There are a few simple ways to acquire this information for .msi's without going line by line through the Uninstall key in the Registry.
First there is the basic wmic method in a command prompt:
wmic product get
This will output a lot of information that is generally hard to look at, but nonetheless shows you the installed programs and their GUIDs if you can muddle your way through it (or output the results to a text file and search from there, which is discussed below)
Second you can simply call only application names and search for the product there, and then run a second command to find its specific GUID.
1) wmic product get name
2) wmic product where name="APPNAME" get Name,Version,IdentifyingNumber
Insert the application name acquired from step one where it says APPNAME (keep the quotes) in step two.
For any of the above commands, you can output them to a text file and or run them for a remote computer on the network.
Output to Text file named InstalledPrograms on C:
wmic product get name > C:\InstalledPrograms.txt
Run wmic command for a remote computer:
wmic /node:COMPUTERNAME {rest of command here}
Replace COMPUTERNAME with the hostname of the machine you want the results from. Don't remove the /node: part.
Here's a neat trick using Powershell to get the information with output in a neat little table. In powershell, run:
get-wmiobject -class Win32_Product | Format-Table IdentifyingNumber, Name, LocalPackage
To do the same only for a remote computer:
get-wmiobject - class Win32_Product -computername COMPUTERNAME | Format-Table IdentifyingNumber, Name, LocalPackage
Replace COMPUTERNAME with the hostname of the machine you want the results from.
This line will return all the subkeys and their registry values for the Uninstall registry key.
Get-ChildItem hklm:\software\Wow6432Node\microsoft\windows\currentversion\uninstall | ForEach-Object {Get-ItemProperty $_.pspath}
Other random but useful commands are listed below.
To get hardware information on a remote system (replace COMPUTERNAME w/ hostname):
systeminfo /s COMPUTERNAME
To see the currently logged on user of a remote system (replace COMPUTERNAME w/ hostname):
wmic /node:COMPUTERNAME ComputerSystem Get Username
To get the IP address of a remote system (replace COMPUTERNAME w/ hostname)
wmic /node:COMPUTERNAME nicconfig get ippaddress
FYI - here are the Uninstall reg key locations:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\CurrentVersion\Uninstall
***Many of these commands can take some time especially if done for a remote machine or if there are a lot of applications in question. You may want to go get a cup of coffee after pressing enter and when you get back you'll have the information you need :) ***
Resources:
http://www.computerhope.com/wmic.htm
http://software-inventory.net/installed-software-audit
https://technet.microsoft.com/en-us/library/dd347651.aspx
http://stackoverflow.com/questions/29937568/how-can-i-find-the-product-guid-of-an-installed-msi-setup
http://betanews.com/2011/01/14/wmic-the-best-command-line-tool-you-ve-never-used/
http://blogs.technet.com/b/askperf/archive/2012/02/17/useful-wmic-queries.aspx
https://technet.microsoft.com/en-us/library/ee176852.aspx
No comments:
Post a Comment
Give my post a +1 or let me know if you found any of my blog content helpful!