Detection Method - Registry Key (not detected)

[t0meck]

Hello Everyone

 

I've have a problem with setting up detection method correctly.

I'm trying to install Oracle VirtualBox and when VirtualBox installs without any problems, my other deployment type which imports Oracle certificate into TrustedPublisher isn't detected.

I've found where the registry key is which is added when certificate is imported. But detection method can't find the key although it exists there.

 

HKLM\SOFTWARE\Microsoft\SystemCertificates\TrustedPublisher\Certificates\A88FD9BDAA06BC0F3C491BA51E231BE35F8D1AD5

 

Only the RED part isn't detected. I just need to know if it is present on the system or not to know if the deployment type is installed.

When I try to detect only the green part it goes well but when I add the red part then no mater what i'll do, the deployment type isn't detected.

 

I don't want to use scripts/powershell because i think this method is universal for both xp/7 and we don't have powershell on xp's installed.

 

The other thing is that when I try to browse registry on a remote machine (the one where this key exists) then I get a message that I don't have sufficient privileges or the machine isn't responding which is.

 

Please help.

[Peter van der Woude]

Are there specific security rights on that key?

[t0meck]

Thank you for the reply and No. There's no specific security on that key.

Actualy i thought there were but then to be sure i've set up Everyone:F so there shouldn't be a problem. But there is.

 

Security right on that key (before my addition for everyone:f) are exacly the same as the parent key "Certificates".