Solved

How to parse Windows command line output to find information

Posted on 2014-10-01
6
539 Views
Last Modified: 2014-10-12
I am using "reg query HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL /s" to display registry keys and subkeys.

From that output, I need to find a key with a subkey of DisplayName as "Symantec Endpoint Protection" or any value I choose. The output should be the parent key and/or associated UninstallPath subkey

Background:

I am trying to create a universal uninstall tool for antivirus programs (or atleast symmantec endpoint protection)

SEPprep does not seem to work with v11 even with "RemoveSymantec=Y"

Therefore I had to do it a different way using MSI command line interface (http://www.symantec.com/business/support/index?page=content&id=TECH102470)

It says to navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ and find a value with a subkey DisplayName = Symantec Endpoint Protection, to copy the key into the "msiexec.exe /x [insert key] /passive" command
0
Comment
Question by:scsyeg
  • 3
  • 2
6 Comments
 
LVL 25

Expert Comment

by:Mohammed Khawaja
ID: 40356065
I would suggest you use WMIC product to uninstall the product via a script and also note that you could even implement the uninstall as a Group Policy.  Below is a sample script

if exist c:\symantec-uninstalled.txt goto end
wmic product where "name like 'Symantec Endpoint %%" call uninstall /nointeractive   > c:\symantec-uninstalled.txt
:end

With the script above, once the software is uninstalled, file c:\symantec-uninstalled.txt is created.  Next time the script is run, it checks for the file exits and if so, the script ends.
0
 
LVL 33

Expert Comment

by:it_saige
ID: 40357159
Rob van der Woude wrote an elegant batch script to get the uninstall information:
:: Check command line arguments
IF     "%~1"=="" GOTO Syntax
IF NOT "%~2"=="" GOTO Syntax
ECHO "%~1" | FINDSTR /R /C:"[/?]" >NUL && GOTO Syntax

SETLOCAL ENABLEDELAYEDEXPANSION
SET Count=0
FOR /F "tokens=*" %%A IN ('REG Query HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall /F "%~1" /D /S 2^>NUL ^| FINDSTR /R /B /C:"HKEY_"') DO (
	REG Query "%%~A" /F DisplayName /V /E | FINDSTR /R /I /C:" DisplayName .* .*%~1" >NUL 2>&1
	IF NOT ERRORLEVEL 1 (
		SET /A Count += 1
		FOR /F "tokens=2*" %%B IN ('REG Query "%%~A" /F DisplayName    /V /E 2^>NUL ^| FIND /I " DisplayName "')     DO ECHO Program Name      = %%C
		FOR /F "tokens=2*" %%B IN ('REG Query "%%~A" /F DisplayVersion /V /E 2^>NUL ^| FIND /I " DisplayVersion "')  DO ECHO Program Version   = %%C
		FOR /F "tokens=2*" %%B IN ('REG Query "%%~A" /F InstallDate    /V /E 2^>NUL ^| FIND /I " InstallDate "')     DO (
			SET InstallDate=%%C
			ECHO Install Date      = !InstallDate:~0,4!-!InstallDate:~4,2!-!InstallDate:~6!
		)
		FOR /F "tokens=7 delims=\" %%B IN ("%%~A") DO ECHO Unique Identifier = %%B
		FOR /F "tokens=2*" %%B IN ('REG Query "%%~A" /F UninstallString /V /E ^| FIND /I " UninstallString "') DO ECHO Uninstall String  = %%C
		ECHO.
	)
)

WMIC.EXE Path Win32_Processor Get DataWidth 2>NUL | FIND "64" >NUL
IF ERRORLEVEL 1 (
	ECHO.
	ECHO %Count% programs found
) ELSE (
	SET Count32bit=0
	FOR /F "tokens=*" %%A IN ('REG Query HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall /F "%~1" /D /S 2^>NUL ^| FINDSTR /R /B /C:"HKEY_"') DO (
		REG Query "%%~A" /F DisplayName /V /E | FINDSTR /R /I /C:" DisplayName .* .*%~1" >NUL 2>&1
		IF NOT ERRORLEVEL 1 (
			SET /A Count32bit += 1
			FOR /F "tokens=2*" %%B IN ('REG Query "%%~A" /F DisplayName    /V /E 2^>NUL ^| FIND /I " DisplayName "')     DO ECHO Program Name      = %%C
			FOR /F "tokens=2*" %%B IN ('REG Query "%%~A" /F DisplayVersion /V /E 2^>NUL ^| FIND /I " DisplayVersion "')  DO ECHO Program Version   = %%C
			FOR /F "tokens=2*" %%B IN ('REG Query "%%~A" /F InstallDate    /V /E 2^>NUL ^| FIND /I " InstallDate "')     DO (
				SET InstallDate=%%C
				ECHO Install Date      = !InstallDate:~0,4!-!InstallDate:~4,2!-!InstallDate:~6!
			)
			FOR /F "tokens=7 delims=\" %%B IN ("%%~A") DO ECHO Unique Identifier = %%B
			FOR /F "tokens=2*" %%B IN ('REG Query "%%~A" /F UninstallString /V /E ^| FIND /I " UninstallString "') DO ECHO Uninstall String  = %%C
			ECHO.
		)
	)
	ECHO.
	ECHO     %Count% 64-bit programs and !Count32bit! 32-bit programs found
)

ENDLOCAL
GOTO:EOF


:Syntax
ECHO.
ECHO GetUninstall.bat,  Version 2.00 for Windows Vista and later
ECHO List or search uninstall command lines
ECHO.
ECHO Usage:    GETUNINSTALL.BAT  "filter"
ECHO.
ECHO Where:    "filter"    narrows down the search result to programs whose
ECHO                       uninstall data contains the string "filter"
ECHO.
ECHO Example:  GETUNINSTALL.BAT "Adobe Reader"
ECHO.
ECHO Written by Rob van der Woude
ECHO http://www.robvanderwoude.com

:: Set return code for Windows NT 4 or later
IF "%OS%"=="Windows_NT" COLOR 00

Open in new window


From http://www.robvanderwoude.com/files/getuninstall_w7.txt.

-saige-
0
 

Author Comment

by:scsyeg
ID: 40357409
@Mohammed Khawaja thank you for your response - currently have a little WMIC script of my own, however, I cannot find how to stop it from rebooting the system and scheduling it to reboot after hours. I have clients that have laptops or sporadic schedules to account for that I need to do this remotely from

@Saige thank you for your response - I will test this out and see if I can integrate it with an uninstall command (I'm a linux guy, so if you have suggestions on how to do this in cmd, I'd appreciate it)
0
The New “Normal” in Modern Enterprise Operations

DevOps for the modern enterprise offers many benefits — increased agility, productivity, and more, but digital transformation isn’t easy, especially if you’re not addressing the right issues. Register for the webinar to dive into the “new normal” for enterprise modern ops.

 

Accepted Solution

by:
scsyeg earned 0 total points
ID: 40366273
It seems one of the issues with SEPprep is that 32 bit versions cannot uninstall 64 bit SEP.

With a bit of tweaking of the SEPprep.ini and implementation of proper bit versions, I got it working.

I will keep both of your comments in mind for other applications however. Thank you.
0
 
LVL 25

Expert Comment

by:Mohammed Khawaja
ID: 40366318
There is a better way.  Run the following PowerShell command:

$product = Get-WmiObject -Class Win32_Product | Where-Object { $_.Name -like "xxx"}
$AppGuid = $product.properties["IdentifyingNumber"].value.toString()
MsiExec.exe /norestart /q/x $AppGuid REMOVE=ALL
0
 

Author Closing Comment

by:scsyeg
ID: 40375485
After further investigation, this turned out to be the cleanest solution to the situation (within scope).
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
pass a variable from a list to a batch file using psexec 11 64
Need to combine two scripts 2 33
Batch File search for Drive Letter 8 44
Shell script issue 4 35
If like me you are one who spends a lot of time working and scripting with cmd.exe, sometimes it is handy to be able to quickly view a calendar for a given month and year. This script will quickly do just that!  Save the code posted below to a .bat …
This article will show, step by step, how to integrate R code into a R Sweave document
Learn the basics of modules and packages in Python. Every Python file is a module, ending in the suffix: .py: Modules are a collection of functions and variables.: Packages are a collection of modules.: Module functions and variables are accessed us…
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question