What is the purpose of the sekchek.inp file?
The file allows you to define a customised list of Registry keys and files / directories / network shares for inclusion in the Scan process.
If a sekchek.inp file is present when the Scan is run, SekChek will analyse key values (for Registry keys) and DACLs / SACLs (for directories, files and network shares) for all entries defined in the file.
Where do I place the file sekchek.inp file?
The file must be in the same directory as the Scan software (SEKWIEXT.EXE) before the Scan process is started.
When the Scan process starts, SekChek will look for your sekchek.inp file in its own path, report on the status of the file’s contents, and prompt you to continue or cancel.
Note that SekChek will not display this status information if it does not find the sekchek.inp file in its path.
Format of the sekchek.inp file
The customised list of Registry keys must appear on separate lines after the [registry] section marker. Note the square brackets around the word registry.
Note the backslash separators without spaces (\) between the parts of the Registry key and the colon without spaces (:) before the Registry Key Value name.
The wildcard character * can be used to select multiple key values from a registry key name.
Note: HKEY_CURRENT_CONFIG is an alias for the fully qualified key HKEY_LOCAL_MACHINE\System\ CurrentControlSet\Hardware Profiles\Current. To scan information for this key, specify the fully qualified name rather than its alias.
DACLs and SACLs
By default, SekChek will analyse DACLs (Discretionary Access Control Lists) and SACLs (System Access Control Lists) for the \Windows\ directory, the \Windows\System 32\ directory, and the root of the drive containing these directories (typically C:\).
Your customised list of files, directories and share names must appear on separate lines after the [permissions] section marker. Note the square brackets around the word permissions.
Please contact us for assistance if you encounter difficulties with the process.