PsInfo is a free, downloadable utility in the Microsoft Sysinternals utilities suite. It is a command line utility with several parameters which add some flexibility to how you use it, as shown in Figure 1.
As you can see from the syntax shown at the left, you can use PsInfo to display information about the local computer or a list of remote computers. From a security perspective, the “\\*" syntax is a little scary. When used, PsTools will scan all systems in the current domain—not something you want a black hat running on a compromised company system.
The following are some examples run on a laptop I imaged for PsTools testing.
Running PsInfo with no parameters specified results in a listing of the overall system configuration, as shown in Figure 2.
Using the following syntax, you can dig a little deeper and obtain a list of hot fixes and security updates applied to the target system, as shown in Figure 3:
PsInfo - h
Installed Applications and much more…
The intended use for the –s parameter, as shown in Figure 1, is to list all installed applications. When I used it, however, PsInfo -s provided a complete view into the inner state of my machine. See Figure 4. I not only received a list of applications and drivers, I also got the same information I received when using PsInfo with –h and no parameter. In other words, it acted like a “show all" flag.
Feeding maintenance programs/utilities with this information is often useful. So help with this process, PsInfo provides a –c flag to produce delimited text files. In the following example, I used the syntax necessary to dump system state to a comma delimited text file, ExportText.txt. (A comma delimiter is used by default.)
PsInfo –s –c > ExportText.txt
I imported ExportText.txt into Excel as shown in Figure 5. (The computer name is provided in the first column, hidden in this graphic.) However, importing the information into a database for access by maintenance applications is probably more useful.