<div>
You might wanna look at this: <br />
<br />
<a href="http://windowsitpro.com/scripting/searching-registry-powershell" rel="ugc">http://windowsitpro.com/sc<wbr />ripting/se<wbr />arching-re<wbr />gistry-pow<wbr />ershell</a>
</div>


You might wanna look at this:

http://windowsitpro.com/scripting/searching-registry-powershell [http://windowsitpro.com/scripting/searching-registry-powershell]

<div>
Thanks but viewed that already it doesn't show how to store the keys and delete them as requested, its just a basic search command.
</div>


Thanks but viewed that already it doesn't show how to store the keys and delete them as requested, its just a basic search command.

<div>
Even if the OP have not confirmed it to work, i still think this is the best solution to solve the original problem.
</div>


Even if the OP have not confirmed it to work, i still think this is the best solution to solve the original problem.

<div>
<div class="content wysiwyg-content">
I have a question where i need to write a script which can search the following hives and delete any String value names which match my criteria.<br />
<br />
i need to be able to search the entire HKU hive and HKLM<br />
<br />
Example, i need to delete any key name that would be called &quot;Malware A&quot; and another one called &quot;Malware B&quot;<br />
They tend to be listed under these directories below but if theres a way to search the entire registry that would be great<br />
<br />
HKU\S-1-5-18\SOFTWARE\MICR<wbr />OSOFT\WIND<wbr />OWS\CURREN<wbr />TVERSION\R<wbr />UN<br />
HKU\S-1-5-21-1172670090-10<wbr />33165640-4<wbr />219323903-<wbr />500\SOFTWA<wbr />RE\MICROSO<wbr />FT\WINDOWS<wbr />\CURRENTVE<wbr />RSION\RUN<br />
HKLM\SOFTWARE\WOW6432NODE\<wbr />MICROSOFT\<wbr />WINDOWS\CU<wbr />RRENTVERSI<wbr />ON\RUN<br />
<br />
I would prefer to be able to launch the script easily via CMD if possible open powershell via CMD
</div>
</div>


I have a question where i need to write a script which can search the following hives and delete any String value names which match my criteria.

i need to be able to search the entire HKU hive and HKLM

Example, i need to delete any key name that would be called "Malware A" and another one called "Malware B"
They tend to be listed under these directories below but if theres a way to search the entire registry that would be great

HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN
HKU\S-1-5-21-1172670090-1033165640-4219323903-500\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN

I would prefer to be able to launch the script easily via CMD if possible open powershell via CMD

Powershell commands to search HKU

Windows PowerShell is a task automation and configuration management framework from Microsoft, consisting of a command-line shell and associated scripting language built on the .NET Framework. PowerShell provides full access to the Component Object Model (COM) and Windows Management Instrumentation (WMI), enabling administrators to perform administrative tasks on both local and remote Windows systems as well as WS-Management and Common Information Model (CIM) enabling management of remote Linux systems and network devices.

Powershell

The term 'shell' refers to a general class of text-based command interpreters most often associated with the UNIX and Linux operating systems. Popular shells include Bourne, Debian Almquist (dash), Korn (ksh), Bourne Again (bash) and the C shell family (csh). Some view the DOS 'cmd' prompt as a minimal shell of sorts. It is also possible to install Cygwin on Windows and emulate a full Unix environment with complete shell capabilities. Terminal emulators, such as xterm, GNOME Terminal and OS X Terminal, can be used to access shell.