PowerShell - Search Registry for any Keyword - All HKey

Save this as a RegistrySearch.ps1, prompts for the word to search, useful when cleaning malicious content or being thorough about cleaning

$pattern = Read-Host "Enter Keyword to Search Entire Registry"

$hives = "HKEY_CLASSES_ROOT","HKEY_CURRENT_USER","HKEY_LOCAL_MACHINE","HKEY_USERS","HKEY_CURRENT_CONFIG"

# Search in registry keys

foreach ($r in $hives) { gci "registry::${r}\" -rec -ea SilentlyContinue | sls "$pattern" }

# Search in registry values

foreach ($r in $hives) { gci "registry::${r}\" -rec -ea SilentlyContinue | % { if((gp $_.PsPath -ea SilentlyContinue) -match "$pattern") { $_.PsPath; $_ | out-string -stream | sls "$pattern" }}}