Difference between revisions of "RegyValue"

From SpybotWiki
Jump to: navigation, search
m (updated adv parameter stuff)
 
(8 intermediate revisions by the same user not shown)
Line 1: Line 1:
Searches for the defined registry value and adds it to the results list, if found.
+
{{SbiCmdInfo
 +
|SYNTAX = RegyValue
 +
|PENAME = SpybotSD.exe
 +
|PEVERSION = 0.95 or later<br />1.5.3 for adv. file
 +
|GROUP = Registry
 +
|MINUPDATE = n/a
 +
|ADVFILEPARAMS = yes (sixth)
 +
|ADVREGPARAMS = yes (fifth)
 +
|ADVBUILDPARAMS = yes (fifth)
 +
|ADVSPECIALPARAMS = no
 +
}}Searches for the defined registry value and adds it to the results list, if found.
  
 
==Usage==
 
==Usage==
  RegyValue:[description],[rootkey],[keypath],[key],<advanced regy parameters>
+
  RegyValue:<description(string)>,<rootkey(enum)>,<keypath(string)>,<value(string)>[,advanced registry parameters[,advanced file parameters]]
  
 
===Examples===
 
===Examples===
  RegyValue:"Settings",HKEY_LOCAL_MACHINE,"\Software\Microsoft\Windows\CurrentVersion\","HidingSpywareValue"
+
  RegyValue:"<$REG_SETTINGS>",HKEY_LOCAL_MACHINE,"\Software\Microsoft\Windows\CurrentVersion\","HidingSpywareValue"
  
 
===Description===
 
===Description===
Line 12: Line 22:
 
# First, a description. Using a [[Description templates|description template]] instead of plain text is recommended so that the user will receive a localized version.
 
# First, a description. Using a [[Description templates|description template]] instead of plain text is recommended so that the user will receive a localized version.
 
# The root key, where HKEY_CURRENT_USER stands for all users actually.
 
# The root key, where HKEY_CURRENT_USER stands for all users actually.
# The path to the value, starting with a backslash.
+
# The path to the value, starting with a backslash. {{PathTemplates}}
# The name of the value to detect. You may use a [[AlgoPrefix|Algo-Prefix]] here.
+
# The name of the value to detect. You may use a [[AlgoPrefix|Algo-Prefix]] here. {{AlgoPrefix}} {{PathTemplates}}
# To refine detection, you can use [[Advanced registry parameters|advanced registry parameters]] to check the actual data of the value. You may use [[AlgoPrefix|Algo-Prefixes]] here.
+
# To refine detection, you can use [[Advanced registry parameters|advanced registry parameters]] to check the actual data of the value, as well as [[Advanced build parameters|advanced build parameters]]. You may use [[AlgoPrefix|Algo-Prefixes]] here. {{AlgoPrefix}} {{PathTemplates}}
 +
# Starting with 1.5.3, [[Advanced file parameters|advanced file parameters]] for [[:Category:Advanced_file_parameters_for_Flow_Control|Flow Control]] can be specified. {{PathTemplates}}
 +
 
 +
===Scan Results===
 +
* The identified registry value(s).
  
 
==See also==
 
==See also==
 +
* [[Advanced file parameters]]
 +
* [[Advanced build parameters]]
 +
* [[Advanced registry parameters]]
 
* [[AlgoPrefix]]
 
* [[AlgoPrefix]]
 
* [[Description templates]]
 
* [[Description templates]]
* [[Advanced registry parameters]]
 
  
 
===Similar commands===
 
===Similar commands===
Line 28: Line 44:
  
 
[[Category:SBI Commands]]
 
[[Category:SBI Commands]]
[[Category:SBI Commands (current)]]
 
[[Category:SBI Commands supporting AlgoPrefix]]
 

Latest revision as of 15:08, 29 April 2008

RegyValue
Group Registry
Main Application Version 0.95 or later
1.5.3 for adv. file
Required Update n/a
File Parameters yes (sixth)
Registry Parameters yes (fifth)
Build Parameters yes (fifth)
Special Parameters no

Searches for the defined registry value and adds it to the results list, if found.

Usage

RegyValue:<description(string)>,<rootkey(enum)>,<keypath(string)>,<value(string)>[,advanced registry parameters[,advanced file parameters]]

Examples

RegyValue:"<$REG_SETTINGS>",HKEY_LOCAL_MACHINE,"\Software\Microsoft\Windows\CurrentVersion\","HidingSpywareValue"

Description

Detects a registry value and flags it for removal.

  1. First, a description. Using a description template instead of plain text is recommended so that the user will receive a localized version.
  2. The root key, where HKEY_CURRENT_USER stands for all users actually.
  3. The path to the value, starting with a backslash. PT
  4. The name of the value to detect. You may use a Algo-Prefix here. AP PT
  5. To refine detection, you can use advanced registry parameters to check the actual data of the value, as well as advanced build parameters. You may use Algo-Prefixes here. AP PT
  6. Starting with 1.5.3, advanced file parameters for Flow Control can be specified. PT

Scan Results

  • The identified registry value(s).

See also

Similar commands