The 2011 Scripting Games Advanced Event 1: Finding Process Module Versions by Using PowerShell


2011 Scripting Games badge

Summary: Advanced Event 1 of the 2011 Scripting games entails using Windows PowerShell to find process module versions.

About this event



Date of Event

4/4/2011 12:15 AM

Due Date

4/11/2011 12:15 AM

Event scenario

You are the network administrator for a small business with 200 users and four servers on the network. You are responsible for managing Active Directory Domain Services (AD DS) running on a single Windows Server 2008 R2 machine, Exchange Server 2007 running on Windows Server 2008, SQL Server 2008 also running on a Windows Server 2008 machine, and a File and Print Server running Windows Server 2003. Your workstations are a combination of Windows XP, Windows Vista and Windows 7. Because one of your servers also runs Windows Software Update Services (WSUS), you have deployed Windows PowerShell 2.0 to all of your workstations and servers on the network. Your boss, who is the CIO and the comptroller was listening to the radio on the way into work today, and he heard a report about a zero-day exploit of a particular component. The radio report mentioned the name of the component, and it stated that it only existed on certain servers. Unfortunately, the reporter was a bit vague with the details. Because of this vagueness, your boss wants you to scan every machine on the network for the affected component.

For the purposes of this event, you will only need to run the script against your local computer, but you should include the capability to run it against multiple machines. You should use the Notepad process, and report the version of the “Windows Spooler Driver” module that is used by the Notepad process. You should display a Comma Separated Value output with a header and values for the following: ModuleName, Size, FileName, FileVersion. A sample output is shown in the following image.

Image of command output

Design points
  • Your code should be completely reusable
  • If the methodology you use to retrieve the information does not provide its own remoting mechanism, you should incorporate code to utilize Windows PowerShell remoting
  • You do not need to output to a CSV file, but your output should be in such a format that redirection arrows (>>) would produce a CSV file
  • Extra points for accepting command-line arguments
  • Extra points for writing an advanced function that is suitable to incorporate into a module
  • Extra points if your script reads AD DS to retrieve the list of computers to query

2011 Scripting Games links

2011 Scripting Games: All Links on One Page

Submit your scripts on PoshCode

Support our Sponsors!

I invite you to follow me on Twitter and Facebook. If you have any questions, send email to me at, or post your questions on the Official Scripting Guys Forum. Good luck as you compete in this year’s Scripting Games. We wish you well.

Ed Wilson, Microsoft Scripting Guy