Scanning Registry for ClassIDs

by Nov 7, 2011

The Windows Registry is a repository filled with various Windows settings. Get-ItemProperty can read Registry values and accepts wildcards. So, with Get-ItemProperty, you can create tools to find and extract Registry information.

For example, if you know the name of a DLL and want to know whether it is registered and has a ClassID, here is a function that can retrieve that information:

function Get-ClassID {
  param($fileName = 'vbscript.dll')

  Write-Warning 'May take some time to produce results...'
Get-ItemProperty 'HKLM:\Software\Classes\CLSID\*\InprocServer32' |
  Where-Object { $_.'(Default)' -like "*$FileName" } |
  ForEach-Object { if ($_.PSPath -match '{.*}') { $matches[0] } 

It finds all keys called InprocServer32 that are located one level below the CLSID-key, then checks whether the (Default) value of that key contains the file name you are looking for. A regular expression then extracts the ClassID from the path of the registry key.

Twitter This Tip!
ReTweet this Tip!