Difference between revisions of "Typelib"
(added info box) |
m (→Examples: made more generic) |
||
| Line 15: | Line 15: | ||
===Examples=== | ===Examples=== | ||
| − | Typelib:" | + | Typelib:"MyMalware 1.0 Type Library" |
This will detect the following registry key: | This will detect the following registry key: | ||
| − | [HKEY_CLASSES_ROOT\TypeLib\{ | + | [HKEY_CLASSES_ROOT\TypeLib\{77777777-4321-1234-AAAA-0000BBBBBBBB}] |
| − | [HKEY_CLASSES_ROOT\TypeLib\{ | + | [HKEY_CLASSES_ROOT\TypeLib\{77777777-4321-1234-AAAA-0000BBBBBBBB}\1.0] |
| − | @=" | + | @="MyMalware 1.0 Type Library" |
===Description=== | ===Description=== | ||
Revision as of 16:43, 22 February 2008
| Typelib | |
| Group | Registry |
| Main Application | Version 1.3 or later |
| Required Update | n/a |
| File Parameters | no |
| Registry Parameters | no |
| Build Parameters | yes (second) |
| Special Parameters | no |
Searches the registry for a typelib with the given name.
Usage
Typelib:<typelib name(string)>[,advanced build parameters]
Examples
Typelib:"MyMalware 1.0 Type Library"
This will detect the following registry key:
[HKEY_CLASSES_ROOT\TypeLib\{77777777-4321-1234-AAAA-0000BBBBBBBB}]
[HKEY_CLASSES_ROOT\TypeLib\{77777777-4321-1234-AAAA-0000BBBBBBBB}\1.0]
@="MyMalware 1.0 Type Library"
Description
Detects COM type libraries.
- The first parameter has to be the name of the type library.
- The second, optional, parameter allows you to specify advanced build parameters.
Unless you're looking at random GUIDs, it is recommended that you use RegyKey, possible along with advanced registry parameters to do the name check.
Scan Results
- The identified type library registry keys.
