First, let me say that I am extremely new to writing Fixlets and this is my first real shot at writing relevance.
I’m trying to find the following:
((it mod 2048) - (it mod 1024)) of (value “State” of key “HKU*\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing” of registry as integer) != 0
Please take careful note of “HKU*” Obviously, the * doesn’t work, but that’s effectively what I need. I can put a static string in there such as “.DEFAULT” or “S-1-5-19” and it works just fine. However, I can’t possibly know all the people who have logged into the machine, so I can’t just manually list all the possible SIDs.
I started going this direction:
(names of keys of key “HKU” of registry) whose (it does not end with “Classes”)
Which gives me an object of type “plural string” with the SID part of the key (basically the wildcard filler), but then I would need to prepend “HKU” and append “\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing” to the results. I have no idea how to do that to every element in a plural string. Even then, were I able to do that, I would have to find a way to actually look at all the key values, and… well… you can see how complicated it gets very quickly.
If someone could either point me in a better direction or push me further down the path I’ve chosen, I would be grateful.
values “State” of keys “
Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing
” of
keys of key “HKEY_USERS” of registry
values “State” whose((it mod 2048 - it mod 1024) != 0) of keys “
Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing
” of
keys of key “HKEY_USERS” of registry
I found the answer elsewhere. Apparently it’s a lot more complicated than anyone thought. The worst part is that almost all of the key operations used here do not exist in any documentation that IBM provides for this product.
not
exists
1
whose
((conjunction
of
(
item
0
of
it
=
item
1
of
it
)
of
(
number of
current user keys (logged on users)
of
it
,
number of
values
"State"
whose
((
it
as
integer)
of
((
it
as
bit set)
of
(
it
as
integer)
of
concatenation
of
(
if
it
ends with
“%00%00”
then
preceding text
of
last
"%00%00"
of
it
else
if
it
ends with
“%00”
then
preceding text
of
last
"%00"
of
it
else
it
)
of
(
it
as
string)
of
it
(
it
as
bit set)
of
((
“1024”
)
as
integer))
((
“1024”
)
as
integer))
of
keys
"Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing"
of
current user keys (logged on users)
of
it
)
of
(
if
x64
of
operating system
then
(x32 registry
;
x64 registry)
else
x32 registry))
and
(conjunction
of
(
item
0
of
it
=
item
1
of
it
)
of
(
number of
current user keys (logged on users)
of
it
,
number of
values
"State"
whose
((
it
as
integer)
of
((
it
as
bit set)
of
(
it
as
integer)
of
concatenation
of
(
if
it
ends with
“%00%00”
then
preceding text
of
last
"%00%00"
of
it
else
if
it
ends with
“%00”
then
preceding text
of
last
"%00"
of
it
else
it
)
of
(
it
as
string)
of
it
(
it
as
bit set)
of
((
“2048”
)
as
integer))
((
“2048”
)
as
integer))
of
keys
"Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing"
of
current user keys (logged on users)
of
it
)
of
(
if
x64
of
operating system
then
(x32 registry
;
x64 registry)
else
x32 registry))
values “State” of keys “Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing” of keys of key “HKEY_USERS” of registry