Delete registry key or value via a CMD script?

18

8

How do I edit an already-in-production .cmd script file, in order to have the script delete a certain registry key in the Windows registry?

Firstly, is this even possible, and secondly (if that's not possible), could I create a .reg file and execute that file from with the .cmd file?

From within the .cmd script, it is not working:

del "[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CurrentVersion\SampleKey]"

This method hasn't worked for me either:

cmd "\\networkdrive\regfiles\deleteSampleKey.reg"

Then from within the .reg file:

Windows Registry Editor Version 5.00
[
-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
]

Derek

Posted 2012-01-19T11:11:41.967

Reputation: 181

1using a .reg file, even from a network drive should work fine. If it isn't, then, I expect it is down to UAC or other security measures. – William Hilsum – 2012-03-26T10:56:25.533

Answers

26

I would recommend using the REG command, rather than creating and importing .reg files.

reg delete "HKCU\Some\Registry\Path" /f

or 

reg delete "HKLM\Some\Registry\Path" /f

These commands can be entered directly into the batch (.cmd) file.

Patrick Seymour

Posted 2012-01-19T11:11:41.967

Reputation: 7 662

15

As described here and here by Microsoft under "Removing registry entries", you can remove a key by placing a minus "-" in front of a key like that:

[-HKEY_LOCAL_MACHINE\SOFTWARE\YourSoft\MyKey]

And to remove an entry, place a minus "-" after the = char like that:

[HKEY_LOCAL_MACHINE\SOFTWARE\YourSoft\MyKey]
"MyEntry"=-

Note: Those are only example keys. They won't actually work.

Bruno Bieri

Posted 2012-01-19T11:11:41.967

Reputation: 277

Indeed, it works. – Peter Mortensen – 2016-08-19T10:42:17.563

1

Another reference is How to add, modify, or delete registry subkeys and values by using a .reg file (Microsoft, KB 310516).

– Peter Mortensen – 2016-08-19T10:49:45.523

@Peter Mortensen This is even a more official reference. Thank you for sharing. – Bruno Bieri – 2016-08-23T06:56:31.413

ironically that microsoft support link currently gives "Server Error in '/app/content' Application." – sdjuan – 2017-07-20T13:46:18.543

@sdjuan the Microsoft Support link works again. – Bruno Bieri – 2017-08-14T08:51:48.200

4

I would avoid using another script as you can do this in a .cmd file using the REG commands.

You can do something similar to this:

REG DELETE "HKEY_CURRENT_USER\SOFTWARE\SomeProgram"

If you would like to delete only specific entries then you should add a /v "EntryName" argument after the path to the key. E. g:

REG DELETE "HKEY_CURRENT_USER\SOFTWARE\SomeProgram" /v "EntryName"

Both of these will cause a warning to be issued before deleting the values. To avoid that, you should use the /f argument at the end.

REG DELETE "HKEY_CURRENT_USER\SOFTWARE\SomeProgram" /f

Marko Vejnovic

Posted 2012-01-19T11:11:41.967

Reputation: 66

Thank you. The only place on the net I could find which references a sub key. – square_eyes – 2017-03-23T00:15:21.777

3

I use the following method. This is part of a MRU ripper for Windows XP, that might help. This is the text of a batch file, that is run from CMD or from a shortcut. It creates a registry file using simple echo redirections, then imports it.

REM *** START REGISTRY SHREDDER ***
ECHO CREATING MRU REGISTRY
ECHO .
 ECHO > "%TMP%\MRUKILL.reg" Windows Registry Editor Version 5.00
ECHO >> "%TMP%\MRUKILL.reg" [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Doc Find Spec MRU]
ECHO >> "%TMP%\MRUKILL.reg" [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FindComputerMRU]

REM ***  IMPORT THAT REG TO WIPE OUT THEM KEYS AND VALUES ****
regedit "%TMP%\MRUKILL.reg"

I am not a coder, I just do some batch stuff for myself, so I often can't even read what I wrote, but I would use that as a template for doing something else.

The echos are redirected (>) to a file, with the single > for the first redirection, and >> to append to the same file. The - sign is used to remove a registry entry. It would probably be good to leave off the last line, and view the file it created before importing. Importing can be done silently, but I won't do that myself.

Disclaimer: Because a person can do some serious damage to the system removing registry entries, an disk image backup that can return the system when the system fails is necessary.

Proper permissions, elevations, and some entries in the registry will not just allow the user to destroy them, without setting the permissions, because of their importance.

Here is A "ask the user" part, added just for fun.

ECHO
 REM *** ASK the USER FIRST ***  
ECHO  DO YOU WANT TO DELETE REGISTRY MRUS?
SET /P Choice2=type "Y" to Mangle your registry, - -
ECHO . 
IF /I "%Choice2%"=="Y" GOTO SHREDD
ECHO OK WELL THEN I WON'T
ECHO By By 
   REM *** USER DECIDED AGAINST IT ***
ECHO .
PAUSE
GOTO FINISH

Psycogeek

Posted 2012-01-19T11:11:41.967

Reputation: 8 067

1on Vista + this method will invoke UAC. and user will have to accept or decline this action. Running the script as Admin will bypass that though – Piotr Kula – 2012-01-19T11:27:43.953

1you should not use %USERPROFILE%\Local Settings\Temp, but %TMP%. the former works only on english systems – kinokijuf – 2012-01-19T12:41:05.803

@kinokijuf Feexed, looks much nicer that way too. It was probably set like that to keep it on system disk for me, because I have sent Temps to ramdisk or to data disks at times. – Psycogeek – 2012-01-19T16:08:16.630

1

I'm using Windows 7 and this is what I got through CMD:

Fri 08/08/2014  8:13:51.72 | C:\Users\MrCMD
>reg.exe delete /?

REG DELETE KeyName [/v ValueName | /ve | /va] [/f]

  KeyName    [\\Machine\]FullKey
    Machine  Name of remote machine - omitting defaults to the current machine.
             Only HKLM and HKU are available on remote machines.
    FullKey  ROOTKEY\SubKey
    ROOTKEY  [ HKLM | HKCU | HKCR | HKU | HKCC ]
    SubKey   The full name of a registry key under the selected ROOTKEY.

  ValueName  The value name, under the selected Key, to delete.
             When omitted, all subkeys and values under the Key are deleted.

  /ve        delete the value of empty value name (Default).

  /va        delete all values under this key.

  /f         Forces the deletion without prompt.

Examples:

  REG DELETE HKLM\Software\MyCo\MyApp\Timeout
    Deletes the registry key Timeout and its all subkeys and values

  REG DELETE \\ZODIAC\HKLM\Software\MyCo /v MTU
    Deletes the registry value MTU under MyCo on ZODIAC

Or, I think we can DELETE some keys or MODIFY some values by this algorithm:

  1. Export registry location of keys/values we want to delete/modify into a file (File01.reg).
  2. Edit/modify appropriate key/value and save to new file (File02.reg).
  3. Import that modified file (File02.reg) into Windows Registry.

Reference to EXPORT registry.

Fri 08/08/2014  8:24:53.19 | C:\Users\mardir01
>reg.exe export /?

REG EXPORT KeyName FileName [/y]

  Keyname    ROOTKEY[\SubKey] (local machine only).
    ROOTKEY  [ HKLM | HKCU | HKCR | HKU | HKCC ]
    SubKey   The full name of a registry key under the selected ROOTKEY.

  FileName   The name of the disk file to export.

  /y       Force overwriting the existing file without prompt.

Examples:

  REG EXPORT HKLM\Software\MyCo\MyApp File01.reg
    Exports all subkeys and values of the key MyApp to the file File01.reg

Reference to IMPORT registry.

>reg.exe import /?

REG IMPORT FileName

  FileName  The name of the disk file to import (local machine only).

Examples:

  REG IMPORT File02.reg
    Imports registry entries from the file File02.reg

Brighter ideas for improvement are welcome. :) :) :)

Rhak Kahr

Posted 2012-01-19T11:11:41.967

Reputation: 191

Asked: 2012-01-19T11:11:41.967

Viewed: 238 692 times

Active: 2017-08-14T08:49:59.963