Using Batch file to QUERY registry data

[Bird_FAT]

Hi there,

I've never used a batch file to query a registry entry, So I believe my problem is there!

What I am trying to do is:

1 Look for a registry setting, if found, move to 5, if not, move on
2 Look for another registry setting, if found, move to 6, if not, move on
3 Look for another registry setting, if NOT found, move to 7, if not, move on to 8
4 Look for another registry setting, if found, move to 9
5 run specific uninstaller, when finished, go to 8
6 run specific uninstaller, when finished, go to 8
7 Install specific version of software, go to 8
8 Restart machine
9 Exit

This will be run from the startup folder and will cycle till complete, then delete itself.

Here is the code

Code: [Select]

@ECHO OFF


IF EXIST REG QUERY HKLM\Software\TrendMicro\PC-cillinNTCorp\CurrentVersion\Misc /v ProgramVer /t REG_SZ /d 5.58 GOTO ONE ELSE
IF EXIST REG QUERY HKLM\Software\TrendMicro\PC-cillinNTCorp\CurrentVersion\Misc /v ProgramVer /t REG_SZ /d 8.0 GOTO TWO ELSE
IF NOT EXIST REG QUERY HKLM\Software\TrendMicro\PC-cillinNTCorp\CurrentVersion\Misc /v ProgramVer /t REG_SZ /d 10.0 GOTO THREE
IF EXIST REG QUERY HKLM\Software\TrendMicro\PC-cillinNTCorp\CurrentVersion\Misc /v ProgramVer /t REG_SZ /d 10.0 GOTO FIVE ELSE

:ONE
START /WAIT ".\5.53\CmnUnins.exe"
GOTO FOUR

:TWO
START /WAIT ".\8.0\CmnUnins.exe"
GOTO FOUR

:THREE
START /WAIT ".\10.0\msiexec /a /forcerestart Osce10.msi"
EXIT

:FOUR
START C:\Windows\RUNDLL.EXE user.exe,exitwindowsexec
EXIT

:FIVE
; Need to add in a DEL command for the file in the Startup menu
EXIT
To Test the process, I Changed the first part to:

Code: [Select]

IF NOT EXIST REG QUERY HKLM\Software\TrendMicro\PC-cillinNTCorp\CurrentVersion\Misc /v ProgramVer /t REG_SZ /d 5.58 GOTO ONE ELSE
and

Code: [Select]

:ONE
ECHO IT WORKS
PAUSE EXIT


But it gives me an error

Code: [Select]

Invalid Parameter(s)
QUERY { PROCESS | SESSION | TERMSERVER | USER }
Invalid Parameter(s)
QUERY { PROCESS | SESSION | TERMSERVER | USER }
Is this to do with an incorrect Reg Query? or is it to do with my user rights (Admin)?

Anyone able to help?

(If I post this on any other forums, I will place links here!)

Bird

[Sidewinder]

I'm reasonably certain you cannot use an existence test for whether a registry entry exists or not.

Another approach would be to test the errorlevel.

Code: [Select]

@ECHO OFF

REG QUERY HKLM\Software\TrendMicro\PC-cillinNTCorp\CurrentVersion\Misc /v ProgramVer /t REG_SZ /d 5.58
if not errorlevel 1 goto one
REG QUERY HKLM\Software\TrendMicro\PC-cillinNTCorp\CurrentVersion\Misc /v ProgramVer /t REG_SZ /d 8.0
if not errorlevel 1 GOTO TWO
REG QUERY HKLM\Software\TrendMicro\PC-cillinNTCorp\CurrentVersion\Misc /v ProgramVer /t REG_SZ /d 10.0
if errorlevel 1 GOTO THREE
REG QUERY HKLM\Software\TrendMicro\PC-cillinNTCorp\CurrentVersion\Misc /v ProgramVer /t REG_SZ /d 10.0
if not errorlevel 1 GOTO FIVE 

:ONE
START /WAIT ".\5.53\CmnUnins.exe"
GOTO FOUR

:TWO
START /WAIT ".\8.0\CmnUnins.exe"
GOTO FOUR

:THREE
START /WAIT ".\10.0\msiexec /a /forcerestart Osce10.msi"
EXIT

:FOUR
START C:\Windows\RUNDLL.EXE user.exe,exitwindowsexec
EXIT

:FIVE
; Need to add in a DEL command for the file in the Startup menu
EXIT

Good luck. 

[Bird_FAT]

Now it comes up with the error:

Code: [Select]

Error: Too many command line parameters
BLYAT!

Any clues anyone?

[Sidewinder]

Where are you getting all those reg query switches from? According to reg query /?, the only switches available are /v, /ve and /s.

This line START /WAIT ".\10.0\msiexec /a /forcerestart Osce10.msi" should be START /WAIT ".\10.0\msiexec /a Osce10.msi  /forcerestart"

You might also consider turning on the /passive switch for msiexec. As long as you're writing a batch file, you may not want to be bothered with those pesky interactive prompts.

Try using the /? switch for command line help. There is a wealth of information awaiting you.

 

[Bird_FAT]

Sidewinder,

The switches are from various other boards - and I have used them before - but here they are not working for me now - no idea if they are version specific, or to do with the expanded syntax that can be installed from the server CDs!!??!!

What I am trying (and failing!! GRRR!) to do is basically to find out which version of a program is installed - in this case Trend's Office Scan Client - , then use the correct uninstaller to remove it from the target PC, restart the PC and recheck - if it finds no key, install v10 and finally delete the files from the startup folder.

If you can suggest another way of doing this - I'd be most grateful!

[Sidewinder]

I haven't got those keys on my system, but assuming you typed out the correct keys, you may need to do something like this:

Code: [Select]

@echo off
for /f "skip=4 tokens=1-3*" %%i in ('REG QUERY HKLM\Software\TrendMicro\PC-cillinNTCorp\CurrentVersion\Misc /v ProgramVer') do (
  set pgmVer=%%k
)
echo %pgmVer%

The %%k token will have the version number, the value of which can be persisted by setting a variable to the value of the %%k temporary token.

Hope this helps. 

[Bird_FAT]

The %%k token will have the version number, the value of which can be persisted by setting a variable to the value of the %%k temporary token.

Your going way past my level here! :-) Can you explain a bit further though, as I really would like to understand how to go that next step and setup the variable  -  would I use 'IF / ELSE'?

[Sidewinder]

Code: [Select]

@echo off

reg query hklm\software\trendmicro\pc-cillinntcorp\currentversion\misc /v programver
if errorlevel 1 goto three

for /f "tokens=3" %%i in ('reg query hklm\software\trendmicro\pc-cillinntcorp\currentversion\misc /v programver') do (
  if %%i equ 5.58 goto one
  if %%i equ 8.0  goto two
  if %%i equ 10.0 goto five
  goto three
)

:one
start /wait ".\5.53\cmnunins.exe"
goto four

:two
start /wait ".\8.0\cmnunins.exe"
goto four

:three
start /wait ".\10.0\msiexec /a osce10.msi /forcerestart"
exit

:four
start c:\windows\rundll.exe user.exe,exitwindowsexec
exit

:five
:: need to add in a del command for the file in the startup menu
exit

Based on your original code, I came up with this. I added an extra reg query so the batch file would not error out before it got to the for instruction. You might want to change the target of the goto.

If you run the reg query from the prompt, you'll notice that the version is in the third chunk of data on the last line. I simply skipped the other lines (including the blanks) and extracted the version to do the compares. Run  for /? at the prompt for a detailed explanation.

The directory in :one (5.53) does not match the if statement (5.58). Is there a reason for this?

After uninstalling an older version, why are you skipping over :three and not installing the latest and greatest version? Just curious. 

 

[BC_Programmer]

Where are you getting all those reg query switches from? According to reg query /?, the only switches available are /v, /ve and /s.

The switches he is using were added starting with Windows Vista:

REG QUERY KeyName [/v [ValueName] | /ve] [/s]
          [/f Data [/k] [/d] [/c] [/e]] [/t Type] [/z] [/se Separator]

  KeyName  [\\Machine\]FullKey
           Machine - Name of remote machine, omitting defaults to the
                     current machine. Only HKLM and HKU are available on
                     remote machines
           FullKey - in the form of ROOTKEY\SubKey name
                ROOTKEY - [ HKLM | HKCU | HKCR | HKU | HKCC ]
                SubKey  - The full name of a registry key under the
                          selected ROOTKEY

  /v       Queries for a specific registry key values.
           If omitted, all values for the key are queried.

           Argument to this switch can be optional only when specified
           along with /f switch. This specifies to search in valuenames only.

  /ve      Queries for the default value or empty value name (Default).

  /s       Queries all subkeys and values recursively (like dir /s).

  /se      Specifies the separator (length of 1 character only) in
           data string for REG_MULTI_SZ. Defaults to "\0" as the separator.

  /f       Specifies the data or pattern to search for.
           Use double quotes if a string contains spaces. Default is "*".

  /k       Specifies to search in key names only.

  /d       Specifies the search in data only.

  /c       Specifies that the search is case sensitive.
           The default search is case insensitive.

  /e       Specifies to return only exact matches.
           By default all the matches are returned.

  /t       Specifies registry value data type.
           Valid types are:
             REG_SZ, REG_MULTI_SZ, REG_EXPAND_SZ,
             REG_DWORD, REG_BINARY, REG_NONE
           Defaults to all types.

  /z       Verbose: Shows the numeric equivalent for the type of the valuename.

However, they are listing their OS as XP, which probably explains the error message regarding Too many parameters they got in their original code.