Advertisement
Guest User

Untitled

a guest
Oct 3rd, 2015
72
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.66 KB | None | 0 0
  1. function Get-InstalledSoftware {
  2. # .SYNOPSIS
  3. # Get all installed from the Uninstall keys in the registry.
  4. # .DESCRIPTION
  5. # Read a list of installed software from each Uninstall key.
  6. #
  7. # This method provides an alternative to using the WMI class Win32_Product which causes an msi reconfiguration action.
  8. #
  9. # This CmdLet assumes the user is authenticated.
  10. # .PARAMETER ComputerName
  11. # The computer to execute against. By default, Get-InstalledSoftware reads registry keys on the local computer.
  12. # .PARAMETER StartRemoteRegistry
  13. # The script should attempt to start the remote registry service if it is not already running. This parameter will only take effect if the service is not disabled.
  14. # .PARAMETER IncludeLoadedUserHives
  15. # Some software packages, such as DropBox install into a users profile rather than into shared areas. Get-InstalledSoftware can increase the search to include each loaded user hive.
  16. #
  17. # If a registry hive is not loaded it cannot be searched, this is a limitation of this search style.
  18. # .PARAMETER IncludeBlankNames
  19. # By default Get-InstalledSoftware will suppress the display of entries with minimal information. If no DisplayName is set it will be hidden from view. This behaviour may be changed using this parameter.
  20. # .PARAMETER DebugConnection
  21. # By default error messages are suppressed. A large number of errors may be returned by a single device because of the granular nature of registry permissions. This parameter allows the displays of all caught exceptions for debugging purposes.
  22. # .EXAMPLE
  23. # Get-InstalledSoftware
  24. #
  25. # Get the list of installed applications from the local computer.
  26. # .EXAMPLE
  27. # Get-InstalledSoftware -IncludeLoadedUserHives
  28. #
  29. # Get the list of installed applications from the local computer, including each loaded user hive.
  30. # .EXAMPLE
  31. # Get-InstalledSoftware -ComputerName None -DebugConnection
  32. #
  33. # Display all error messages thrown when attempting to audit the specified computer.
  34. # .EXAMPLE
  35. # Get-InstalledSoftware -IncludeBlankNames
  36. #
  37. # Display all results, including those with very limited information.
  38.  
  39. [CmdLetBinding()]
  40. param(
  41. [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)]
  42. [String]$ComputerName = $Env:ComputerName,
  43.  
  44. [Switch]$StartRemoteRegistry,
  45.  
  46. [Switch]$IncludeLoadedUserHives,
  47.  
  48. [Switch]$IncludeBlankNames,
  49.  
  50. [Switch]$DebugConnection
  51. )
  52.  
  53. process {
  54.  
  55. # If the remote registry service is stopped before this script runs it will be stopped again afterwards.
  56. if ($StartRemoteRegistry) {
  57. $ShouldStop = $false
  58. $Service = Get-WmiObject Win32_Service -Filter "Name='RemoteRegistry'" -Computer $ComputerName
  59. If ($Service.State -eq "Stopped" -And $Service.StartMode -ne "Disabled") {
  60. $ShouldStop = $true
  61. $Service.StartService() | Out-Null
  62. }
  63. }
  64.  
  65. # Create an array to hold open base keys. The Uninstall key should be relative and fixed from here.
  66. $BaseKeys = @()
  67.  
  68. if ($IncludeLoadedUserHives) {
  69. try {
  70. $BaseKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey("Users", $ComputerName)
  71. } catch [Exception] {
  72. if ($DebugConnection) {
  73. $Message = $_.Exception.Message -replace "`n"
  74. Write-Error "ComputerName: $ComputerName :: $Message :: Users"
  75. }
  76. }
  77.  
  78. if ($?) {
  79. $BaseKey.GetSubKeyNames() | ForEach-Object {
  80. $SubKeyName = $_
  81. try {
  82. $BaseKeys += $BaseKey.OpenSubKey($SubKeyName)
  83. } catch [Exception] {
  84. if ($DebugConnection) {
  85. $Message = $_.Exception.Message -replace "`n"
  86. Write-Error "ComputerName: $ComputerName :: $Message :: $SubKeyName"
  87. }
  88. }
  89. }
  90. }
  91. }
  92.  
  93. # Connect to the base key
  94. try {
  95. $BaseKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey("LocalMachine", $ComputerName)
  96. } catch [Exception] {
  97. if ($DebugConnection) {
  98. $Message = $_.Exception.Message -replace "`n"
  99. Write-Error "ComputerName: $ComputerName :: $Message :: LocalMachine"
  100. }
  101. }
  102. if ($?) {
  103. $BaseKeys += $BaseKey
  104. }
  105.  
  106. # Begin reading package information from the registry
  107. $Packages = @{}
  108. $BaseKeys | ForEach-Object {
  109. $BaseKey = $_
  110.  
  111. # Uninstall keys relative to each base.
  112. "Software\Microsoft\Windows\CurrentVersion\Uninstall", "Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall" | ForEach-Object {
  113. $UninstallKeyString = $_
  114. try {
  115. $UninstallKey = $BaseKey.OpenSubKey($UninstallKeyString)
  116. } catch [Exception] {
  117. if ($DebugConnection) {
  118. $Message = $_.Exception.Message -replace "`n"
  119. Write-Error "ComputerName: $ComputerName :: $Message :: LocalMachine\$UninstallKeyString"
  120. }
  121. }
  122. if ($? -and $UninstallKey) {
  123. $UninstallKey.GetSubKeyNames() | ForEach-Object {
  124. $SubKeyName = $_
  125. $UninstallKey.OpenSubKey($_) | ForEach-Object {
  126. # Create a new record for this package
  127. if ($Packages.Contains($SubKeyName)) {
  128. [Array]$Packages[$SubKeyName].RegistryKeys += "$($BaseKey.ToString())\$UninstallKeyString"
  129. } else {
  130. $DateString = $_.GetValue("InstallDate"); $InstallDate = $null
  131. if ($DateString) {
  132. $InstallDate = [DateTime]::ParseExact($DateString, "yyyyMMdd", [Globalization.CultureInfo]::CurrentCulture)
  133. }
  134.  
  135. $Package = New-Object PsObject -Property ([Ordered]@{
  136. ComputerName = $ComputerName;
  137. Name = $_.GetValue("DisplayName");
  138. DisplayVersion = $_.GetValue("DisplayVersion");
  139. InstallDate = $InstallDate;
  140. InstallLocation = $_.GetValue("InstallLocation");
  141. HelpLink = $_.GetValue("HelpLink");
  142. Publisher = $_.GetValue("Publisher");
  143. UninstallString = $_.GetValue("UninstallString");
  144. URLInfoAbout = $_.GetValue("URLInfoAbout");
  145. KeyName = $SubKeyName;
  146. RegistryKeys = "$($BaseKey.ToString())\$UninstallKeyString";
  147. InstalledAs = "";
  148. })
  149.  
  150. $Packages.Add($SubKeyName, $Package)
  151. }
  152. }
  153. }
  154. }
  155. }
  156. }
  157.  
  158. # Attempt to resolve SID strings to something a bit more friendly. This method is a bit limited.
  159. $InstalledAs = @{}
  160. $Packages.Values |
  161. ForEach-Object { $_.RegistryKeys } |
  162. Select-Object -Unique |
  163. ForEach-Object {
  164. if ($_ -match '^HKEY_LOCAL_MACHINE') {
  165. if ($_ -match 'Wow6432Node') {
  166. $InstalledAs.Add($_, "LocalMachine\64Bit")
  167. } else {
  168. $InstalledAs.Add($_, "LocalMachine\32Bit")
  169. }
  170. } elseif ($_ -match '^HKEY_USERS\\(?<SID>[^\\]+)') {
  171. $NTAccount = (New-Object Security.Principal.SecurityIdentifier $matches.SID).Translate([Security.Principal.NTAccount]).Value
  172. if ($NTAccount) {
  173. $InstalledAs.Add($_, $NTAccount)
  174. } else {
  175. $InstalledAs.Add($_, $matches.SID)
  176. }
  177. }
  178. }
  179. $Packages.Keys | ForEach-Object {
  180. $Packages[$_].InstalledAs = ($Packages[$_].RegistryKeys | ForEach-Object { $InstalledAs[$_] })
  181. }
  182.  
  183. # Stop the remote registry service if required
  184. if ($StartRemoteRegistry -and $ShouldStop) {
  185. $Service.StopService() | Out-Null
  186. }
  187.  
  188. # Output filtering
  189. if ($IncludeBlankNames) {
  190. return $Packages.Values
  191. } else {
  192. return ($Packages.Values | Where-Object Name)
  193. }
  194. }
  195. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement