代码之家  ›  专栏  ›  技术社区  ›  jsc

禁用启动程序

disable startup registry powershell
  •  0
  • jsc  · 技术社区  · 6 年前

    我想禁用一个使用PowerShell的启动程序列表。我已经走了这么远,但却撞到了墙上。目前,我无法获得第二个启动程序列表,以很好地像我的第一个列表。 

    function Disable-Startups {
    [CmdletBinding()]
    Param(
        [parameter(DontShow = $true)]
        $32bit = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Run",
        [parameter(DontShow = $true)]
        $32bitRunOnce = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce",
        [parameter(DontShow = $true)]
        $64bit = "HKLM:\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run",
        [parameter(DontShow = $true)]
        $64bitRunOnce = "HKLM:\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce",
        [parameter(DontShow = $true)]
        $currentLOU = "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Run",
        [parameter(DontShow = $true)]
        $currentLOURunOnce = "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce"
    )

    Begin {
        $disableList = @(
            "iTunesHelper",
            "Cisco AnyConnect Secure Mobility Agent for Windows",
            "Ccleaner Monitoring",
            #"SunJavaUpdateSched",
            "Steam",
            "Discord"
        )
        New-PSDrive -PSProvider Registry -Name HKU -Root HKEY_USERS | Out-Null
        $startups = Get-CimInstance Win32_StartupCommand | Select-Object Name,Location
    }
    Process {
        foreach ($startUp in $startUps){
            if ($startUp.Name -in $disableList){
                $number = ($startUp.Location).IndexOf("\")
                $location = ($startUp.Location).Insert("$number",":")
                Write-Output "Disabling $($startUp.Name) from $location)"
                #Remove-ItemProperty -Path "$location" -Name "$($startUp.name)" 
            }
        }

        $regStartList = Get-ItemProperty -Path $32bit,$32bitRunOnce,$64bit,$64bitRunOnce,$currentLOU,$currentLOURunOnce | Format-List
    }
    End {}
}

    所以基本上什么时候 $regStartList 开始时,我想显示每个注册表项的名称和位置,我想把所有这些放在一个变量中。但我不能把这样一张好的单子列出来 

    Name                Location
----                --------
OneDriveSetup       HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
OneDriveSetup       HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Send to OneNote     Startup
OneDrive            HKU\S-1-5-21-3687383513-804626811-2257261628-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
CCleaner Monitoring HKU\S-1-5-21-3687383513-804626811-2257261628-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run


    $regStartList = Get-ItemProperty -Path $32bit,$32bitRunOnce,$64bit,$64bitRunOnce,$currentLOU,$currentLOURunOnce | Select-Object name,location

name location
---- --------

    由于某些原因,没有一个位置或名称/显示名被抓取。

    编辑: 我回答了我自己的问题,但如果有人有一个更好的让我知道。 

    $regStartList = Get-Item -path $32bit,$32bitRunOnce,$64bit,$64bitRunOnce,$currentLOU,$currentLOURunOnce |
    Where-Object {$_.ValueCount -ne 0} | Select-Object  property,name

foreach ($regName in $regStartList.name) {
   $regNumber = ($regName).IndexOf("\")
   $regLocation = ($regName).Insert("$regNumber",":")
   if ($regLocation -like "*HKEY_LOCAL_MACHINE*"){
    $regLocation = $regLocation.Replace("HKEY_LOCAL_MACHINE","HKLM")
    write-host $regLocation
   }
   if ($regLocation -like "*HKEY_CURRENT_USER*"){
    $regLocation = $regLocation.Replace("HKEY_CURRENT_USER","HKCU")
    write-host $regLocation
   }
    foreach($disable in $disableList) {
       if (Get-ItemProperty -Path "$reglocation" -name "$Disable"-ErrorAction SilentlyContinue) {
            Write-host "yeah i exist"
            #Remove-ItemProperty -Path "$location" -Name "$($startUp.name)" -whatif
       }else {write-host "no exist"}
    }   

}
    2 回复  |  直到 6 年前
        1
  •  1
  •   jsc    6 年前 

    $regStartList = Get-Item -path $32bit,$32bitRunOnce,$64bit,$64bitRunOnce,$currentLOU,$currentLOURunOnce |
Where-Object {$_.ValueCount -ne 0} | Select-Object  property,name

foreach ($regName in $regStartList.name) {
   $regNumber = ($regName).IndexOf("\")
   $regLocation = ($regName).Insert("$regNumber",":")
   if ($regLocation -like "*HKEY_LOCAL_MACHINE*"){
    $regLocation = $regLocation.Replace("HKEY_LOCAL_MACHINE","HKLM")
    write-host $regLocation
   }
   if ($regLocation -like "*HKEY_CURRENT_USER*"){
    $regLocation = $regLocation.Replace("HKEY_CURRENT_USER","HKCU")
    write-host $regLocation
   }
    foreach($disable in $disableList) {
       if (Get-ItemProperty -Path "$reglocation" -name "$Disable"-ErrorAction SilentlyContinue) {
            Write-host "yeah i exist"
            #Remove-ItemProperty -Path "$location" -Name "$($startUp.name)" -whatif
       }else {write-host "no exist"}
    }   

}
        2
  •  1
  •   postanote    6 年前

    至于这个。。。

    由于某些原因,没有获取的位置或名称/显示名称

    .. 这是正确的 

     Get-ItemProperty 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run' | Select-Object -Property *


AutoStartVMA : {2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}
OneDrive     : {2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}
PSPath       : Microsoft.PowerShell.Core\Registry::HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run
PSParentPath : Microsoft.PowerShell.Core\Registry::HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved
PSChildName  : Run
PSDrive      : HKCU
PSProvider   : Microsoft.PowerShell.Core\Registry


Get-ItemProperty 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run' | Get-Member


   TypeName: System.Management.Automation.PSCustomObject

Name         MemberType   Definition                                                                                                                                  
----         ----------   ----------                                                                                                                                  
Equals       Method       bool Equals(System.Object obj)                                                                                                              
GetHashCode  Method       int GetHashCode()                                                                                                                           
GetType      Method       type GetType()                                                                                                                              
ToString     Method       string ToString()                                                                                                                           
AutoStartVMA NoteProperty byte[] AutoStartVMA=System.Byte[]                                                                                                           
OneDrive     NoteProperty byte[] OneDrive=System.Byte[]                                                                                                               
PSChildName  NoteProperty string PSChildName=Run                                                                                                                      
PSDrive      NoteProperty PSDriveInfo PSDrive=HKCU                                                                                                                    
PSParentPath NoteProperty string PSParentPath=Microsoft.PowerShell.Core\Registry::HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved
PSPath       NoteProperty string PSPath=Microsoft.PowerShell.Core\Registry::HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run  
PSProvider   NoteProperty ProviderInfo PSProvider=Microsoft.PowerShell.Core\Registry

    OP更新

    我一直在玩弄你的要求有一点,并正要发回时,我看到你的更新。

    你问有没有别的办法。所以,这是我在看到你的更新之前想到的。当然,为了显示这两个结果,我必须在Disablelist中添加一些条目。 

    #Startup List
function Disable-Startups 
{
    [CmdletBinding()]

    Param
    (
        [parameter(DontShow = $true)]
        $32bit = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Run",
        [parameter(DontShow = $true)]
        $32bitRunOnce = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce",
        [parameter(DontShow = $true)]
        $64bit = "HKLM:\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run",
        [parameter(DontShow = $true)]
        $64bitRunOnce = "HKLM:\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce",
        [parameter(DontShow = $true)]
        $currentLOU = "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Run",
        [parameter(DontShow = $true)]
        $currentLOURunOnce = "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce"
    )

    begin 
    {
        $disableList = @(
        'SecurityHealth'
        'OneDrive',
        'iTunesHelper',
        'Cisco AnyConnect Secure Mobility Agent for Windows',
        'Ccleaner Monitoring',
        #'SunJavaUpdateSched',
        'Steam',
        'Discord'
        )
        New-PSDrive -PSProvider Registry -Name HKU -Root HKEY_USERS | 
        out-null
        $startups = Get-CimInstance Win32_StartupCommand | 
        Select-Object Name,Location
    }
    process 
    {
        Get-Item -path $32bit,$32bitRunOnce,$64bit,$64bitRunOnce,$currentLOU,$currentLOURunOnce |
        Where-Object {$_.ValueCount -ne 0} | 
        Select-Object  @{Name = 'Location';Expression = {$_.name -replace 'HKEY_LOCAL_MACHINE','HKLM' -replace 'HKEY_CURRENT_USER','HKCU'}},
        @{Name = 'Name';Expression = {$_.Property}} | 
        %{
            ForEach($disableListName in $disableList)
            {
                If($_.Name -contains $disableListName)
                { $_ | Select-Object -Property Location,Name }
                Else
                { Write-Warning -Message "$disableListName not found in registry" }
            }
        }
    }
    end {}
}
Clear-Host
Disable-Startups

# Results

WARNING: OneDrive not found in registry
WARNING: iTunesHelper not found in registry
WARNING: Cisco AnyConnect Secure Mobility Agent for Windows not found in registry
WARNING: Ccleaner Monitoring not found in registry
WARNING: Steam not found in registry
WARNING: Discord not found in registry
WARNING: SecurityHealth not found in registry
WARNING: OneDrive not found in registry
WARNING: iTunesHelper not found in registry
WARNING: Cisco AnyConnect Secure Mobility Agent for Windows not found in registry
WARNING: Ccleaner Monitoring not found in registry
WARNING: Steam not found in registry
WARNING: Discord not found in registry
WARNING: SecurityHealth not found in registry
WARNING: iTunesHelper not found in registry
WARNING: Cisco AnyConnect Secure Mobility Agent for Windows not found in registry
WARNING: Ccleaner Monitoring not found in registry
WARNING: Steam not found in registry
WARNING: Discord not found in registry
Location                                           Name                                
--------                                           ----                                
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run {SecurityHealth, MacDrive 10 helper}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run {OneDrive, AutoStartVMA}
    推荐文章
    关于   移动版
    代码之家 - 一站式码农服务社区
    沪ICP备11025650号