I have most of the solution to this one already, but I’m having trouble wrapping my head around how to accomplish the final piece. I am writing an analysis that will use WMI to get a list of all of the HotFixes installed on Windows systems.
Here is what I have so far:
if (exists wmi) then ((string value of property “HotFixID” of it, string value of property “Description” of it) of select objects “HotFixID, Description from Win32_QuickFixEngineering” of wmi) else (“N/A”)
The problem is, this is returning a whole bunch of lines that just say “File 1” before it gets to what appear to be the real HotFixes. I would like to exclude those “File 1” lines to clean up the output, unless someone can explain what they actually are.
Thanks!
Oh, of course if there is a better way to get a list of installed HotFixes I’m all for that too.
you can try this, it doesn’t use WMI so it’s much much faster 19ms vs 709ms
if ((name of it =
"Win98" OR name of it =
"WinME") of operating system) then (names of keys whose (exists value
"UninstallString" of it AND (value
"UninstallString" of it as string contains
"RunDll32 advpack.dll,LaunchINFSection")) of key
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall" of registry)
else
if (name of operating system =
"WinNT") then (names of keys whose (exists value
"UninstallString" of it AND (value
"UninstallString" of it as string contains
"hotfix.exe")) of key
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall" of registry)
else
if ((name of it =
"Win2000" OR name of it =
"WinXP" OR name of it =
"WinXP-2003" OR name of it =
"Win2003") of operating system) then (names of keys whose ((exists value
"UninstallString" of it) AND (value
"UninstallString" of it as string contains
"spuninst.exe") AND (name of it as string does not contain
"Service Pack")) of key
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall" of
native registry)
else
if ((name of it =
"WinVista" OR name of it =
"Win2008" OR name of it =
"Win2008R2" OR name of it =
"Win7") of operating system) then (elements of ((set of (
if (exists key
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages" of
native registry) then elements whose (it contains
"KB" AND it does not contain
"_") of ((set of ((substrings before
"~" of substrings after
"for_" of names of keys whose (name of it contains
"for_") of key
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages" of
native registry) as uppercase)) - (set of (
"KB936330";
"KB948465")))
else (nothing)))))
else (
"Not Supported")
As far as your query I get an error
Q: if (exists wmi) then ((string value of property “HotFixID” of it, string value of property “Description” of it) of select objects “HotFixID, Description from Win32_QuickFixEngineering” of wmi) else (“N/A”)
E: Incompatible types.
Q: if (exists wmi) then ((string value of property “HotFixID” of it, string value of property “Description” of it) of select objects “HotFixID, Description from Win32_QuickFixEngineering” of wmi)
as string
else “N/A”
A: KB958830, Update
A: KB971033, Update
A: KB2032276, Security Update
T: 709.216 ms
your query could be changed to exclude the ‘File 1’ depending if its the HotFixID or Description you will need to update the Query
if (exists wmi) then ((string value of property “HotFixID” of it, string value of property “Description” of it) of select objects "HotFixID, Description from Win32_QuickFixEngineering where
Thank you very much for the different options, as well as how to exclude the stuff I didn’t want the way I was doing it. The registry way does seem better.
Sorry about the “as string” part. I caught that but forgot to add it to what I posted.
If I need to lookup this information for a specific computer or computers, using Presentation Debugger, what statement should I add to the following:
if (exists wmi) then ((string value of property “HotFixID” of it, string value of property “Description” of it) of select objects “HotFixID, Description from Win32_QuickFixEngineering” of wmi) as string else “N/A”
I created a property using the following relevance, but it still shows numerous File 1, entries in the result; is there something that I missed, tried to follow what is previously defined; using the following:
if (exists wmi) then ((string value of property “HotFixID” of it, string value of property “InstalledOn” of it) of select objects “HotFixID, InstalledOn from Win32_QuickFixEngineering” of wmi) as string else “N/A”
Give this a try, this is all installed software and version and install data
( concatenation of characters whose ( it >=
"%20" and it <
" ) of it ) of ( item 0 of it &
"|" & item 1 of it &
"|" & item 2 of it &
"|" & item 3 of it ) of ( ( ( (
if it contains
"%00" then ( preceding text of first
"%00" of it )
else it ) of (
if exist value
"Publisher" of it then ( value
"Publisher" of it as string )
else
"<none>" ) ) , value
"DisplayName" of it as string, (
if exist value
"DisplayVersion" of it then ( value
"DisplayVersion" of it as string )
else
"<not specifed>" ) , (
if it =
"" then
"<unknown>"
else ( preceding text of position 4 of it ) &
"/" & ( preceding text of position 2 of following text of position 4 of it ) &
"/" & ( following text of position 6 of it ) ) of ( preceding text of first
"|" of (
if ( exist value
"InstallDate" of it ) then ( ( concatenation
"|" of ( (
if ( it contains ( regex
"(\d\d\d\d)[\/-]?(\d\d)[\/-]?(\d\d)" ) ) then ( ( ( parenthesized part 1 of it ) & ( parenthesized part 2 of it ) & ( parenthesized part 3 of it ) ) of ( first match ( regex
"(\d\d\d\d)[\/-]{0,1}(\d\d)[\/-]{0,1}(\d\d)" ) of it ) )
else (
if ( it contains ( regex
"(\d{1,2})[\/-](\d{1,2})[\/-](\d\d|\d\d\d\d)" ) ) then ( ( year of it as string & month of it as two digits & day_of_month of it as two digits ) of ( ( month ( parenthesized part 1 of it as integer ) & day_of_month ( parenthesized part 2 of it as integer ) & year ( parenthesized part 3 of it as integer ) ) of ( first match ( regex
"(\d{1,2})[\/-](\d{1,2})[\/-](\d\d|\d\d\d\d)" ) of it ) ) )
else (
if ( it contains ( regex
"\w\w\w\s(\w\w\w)\s(\d{1,2})\s\d\d:\d\d:\d\d\s\w\w\w\s(\d{2,4})" ) ) then ( ( year of it as string & month of it as two digits & day_of_month of it as two digits ) of ( ( month ( parenthesized part 1 of it ) & day_of_month ( parenthesized part 2 of it as integer ) & year ( parenthesized part 3 of it as integer ) ) of ( first match ( regex
"\w\w\w\s(\w\w\w)\s(\d{1,2})\s\d\d:\d\d:\d\d\s\w\w\w\s(\d{2,4})" ) of it ) ) )
else (
"<unreadable>" ) ) ) ) of ( value
"InstallDate" of it as string ) ) ) &
"|" )
else ( concatenation
"|" of ( ( year of it as string & month of it as two digits & day_of_month of it as two digits ) of ( unique values of ( ( date ( local time zone ) of creation time of folder ( it ) ) of ( ( ( preceding text of last
"\" of it ) of ( ( ( (
if ( it starts with
"%22" ) then ( preceding text of first
"%22" of following text of first
"%22" of it )
else it ) of (
if ( it contains
"," ) then ( preceding text of first
"," of it )
else ( it ) ) of ( following text of position ( start of first
":\" of it - 1 ) of it ) ) ) of ( ( values of it as string ) whose ( (
if ( it contains
":\" ) then ( ( following text of first
":\" of it ) contains
"\" )
else
false ) and ( ( it as lowercase ) does not contain ( value of variable
"windir" of environment as string as lowercase ) ) and ( it does not contain
"%00" ) ) ) ) ) whose ( it starts with ( regex
"[abcdeABCDE]:.*" ) and exist folder ( it ) and ( ( following text of first
":\" of it ) contains
"\" ) ) ) ) ) ) &
"|" ) ) ) ) of keys whose (
if exist ( value
"DisplayName" of it ) then ( ( ( ( it does not contain
"(KB" ) and ( length of it > 1 ) and ( it does not contain
"%00" ) ) of ( value
"DisplayName" of it as string ) ) and (
if ( exist value
"UninstallString" of it ) then ( ( value
"UninstallString" of it as string ) does not contain
"$" )
else
false ) and ( not exist value
"ReleaseType" of it ) and (
if ( exist value
"HelpLink" of it ) then ( ( value
"HelpLink" of it as string ) does not contain
"/kb/" )
else
true ) )
else
false ) of key
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall" of registry )