBI Commands]]
-[[Category:SBI Commands (current)]]
-[[Category:SBI Commands supporting AlgoPrefix]]