1

我正在寻找使用 PowerShell 禁用启动程序列表。我已经走了这么远,但后来碰壁了。目前,我无法获得第二个启动程序列表,以便像我的第一个一样很好地列出。

function Disable-Startups {
    [CmdletBinding()]
    Param(
        [parameter(DontShow = $true)]
        $32bit = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Run",
        [parameter(DontShow = $true)]
        $32bitRunOnce = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce",
        [parameter(DontShow = $true)]
        $64bit = "HKLM:\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run",
        [parameter(DontShow = $true)]
        $64bitRunOnce = "HKLM:\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce",
        [parameter(DontShow = $true)]
        $currentLOU = "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Run",
        [parameter(DontShow = $true)]
        $currentLOURunOnce = "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce"
    )

    Begin {
        $disableList = @(
            "iTunesHelper",
            "Cisco AnyConnect Secure Mobility Agent for Windows",
            "Ccleaner Monitoring",
            #"SunJavaUpdateSched",
            "Steam",
            "Discord"
        )
        New-PSDrive -PSProvider Registry -Name HKU -Root HKEY_USERS | Out-Null
        $startups = Get-CimInstance Win32_StartupCommand | Select-Object Name,Location
    }
    Process {
        foreach ($startUp in $startUps){
            if ($startUp.Name -in $disableList){
                $number = ($startUp.Location).IndexOf("\")
                $location = ($startUp.Location).Insert("$number",":")
                Write-Output "Disabling $($startUp.Name) from $location)"
                #Remove-ItemProperty -Path "$location" -Name "$($startUp.name)" 
            }
        }

        $regStartList = Get-ItemProperty -Path $32bit,$32bitRunOnce,$64bit,$64bitRunOnce,$currentLOU,$currentLOURunOnce | Format-List
    }
    End {}
}

所以基本上当$regStartList开始时,我想要每个注册表的每个项目的显示名称和位置,并且我想将所有这些放入一个变量中。但我无法列出这样的好清单

名称 位置
---- --------
OneDriveSetup HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
OneDriveSetup HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
发送到 OneNote 启动
OneDrive HKU\S-1-5-21-3687383513-804626811-2257261628-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
CCleaner 监控 HKU\S-1-5-21-3687383513-804626811-2257261628-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

但是得到这个,即使我跑了。

$regStartList = Get-ItemProperty -Path $32bit,$32bitRunOnce,$64bit,$64bitRunOnce,$currentLOU,$currentLOURunOnce | Select-Object name,location

name location
---- --------

出于某种原因,没有获取位置或名称/显示名称。

编辑:我回答了我自己的问题,但如果有人有更好的问题,请告诉我。

$regStartList = Get-Item -path $32bit,$32bitRunOnce,$64bit,$64bitRunOnce,$currentLOU,$currentLOURunOnce |
    Where-Object {$_.ValueCount -ne 0} | Select-Object  property,name

foreach ($regName in $regStartList.name) {
   $regNumber = ($regName).IndexOf("\")
   $regLocation = ($regName).Insert("$regNumber",":")
   if ($regLocation -like "*HKEY_LOCAL_MACHINE*"){
    $regLocation = $regLocation.Replace("HKEY_LOCAL_MACHINE","HKLM")
    write-host $regLocation
   }
   if ($regLocation -like "*HKEY_CURRENT_USER*"){
    $regLocation = $regLocation.Replace("HKEY_CURRENT_USER","HKCU")
    write-host $regLocation
   }
    foreach($disable in $disableList) {
       if (Get-ItemProperty -Path "$reglocation" -name "$Disable"-ErrorAction SilentlyContinue) {
            Write-host "yeah i exist"
            #Remove-ItemProperty -Path "$location" -Name "$($startUp.name)" -whatif
       }else {write-host "no exist"}
    }   

}
4

2 回答 2

2

至于这个……

出于某种原因,没有获取位置或名称/显示名称。

.. 那是对的

 Get-ItemProperty 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run' | Select-Object -Property *


AutoStartVMA : {2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}
OneDrive     : {2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}
PSPath       : Microsoft.PowerShell.Core\Registry::HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run
PSParentPath : Microsoft.PowerShell.Core\Registry::HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved
PSChildName  : Run
PSDrive      : HKCU
PSProvider   : Microsoft.PowerShell.Core\Registry


Get-ItemProperty 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run' | Get-Member


   TypeName: System.Management.Automation.PSCustomObject

Name         MemberType   Definition                                                                                                                                  
----         ----------   ----------                                                                                                                                  
Equals       Method       bool Equals(System.Object obj)                                                                                                              
GetHashCode  Method       int GetHashCode()                                                                                                                           
GetType      Method       type GetType()                                                                                                                              
ToString     Method       string ToString()                                                                                                                           
AutoStartVMA NoteProperty byte[] AutoStartVMA=System.Byte[]                                                                                                           
OneDrive     NoteProperty byte[] OneDrive=System.Byte[]                                                                                                               
PSChildName  NoteProperty string PSChildName=Run                                                                                                                      
PSDrive      NoteProperty PSDriveInfo PSDrive=HKCU                                                                                                                    
PSParentPath NoteProperty string PSParentPath=Microsoft.PowerShell.Core\Registry::HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved
PSPath       NoteProperty string PSPath=Microsoft.PowerShell.Core\Registry::HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run  
PSProvider   NoteProperty ProviderInfo PSProvider=Microsoft.PowerShell.Core\Registry

OP 更新

我一直在玩弄你的请求,当我看到你的更新时,我正要回帖。

好吧,你问是否有其他方法。所以,这是我在看到你的更新之前想出的。当然,我必须在 Disablelist 中添加一些我必须的项目以显示这两个结果。

#Startup List
function Disable-Startups 
{
    [CmdletBinding()]

    Param
    (
        [parameter(DontShow = $true)]
        $32bit = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Run",
        [parameter(DontShow = $true)]
        $32bitRunOnce = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce",
        [parameter(DontShow = $true)]
        $64bit = "HKLM:\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run",
        [parameter(DontShow = $true)]
        $64bitRunOnce = "HKLM:\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce",
        [parameter(DontShow = $true)]
        $currentLOU = "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Run",
        [parameter(DontShow = $true)]
        $currentLOURunOnce = "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce"
    )

    begin 
    {
        $disableList = @(
        'SecurityHealth'
        'OneDrive',
        'iTunesHelper',
        'Cisco AnyConnect Secure Mobility Agent for Windows',
        'Ccleaner Monitoring',
        #'SunJavaUpdateSched',
        'Steam',
        'Discord'
        )
        New-PSDrive -PSProvider Registry -Name HKU -Root HKEY_USERS | 
        out-null
        $startups = Get-CimInstance Win32_StartupCommand | 
        Select-Object Name,Location
    }
    process 
    {
        Get-Item -path $32bit,$32bitRunOnce,$64bit,$64bitRunOnce,$currentLOU,$currentLOURunOnce |
        Where-Object {$_.ValueCount -ne 0} | 
        Select-Object  @{Name = 'Location';Expression = {$_.name -replace 'HKEY_LOCAL_MACHINE','HKLM' -replace 'HKEY_CURRENT_USER','HKCU'}},
        @{Name = 'Name';Expression = {$_.Property}} | 
        %{
            ForEach($disableListName in $disableList)
            {
                If($_.Name -contains $disableListName)
                { $_ | Select-Object -Property Location,Name }
                Else
                { Write-Warning -Message "$disableListName not found in registry" }
            }
        }
    }
    end {}
}
Clear-Host
Disable-Startups

# Results

WARNING: OneDrive not found in registry
WARNING: iTunesHelper not found in registry
WARNING: Cisco AnyConnect Secure Mobility Agent for Windows not found in registry
WARNING: Ccleaner Monitoring not found in registry
WARNING: Steam not found in registry
WARNING: Discord not found in registry
WARNING: SecurityHealth not found in registry
WARNING: OneDrive not found in registry
WARNING: iTunesHelper not found in registry
WARNING: Cisco AnyConnect Secure Mobility Agent for Windows not found in registry
WARNING: Ccleaner Monitoring not found in registry
WARNING: Steam not found in registry
WARNING: Discord not found in registry
WARNING: SecurityHealth not found in registry
WARNING: iTunesHelper not found in registry
WARNING: Cisco AnyConnect Secure Mobility Agent for Windows not found in registry
WARNING: Ccleaner Monitoring not found in registry
WARNING: Steam not found in registry
WARNING: Discord not found in registry
Location                                           Name                                
--------                                           ----                                
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run {SecurityHealth, MacDrive 10 helper}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run {OneDrive, AutoStartVMA}
于 2018-10-07T22:54:00.157 回答
2

我想出了自己的解决方案。如果有人有更好的主意,请告诉我

$regStartList = Get-Item -path $32bit,$32bitRunOnce,$64bit,$64bitRunOnce,$currentLOU,$currentLOURunOnce |
Where-Object {$_.ValueCount -ne 0} | Select-Object  property,name

foreach ($regName in $regStartList.name) {
   $regNumber = ($regName).IndexOf("\")
   $regLocation = ($regName).Insert("$regNumber",":")
   if ($regLocation -like "*HKEY_LOCAL_MACHINE*"){
    $regLocation = $regLocation.Replace("HKEY_LOCAL_MACHINE","HKLM")
    write-host $regLocation
   }
   if ($regLocation -like "*HKEY_CURRENT_USER*"){
    $regLocation = $regLocation.Replace("HKEY_CURRENT_USER","HKCU")
    write-host $regLocation
   }
    foreach($disable in $disableList) {
       if (Get-ItemProperty -Path "$reglocation" -name "$Disable"-ErrorAction SilentlyContinue) {
            Write-host "yeah i exist"
            #Remove-ItemProperty -Path "$location" -Name "$($startUp.name)" -whatif
       }else {write-host "no exist"}
    }   

}
于 2018-10-08T02:32:50.213 回答