Search & Delete Registry value

vk.khurava · May 17, 2017, 9:49am

I want to delete below all values from registry, I dont know the key path as its there in many user profile too.

NoWindowsUpdate and DisableWindowsUpdateAccess

Please suggest.

brolly33 · May 17, 2017, 1:58pm

It looks like your DisableWindowsUpdateAccess is in
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate

That one should be an easy reg value check + regset in actionscript.
not exists key “HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate” whose (value “DisableWindowsUpdateAcces” of it = 1) of native registry

regset “[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate]” “DisableWindowsUpdateAcces”=dword:00000001

vk.khurava · May 17, 2017, 3:12pm

No, its everywhere mostly in user profile folder like -

HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies\WindowsUpdate

so its hard to name them & remove them in that way but if we can search value name & delete all found entries from everywhere.

brolly33 · May 17, 2017, 4:31pm

The issue will be that the User registry hive is typically only loaded while the user is logged on, so you can only search for the value for the user(s) that are logged on at the time.

Also, HKEY_CURRENT_USER is a symbolic link to HKEY_USERS* where * indicates a match for all user security IDs (SIDs). HKEY_USERS*\SOFTWARE\Classes is a symbolic link to HKEY_USERS*_Classes.
(Registry Keys Affected by WOW64 - Win32 apps | Microsoft Learn)

Also, the Agent runs as local system, which has a different HKCU hive than the user who is logged into the box.
(https://developer.bigfix.com/relevance/reference/logged-on-user.html#user-key-of-logged-on-user-registry-key)

And actioning can get tricky as well:
https://www.ibm.com/developerworks/community/forums/html/topic?id=77777777-0000-0000-0000-000014747943#77777777-0000-0000-0000-000014747944

This Fixlet sample deals with some of these issues and might be a good starting point for you
https://bigfix.me/fixlet/details/767

This forum posting may also help:

vk.khurava · May 17, 2017, 4:55pm

Hmmm its seems not that easy i guess but if you can share your thought on if you could know why i am doing this… Requirement is when any server go for decommissioning process we need to remove client & set the automatic windows update enabled so that machine can directly connect with Microsoft for their updates.

I am able to set registry entry with AUoptions as 1 and 4 value, also put update service auto and start it in case its stop but after implementing these changes when i am checking manually for windows update its showing network error due that highlighted registry settings.

So question is can we without removing that registry setting can achieve auto windows update.