Reputation: 6958
How to delete a REG_MULTI_SZ via location and data with CMD
I have a batch that goes through and deletes registry entries. So far all but one one of them has been sussed out successfully using CMD.
Let's say we have the following key:
HKCU\Temp
This key has a REG_MULTI_SZ value with an unknown name. We know which key the value is in, and we know the data stored in the value, but not the name of the value. Deleting the entire key (or all values in the key) isn't permissible: we want to delete only the value containing the data that we're looking for.
As an example, suppose we know that the key is HKCU\Temp and the value contains three strings:
This is a test
for
now at least
I've tried a couple different ways to delete this registry entry using CMD, but I'm goofing somewhere. What command would I enter to delete this guy?
Caveat: We cannot assume there aren't other entries at this key that have the same content on the first line. It has to be a full match.
Important comment promoted: "reg delete can only delete keys and values with explicitly specified names, it can't search for data." -wOxxOm
Therefore, you must search the data for a match, and then delete the matching key/value.
Upvotes: 0
Views: 1029
Answers (1)
Reputation: 73576
To search for a multiline string use \0 separator and /e for exact matching, the output will be:
HKEY_CURRENT_USER\Temp
abc REG_MULTI_SZ This is a test\0for\0now at least
End of search: 1 match(es) found.
Let's filter it by "REG_MULTI_SZ", parse the result and delete the value.
Simple method: take the 1st space-separated token, works only for value names without spaces
@echo off for /f "tokens=1,2*" %%a in (' reg query "HKCU\Temp" /d /e /f "This is a test\0for\0now at least" ^| find "REG_MULTI_SZ" ') do ( echo Deleting %%a=%%c reg delete "HKCU\Temp" /v %%a /f ) pauseMore robust method that can also delete variable names with spaces:
@echo off for /f "tokens=*" %%a in (' reg query "HKCU\Temp" /d /e /f "This is a test\0for\0now at least" ^| find "REG_MULTI_SZ" ') do ( setlocal enableDelayedExpansion rem Split set "line=%%a" set "value=!line:*REG_MULTI_SZ=REG_MULTI_SZ!" call set "name=%%line:!value!=%%" rem Trim spaces for /L %%b in (1,1,10) do if "!name:~-1!"==" " set "name=!name:~0,-1!" echo Deleting !name! reg delete "HKCU\Temp" /v "!name!" /f endlocal ) pause
Upvotes: 2
Related Questions
- REG DELETE one value instead of the whole key
- Windows 10 Registry SubKey REG_MULTI_SZ How do I edit just some of the values
- Deleting all registry keys containing or named "string" with Batch
- Batch script to find and delete registry keys and/or values
- How to delete registry strings in specified key if string contains value?
- How to find/delete a string value in the registry based on its value
- Batch file reg delete : how to delete registry key with space in name and backslash ending
- Deleting Registry entries using reg delete
- Deleting a registry beginning with XXX
- How to delete several values in registry