value “TxAllowed” of key “HKEY_CURRENT_USER\SvaTransmit\Params” of native registry
I do not know what you are asking, but in order to inspect the HKCU registry key, you need to use the following code
keys of current user key of native registry
I hope this helps.
Remember the client is running as LOCAL SYSTEM and not as the user logged in 
First of all thank you , I know it and usually I use a program " RUNASCURRENTUSER "
But now I need to extract value in register appears Registry path that I mentioned
Would you please help me with the syntax based on the registry it notes
Try the following:
value "TxAllowed" of key "SvaTransmit\Params" of current user key of registry
1 Like
Immediately checks , thanks
Now I get undefined instead of error
you can also try to evaluate it using the Local Client Evaluator *Debug > Evaluate Using > Local Client evaluator"
One of the other things you could do is try to run the Fixlet Debugger as SYSTEM using psexec.
You have to also have a “current user” logged in for this to work (not remoted etc but someone using the console)
You can do this with a “logged on user” by changing it to
value "TxAllowed" of key "SvaTransmit\Params" of current user key(logged on user) of registryMany times happens that there is any logged on user , in that case and if you have a generic user and a generic password for your endpoints, you could follow the following approach:
1.- Create a script with AutoIt tool, I’ve this example:
$sUser = "user"
$sPass = "Password"
$sDomain = "yourDomain"
$sCMD = "REG ADD HKEY_CURRENT_USER\YourKey"
RunAs ($sUser, $sDomain, $sPass, 0, "cmd /c " & $sCMD)
2.- Compile the code
3.- Create a fixlet to run this code and send the output to a file.
4.- Create an analyses to pull the data from the file.
Thank you very much , you helped me a lot
Thank you very much , you helped me a lot!
Although fared
I would be happy if you can explain in more detail