Solved

How to parse Windows command line output to find information

Posted on 2014-10-01
6
519 Views
Last Modified: 2014-10-12
I am using "reg query HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL /s" to display registry keys and subkeys.

From that output, I need to find a key with a subkey of DisplayName as "Symantec Endpoint Protection" or any value I choose. The output should be the parent key and/or associated UninstallPath subkey

Background:

I am trying to create a universal uninstall tool for antivirus programs (or atleast symmantec endpoint protection)

SEPprep does not seem to work with v11 even with "RemoveSymantec=Y"

Therefore I had to do it a different way using MSI command line interface (http://www.symantec.com/business/support/index?page=content&id=TECH102470)

It says to navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ and find a value with a subkey DisplayName = Symantec Endpoint Protection, to copy the key into the "msiexec.exe /x [insert key] /passive" command
0
Comment
Question by:scsyeg
  • 3
  • 2
6 Comments
 
LVL 25

Expert Comment

by:Mohammed Khawaja
ID: 40356065
I would suggest you use WMIC product to uninstall the product via a script and also note that you could even implement the uninstall as a Group Policy.  Below is a sample script

if exist c:\symantec-uninstalled.txt goto end
wmic product where "name like 'Symantec Endpoint %%" call uninstall /nointeractive   > c:\symantec-uninstalled.txt
:end

With the script above, once the software is uninstalled, file c:\symantec-uninstalled.txt is created.  Next time the script is run, it checks for the file exits and if so, the script ends.
0
 
LVL 33

Expert Comment

by:it_saige
ID: 40357159
Rob van der Woude wrote an elegant batch script to get the uninstall information:
:: Check command line arguments
IF     "%~1"=="" GOTO Syntax
IF NOT "%~2"=="" GOTO Syntax
ECHO "%~1" | FINDSTR /R /C:"[/?]" >NUL && GOTO Syntax

SETLOCAL ENABLEDELAYEDEXPANSION
SET Count=0
FOR /F "tokens=*" %%A IN ('REG Query HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall /F "%~1" /D /S 2^>NUL ^| FINDSTR /R /B /C:"HKEY_"') DO (
	REG Query "%%~A" /F DisplayName /V /E | FINDSTR /R /I /C:" DisplayName .* .*%~1" >NUL 2>&1
	IF NOT ERRORLEVEL 1 (
		SET /A Count += 1
		FOR /F "tokens=2*" %%B IN ('REG Query "%%~A" /F DisplayName    /V /E 2^>NUL ^| FIND /I " DisplayName "')     DO ECHO Program Name      = %%C
		FOR /F "tokens=2*" %%B IN ('REG Query "%%~A" /F DisplayVersion /V /E 2^>NUL ^| FIND /I " DisplayVersion "')  DO ECHO Program Version   = %%C
		FOR /F "tokens=2*" %%B IN ('REG Query "%%~A" /F InstallDate    /V /E 2^>NUL ^| FIND /I " InstallDate "')     DO (
			SET InstallDate=%%C
			ECHO Install Date      = !InstallDate:~0,4!-!InstallDate:~4,2!-!InstallDate:~6!
		)
		FOR /F "tokens=7 delims=\" %%B IN ("%%~A") DO ECHO Unique Identifier = %%B
		FOR /F "tokens=2*" %%B IN ('REG Query "%%~A" /F UninstallString /V /E ^| FIND /I " UninstallString "') DO ECHO Uninstall String  = %%C
		ECHO.
	)
)

WMIC.EXE Path Win32_Processor Get DataWidth 2>NUL | FIND "64" >NUL
IF ERRORLEVEL 1 (
	ECHO.
	ECHO %Count% programs found
) ELSE (
	SET Count32bit=0
	FOR /F "tokens=*" %%A IN ('REG Query HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall /F "%~1" /D /S 2^>NUL ^| FINDSTR /R /B /C:"HKEY_"') DO (
		REG Query "%%~A" /F DisplayName /V /E | FINDSTR /R /I /C:" DisplayName .* .*%~1" >NUL 2>&1
		IF NOT ERRORLEVEL 1 (
			SET /A Count32bit += 1
			FOR /F "tokens=2*" %%B IN ('REG Query "%%~A" /F DisplayName    /V /E 2^>NUL ^| FIND /I " DisplayName "')     DO ECHO Program Name      = %%C
			FOR /F "tokens=2*" %%B IN ('REG Query "%%~A" /F DisplayVersion /V /E 2^>NUL ^| FIND /I " DisplayVersion "')  DO ECHO Program Version   = %%C
			FOR /F "tokens=2*" %%B IN ('REG Query "%%~A" /F InstallDate    /V /E 2^>NUL ^| FIND /I " InstallDate "')     DO (
				SET InstallDate=%%C
				ECHO Install Date      = !InstallDate:~0,4!-!InstallDate:~4,2!-!InstallDate:~6!
			)
			FOR /F "tokens=7 delims=\" %%B IN ("%%~A") DO ECHO Unique Identifier = %%B
			FOR /F "tokens=2*" %%B IN ('REG Query "%%~A" /F UninstallString /V /E ^| FIND /I " UninstallString "') DO ECHO Uninstall String  = %%C
			ECHO.
		)
	)
	ECHO.
	ECHO     %Count% 64-bit programs and !Count32bit! 32-bit programs found
)

ENDLOCAL
GOTO:EOF


:Syntax
ECHO.
ECHO GetUninstall.bat,  Version 2.00 for Windows Vista and later
ECHO List or search uninstall command lines
ECHO.
ECHO Usage:    GETUNINSTALL.BAT  "filter"
ECHO.
ECHO Where:    "filter"    narrows down the search result to programs whose
ECHO                       uninstall data contains the string "filter"
ECHO.
ECHO Example:  GETUNINSTALL.BAT "Adobe Reader"
ECHO.
ECHO Written by Rob van der Woude
ECHO http://www.robvanderwoude.com

:: Set return code for Windows NT 4 or later
IF "%OS%"=="Windows_NT" COLOR 00

Open in new window


From http://www.robvanderwoude.com/files/getuninstall_w7.txt.

-saige-
0
 

Author Comment

by:scsyeg
ID: 40357409
@Mohammed Khawaja thank you for your response - currently have a little WMIC script of my own, however, I cannot find how to stop it from rebooting the system and scheduling it to reboot after hours. I have clients that have laptops or sporadic schedules to account for that I need to do this remotely from

@Saige thank you for your response - I will test this out and see if I can integrate it with an uninstall command (I'm a linux guy, so if you have suggestions on how to do this in cmd, I'd appreciate it)
0
DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

 

Accepted Solution

by:
scsyeg earned 0 total points
ID: 40366273
It seems one of the issues with SEPprep is that 32 bit versions cannot uninstall 64 bit SEP.

With a bit of tweaking of the SEPprep.ini and implementation of proper bit versions, I got it working.

I will keep both of your comments in mind for other applications however. Thank you.
0
 
LVL 25

Expert Comment

by:Mohammed Khawaja
ID: 40366318
There is a better way.  Run the following PowerShell command:

$product = Get-WmiObject -Class Win32_Product | Where-Object { $_.Name -like "xxx"}
$AppGuid = $product.properties["IdentifyingNumber"].value.toString()
MsiExec.exe /norestart /q/x $AppGuid REMOVE=ALL
0
 

Author Closing Comment

by:scsyeg
ID: 40375485
After further investigation, this turned out to be the cleanest solution to the situation (within scope).
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to remove superseded packages in windows w60 or w61 installation media (.wim) or online system to prevent unnecessary space. w60 means Windows Vista or Windows Server 2008. w61 means Windows 7 or Windows Server 2008 R2. There are various …
Use this article to create a batch file to backup a Microsoft SQL Server database to a Windows folder.  The folder can be on the local hard drive or on a network share.  This batch file will query the SQL server to get the current date & time and wi…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

861 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now