Jump to content
FMS

trying to find a process on a remote computer

Recommended Posts

FMS

hello,

I'm trying to make a check if a process is running on a remote PC.
This is what i got this far when I edit a found snippet on this forum.
 

The function _CMDreturn returns the output of the command line command.
In this output I want to scan if there is a line whit "process mspaint was not found".

This I'm trying to do whit StringLeft.
The problem is that I don't get any error's and also don't get a message if it doesn't exist.

Could somebody say to me what I'm doing wrong here?
Or iff there is a better way to do this?

Thanks in advanced.
 

#include <Constants.au3>

$result= _CMDreturn('C:\Tools\Ps\pslist.exe mspaint')
msgbox(0,"Version",$result)


Func _CMDreturn($sCommand) 
    $cmdreturn = ""
    $stream = Run(@ComSpec & " /c " & $sCommand, @SystemDir, @SW_HIDE, $STDOUT_CHILD + $STDIN_CHILD)
    While 1 
        $line = StdoutRead($stream)
        If @error Then ExitLoop
         If StringLeft($line, 32) = "process mspaint was not found on" Then
            msgbox(0,"not found",$line)
         EndIf
        $cmdreturn &= $line
    WEnd
    Return $cmdreturn
EndFunc

 

Edited by FMS

as finishing touch god created the dutch

Share this post


Link to post
Share on other sites
JLogan3o13

@FMS It looks as though you're looking for a process, not a service. I would do something like this:

$sPC = "."
$oWMI = ObjGet("winmgmts:" & "{impersonationLevel=impersonate}!\\" & $sPC & "\root\cimv2")
$oProcessList = $oWMI.ExecQuery ("Select * from Win32_Process Where Name = 'MSPaint.exe'")

    For $sProcess in $oProcessList
        ConsoleWrite($sProcess.Name & @CRLF)
    Next

 


√-1 2^3 ∑ π, and it was delicious!

Share this post


Link to post
Share on other sites
FMS

Indeed, i was trying to find a process not a service :)
Sorry for the confuson , i edited the question.

Thanks for the better way you are showing.
I'll try make this work. (not shure iff this will work remote :) I'm not known whit $oWMI.ExecQuery
thanks in advanced.

Edited by FMS

as finishing touch god created the dutch

Share this post


Link to post
Share on other sites
JLogan3o13

Just put in the PC name for the $sPC variable. As long as you can ping the machine (and WMI is not blocked through company policy) you should be able to run that query. If you have a multi-domain environment you may have to put the fully qualified domain name for the PC in (Ex: machinename.mycompany.com).


√-1 2^3 ∑ π, and it was delicious!

Share this post


Link to post
Share on other sites
FMS

Thanks , i fully tested your code line and works nicly @JLogan3o13

As I mentioned before I'm not known whit WMI but it works.
I think it is time to learn a bit more from WMI :)
As I see now it's less code to do the same.


as finishing touch god created the dutch

Share this post


Link to post
Share on other sites
FMS

humm unfortunaly i get an  -2147024891 error :( ( General access denied error (incorrect login).)
At home it was working like a charm but i think the network @work isn't accepting this kind of requests.?

Now i got 2 options:

-changing the login of this service whish i don't think is possible , or
-go to mine original question.

somebody got any ideas on this?
 


as finishing touch god created the dutch

Share this post


Link to post
Share on other sites
JLogan3o13

If it is an incorrect login, and you know the credentials that will work, just compile your script and then look at RunAs in the help file.


√-1 2^3 ∑ π, and it was delicious!

Share this post


Link to post
Share on other sites
FMS

Sound great that runas :)
but unfortunaly I need to use the whole programm to use the @username for settings purpouse and
$LC_result_objget = RunAs ( "username", "domain", "pass", 2, ObjGet("winmgmts:" & "{impersonationLevel=impersonate}!\\" & $_IP & "\root\cimv2"))

will not work :)
I was looking into WMI and runas but din't found anythin usefull.
(It can also be that I don't now how to look because WMI is new for me)

At this point I'm leaning more to the @comspec/pslist way, in whish I'm a little bit further. :
(I think this way is a lot slower than the WMI way but i got it to work:S)

$cmdreturn = ""
$process = "mspaint"
$sCommand = "D:\Tools\Ps\pslist.exe " & $process
$stream = Run(@ComSpec & " /c " & $sCommand, @SystemDir, @SW_HIDE, $STDOUT_CHILD + $STDIN_CHILD)
While 1
  $line = StdoutRead($stream)
  If @error Then ExitLoop
  $cmdreturn &= $line
WEnd

$count = 0

$aArray = StringSplit(StringTrimRight(StringStripCR($cmdreturn), StringLen(@CRLF)), @CRLF)

For $i = 0 To UBound($aArray) - 1
  If StringLeft($aArray[$i], 7) = $process Then
    $count += 1
  EndIf
Next

If $count = 0 Then
    msg("found","nothing found")
Else
    If $count = 1 Then
        msg("found","found")
    Else
        msg("found","multiple found count = " & $count)
    EndIf
EndIf

_ArrayDisplay($aArray)

 


as finishing touch god created the dutch

Share this post


Link to post
Share on other sites
aleph01

I did something similar, but returning an array of all processes with

#include <Array.au3>
;#include <MsgBoxConstants.au3>

$c = InputBox ("Computer", "Enter the computer name for which you want to list the currently running processes and PIDs.")
$c = "\\" & $c
$a = ProcessList ($c)
_ArrayDisplay ($a)

Good luck.


Meds.  They're not just for breakfast anymore. :'(

Share this post


Link to post
Share on other sites
UEZ

You can use also the built-in tool tasklist.exe.


Please don't send me any personal message and ask for support! I will not reply!

Selection of finest graphical examples at Codepen.io

The own fart smells best!
Her 'sikim hıyar' diyene bir avuç tuz alıp koşma!
¯\_(ツ)_/¯  ٩(●̮̮̃•̃)۶ ٩(-̮̮̃-̃)۶ૐ

Share this post


Link to post
Share on other sites
Synapsee

in case :

 

Quote
-2147024891 0x80070005  General access denied error (incorrect login).

 

 

; This ErrorHandler is for detect bad credential
Global $oErrorHandler = ObjEvent("AutoIt.Error", "_ErrFunc")
Func _ErrFunc()
EndFunc ;==> _ErrFunc

Local $objWMILocator = ObjCreate("WbemScripting.SWbemLocator")
If @error Then Return SetError(1, 0, 0)

Local $objWMI = $objWMILocator.ConnectServer($sComputer, "\\.\root\cimv2", $sUser, $sPass, "", "", $wbemConnectFlagUseMaxWait)
If @error Then Return SetError(2, 0, 0)

Local $colItem = $objWMI.ExecQuery(...

 

Share this post


Link to post
Share on other sites
FMS

thanks @UEZ in both cases i ques :) (his own answer and @Synapsee answer :)

stupid of me that i din't think of plain old tasklist :)
for the answer of synapsee , this sees good but i have to try at work if it works :)
as I mentioned before I don't know mush about WMI and is rather new for me.

(I'm not following his answer in the WMI error handling topic)
so iff I'm reading it right I can first connect whit another account before I execute :

$oWMI = ObjGet("winmgmts:" & "{impersonationLevel=impersonate}!\\" & $sPC & "\root\cimv2")

?

Edited by FMS

as finishing touch god created the dutch

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Similar Content

    • FrancescoDiMuro
      By FrancescoDiMuro
      Good evening everyone
      I'm working on a little project of mines, and I was trying to use WMI Object.
      The question which I don't find an answer is: 
      Once I do the query with WMI Object, something like "SELECT * FROM Win32_LogonSession", instead of specify the field of the collection returned, ( i.e. $colItems.Caption ), can I loop though each property and each value of the property, writing so one row of code only?
      Hope my question was clear enough.
      Thanks in advance.

      Best Regards.
    • ahmet
      By ahmet
      Hello,
      I am trying to make a program that will uninstall some software, provided by some form of a list. I have this
      ; Generated by AutoIt Scriptomatic June 08, 2010 ;#RequireAdmin $sPartialName="java" $wbemFlagReturnImmediately = 0x10 $wbemFlagForwardOnly = 0x20 $colItems = "" $strComputer = "localhost" ;$objWMIService = ObjGet("winmgmts:\\" & $strComputer & "\root\CIMV2") ;$objWMIService=ObjGet("winmgmts:{impersonationLevel=impersonate}!\\" & @ComputerName & "\root\cimv2") $objWMIService=ObjGet("winmgmts:{impersonationLevel=impersonate}!\\" & @ComputerName & "\root\cimv2") $colItems = $objWMIService.ExecQuery("SELECT * FROM Win32_Product", "WQL", $wbemFlagReturnImmediately + $wbemFlagForwardOnly) If IsObj($colItems) then For $objItem In $colItems If StringInStr($objItem.Name,$sPartialName)=1 Then ConsoleWrite("Full name:" & $objItem.Name & @CRLF) RunAs("USERNAME",@ComputerName,"PASSWORD",0,@ComSpec & " /c" & ' wmic product where name="Java 9.0.4 (64-bit)" call uninstall /nointeractive',"C:\WINDOWS\system32\wbem",@SW_MAXIMIZE) ;Run('wmic product where name="Java 9.0.4 (64-bit)" call uninstall /nointeractive',"",@SW_MAXIMIZE) ExitLoop EndIf Next Else Msgbox(0,"WMI Output","No WMI Objects Found for class: " & "Win32_Product" ) Endif The script above fails uninstalling software despite providing username and password for admin account. If I run script with admin rights then the software gets uninstalled.
      At the following link there is a script by JLogan3o13 but it does not either uninstall software, unless run as admin..
      Is there some way to uninstall software using wim or wimc by providing user name and password?
       
    • Bilgus
      By Bilgus
      #include <Array.Au3> ;WMI EXAMPLE Local $strComputer = "localhost" Local $sClass = "" Local $objClass Local $objWMIService = ObjGet("winmgmts:\\" & $strComputer & "\root\cimv2") ; Display all available Classes in this object _ArrayDisplay(Get_Classes($objWMIService), "AVAILABLE WMI CLASSES", "", 0, Default, "NAME") ;Split string at \n(@LF) place each into an array $sClass = "Win32_BIOS" ;<-The Class I've choosen ;Lets Try out one of the classes Local $objClass = ObjGet("winmgmts:\\" & $strComputer & "\root\cimv2:" & $sClass) ConsoleWrite($sClass & @CRLF & "------------------------------------------" & @CRLF) _ArrayDisplay(Split_Properties(Get_Properties($objClass)), $sClass & " Properties", "", 0, Default, "NAME|VALUE") ;No methods available for this one but... ConsoleWrite("Methods:" & @CRLF & @CRLF) Get_Methods($objClass) ;Lets Do it again for the network adapter Class $sProperties = "" $sClass = "Win32_NetworkAdapterConfiguration" ;<-The Class I've choosen ;Lets Try out one of the classes $objClass = ObjGet("winmgmts:\\" & $strComputer & "\root\cimv2:" & $sClass) ConsoleWrite($sClass & @CRLF & "------------------------------------------" & @CRLF) _ArrayDisplay(Split_Properties(Get_Properties($objClass)), $sClass & " Properties", "", 0, Default, "NAME|VALUE") ConsoleWrite("Methods:" & @CRLF & @CRLF) Get_Methods($objClass) Func Get_Classes($obj) ; Display all available Classes in this object If IsObj($obj) Then Local $sClasses = "" For $objClass In $obj.SubclassesOf() ;<--WMI Method $sClasses &= ($objClass.Path_.Class) & @LF ;Build a string seperated by \n(@LF) Next EndIf Return StringSplit($sClasses, @LF) EndFunc ;==>Get_Classes Func Get_Methods($objClass) Local $sResults = "" If IsObj($objClass) Then For $objMethods In $objClass.Methods_ ConsoleWrite(@TAB & $objMethods.Name & @CRLF) $sResults &= $objMethods.Name & @LF Next EndIf Return $sResults EndFunc ;==>Get_Methods Func Get_Properties($objClass) Local $sProperties = "" If IsObj($objClass) Then For $objClassProp In $objClass.Properties_() ;<-Another WMI Method For $obj In $objWMIService.ExecQuery("Select * from " & $sClass) ;<-Another WMI Method $sProperties &= $objClassProp.Name & @CR $sProperties &= Parse_Value($obj.Properties_($objClassProp.Name).Value) ;Use the Properties_ Method to call our desired property Next Next EndIf Return $sProperties EndFunc ;==>Get_Properties Func Parse_Value($vValue) Local $sRet = "" Switch StringLower(VarGetType($vValue)) Case "keyword" ; Not really sure what this one is probably NULL $sRet = Number($vValue) = 0 ? "" : Number($vValue) Case "array" $sRet = _ArrayToString($vValue, ", ") Case "string", "bool", "int32", "int64", "double", "binary" $sRet = $vValue Case "pointer" $sRet = "[PTR]:" & $vValue Case Else $sRet = "[" & VarGetType($vValue) & "]: " & $vValue EndSwitch $sRet &= @LF Return $sRet EndFunc ;==>Parse_Value Func Split_Properties($sProperties) Local $aDisp = StringSplit($sProperties, @LF) ;Split string at \n(@LF) place each into an array Local $aTmp If IsArray($aDisp) Then _ArrayColInsert($aDisp, 1) For $i = 1 To $aDisp[0][0] ; String Split stores Count in the first element by default $aTmp = StringSplit($aDisp[$i][0], @CR) ;Split string at \r(@CR) place each into an array If IsArray($aTmp) Then $aDisp[$i][0] = $aTmp[0] > 0 ? $aTmp[1] : "?" ;Check if this element exists if not make it "?" $aDisp[$i][1] = $aTmp[0] > 1 ? $aTmp[2] : " " ;Check if this element exists if not make it " " EndIf Next EndIf Return $aDisp EndFunc ;==>Split_Properties  
    • goodmanjl531
      By goodmanjl531
      Hope someone can help as quotes within quotes is always confusing.  I am creating a silent install of printer software and want to call via runwait comspec line.
      The call within a cmd line is below
      samsung.exe /s /n"Samsung SL-M3220ND" /p"xxx"
      xxx will be stored as a variable  $PrinterIP which would be as example  10.10.10.20    I need to use a variable as i am doign this for a business and need it to be based on the store i install at that has a specific IP range.
       
      I started with the below as 2 possibilities but no luck..
      RunWait(@ComSpec & "/c " & "samsung.exe /s /n""Samsung SL-M3220ND"" /p""" & $PrinterIP ") RunWait(@ComSpec & "/c " & "samsung.exe /s /n'Samsung SL-M3220ND' /p'" & $PrinterIP '") but i cant get it to compile as i have errors on the line..  thanks in advance.
    • nikink
      By nikink
      Hi all,
      I have a bit of code that works on my old Win10 PC, that fails on my new Win10 PC, and I think the only significant difference is the version of Autoit - old PC has 3.3.12, new has 3.3.14.
      I couldn't find anything mentioned in the change logs though, so perhaps I'm wrong.
      Anyway, the code to replicate my issue is:
      Test('username', 'DOMAIN') ; THIS ERRORS: ;Test('localun', 'DOMAIN') ; THIS ERRORS: ;Test(' ', ' ') ; THIS ERRORS: ;Test('', '') ; THIS ERRORS: ;Test('localun', '') ; THIS ERRORS: ;Test('', 'DOMAIN') Func Test($un, $dom) $compName = 'PCNAME' $FullName = '.' $Description = '.' ; get the WIM object $objWMIService = ObjGet("winmgmts:\\" & $compName & "\root\cimv2") ; get default user full name and description $objAccount = $objWMIService.Get("Win32_UserAccount.Name='" & $un & "',Domain='" & $dom & "'") If IsObj($objAccount) Then $FullName = $objAccount.FullName $Description = $objAccount.Description EndIf ConsoleWrite($FullName & @CRLF) ConsoleWrite($Description & @CRLF) Return EndFunc  
      On my old PC this code will output just . and . for each of those line currently commented out. Which is fine.
      On my new PC any of those commented out lines of code cause an error, and the script won't even compile.
      $objAccount = $objWMIService.Get("Win32_UserAccount.Name='" & $un & "',Domain='" & $dom & "'") $objAccount = $objWMIService^ ERROR I'm very much a newb with the WMI stuff and objects, but it looks like the .Get property is failing when either $un or $dom aren't valid in v3.3.14, whereas in 3.3.12 the .Get would fail to return an object, which is then caught by the If statement.
      Am I on track with this? Is there some new/better way to code the example so that 3.3.14 will compile it?
×