(imported topic written by Shlomi91)
Hi,
how can i extract the executable version from a service?
i used “image path of service “mcshield”” to get the path to the executable, but how can i get the version from here?
thanks,
Shlomi
(imported topic written by Shlomi91)
Hi,
how can i extract the executable version from a service?
i used “image path of service “mcshield”” to get the path to the executable, but how can i get the version from here?
thanks,
Shlomi
(imported comment written by Shlomi91)
Hi Mark,
no good…
q: version of service "McShield"
E: Singular expression refers to nonexistent object.
q: exists service "McShield"
A: True
Thanks,
Shlomi
(imported comment written by SystemAdmin)
version of file (concatenation of substrings separated by “%22” of image path of service “besclient”)
I thought it was a bug with the file function first, but I believe it’s a problem with the output from the image path function. From what I can tell, image path string that is returned includes the quotes as part of the string. Thus, ripping those out from the returned value allows it to be queried and return the version of the file.
-Jim
(edit: spelling ishu)
(imported comment written by Shlomi91)
Hey Jim, thanks for your help.
still not working - something with the McAfee service itself…
q: image path of service "mcshield"
A: "C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe"
could be related to the double slash ("\") in the path…
(imported comment written by cstoneba)
try this:
pad of (versions of files (substring between “%22” of expand environment strings of image paths of it)) of services whose (it as string as lowercase contains “mcshield”)
(imported comment written by Shlomi91)
Still getting “Singular expression refers to nonexistent object.”…
(imported comment written by SystemAdmin)
How about…
version of file
(
(
if
exists substring between “%22” of it
then
substring between “%22” of it
else
it
)
of image path of service “McShield”
)
One thing else you have to watch for is that the image paths can also contain parameters. You could improve this by also taking everything before the “.exe” and appending a “.exe” when getting the file’s version. In some cases, taking between the double-quotes does remove the parameters. The way I’m doing it here doesn’t make a difference if it has parameters or not, or if the parameters are inside or outside the double-quotes.
version of file
(
(
it & “.exe”
)
of preceding text of first “.exe” of
(
if
exists substring between “%22” of it
then
substring between “%22” of it
else
it
)
of
(
image path of service “mcshield” as lowercase
)
)
Paul