working on a specific registry entry



  • 1. Suppress output from a command line tool
    I'm writing a script that wraps nslookup to gather DNS information from multiple servers so I can confirm that they are in agreement. Unfortunately, when nslookup runs it always returns the following error for each lookup that I can't seem to suppress. *** Can't find server name for address No information How can I get rid of this? Here's a sample NSLookup command that I'm running: nslookup If you run it, you can see there is plenty of other output, but only the error message is displayed when executed in a script. thanks for the help! -Chris
  • 2. Help a newbie
    I'm trying to learn Powershell (reading Powershell in Action right now) but I am struggling with some of the basics and running out of time for a script I need. I want to find all files with a certain extension on a share and output the results in a nice format that contains the path, name, size in MB, and last access time. So far I have: get-ChildItem -recurse -include a_*.nsf | Out-File -FilePath c: \archives.txt but this doesn't give me all the information I am looking for nor put it in a very nice format. I'm sure if I spend some more time on this I could get it but right now I am in a rush. Thanks for any help.
  • 3. Hide a Windows form
    Hello, I have a powershell app that i'd like to hide/show with a systray icon menu. Unfortunately, My script quits as soon as i call the Hide() method of the form. I'm not really experienced in .NET windows classes, Perhaps the problem doesn't involve powershell at all. If so, feel free to redirect me toward the good group. Here's the main structure of my script : ----- cut here ------ $form = new-object System.Windows.Forms.form $mi = new-object System.Windows.Forms.MenuItem $mi.Index = 0 $mi.Text = "Hide" $mi.add_Click({ $form.hide() }) $cm = new-object System.Windows.Forms.ContextMenu $form.contextMenu = $cm $form.contextMenu.MenuItems.AddRange($mi) $form.ShowInTaskbar = $true $form.set_autosize($true) $form.Text = "My Form" $ni = new-object System.Windows.Forms.NotifyIcon $ni.Icon = New-object System.Drawing.Icon("icon.ico") $NI.ContextMenu = $cm $NI.Text = "Systray Text" $NI.Visible = $True; $timer = New-Object System.Windows.Forms.Timer $timer.Interval = 5000 $timer.add_Tick({ #...doing my treatment }) $timer.Start() $form.showdialog() ----- cut here ------ Any ideas ? Thanks, Pav
  • 4. split works much different than expected
    Hi, I am trying to get the error codes from a file but split seems to work much different than I expect. ie, my file error_log contains: cmd.exe exited on testserver with error code 1603. when I try to do a split ie. $testerr = get-content error_log | where($_ -match "error code"} if ($testerr){ ($one,$two)=$testerr.split("error code") "one: $one, two: $two" } I get really strange output, like: one: ps, two: x . x : ....... Can someone help with split? Thanks,

working on a specific registry entry

Postby Thufir » Wed, 21 May 2008 18:43:30 GMT

I like:

Getting a Single Registry Entry

If you wish to retrieve a specific entry in a registry key, you can
use one of several possible approaches. This example finds the value
of DevicePath in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows

Using Get-ItemProperty, use the Path parameter to specify the name of
the key, and the Name parameter to specify the name of the DevicePath

PS> Get-ItemProperty -Path HKLM:\Software\Microsoft\Windows
\CurrentVersion -Name DevicePath

PSPath       : Microsoft.PowerShell.Core\Registry::HKEY_LOCAL_MACHINE
PSParentPath : Microsoft.PowerShell.Core\Registry::HKEY_LOCAL_MACHINE
PSChildName  : CurrentVersion
PSDrive      : HKLM
PSProvider   : Microsoft.PowerShell.Core\Registry
DevicePath   : C:\WINDOWS\inf

This command returns the standard Windows PowerShell properties as
well as the DevicePath property.


How would this be combined with the REG QUERY command to find and echo
each entry which has references "foo.dll"?



Re: working on a specific registry entry

Postby Thufir » Wed, 21 May 2008 18:46:51 GMT


something along the lines of:


but returning the entries which are found by searching through the
regedit GUI for "foo.dll" which will find the entries one at a time.



Re: working on a specific registry entry

Postby Jon » Thu, 22 May 2008 02:00:12 GMT

Not sure exactly what you're after, but possibly something like

$key = Get-Item "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs"
$key.GetValueNames() | `
where {([io.path]::GetFileName($_)).Contains('mscor')}


Re: working on a specific registry entry

Postby Thufir » Thu, 22 May 2008 07:19:47 GMT

$key = all the SharedDLL's, or just one?

this returns the file info of the SharedDLL's?



Re: working on a specific registry entry

Postby Jon » Thu, 22 May 2008 15:18:38 GMT

All the shared DLLs. Everything you see in the right pane when clicking the 
key in the left pane within regedit.

It returns those entries there containing 'mscor' in their name.

It doesn't actually touch the file itself. It just parses the path like a 
string, and examines the relevant info - in this particular case the 


Re: working on a specific registry entry

Postby Thufir » Fri, 23 May 2008 06:33:45 GMT

Ok, I understand.  What I wanted to do was to go at it from the
opposite direction, to each entry which has "foo.dll" in the entry.

Re: working on a specific registry entry

Postby Thufir » Fri, 23 May 2008 06:35:22 GMT

Ok, I understand.  What I wanted to do was to go at it from the
opposite direction, to find each entry which has "foo.dll" in the

Re: working on a specific registry entry

Postby Thufir » Fri, 23 May 2008 06:39:08 GMT


What I wanted to do was to go at it from the opposite direction, to
find each entry which has "foo.dll" in the entry. Rather than:


how could all of the hives, in their entirety, be searched?



Re: working on a specific registry entry

Postby Jon » Fri, 23 May 2008 07:14:44 GMT

To process the data in the entry, you could use something like ....

$key = Get-Item "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs"

foreach ($ValueKey in $key.GetValueNames()) {
 if ($Key.GetValue($ValueKey) -eq 4096) {$ValueKey}

There are better tools around to search all the hives in their entirety. 
You'd be sitting there a long time otherwise I would suspect. I wouldn't 
personally recommend Powershell for that.

This is one such tool, which is pretty good...



Re: working on a specific registry entry

Postby Flowering Weeds » Sat, 24 May 2008 05:28:39 GMT


Well if one is going to run and learn another
process well then perhaps try the free IIS's
Microsoft's (local or remote) data parser,
Log Parser 2.2 (with built-in Microsoft
ChartSpace chart maker)!

Log Parser parses almost anything in
almost any Windows language. If Log
Parse doesn't parse what one needs
(either via the Log Parser's command
line usage or by Log Parser's scripting
each parsed line field by field) well then
one can add into Log Parser their needed

As for the registry:

LogParser.exe -h -i:reg

Input format: REG (Registry properties)
Returns properties of registry keys and values

Notice: IIS does not need to be running
or installed in order to use Log Parser
for either data parsing or chart making.

Search the Internet
(and this newsgroup)
for usage of:

Microsoft's Log Parser
command line usage,
or fully script enabled
either in COM or .NET
(from the IIS group)

Remember, ever since PowerShell
added HTTP / HTTPS usage (like IIS)
Log Parser became PowerShell's data
parser (like Log Parser is for IIS) too!

Re: working on a specific registry entry

Postby Jon » Sat, 24 May 2008 07:25:46 GMT

Nice plug. Are those flowering weeds legal?


Similar Threads:

1.Registry key entries specific to user

2.CD-ROM drive registry entries "might be corrupted" - Can't get any CD drive to work

My tale starts as I was uninstalling the SONIC DLA program that came with my DVD burner.
I wanted to do this since it kept hijacking the burner before my other normal burning application
could get access, and I don't to use UDF type disks anyway.

Wow and behold, when I booted up the burner was highlighted in device manager with a
yellow exclamation point - and the statement...
Your registry might be corrupted. (Code 19)
Click Troubleshooter to start the troubleshooter for this device.

Uninstalling the driver changes nothing.
Worse - I found an old CD-ROM drive and plugged it into a spare IDE connector on the other
IDE bus (secondary vs primary). It also has the same problem.

The troubleshooter suggests that I run regedit32 (which I don't have on my system) and check
security settings for the enum key. Regedit which I do have does not have any security tab as
suggested in the help message.

So - I am stumped... How can I get the CD-ROM type devices to work again. Any suggestions
would be appreciated.


3.Bluetooth removal (Was: Registry: removed HID entry, mouse not working)

Well, to clear things up, I'm not as confused as before.

Now, I'm still trying to figure out, how to physically getting rid of 
the two drivers I downloaded via Windows update. The problems arose just 

Every time, I put in my USB BT dongle, the drivers sitting somewhere in 
Windows are detected for that device. This is what I was trying - 
deleting the sys files in System32 dir and removing all registry 
entries. Deleting the files seemed to restore the sys files immediately, 
which was/is really strange. I also want to get rid of the Bluetooth 
entry in the system control panel, which I also couldn't get done.
So I also tried to delete the CPL for the control panel entry.

But I was actually just trying. I'm a little desparate on this as you 
can see.

So, after all this crap, system restore really looks like an option. 
Though I'd like to avoid it somehow, but I need a better way, maybe a 
tool to do it for me.

Is safe mode of any good there?


Jonybrv wrote:
> Thanks for the alerting me, Peter.  I do think twice before posting answers. 
> Could you please let me know the mistake that I did in the earlier post ?

4.Registry: removed HID entry, mouse not working

Hi all!

I deleted some HID entry in the registry to get rid of some Bluetooth 
setup remainder, I thought. Now my mouse isn't working anymore. The 
device manager shows the mouse with a yellow exclamation mark sign. 
Clicking the info also tells the device couldn't be started because the 
registry contains a missing or damaged entry.

Is it possible to restore it somehow?


5.Removing Bluetooth and drivers (Was: Registry: removed HID entry, mouse not working)

Jonybrv wrote:
> Come on, Peter. You know how system restore works.  Moreover, I suggested 
> system restore cause the OP had deleted some of the registry entries which 
> caused the mouse not to work.
> After all, it can be undone too. 
> You could help him out with some valid procedure rather we discussed on the 
> quality of the solutions. 

Ah, yup. I still need help. Though the restore worked, I still have the 
following problem:

Whenever I insert my Bluetooth dongle, a number of drivers (*definitely* 
the wrong ones) get detected. Then they install themselves again, along 
with a highly unwanted system control panel. So in all, these drivers 
were not deleted with the system restore.

 From the control panel entry added just then, I read the file names and 
the locations of the driver files. I tried to delete those before 
without success. Either the files were protected (process prevents 
deletion) or the files restored themselves in some way within seconds 
(when trying to move files). <- strange to observe

Is there any safe way to simply make Windows unaware that these drivers 
are not and have ever been on my machine?

Also, I don't know if the registry might be able to restore drivers...???

I wished I had Linux now... I could simply delete the files and begone.

What can I do?



The two drivers from the Bluetooth info have 5 files:

1st one:
- WINDOWS\system32\bthprops.sys

2nd one:
- WINDOWS\system32\bthprops.cpl
- WINDOWS\system32\bthport.sys
- WINDOWS\system32\bthusb.sys
- WINDOWS\system32\fsquirt.sys

6. Hexadecimal Registry Keys and Unwanted Registry Entries

7. Registry Entries - Registry Doctor

8. Hexadecimal Registry Keys and Unwanted Registry Entries

Return to powershell


Who is online

Users browsing this forum: No registered users and 53 guest