/build/static/layout/Breadcrumb_cap_w.png

Scripting Question


Removing Registry is just not working

12/07/2017 566 views
Long story short, We ran the intel vulnerability detection tool command line version and it creates a registry key. I'm using custom inventory to pick up the registry key which all works fine. Now I'm trying to delete the key so I can re-run the detection tool again to see who ran the fix. 

Here is the location of the key
HKEY_LOCAL_MACHINE\SOFTWARE\Intel\Setup and Configuration Software\INTEL-SA-00086 Discovery Tool

If I run this in command prompt it works fine
reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Intel\Setup and Configuration Software\INTEL-SA-00086 Discovery Tool\System Status" /v "System Risk" /f

but when I run it as a batch file via script it just doesn't work. I ran it as a logged in user as well still no good. 

How can run this thing?
2 Comments   [ + ] Show comments

Comments

  • You can try with /reg:64 added at the end of your's command as some of the distribution methods are started as 32bit process and registry operations are redirected to the WOW6432Node.
  • In our environment we have successfully used the /reg:64 added at the end to remove registry keys. If you make a script and use Online Shell script with the following:
    reg delete "HKLM\SOFTWARE\Intel\Setup and Configuration Software\INTEL-SA-00086 Discovery Tool\System Status" /v "System Risk" /f /reg:64

    It should work run as local system

Be the first to answer this question

Don't be a Stranger!

Sign up today to participate, stay informed, earn points and establish a reputation for yourself!

Sign up! or login

View more:

Share

 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ