trying to find a process on a remote computer

[FMS]

hello,

I'm trying to make a check if a process is running on a remote PC.
This is what i got this far when I edit a found snippet on this forum.
 

The function _CMDreturn returns the output of the command line command.
In this output I want to scan if there is a line whit "process mspaint was not found".

This I'm trying to do whit StringLeft.
The problem is that I don't get any error's and also don't get a message if it doesn't exist.

Could somebody say to me what I'm doing wrong here?
Or iff there is a better way to do this?

Thanks in advanced.
 

#include <Constants.au3>

$result= _CMDreturn('C:\Tools\Ps\pslist.exe mspaint')
msgbox(0,"Version",$result)


Func _CMDreturn($sCommand) 
    $cmdreturn = ""
    $stream = Run(@ComSpec & " /c " & $sCommand, @SystemDir, @SW_HIDE, $STDOUT_CHILD + $STDIN_CHILD)
    While 1 
        $line = StdoutRead($stream)
        If @error Then ExitLoop
         If StringLeft($line, 32) = "process mspaint was not found on" Then
            msgbox(0,"not found",$line)
         EndIf
        $cmdreturn &= $line
    WEnd
    Return $cmdreturn
EndFunc

 

Edited June 27, 2016 by FMS

[JLogan3o13]

@FMS It looks as though you're looking for a process, not a service. I would do something like this:

$sPC = "."
$oWMI = ObjGet("winmgmts:" & "{impersonationLevel=impersonate}!\\" & $sPC & "\root\cimv2")
$oProcessList = $oWMI.ExecQuery ("Select * from Win32_Process Where Name = 'MSPaint.exe'")

    For $sProcess in $oProcessList
        ConsoleWrite($sProcess.Name & @CRLF)
    Next

 

[FMS]

Indeed, i was trying to find a process not a service
Sorry for the confuson , i edited the question.

Thanks for the better way you are showing.
I'll try make this work. (not shure iff this will work remote I'm not known whit $oWMI.ExecQuery
thanks in advanced.

Edited June 24, 2016 by FMS

[JLogan3o13]

Just put in the PC name for the $sPC variable. As long as you can ping the machine (and WMI is not blocked through company policy) you should be able to run that query. If you have a multi-domain environment you may have to put the fully qualified domain name for the PC in (Ex: machinename.mycompany.com).

[FMS]

Thanks , i fully tested your code line and works nicly @JLogan3o13

As I mentioned before I'm not known whit WMI but it works.
I think it is time to learn a bit more from WMI
As I see now it's less code to do the same.

[FMS]

humm unfortunaly i get an  -2147024891 error ( General access denied error (incorrect login).)
At home it was working like a charm but i think the network @work isn't accepting this kind of requests.?

Now i got 2 options:

-changing the login of this service whish i don't think is possible , or
-go to mine original question.

somebody got any ideas on this?
 

[JLogan3o13]

If it is an incorrect login, and you know the credentials that will work, just compile your script and then look at RunAs in the help file.

[FMS]

Sound great that runas
but unfortunaly I need to use the whole programm to use the @username for settings purpouse and
$LC_result_objget = RunAs ( "username", "domain", "pass", 2, ObjGet("winmgmts:" & "{impersonationLevel=impersonate}!\\" & $_IP & "\root\cimv2"))

will not work
I was looking into WMI and runas but din't found anythin usefull.
(It can also be that I don't now how to look because WMI is new for me)

At this point I'm leaning more to the @comspec/pslist way, in whish I'm a little bit further. :
(I think this way is a lot slower than the WMI way but i got it to work:S)

$cmdreturn = ""
$process = "mspaint"
$sCommand = "D:\Tools\Ps\pslist.exe " & $process
$stream = Run(@ComSpec & " /c " & $sCommand, @SystemDir, @SW_HIDE, $STDOUT_CHILD + $STDIN_CHILD)
While 1
  $line = StdoutRead($stream)
  If @error Then ExitLoop
  $cmdreturn &= $line
WEnd

$count = 0

$aArray = StringSplit(StringTrimRight(StringStripCR($cmdreturn), StringLen(@CRLF)), @CRLF)

For $i = 0 To UBound($aArray) - 1
  If StringLeft($aArray[$i], 7) = $process Then
    $count += 1
  EndIf
Next

If $count = 0 Then
    msg("found","nothing found")
Else
    If $count = 1 Then
        msg("found","found")
    Else
        msg("found","multiple found count = " & $count)
    EndIf
EndIf

_ArrayDisplay($aArray)

 

[aleph01]

I did something similar, but returning an array of all processes with

#include <Array.au3>
;#include <MsgBoxConstants.au3>

$c = InputBox ("Computer", "Enter the computer name for which you want to list the currently running processes and PIDs.")
$c = "\\" & $c
$a = ProcessList ($c)
_ArrayDisplay ($a)

Good luck.

[UEZ]

You can use also the built-in tool tasklist.exe.

[Synapsee]

in case :

 

Quote

-2147024891 0x80070005  General access denied error (incorrect login).

 

 

; This ErrorHandler is for detect bad credential
Global $oErrorHandler = ObjEvent("AutoIt.Error", "_ErrFunc")
Func _ErrFunc()
EndFunc ;==> _ErrFunc

Local $objWMILocator = ObjCreate("WbemScripting.SWbemLocator")
If @error Then Return SetError(1, 0, 0)

Local $objWMI = $objWMILocator.ConnectServer($sComputer, "\\.\root\cimv2", $sUser, $sPass, "", "", $wbemConnectFlagUseMaxWait)
If @error Then Return SetError(2, 0, 0)

Local $colItem = $objWMI.ExecQuery(...

 

[FMS]

thanks @UEZ in both cases i ques (his own answer and @Synapsee answer

stupid of me that i din't think of plain old tasklist
for the answer of synapsee , this sees good but i have to try at work if it works
as I mentioned before I don't know mush about WMI and is rather new for me.

(I'm not following his answer in the WMI error handling topic)
so iff I'm reading it right I can first connect whit another account before I execute :

$oWMI = ObjGet("winmgmts:" & "{impersonationLevel=impersonate}!\\" & $sPC & "\root\cimv2")

?

Edited June 27, 2016 by FMS