Reg Key scan issues
Webmaster
Hello All,
hopefully someone cal help me here as i am quiet confused. I am trying to Scan Profile to find the following reg key -
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers{11660363-49E2-4F87-AB2E-FD210019AE88}
when i add this into the scan profile as shown exactly above it doesnt not find it. Here is the profile config in image 1
when i add a \ to the end of the profile, it does pull back a result but its the wrong key all together. what am i doing wrong please?
i do hope this makes sense as im quiet new to the service
0
Comments
Hi,
i'm not sure what you mean or what you want because everything looks fine on you screenshots.
All values:
SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{11660363-49E2-4F87-AB2E-FD210019AE88}\**\
Specific entry:
SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{11660363-49E2-4F87-AB2E-FD210019AE88}\WrappedCLSID
SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\**\WrappedCLSID
Hi Christian
Thank you for the reply.
What i am looking for is - {11660363-381B-42A5-893E-BBF09122F76A}
i need to modify this to _{11660363-381B-42A5-893E-BBF09122F76A}
so i am looking for all PC's with this key
Ok in understand, then use the value to find all keys
First reg scan for the "WrappedCLSID" under the key {11660363-49E2-4F87-AB2E-FD210019AE88}:
SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers{11660363-49E2-4F87-AB2E-FD210019AE88}\WrappedCLSID
If the key exists, you can see him under -> device -> registry in Inventory with the path to the key
Now Create a Collection and use path -> equals
And if you scan for the "new" key too, you can find all changed devices too:
SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers_{11660363-49E2-4F87-AB2E-FD210019AE88}\WrappedCLSID