Registry Search and Delete Tool

[Guest stven]

I found a post from Holger from last year that did a search and find through the registry that works great. I have been trying to get the script to to a delete at the end of all entries it finds, but the RegDelete needs a little different input than I get with the Search. What isn't working, any suggestions???? Here is the code without any of my garbage that I've been trying to make work. I've added a string Value to my registry called Test, and then gave the value the data of Stevie. It finds it, but I haven't been able to get it to delete it.

Global $regarr[1000][3]; -> maybe put bigger with "redim" in the RegToArr-function

;means [what][subkey][foundin] -> ["key"][subkey][...] or ["value"][subkey][...] or ["valuevalue"][subkey][...]

Global $arridx = 0

$searchstring = "stevie"

RegSearch("HKEY_LOCAL_MACHINE")

;RegSearch("HKEY_USERS")

For $idx = 1 To $regarr[0][0]

Msgbox(0,"",$regarr[$idx][0] & @LF & $regarr[$idx][1] & "" & $regarr[$idx][2])

RegDelete($regarr[$idx][1],$regarr[$idx][2])

Next

$regarr = 0

Exit

Func RegSearch($subreg)

Local $subreg, $idx, $subidx, $regkey, $regkeyname, $regkeyvalue, $regvalue

$idx = 1

While 1

$regkey = RegEnumKey($subreg,$idx)

If @error = -1 Or @error = 1 Then ExitLoop

If StringInStr($regkey,$searchstring) > 0 Then RegToArr("key",$subreg,$regkey)

$regkeyname = $subreg & "\" & $regkey

$subidx = 1

While 1

$regkeyvalue = RegEnumVal($regkeyname,$subidx)

If @error = -1 Or @error = 1 Then ExitLoop

If StringInStr($regkeyvalue,$searchstring) > 0 Then RegToArr("value",$regkeyname,$regkeyvalue)

$regvalue = RegRead($regkeyname,$regkeyvalue)

;If $regvalue <> 1 And StringInStr($regvalue,$searchstring) > 0 Then RegToArr("valuevalue",$regkeyname,$regvalue)

If $regvalue <> 1 And StringInStr($regvalue,$searchstring) > 0 Then RegToArr("valuevalue",$regkeyname & "\" & $regkeyvalue,$regvalue)

$subidx = $subidx + 1

WEnd

RegSearch($regkeyname)

$idx = $idx + 1

;Sleep(1); better set to reduce cpu like Regedit does

WEnd

EndFunc

Func RegToArr($string,$key,$value)

$arridx = $arridx + 1

If $arridx = (UBound($regarr) - 1) Then Redim $regarr[$arridx + 26][3]; 25 more array-fields

$regarr[0][0] = $arridx

$regarr[$arridx][0] = $string

$regarr[$arridx][1] = $key

$regarr[$arridx][2] = $value

EndFunc

[ozbob]

I found a post from Holger from last year that did a search and find through the registry that works great.  I have been trying to get the script to to a delete at the end of all entries it finds, but the RegDelete needs a little different input than I get with the Search.  What isn't working, any suggestions????  Here is the code without any of my garbage that I've been trying to make work.  I've added a string Value to my registry called Test, and then gave the value the data of Stevie.  It finds it, but I haven't been able to get it to delete it.

I have added some functionality and adjusted the script to delete all registry keys/references to the search requested. The only issue that might occur is when a regkey data value contains the search key in which the whole will be deleted.

Here is the script:

expandcollapse popup

Global $regarr[1000][3]; -> maybe put bigger with "redim" in the RegToArr-function
;means [what][subkey][foundin] -> ["key"][subkey][...] or ["value"][subkey][...] or ["valuevalue"][subkey][...]
Global $arridx = 0, $RegSection, $Search


$Params = $CMDLine[0]
If $Params = 2 Then 
    If $CMDLine[2] <> "" Then
        Delete()
    EndIf
EndIf   
Error()
Exit 

Func Error()
    SplashTextOn("Error", "Wrong parameters reg2kill.exe [Regsection] [Searchkey]", 400,50, 400, 50, 4, "", 9)
    Sleep(3000)
    SplashOff()
EndFunc

Func Delete()
        Select
        Case $CmdLine[1] = "ALL"
            RegSearch ( "HKEY_CLASSES_ROOT", StringUpper ( $CmdLine[2]) )
            RegSearch ( "HKEY_CURRENT_USER", StringUpper ( $CmdLine[2] ))
            RegSearch ( "HKEY_LOCAL_MACHINE", StringUpper ( $CmdLine[2] ))  
            RegSearch ( "HKEY_USER", StringUpper ( $CmdLine[2] ))
            RegSearch ( "HKEY_CURRENT_CONFIG", StringUpper ( $CmdLine[2] ))
            RegDel()    
        Case $CmdLine[1] = "HKEY_CLASSES_ROOT"
            RegSearch ( "HKEY_CLASSES_ROOT", StringUpper ( $CmdLine[2] ))
            RegDel()
        Case $CmdLine[1] = "HKEY_CURRENT_USER"
            RegSearch ( "HKEY_CURRENT_USER", StringUpper ( $CmdLine[2] ))           
            RegDel()
        Case $CmdLine[1] = "HKEY_LOCAL_MACHINE"
            RegSearch ( "HKEY_LOCAL_MACHINE",StringUpper (  $CmdLine[2] ))          
            RegDel()
        Case $CmdLine[1] = "HKEY_USER"
            RegSearch ( "HKEY_USER",StringUpper (  $CmdLine[2] ))           
            RegDel()
        Case $CmdLine[1] = "HKEY_CURRENT_CONFIG"    
            RegSearch ( "HKEY_CURRENT_CONFIG",StringUpper (  $CmdLine[2] ))             
            RegDel()
        Case Else
            Error()
        EndSelect
Exit
EndFunc


Func Regdel()
    $file = FileOpen("C:\Reg2Kill.Log", 1)

For $idx = 1 To $regarr[0][0]
;Msgbox(0,"",$regarr[$idx][0] & @LF & $regarr[$idx][1] & "\" & $regarr[$idx][2])
;RegDelete($regarr[$idx][1],$regarr[$idx][2])
    If $regarr[$idx][0] = "key" Then
        $error = RegDelete ( $regarr[$idx][1] & "\" & $regarr[$idx][2] )
        If $Error = "2" then FileWriteLine ( $file, "Error deleting registry key: " & $regarr[$idx][1] & "\" & $regarr[$idx][2] )
        If $Error = "1" then FileWriteLine ( $file, "Success deleting registry key: " & $regarr[$idx][1] & "\" & $regarr[$idx][2] ) 
    EndIf       
    If $regarr[$idx][0] = "valuename" Then  
        $error = RegDelete ( $regarr[$idx][1] , $regarr[$idx][2] )
        If $Error = "2" then FileWriteLine ( $file, "Error deleting registry key: " & $regarr[$idx][1] & "\" & $regarr[$idx][2] )
        If $Error = "1" then FileWriteLine ( $file, "Success deleting registry key: " & $regarr[$idx][1] & "\" & $regarr[$idx][2] ) 
    EndIf       
    If $regarr[$idx][0] = "valuedata" Then  
        $keyname = StringMid ( $regarr[$idx][1], 1, StringInstr ( $regarr[$idx][1] , "\", 0, -1 ) - 1)
        $valuename = StringMid ( $regarr[$idx][1],StringInstr ( $regarr[$idx][1] , "\", 0, -1 ) + 1)    
        If StringInStr ( $regarr[$idx][2] , "," ) Then 
            
        Else    
            $error = RegDelete ( $keyname, $valuename )
            If $Error = "2" then FileWriteLine ( $file, "Error deleting registry key: " & $keyname & "\" & $valuename )
            If $Error = "1" then FileWriteLine ( $file, "Success deleting registry key: " & $keyname & "\" & $valuename )
        EndIf       
    EndIf   
Next
FileClose($file)
$regarr = 0
Exit
EndFunc

Func RegSearch($subreg,$searchstring)
Local $subreg, $idx, $subidx, $regkey, $regkeyname, $regkeyvalue, $regvalue, $searchstring
$idx = 1
While 1
$regkey = RegEnumKey($subreg,$idx)
If @error = -1 Or @error = 1 Then ExitLoop
If StringInStr($regkey,$searchstring) > 0 Then RegToArr("key",$subreg,$regkey)
$regkeyname = $subreg & "\" & $regkey
$subidx = 1
While 1
$regkeyvalue = RegEnumVal($regkeyname,$subidx)
If @error = -1 Or @error = 1 Then ExitLoop
If StringInStr($regkeyvalue,$searchstring) > 0 Then RegToArr("valuename",$regkeyname,$regkeyvalue)
$regvalue = RegRead($regkeyname,$regkeyvalue)
;If $regvalue <> 1 And StringInStr($regvalue,$searchstring) > 0 Then RegToArr("valuevalue",$regkeyname,$regvalue)
If $regvalue <> 1 And StringInStr($regvalue,$searchstring) > 0 Then RegToArr("valuedata",$regkeyname & "\" & $regkeyvalue,$regvalue)

$subidx = $subidx + 1
WEnd
RegSearch($regkeyname,$searchstring)
$idx = $idx + 1
;Sleep(1); better set to reduce cpu like Regedit does
WEnd
EndFunc

Func RegToArr($string,$key,$value)
$arridx = $arridx + 1
If $arridx = (UBound($regarr) - 1) Then Redim $regarr[$arridx + 26][3]; 25 more array-fields
$regarr[0][0] = $arridx
$regarr[$arridx][0] = $string
$regarr[$arridx][1] = $key
$regarr[$arridx][2] = $value
EndFunc

Edited July 15, 2005 by Larry

[LxP]

This post has been edited by Larry: Yesterday, 11:24 PM

What the??

[GValdes]

I have added some functionality and adjusted the script to delete all registry keys/references to the search requested. The only issue that might occur is when a regkey data value contains the search key in which the whole will be deleted.

Here is the script:

expandcollapse popup

Global $regarr[1000][3]; -> maybe put bigger with "redim" in the RegToArr-function
;means [what][subkey][foundin] -> ["key"][subkey][...] or ["value"][subkey][...] or ["valuevalue"][subkey][...]
Global $arridx = 0, $RegSection, $Search
$Params = $CMDLine[0]
If $Params = 2 Then 
    If $CMDLine[2] <> "" Then
        Delete()
    EndIf
EndIf    
Error()
Exit 

Func Error()
    SplashTextOn("Error", "Wrong parameters reg2kill.exe [Regsection] [Searchkey]", 400,50, 400, 50, 4, "", 9)
    Sleep(3000)
    SplashOff()
EndFunc

Func Delete()
        Select
        Case $CmdLine[1] = "ALL"
            RegSearch ( "HKEY_CLASSES_ROOT", StringUpper ( $CmdLine[2]) )
            RegSearch ( "HKEY_CURRENT_USER", StringUpper ( $CmdLine[2] ))
            RegSearch ( "HKEY_LOCAL_MACHINE", StringUpper ( $CmdLine[2] ))    
            RegSearch ( "HKEY_USER", StringUpper ( $CmdLine[2] ))
            RegSearch ( "HKEY_CURRENT_CONFIG", StringUpper ( $CmdLine[2] ))
            RegDel()    
        Case $CmdLine[1] = "HKEY_CLASSES_ROOT"
            RegSearch ( "HKEY_CLASSES_ROOT", StringUpper ( $CmdLine[2] ))
            RegDel()
        Case $CmdLine[1] = "HKEY_CURRENT_USER"
            RegSearch ( "HKEY_CURRENT_USER", StringUpper ( $CmdLine[2] ))            
            RegDel()
        Case $CmdLine[1] = "HKEY_LOCAL_MACHINE"
            RegSearch ( "HKEY_LOCAL_MACHINE",StringUpper (  $CmdLine[2] ))            
            RegDel()
        Case $CmdLine[1] = "HKEY_USER"
            RegSearch ( "HKEY_USER",StringUpper (  $CmdLine[2] ))            
            RegDel()
        Case $CmdLine[1] = "HKEY_CURRENT_CONFIG"    
            RegSearch ( "HKEY_CURRENT_CONFIG",StringUpper (  $CmdLine[2] ))                
            RegDel()
        Case Else
            Error()
        EndSelect
Exit
EndFunc
Func Regdel()
    $file = FileOpen("C:\Reg2Kill.Log", 1)

For $idx = 1 To $regarr[0][0]
;Msgbox(0,"",$regarr[$idx][0] & @LF & $regarr[$idx][1] & "\" & $regarr[$idx][2])
;RegDelete($regarr[$idx][1],$regarr[$idx][2])
    If $regarr[$idx][0] = "key" Then
        $error = RegDelete ( $regarr[$idx][1] & "\" & $regarr[$idx][2] )
        If $Error = "2" then FileWriteLine ( $file, "Error deleting registry key: " & $regarr[$idx][1] & "\" & $regarr[$idx][2] )
        If $Error = "1" then FileWriteLine ( $file, "Success deleting registry key: " & $regarr[$idx][1] & "\" & $regarr[$idx][2] )    
    EndIf        
    If $regarr[$idx][0] = "valuename" Then    
        $error = RegDelete ( $regarr[$idx][1] , $regarr[$idx][2] )
        If $Error = "2" then FileWriteLine ( $file, "Error deleting registry key: " & $regarr[$idx][1] & "\" & $regarr[$idx][2] )
        If $Error = "1" then FileWriteLine ( $file, "Success deleting registry key: " & $regarr[$idx][1] & "\" & $regarr[$idx][2] )    
    EndIf        
    If $regarr[$idx][0] = "valuedata" Then    
        $keyname = StringMid ( $regarr[$idx][1], 1, StringInstr ( $regarr[$idx][1] , "\", 0, -1 ) - 1)
        $valuename = StringMid ( $regarr[$idx][1],StringInstr ( $regarr[$idx][1] , "\", 0, -1 ) + 1)    
        If StringInStr ( $regarr[$idx][2] , "," ) Then 
            
        Else    
            $error = RegDelete ( $keyname, $valuename )
            If $Error = "2" then FileWriteLine ( $file, "Error deleting registry key: " & $keyname & "\" & $valuename )
            If $Error = "1" then FileWriteLine ( $file, "Success deleting registry key: " & $keyname & "\" & $valuename )
        EndIf        
    EndIf    
Next
FileClose($file)
$regarr = 0
Exit
EndFunc

Func RegSearch($subreg,$searchstring)
Local $subreg, $idx, $subidx, $regkey, $regkeyname, $regkeyvalue, $regvalue, $searchstring
$idx = 1
While 1
$regkey = RegEnumKey($subreg,$idx)
If @error = -1 Or @error = 1 Then ExitLoop
If StringInStr($regkey,$searchstring) > 0 Then RegToArr("key",$subreg,$regkey)
$regkeyname = $subreg & "\" & $regkey
$subidx = 1
While 1
$regkeyvalue = RegEnumVal($regkeyname,$subidx)
If @error = -1 Or @error = 1 Then ExitLoop
If StringInStr($regkeyvalue,$searchstring) > 0 Then RegToArr("valuename",$regkeyname,$regkeyvalue)
$regvalue = RegRead($regkeyname,$regkeyvalue)
;If $regvalue <> 1 And StringInStr($regvalue,$searchstring) > 0 Then RegToArr("valuevalue",$regkeyname,$regvalue)
If $regvalue <> 1 And StringInStr($regvalue,$searchstring) > 0 Then RegToArr("valuedata",$regkeyname & "\" & $regkeyvalue,$regvalue)

$subidx = $subidx + 1
WEnd
RegSearch($regkeyname,$searchstring)
$idx = $idx + 1
;Sleep(1); better set to reduce cpu like Regedit does
WEnd
EndFunc

Func RegToArr($string,$key,$value)
$arridx = $arridx + 1
If $arridx = (UBound($regarr) - 1) Then Redim $regarr[$arridx + 26][3]; 25 more array-fields
$regarr[0][0] = $arridx
$regarr[$arridx][0] = $string
$regarr[$arridx][1] = $key
$regarr[$arridx][2] = $value
EndFunc

I wish to start apologizing for my English it's not my native language

Now some comments...

Man this is great!!!

Maybe I'm asking a stupid question but is because I start using script today so I'm really a novice.

I'm searching a code like this but instead of delete the items i need to replace the word with another.

The practical application is this, I'm migrating 120 printers from a server to another and I was thinking that the best way for migrate the workstations is replace every call to the old print server in the registry with the new one, so this must be transparent for the users and low cost for the technical support department.

Can U help me?

kind Regards

Gastón