gpt4 book ai didi

powershell - 禁用启动程序

转载 作者:行者123 更新时间:2023-12-02 03:27:53 26 4
gpt4 key购买 nike

我希望使用 PowerShell 禁用启动程序列表。我已经走了这么远,但后来碰壁了。目前我无法获得第二个启动程序列表来像我的第一个一样好地列出。

function Disable-Startups {
[CmdletBinding()]
Param(
[parameter(DontShow = $true)]
$32bit = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Run",
[parameter(DontShow = $true)]
$32bitRunOnce = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce",
[parameter(DontShow = $true)]
$64bit = "HKLM:\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run",
[parameter(DontShow = $true)]
$64bitRunOnce = "HKLM:\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce",
[parameter(DontShow = $true)]
$currentLOU = "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Run",
[parameter(DontShow = $true)]
$currentLOURunOnce = "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce"
)

Begin {
$disableList = @(
"iTunesHelper",
"Cisco AnyConnect Secure Mobility Agent for Windows",
"Ccleaner Monitoring",
#"SunJavaUpdateSched",
"Steam",
"Discord"
)
New-PSDrive -PSProvider Registry -Name HKU -Root HKEY_USERS | Out-Null
$startups = Get-CimInstance Win32_StartupCommand | Select-Object Name,Location
}
Process {
foreach ($startUp in $startUps){
if ($startUp.Name -in $disableList){
$number = ($startUp.Location).IndexOf("\")
$location = ($startUp.Location).Insert("$number",":")
Write-Output "Disabling $($startUp.Name) from $location)"
#Remove-ItemProperty -Path "$location" -Name "$($startUp.name)"
}
}

$regStartList = Get-ItemProperty -Path $32bit,$32bitRunOnce,$64bit,$64bitRunOnce,$currentLOU,$currentLOURunOnce | Format-List
}
End {}
}

所以基本上当 $regStartList 启动时,我想要每个注册表的每个项目的显示名称和位置,并且我想将所有这些放入一个变量中。但我无法列出这样一个不错的列表

Name                Location----                --------OneDriveSetup       HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOneDriveSetup       HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\RunSend to OneNote     StartupOneDrive            HKU\S-1-5-21-3687383513-804626811-2257261628-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\RunCCleaner Monitoring HKU\S-1-5-21-3687383513-804626811-2257261628-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

But instead get this, even if I run.

$regStartList = Get-ItemProperty -Path $32bit,$32bitRunOnce,$64bit,$64bitRunOnce,$currentLOU,$currentLOURunOnce | Select-Object name,location

name location
---- --------

由于某些原因没有被抓取的位置或名称/显示名称。

编辑:我回答了我自己的问题,但如果有人有更好的问题请告诉我。

$regStartList = Get-Item -path $32bit,$32bitRunOnce,$64bit,$64bitRunOnce,$currentLOU,$currentLOURunOnce |
Where-Object {$_.ValueCount -ne 0} | Select-Object property,name

foreach ($regName in $regStartList.name) {
$regNumber = ($regName).IndexOf("\")
$regLocation = ($regName).Insert("$regNumber",":")
if ($regLocation -like "*HKEY_LOCAL_MACHINE*"){
$regLocation = $regLocation.Replace("HKEY_LOCAL_MACHINE","HKLM")
write-host $regLocation
}
if ($regLocation -like "*HKEY_CURRENT_USER*"){
$regLocation = $regLocation.Replace("HKEY_CURRENT_USER","HKCU")
write-host $regLocation
}
foreach($disable in $disableList) {
if (Get-ItemProperty -Path "$reglocation" -name "$Disable"-ErrorAction SilentlyContinue) {
Write-host "yeah i exist"
#Remove-ItemProperty -Path "$location" -Name "$($startUp.name)" -whatif
}else {write-host "no exist"}
}

}

最佳答案

至于这个……

Some reason there is not a location or name/displayname that gets grabbed.

..这是正确的

 Get-ItemProperty 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run' | Select-Object -Property *


AutoStartVMA : {2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}
OneDrive : {2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}
PSPath : Microsoft.PowerShell.Core\Registry::HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run
PSParentPath : Microsoft.PowerShell.Core\Registry::HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved
PSChildName : Run
PSDrive : HKCU
PSProvider : Microsoft.PowerShell.Core\Registry


Get-ItemProperty 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run' | Get-Member


TypeName: System.Management.Automation.PSCustomObject

Name MemberType Definition
---- ---------- ----------
Equals Method bool Equals(System.Object obj)
GetHashCode Method int GetHashCode()
GetType Method type GetType()
ToString Method string ToString()
AutoStartVMA NoteProperty byte[] AutoStartVMA=System.Byte[]
OneDrive NoteProperty byte[] OneDrive=System.Byte[]
PSChildName NoteProperty string PSChildName=Run
PSDrive NoteProperty PSDriveInfo PSDrive=HKCU
PSParentPath NoteProperty string PSParentPath=Microsoft.PowerShell.Core\Registry::HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved
PSPath NoteProperty string PSPath=Microsoft.PowerShell.Core\Registry::HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run
PSProvider NoteProperty ProviderInfo PSProvider=Microsoft.PowerShell.Core\Registry

OP 更新

我一直在玩弄你的请求,当我看到你的更新时正要回复。

好吧,你问有没有别的办法。所以,这是我在看到您的更新之前想到的。当然,我必须将一些项目添加到禁用列表才能显示这两个结果。

#Startup List
function Disable-Startups
{
[CmdletBinding()]

Param
(
[parameter(DontShow = $true)]
$32bit = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Run",
[parameter(DontShow = $true)]
$32bitRunOnce = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce",
[parameter(DontShow = $true)]
$64bit = "HKLM:\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run",
[parameter(DontShow = $true)]
$64bitRunOnce = "HKLM:\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce",
[parameter(DontShow = $true)]
$currentLOU = "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Run",
[parameter(DontShow = $true)]
$currentLOURunOnce = "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce"
)

begin
{
$disableList = @(
'SecurityHealth'
'OneDrive',
'iTunesHelper',
'Cisco AnyConnect Secure Mobility Agent for Windows',
'Ccleaner Monitoring',
#'SunJavaUpdateSched',
'Steam',
'Discord'
)
New-PSDrive -PSProvider Registry -Name HKU -Root HKEY_USERS |
out-null
$startups = Get-CimInstance Win32_StartupCommand |
Select-Object Name,Location
}
process
{
Get-Item -path $32bit,$32bitRunOnce,$64bit,$64bitRunOnce,$currentLOU,$currentLOURunOnce |
Where-Object {$_.ValueCount -ne 0} |
Select-Object @{Name = 'Location';Expression = {$_.name -replace 'HKEY_LOCAL_MACHINE','HKLM' -replace 'HKEY_CURRENT_USER','HKCU'}},
@{Name = 'Name';Expression = {$_.Property}} |
%{
ForEach($disableListName in $disableList)
{
If($_.Name -contains $disableListName)
{ $_ | Select-Object -Property Location,Name }
Else
{ Write-Warning -Message "$disableListName not found in registry" }
}
}
}
end {}
}
Clear-Host
Disable-Startups

# Results

WARNING: OneDrive not found in registry
WARNING: iTunesHelper not found in registry
WARNING: Cisco AnyConnect Secure Mobility Agent for Windows not found in registry
WARNING: Ccleaner Monitoring not found in registry
WARNING: Steam not found in registry
WARNING: Discord not found in registry
WARNING: SecurityHealth not found in registry
WARNING: OneDrive not found in registry
WARNING: iTunesHelper not found in registry
WARNING: Cisco AnyConnect Secure Mobility Agent for Windows not found in registry
WARNING: Ccleaner Monitoring not found in registry
WARNING: Steam not found in registry
WARNING: Discord not found in registry
WARNING: SecurityHealth not found in registry
WARNING: iTunesHelper not found in registry
WARNING: Cisco AnyConnect Secure Mobility Agent for Windows not found in registry
WARNING: Ccleaner Monitoring not found in registry
WARNING: Steam not found in registry
WARNING: Discord not found in registry
Location Name
-------- ----
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run {SecurityHealth, MacDrive 10 helper}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run {OneDrive, AutoStartVMA}

关于powershell - 禁用启动程序,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/52692879/

26 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com