I have the following lines. I am having a hard time concatenating the space in "Window NT". I have tried so many different variant with quotes and double quotes.

$sid= dir hku: | select  -ExpandProperty name

dir hku:\\S-1-5-19\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Devices

There is no key HKU: except if you have created it.

Here is how to accommodate spaces.

dir HKLM:\Software\Microsoft\'Windows NT'\CurrentVersion

You cannot use HKEY_USERS in powershell. In fact this hive is combining multiple hives (from all running users). In general Windows has only 2 general hives - current user and local machine and those are the only one you can browse with powershell.

I see that you want check S-1-5-19 hive (which is local service) you'll need to load the NTUSER.DAT file from c:\Windows\System32\ServiceProfiles\LocalService directory to HKLM registry or HKCU with reg load command and browse it after that.

For an exampl reg load HKLM:\\LocalService c:\Windows\ServiceProfiles\LocalService\NTUSER.DAT will load it in hklm:\\LocalService directory.

You'll need to know that you cannot load this hive on running Windows (it's already loaded). Other way is to run the script under LocalService account and browse hku:\\ PSDrive.

Actually you can create a new drive pointing to that or any other hive.  The drive is just not set up by default as are HKLM and HKCU.

This will map the drive:L

New-PSDrive -Name HKU   -PSProvider Registry -Root Registry::HKEY_USERS

Now we can just enum it with GCI

dir hku:\.Default

or

dir hku:\S-1-5-19

So all is not lost it is just not obvious unless you read the help for the registry provider or read Shay Levy's good blog on this:

http://blogs.microsoft.co.il/scriptfanatic/2010/05/16/quicktip-additional-powershell-registry-drives/