Using Powershell to remove non present network adapters

Question

I'm trying to automate via PowerShell a number of time consuming tasks that I have to preform to make a new VM template, one of which is removing all of the NICs from the VM and cleaning up the Device Manager of non present devices.

After removing the NICs from the VM, I've tried using the following code snippets, which do the same thing, to clean up Device Manager.

wmic nic where "(servicename is null)" delete

 

gwmi win32_networkadapter | ?{$_.ServiceName -eq $null} | rwmi

In both cases I receive the error "Provider is not capable of the attempted operation". Reviewing the event logs for WMI-Activity didn't seem to help: ResultCode = 0x80041024; PossibleCause = Unknown.

Has anyone be able to do something similar that removes the non present devices or is able to find an issue with the above commands?

EDIT: I've tried using DevCon to remove the device, but it seems to only work with present devices. I'm now combing through the registry to see if there is a specific key or set of keys that if removed would remove the NIC from Device Manager.

Answer 1

This one bugged me for a while, and I came up with a bit more of manual approach, but it works, so hopefully this will help others:

1) first make sure your list off devices you're about to purge are correct:

Get-PnpDevice -class net | ? Status -eq Unknown | Select FriendlyName,InstanceId

2) If you're happy with the list of Get-NetAdapters you're about to Kaibosh, run the following:

$Devs = Get-PnpDevice -class net | ? Status -eq Unknown | Select FriendlyName,InstanceId

ForEach ($Dev in $Devs) {
    Write-Host "Removing $($Dev.FriendlyName)" -ForegroundColor Cyan
    $RemoveKey = "HKLM:\SYSTEM\CurrentControlSet\Enum\$($Dev.InstanceId)"
    Get-Item $RemoveKey | Select-Object -ExpandProperty Property | %{ Remove-ItemProperty -Path $RemoveKey -Name $_ -Verbose }
}
Write-Host "Done.  Please restart!" -ForegroundColor Green

NOTE: Your list of adapters at step 1 must ONLY contain adapters you want to purge. If you have extras in there, adjust the filter (? Status -eq XXX, eg: ? FriendlyName -like "Broadcom*") accordingly!

Answer 2

I managed to solve a similar problem thanks to this page. I improved that script a bit and published it through my repo here: removeGhosts.ps1

With this version removing all hidden network devices can be done like this:

$ removeGhosts.ps1 -narrowbyclass Net

This will ask for confirmation for each device before the removal, the -Force option can suppress this behaviour. Without any option the script will remove all hidden devices which sounds like something the questioner also interested in.

Answer 3

This registry key contains all of the hardware settings of the machine within the registry:
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum

First query the present and enabled Network Adapters through WMI and get their PNPDeviceId. This value will tell you which subkey the Network Adapters are located in.

Next query the registry for each subkey and find all of the Adapters. Parse the full registry key to cut down to the same length as the PNPDeviceId values; roughly PCI\VEN_80AD&DEV_15A2&SUBSYS_062D1028&REV_02\2&11483669&0&C9.

Compare the two lists and find any orphaned registry keys. Once found, deleting the registry keys by enumerating the system account will remove the Network Adapter from Device Manager. I used PSExec.exe to run the reg delete command as the system account.

Here is some code to perform what I just explained.

# Declare variables
[string]$regIds = "";
[string]$Orphans = "";
[array]$SubKeys = @();
[array]$RegKeys = @();

# Query the present and enabled Network Adapters for the PNPDeviceId value
[array]$PNPDeviceIds = (gwmi Win32_NetworkAdapter -Filter "NetEnabled = true").PNPDeviceId;
for ($i = 0; $i -lt $PNPDeviceIds.Count; $i++){
    if ($SubKeys -NotContains $($PNPDeviceIds[$i].Split('\')[0] + "\" + $PNPDeviceIds[$i].Split('\')[1])){
        $SubKeys += $($PNPDeviceIds[$i].Split('\')[0] + "\" + $PNPDeviceIds[$i].Split('\')[1]);
}}

# Query the registry for all of the adapters
foreach ($SubKey in $SubKeys){
    [array]$Keys = reg query "hklm\system\currentcontrolset\enum\$SubKey"
    $Keys = $Keys[1..$($Keys.Count -1)];
    $RegKeys += $Keys;
}
# Parse the Keys
for ($i = 0; $i -lt $RegKeys.Count; $i++){ $regIds += "," + $($RegKeys[$i].Split('\')[4..6] -join '\'); }
$regIds = $regIds.TrimStart(",");

# Compare the registry to the present devices
for ($i = 0; $i -lt $regIds.Split(',').Count; $i++){
    if ($PNPDeviceIds -NotContains $regIds.Split(',')[$i]){
        $Orphans += "," + $regIds.Split(',')[$i];
}}
if ($Orphans.Length -gt 0){ $Orphans = $Orphans.TrimStart(","); }

# Delete the non-present devices
foreach ($Orphan in $Orphans)
{
    psexec.exe -s powershell.exe "reg delete 'hklm\system\currentcontrolset\enum\$Orphan'"
}

Answer 4

Some changes in previos script.

# Declare variables
[string]$regIds = "";
[string]$Orphan = "";
[array]$Orphans = @();
[array]$SubKeys = @();
[array]$RegKeys = @();

# Query the present and enabled Network Adapters for the PNPDeviceId value
[array]$PNPDeviceIds = (gwmi Win32_NetworkAdapter -Filter "NetEnabled =     true").PNPDeviceId;
for ($i = 0; $i -lt $PNPDeviceIds.Count; $i++) {
    if ($SubKeys -NotContains $($PNPDeviceIds[$i].Split('\')[0] + "\" + $PNPDeviceIds[$i].Split('\')[1])) {
        $SubKeys += $($PNPDeviceIds[$i].Split('\')[0] + "\" + $PNPDeviceIds[$i].Split('\')[1])
    }
}

# Query the registry for all of the adapters
foreach ($SubKey in $SubKeys) {
    [array]$Keys = reg query "hklm\system\currentcontrolset\enum\$SubKey"
    $Keys = $Keys[1..$($Keys.Count -1)];
    $RegKeys += $Keys
}
# Parse the Keys
for ($i = 0; $i -lt $RegKeys.Count; $i++) {
    $regIds += "," + $($RegKeys[$i].Split('\')[4..6] -join '\');
}
$regIds = $regIds.TrimStart(",")

# Compare the registry to the present devices
for ($i = 0; $i -lt $regIds.Split(',').Count; $i++) {
    if ($PNPDeviceIds -NotContains $regIds.Split(',')[$i]) {
        $Orphan += "," + $regIds.Split(',')[$i]
    }
}

if ($Orphan.Length -gt 0) {

    $Orphan = $Orphan.TrimStart(",")
    # Debug: Write-Host "Orphan.Lenght = "$Orphan.Length

    # Parse into Objects
    for ($i = 0; $i -lt $Orphan.Split(',').Count; $i++) {
        $Orphans += $Orphan.Split(',')[$i]
    }
    # Debug: Write-Host "Orphans = $Orphans    Orphans.Lenght = "$Orphans.Length

    $Orphan = ""

    # Delete the non-present devices
    foreach ($Orphan in $Orphans)
    {
        $Orphan = "HKLM:\System\CurrentControlSet\Enum\" + $Orphan
        Write-Host "You must have Full Rights and You should be Owner" -    ForegroundColor Black -BackgroundColor White
        Write-Host "Deleting KEY: " -NoNewline
        Write-Host $Orphan -ForegroundColor Yellow -NoNewline

        If (Test-Path -Path $Orphan) {
            Remove-Item -Path $Orphan -Force -Recurse -Confirm:$false -ErrorAction     SilentlyContinue
            if (Test-Path -Path $Orphan) {
                Write-Host "   UnSuccsessfully!" -ForegroundColor Red
                Write-Host $Error[0] -ForegroundColor Cyan
            }
            else {
                Write-Host "   Succsessfully!" -ForegroundColor Green
            }
        }
        else {
            Write-Host "   Error! Path does not exist." -ForegroundColor Red
        }
    }
}
else {
    Write-Host "Unused Network Adapters not be found." -ForegroundColor Yellow
}