Scanreg is a 32-bit, character-based, command-line 'Registry GREP' that enables you to search for strings in Registry key names, value entry names, or actual value data. You can use this utility to scan registries on local or remote computers running Windows NT or Windows 95.
Command-line syntax
scanreg \[-s\] searchstring \[-k\] \[-v\] \[-d\] \[\[-r\]rootkey\] \[-c\] \[-e\] \[-n\]
where
Option Meaning
-s The string to search for
-r The Registry subtree from which to start searching (default: HKEY_CURRENT_USER).
Rootkey can be abbreviated as follows:
HKEY_LOCAL_MACHINE lm
HKEY_CURRENT_USER cu
HKEY_CLASSES_ROOT cr
HKEY_USERS us
-k Search keynames (Note: You must specify either -k -v or -d, and you may specify any combination of the three.)
-v Search value names
-d Search data
-c Search case sensitive (default: not case sensitive)
-e Returns only an exact match (default: returns all matches)
-n Disables use of color in output (default: keys red, values green, data yellow)
Examples
Valid examples of Scanreg usage include:
SCANREG -sWindows -k
SCANREG -s:Windows -v
SCANREG -s=Windows -kvc
SCANREG -s Windows -k -ve
SCANREG -s Windows -k -v -dn
SCANREG -s Windows -kvd
SCANREG /s Windows -kvd
SCANREG /s Windows -kvd -rlm\
SCANREG /s Windows -kvd -r\software\
SCANREG /s Windows -kvd -r\\HOTDOG\lm\system
SCANREG /s Windows -kvd -r\\HOTDOG\HKEY_LOCAL_MACHINE\system
SCANREG Windows \lm -kvd
SCANREG Windows -kvd
SCANREG Windows HKEY_CURRENT_USER\software -kvd
