I like:
Getting a Single Registry Entry
If you wish to retrieve a specific entry in a registry key, you can
use one of several possible approaches. This example finds the value
of DevicePath in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
\CurrentVersion.
Using Get-ItemProperty, use the Path parameter to specify the name of
the key, and the Name parameter to specify the name of the DevicePath
entry.
PS> Get-ItemProperty -Path HKLM:\Software\Microsoft\Windows
\CurrentVersion -Name DevicePath
PSPath : Microsoft.PowerShell.Core\Registry::HKEY_LOCAL_MACHINE
\Software\
Microsoft\Windows\CurrentVersion
PSParentPath : Microsoft.PowerShell.Core\Registry::HKEY_LOCAL_MACHINE
\Software\
Microsoft\Windows
PSChildName : CurrentVersion
PSDrive : HKLM
PSProvider : Microsoft.PowerShell.Core\Registry
DevicePath : C:\WINDOWS\inf
This command returns the standard Windows PowerShell properties as
well as the DevicePath property.
http://www.**--****.com/
How would this be combined with the REG QUERY command to find and echo
each entry which has references "foo.dll"?
thanks,
Thufir
working on a specific registry entry
11 posts
• Page 1 of 1
- adsi
- html
- security
- robots
- Visual Studio .Net
- FLASH
- as400
- python
- Microsoft publisher
- javascript
Jump to:
- 1. Suppress output from a command line tool
I'm writing a script that wraps nslookup to gather DNS information from multiple servers so I can confirm that they are in agreement. Unfortunately, when nslookup runs it always returns the following error for each lookup that I can't seem to suppress. *** Can't find server name for address 204.74.113.1: No information How can I get rid of this? Here's a sample NSLookup command that I'm running: nslookup blackbaud.com 204.74.112.1 If you run it, you can see there is plenty of other output, but only the error message is displayed when executed in a script. thanks for the help! -Chris - 2. Help a newbie
I'm trying to learn Powershell (reading Powershell in Action right now) but I am struggling with some of the basics and running out of time for a script I need. I want to find all files with a certain extension on a share and output the results in a nice format that contains the path, name, size in MB, and last access time. So far I have: get-ChildItem -recurse -include a_*.nsf | Out-File -FilePath c: \archives.txt but this doesn't give me all the information I am looking for nor put it in a very nice format. I'm sure if I spend some more time on this I could get it but right now I am in a rush. Thanks for any help. - 3. Hide a Windows form
Hello, I have a powershell app that i'd like to hide/show with a systray icon menu. Unfortunately, My script quits as soon as i call the Hide() method of the form. I'm not really experienced in .NET windows classes, Perhaps the problem doesn't involve powershell at all. If so, feel free to redirect me toward the good group. Here's the main structure of my script : ----- cut here ------ $form = new-object System.Windows.Forms.form $mi = new-object System.Windows.Forms.MenuItem $mi.Index = 0 $mi.Text = "Hide" $mi.add_Click({ $form.hide() }) $cm = new-object System.Windows.Forms.ContextMenu $form.contextMenu = $cm $form.contextMenu.MenuItems.AddRange($mi) $form.ShowInTaskbar = $true $form.set_autosize($true) $form.Text = "My Form" $ni = new-object System.Windows.Forms.NotifyIcon $ni.Icon = New-object System.Drawing.Icon("icon.ico") $NI.ContextMenu = $cm $NI.Text = "Systray Text" $NI.Visible = $True; $timer = New-Object System.Windows.Forms.Timer $timer.Interval = 5000 $timer.add_Tick({ #...doing my treatment }) $timer.Start() $form.showdialog() ----- cut here ------ Any ideas ? Thanks, Pav - 4. split works much different than expected
Hi, I am trying to get the error codes from a file but split seems to work much different than I expect. ie, my file error_log contains: cmd.exe exited on testserver with error code 1603. when I try to do a split ie. $testerr = get-content error_log | where($_ -match "error code"} if ($testerr){ ($one,$two)=$testerr.split("error code") "one: $one, two: $two" } I get really strange output, like: one: ps, two: x . x : ....... Can someone help with split? Thanks,
Next
working on a specific registry entry
by Thufir » Wed, 21 May 2008 18:43:30 GMT
Re: working on a specific registry entry
by Thufir » Wed, 21 May 2008 18:46:51 GMT
[...] something along the lines of: http://www.**--****.com/ but returning the entries which are found by searching through the regedit GUI for "foo.dll" which will find the entries one at a time. thanks, Thufir
Re: working on a specific registry entry
by Jon » Thu, 22 May 2008 02:00:12 GMT
Not sure exactly what you're after, but possibly something like
$key = Get-Item "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs"
$key.GetValueNames() | `
where {([io.path]::GetFileName($_)).Contains('mscor')}
--
Jon
Re: working on a specific registry entry
by Thufir » Thu, 22 May 2008 07:19:47 GMT
$key = all the SharedDLL's, or just one? this returns the file info of the SharedDLL's? thanks, Thufir
Re: working on a specific registry entry
by Jon » Thu, 22 May 2008 15:18:38 GMT
All the shared DLLs. Everything you see in the right pane when clicking the key in the left pane within regedit. It returns those entries there containing 'mscor' in their name. It doesn't actually touch the file itself. It just parses the path like a string, and examines the relevant info - in this particular case the filename. -- Jon
Re: working on a specific registry entry
by Thufir » Fri, 23 May 2008 06:33:45 GMT
Ok, I understand. What I wanted to do was to go at it from the opposite direction, to each entry which has "foo.dll" in the entry.
Re: working on a specific registry entry
by Thufir » Fri, 23 May 2008 06:35:22 GMT
Ok, I understand. What I wanted to do was to go at it from the opposite direction, to find each entry which has "foo.dll" in the entry.
Re: working on a specific registry entry
by Thufir » Fri, 23 May 2008 06:39:08 GMT
[...] What I wanted to do was to go at it from the opposite direction, to find each entry which has "foo.dll" in the entry. Rather than: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion how could all of the hives, in their entirety, be searched? thanks, Thufir
Re: working on a specific registry entry
by Jon » Fri, 23 May 2008 07:14:44 GMT
To process the data in the entry, you could use something like ....
#-------------------
$key = Get-Item "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs"
foreach ($ValueKey in $key.GetValueNames()) {
if ($Key.GetValue($ValueKey) -eq 4096) {$ValueKey}
}
#-------------------
There are better tools around to search all the hives in their entirety.
You'd be sitting there a long time otherwise I would suspect. I wouldn't
personally recommend Powershell for that.
This is one such tool, which is pretty good...
RegScanner
http://www.**--****.com/
--
Jon
Re: working on a specific registry entry
by Flowering Weeds » Sat, 24 May 2008 05:28:39 GMT
"Jon" Well if one is going to run and learn another process well then perhaps try the free IIS's Microsoft's (local or remote) data parser, Log Parser 2.2 (with built-in Microsoft ChartSpace chart maker)! Log Parser parses almost anything in almost any Windows language. If Log Parse doesn't parse what one needs (either via the Log Parser's command line usage or by Log Parser's scripting each parsed line field by field) well then one can add into Log Parser their needed parsing! As for the registry: LogParser.exe -h -i:reg Input format: REG (Registry properties) Returns properties of registry keys and values Notice: IIS does not need to be running or installed in order to use Log Parser for either data parsing or chart making. Search the Internet (and this newsgroup) for usage of: Microsoft's Log Parser command line usage, or fully script enabled either in COM or .NET (from the IIS group) Remember, ever since PowerShell added HTTP / HTTPS usage (like IIS) Log Parser became PowerShell's data parser (like Log Parser is for IIS) too!
Re: working on a specific registry entry
by Jon » Sat, 24 May 2008 07:25:46 GMT
Nice plug. Are those flowering weeds legal? -- Jon
Similar Threads:
1.Registry key entries specific to user
2.CD-ROM drive registry entries "might be corrupted" - Can't get any CD drive to work
My tale starts as I was uninstalling the SONIC DLA program that came with my DVD burner. I wanted to do this since it kept hijacking the burner before my other normal burning application could get access, and I don't to use UDF type disks anyway. Wow and behold, when I booted up the burner was highlighted in device manager with a yellow exclamation point - and the statement... Your registry might be corrupted. (Code 19) Click Troubleshooter to start the troubleshooter for this device. Uninstalling the driver changes nothing. Worse - I found an old CD-ROM drive and plugged it into a spare IDE connector on the other IDE bus (secondary vs primary). It also has the same problem. The troubleshooter suggests that I run regedit32 (which I don't have on my system) and check security settings for the enum key. Regedit which I do have does not have any security tab as suggested in the help message. So - I am stumped... How can I get the CD-ROM type devices to work again. Any suggestions would be appreciated. Thanks...
3.Bluetooth removal (Was: Registry: removed HID entry, mouse not working)
Well, to clear things up, I'm not as confused as before. Now, I'm still trying to figure out, how to physically getting rid of the two drivers I downloaded via Windows update. The problems arose just then. Every time, I put in my USB BT dongle, the drivers sitting somewhere in Windows are detected for that device. This is what I was trying - deleting the sys files in System32 dir and removing all registry entries. Deleting the files seemed to restore the sys files immediately, which was/is really strange. I also want to get rid of the Bluetooth entry in the system control panel, which I also couldn't get done. So I also tried to delete the CPL for the control panel entry. But I was actually just trying. I'm a little desparate on this as you can see. So, after all this crap, system restore really looks like an option. Though I'd like to avoid it somehow, but I need a better way, maybe a tool to do it for me. Is safe mode of any good there? Karsten Jonybrv wrote: > Thanks for the alerting me, Peter. I do think twice before posting answers. > > Could you please let me know the mistake that I did in the earlier post ? > >
4.Registry: removed HID entry, mouse not working
Hi all! I deleted some HID entry in the registry to get rid of some Bluetooth setup remainder, I thought. Now my mouse isn't working anymore. The device manager shows the mouse with a yellow exclamation mark sign. Clicking the info also tells the device couldn't be started because the registry contains a missing or damaged entry. Is it possible to restore it somehow? Karsten
5.Removing Bluetooth and drivers (Was: Registry: removed HID entry, mouse not working)
Jonybrv wrote: > Come on, Peter. You know how system restore works. Moreover, I suggested > system restore cause the OP had deleted some of the registry entries which > caused the mouse not to work. > > After all, it can be undone too. > > You could help him out with some valid procedure rather we discussed on the > quality of the solutions. > Ah, yup. I still need help. Though the restore worked, I still have the following problem: Whenever I insert my Bluetooth dongle, a number of drivers (*definitely* the wrong ones) get detected. Then they install themselves again, along with a highly unwanted system control panel. So in all, these drivers were not deleted with the system restore. From the control panel entry added just then, I read the file names and the locations of the driver files. I tried to delete those before without success. Either the files were protected (process prevents deletion) or the files restored themselves in some way within seconds (when trying to move files). <- strange to observe Is there any safe way to simply make Windows unaware that these drivers are not and have ever been on my machine? Also, I don't know if the registry might be able to restore drivers...??? I wished I had Linux now... I could simply delete the files and begone. What can I do? Karsten PS: The two drivers from the Bluetooth info have 5 files: 1st one: - WINDOWS\system32\bthprops.sys 2nd one: - WINDOWS\system32\bthprops.cpl - WINDOWS\system32\bthport.sys - WINDOWS\system32\bthusb.sys - WINDOWS\system32\fsquirt.sys
6. Hexadecimal Registry Keys and Unwanted Registry Entries
11 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 53 guest