scsyeg
asked on
How to parse Windows command line output to find information
I am using "reg query HKEY_LOCAL_MACHINE\SOFTWAR E\MICROSOF T\WINDOWS\ CURRENTVER SION\UNINS TALL /s" to display registry keys and subkeys.
From that output, I need to find a key with a subkey of DisplayName as "Symantec Endpoint Protection" or any value I choose. The output should be the parent key and/or associated UninstallPath subkey
Background:
I am trying to create a universal uninstall tool for antivirus programs (or atleast symmantec endpoint protection)
SEPprep does not seem to work with v11 even with "RemoveSymantec=Y"
Therefore I had to do it a different way using MSI command line interface (http://www.symantec.com/business/support/index?page=content&id=TECH102470)
It says to navigate to HKEY_LOCAL_MACHINE\SOFTWAR E\Microsof t\Windows\ CurrentVer sion\Unins tall\ and find a value with a subkey DisplayName = Symantec Endpoint Protection, to copy the key into the "msiexec.exe /x [insert key] /passive" command
From that output, I need to find a key with a subkey of DisplayName as "Symantec Endpoint Protection" or any value I choose. The output should be the parent key and/or associated UninstallPath subkey
Background:
I am trying to create a universal uninstall tool for antivirus programs (or atleast symmantec endpoint protection)
SEPprep does not seem to work with v11 even with "RemoveSymantec=Y"
Therefore I had to do it a different way using MSI command line interface (http://www.symantec.com/business/support/index?page=content&id=TECH102470)
It says to navigate to HKEY_LOCAL_MACHINE\SOFTWAR
Rob van der Woude wrote an elegant batch script to get the uninstall information:
From http://www.robvanderwoude.com/files/getuninstall_w7.txt.
-saige-
:: Check command line arguments
IF "%~1"=="" GOTO Syntax
IF NOT "%~2"=="" GOTO Syntax
ECHO "%~1" | FINDSTR /R /C:"[/?]" >NUL && GOTO Syntax
SETLOCAL ENABLEDELAYEDEXPANSION
SET Count=0
FOR /F "tokens=*" %%A IN ('REG Query HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall /F "%~1" /D /S 2^>NUL ^| FINDSTR /R /B /C:"HKEY_"') DO (
REG Query "%%~A" /F DisplayName /V /E | FINDSTR /R /I /C:" DisplayName .* .*%~1" >NUL 2>&1
IF NOT ERRORLEVEL 1 (
SET /A Count += 1
FOR /F "tokens=2*" %%B IN ('REG Query "%%~A" /F DisplayName /V /E 2^>NUL ^| FIND /I " DisplayName "') DO ECHO Program Name = %%C
FOR /F "tokens=2*" %%B IN ('REG Query "%%~A" /F DisplayVersion /V /E 2^>NUL ^| FIND /I " DisplayVersion "') DO ECHO Program Version = %%C
FOR /F "tokens=2*" %%B IN ('REG Query "%%~A" /F InstallDate /V /E 2^>NUL ^| FIND /I " InstallDate "') DO (
SET InstallDate=%%C
ECHO Install Date = !InstallDate:~0,4!-!InstallDate:~4,2!-!InstallDate:~6!
)
FOR /F "tokens=7 delims=\" %%B IN ("%%~A") DO ECHO Unique Identifier = %%B
FOR /F "tokens=2*" %%B IN ('REG Query "%%~A" /F UninstallString /V /E ^| FIND /I " UninstallString "') DO ECHO Uninstall String = %%C
ECHO.
)
)
WMIC.EXE Path Win32_Processor Get DataWidth 2>NUL | FIND "64" >NUL
IF ERRORLEVEL 1 (
ECHO.
ECHO %Count% programs found
) ELSE (
SET Count32bit=0
FOR /F "tokens=*" %%A IN ('REG Query HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall /F "%~1" /D /S 2^>NUL ^| FINDSTR /R /B /C:"HKEY_"') DO (
REG Query "%%~A" /F DisplayName /V /E | FINDSTR /R /I /C:" DisplayName .* .*%~1" >NUL 2>&1
IF NOT ERRORLEVEL 1 (
SET /A Count32bit += 1
FOR /F "tokens=2*" %%B IN ('REG Query "%%~A" /F DisplayName /V /E 2^>NUL ^| FIND /I " DisplayName "') DO ECHO Program Name = %%C
FOR /F "tokens=2*" %%B IN ('REG Query "%%~A" /F DisplayVersion /V /E 2^>NUL ^| FIND /I " DisplayVersion "') DO ECHO Program Version = %%C
FOR /F "tokens=2*" %%B IN ('REG Query "%%~A" /F InstallDate /V /E 2^>NUL ^| FIND /I " InstallDate "') DO (
SET InstallDate=%%C
ECHO Install Date = !InstallDate:~0,4!-!InstallDate:~4,2!-!InstallDate:~6!
)
FOR /F "tokens=7 delims=\" %%B IN ("%%~A") DO ECHO Unique Identifier = %%B
FOR /F "tokens=2*" %%B IN ('REG Query "%%~A" /F UninstallString /V /E ^| FIND /I " UninstallString "') DO ECHO Uninstall String = %%C
ECHO.
)
)
ECHO.
ECHO %Count% 64-bit programs and !Count32bit! 32-bit programs found
)
ENDLOCAL
GOTO:EOF
:Syntax
ECHO.
ECHO GetUninstall.bat, Version 2.00 for Windows Vista and later
ECHO List or search uninstall command lines
ECHO.
ECHO Usage: GETUNINSTALL.BAT "filter"
ECHO.
ECHO Where: "filter" narrows down the search result to programs whose
ECHO uninstall data contains the string "filter"
ECHO.
ECHO Example: GETUNINSTALL.BAT "Adobe Reader"
ECHO.
ECHO Written by Rob van der Woude
ECHO http://www.robvanderwoude.com
:: Set return code for Windows NT 4 or later
IF "%OS%"=="Windows_NT" COLOR 00
From http://www.robvanderwoude.com/files/getuninstall_w7.txt.
-saige-
ASKER
@Mohammed Khawaja thank you for your response - currently have a little WMIC script of my own, however, I cannot find how to stop it from rebooting the system and scheduling it to reboot after hours. I have clients that have laptops or sporadic schedules to account for that I need to do this remotely from
@Saige thank you for your response - I will test this out and see if I can integrate it with an uninstall command (I'm a linux guy, so if you have suggestions on how to do this in cmd, I'd appreciate it)
@Saige thank you for your response - I will test this out and see if I can integrate it with an uninstall command (I'm a linux guy, so if you have suggestions on how to do this in cmd, I'd appreciate it)
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
There is a better way. Run the following PowerShell command:
$product = Get-WmiObject -Class Win32_Product | Where-Object { $_.Name -like "xxx"}
$AppGuid = $product.properties["Ident ifyingNumb er"].value .toString( )
MsiExec.exe /norestart /q/x $AppGuid REMOVE=ALL
$product = Get-WmiObject -Class Win32_Product | Where-Object { $_.Name -like "xxx"}
$AppGuid = $product.properties["Ident
MsiExec.exe /norestart /q/x $AppGuid REMOVE=ALL
ASKER
After further investigation, this turned out to be the cleanest solution to the situation (within scope).
if exist c:\symantec-uninstalled.tx
wmic product where "name like 'Symantec Endpoint %%" call uninstall /nointeractive > c:\symantec-uninstalled.tx
:end
With the script above, once the software is uninstalled, file c:\symantec-uninstalled.tx