• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 8868
  • Last Modified:

find and delete registry strings in keys batch file

I have a need to delete any strings in a certain registry key location that has the word redirect in it.  Batch file is preferable but VB is welcomed.  
example;
reg key location
hkcu\software\Microsoft\windows NT\devices\
string value (any string with the below in the value)
redirect
0
jo80ge121
Asked:
jo80ge121
2 Solutions
 
nobusCommented:
i use regseeker for that : http://www.hoverdesk.net/
0
 
oBdACommented:
Try the script below; it's currentyl in test mode and will only display the "reg delete" command(s) it would normally run, so that you can test it. To run it for real, remove the uppercase ECHO in line 7. The correct registry location is actually "HKCU\Software\Microsoft\Windows NT\CurrentVersion\Devices", btw.
@echo off
setlocal enabledelayedexpansion
set Key=HKCU\Software\Microsoft\Windows NT\CurrentVersion\Devices
set Find=*redirect*
for /f "delims=" %%a in ('reg.exe query "%Key%" /v "%Find%" ^| find "REG_SZ"') do (
	call :GetValueName Value "%%a"
	ECHO reg.exe delete "%Key%" /v "!Value!" /f
)	

goto :eof
:GetValueName
set Return=
for %%a in (%~2) do (
	if "%%a"=="REG_SZ" (
		set %1=!Return:~1!&goto :eof
	) else (
		set Return=!Return! %%a
	)
)
goto :eof

Open in new window

0
 
Bill PrewCommented:
Building off oBdA answer to handle the leading white spaces in the value names, and elliminate the subroutine call (it's really hard to beat oBdA to these questions, too fast! :-] ) here's a slightly different but effective approach.

@echo off
setlocal EnableDelayedExpansion

REM Define registry location and pattern to look for
set "Key=HKCU\Software\Microsoft\Windows NT\CurrentVersion\Devices"
set "Find=*redirect*"

REM locate the registry values we are interested in deleting
for /f "delims=" %%a in ('reg.exe query "%Key%" /v "%Find%" ^| find "REG_SZ"') do (
    REM Trim off leading spaces from value name
    for /f "tokens=* delims= " %%b in ("%%a") do set "Name=%%b"
    REM Break apart REG QUERY output at REG_SZ literal
    set "Name=!Name:    REG_SZ=@!"
    for /f "delims=@" %%b in ("!Name!") do (
        REM Delete this registry value
        ECHO reg.exe delete "%Key%" /v "%%b" /f
        echo Deleted: "%%b"
    )
)

Open in new window

~bp
0
Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
jo80ge121Author Commented:
both of them worked.  thank you!
0
 
mcburn13Commented:
not working for me   the Find variable *s mean that it's wildcard before and after the term right?  Anyway just getting an error even on running the exact string value:
C:\Scripts>reg query "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders" /v "\\test\test" | find "REG_SZ"
ERROR: The system was unable to find the specified registry key or value.
0
 
Bill PrewCommented:
Can you do the following at a command prompt and post the results.  Based on what you described it does not seem that the KEY named "\\test\test" exists, which I would not expect it to.  The key names are typically reserved works / names like "AppData", "Desktop", "Start Menu", etc.

Anyway, you can check this by the following:

reg query "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders"

and see what keys are listed.

~bp
0
 
mcburn13Commented:
I was actually able to get it going with this syntax:
SET KEY=HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
SET VALUE=\\OLDSERVERNAME*
for /F "tokens=1,*" %%a in ('REG QUERY "%KEY%" ^| findstr /I "%VALUE%"') do (REG DELETE "%KEY%" /v %%a /f)

I had to specify the \\ in the UNC path it didn't like a preceding wildcard in the variable.  BUT I would like to figure out how to get that preceding wildcard working for future situations (doesn't apply here because this string in this instance will always start with \\OLDSERVERNAME)
0
 
Bill PrewCommented:
The leading asterisk definitely works, as in this test I just did:

C:\> reg.exe query "HKCU\Software\Microsoft\Windows NT\CurrentVersion\Devices" /v "*envy*"

HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Devices
    HP ENVY 120 series (Network)    REG_SZ    winspool,Ne01:

~bp
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Introducing Cloud Class® training courses

Tech changes fast. You can learn faster. That’s why we’re bringing professional training courses to Experts Exchange. With a subscription, you can access all the Cloud Class® courses to expand your education, prep for certifications, and get top-notch instructions.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now