1

I've been trying to turn the output of the following two commands into variables, so that I can use them in a batch file, however I'm not having any luck:

WMIC /namespace:\\root\SecurityCenter2 PATH AntiVirusProduct WHERE (displayName="Emsisoft Anti-Malware" or displayName="Emsisoft Internet Security") GET displayName /value
WMIC /namespace:\\root\SecurityCenter2 PATH AntiVirusProduct WHERE (displayName="Emsisoft Anti-Malware" or displayName="Emsisoft Internet Security") GET pathToSignedReportingExe /value

Basically two different security products can potentially be installed, and the batch file needs to determine which one. Since the folder can potentially be changed during install, the safest way to determine that seems to be with the above two commands. Sadly, I can't get the output into variables in order to use it.

Here's my current test script:

@ECHO OFF

for /f "tokens=2 delims==" %%f in ('WMIC /namespace:\\\\root\\SecurityCenter2 PATH AntiVirusProduct WHERE ^(displayName^="Emsisoft Anti-Malware" or displayName^="Emsisoft Internet Security"^) GET DisplayName /value ^| find "="') do set "EmsiProductName=%%f"
ECHO %EmsiProductName%

for /f "tokens=2 delims==" %%f in ('WMIC /namespace:\\\\root\\SecurityCenter2 PATH AntiVirusProduct WHERE ^(displayName^="Emsisoft Anti-Malware" or displayName^="Emsisoft Internet Security"^) GET pathToSignedReportingExe /value ^| find "="') do set "EmsiProductPath=%%f"
ECHO %EmsiProductPath%

PAUSE

When run, the above outputs two errors that say "Description = The RPC server is unavailable." I've tried escaping the quotes (both "" and \"), and not escaping them, but the output is the same either way.

I'm out of ideas, so if anyone has any suggestions, then I would greatly appreciate it.

GT500
  • 21
  • 5
  • But the `wmic` command lines do work on their own, right? – aschipfl Dec 21 '16 at 23:40
  • @aschipfl yes, they do. – GT500 Dec 22 '16 at 00:29
  • 2
    @GT500 Try `WHERE "displayName like 'Emsisoft%%'"`. I'm thinking the carets might not be having the intended effect in your commands. But you can enclose the `where` clause in double quotes, and enclose the product name in single quotes. This will let you avoid having to escape anything (even if you continue using `=` instead of `like`). – rojo Dec 22 '16 at 00:46
  • @rojo thank you sir, that worked. :) – GT500 Dec 22 '16 at 01:41
  • 1
    No they don't work because you are escaping backslashes C style. And that's not required. `/namespace:\\root\SecurityCenter2` THIS IS THE RESON FOR NO RPC SERVER AVAILABLE. You appear to have a lot of problems. –  Dec 22 '16 at 01:49
  • @Noodles I suspected that that was an issue, however if I tried it without then I would still have problems. I think rojo nailed the cause of the issue though, and his suggestion is working quite nicely at the moment. – GT500 Dec 22 '16 at 01:54
  • Firstly I'd test the `wmic` command lines outside of `for /F` but including the pipe `| find "="`; then I'd wrap around the `for /F` loop and do the escaping of the pipe, the parentheses and the equal-to signs; perhaps you need some double-escaping (`^^^` instead of `^`) because of the pipe; I cannot test it, otherwise I'd provide an answer (if I found a solution of course); but one thing is for sure: you do not need to escape `\ ` like `\\ `within the `for /F` loop, because those characters are not special to `cmd`... – aschipfl Dec 22 '16 at 15:48

2 Answers2

1

Since most of the answers have been posted in comments, I'll explain what resolved this for those who are curious (and for those who are still posting comments under the assumption that this has not been resolved).

As both Noodles and aschipfl have pointed out, escaping the backslashes was not necessary, and was causing problems. Unfortunately that was not the only problem with my code. As rojo mentioned, there seems to have been an issue with escaping other characters as well, and the parenthesis seemed to be messing things up. The best solution was to remove all of the escaping, and use quotes instead of parenthesis. rojo also recommended I use like instead of = to match the values I was looking for, which worked beautifully .

For those who would like to see the working code, this is what I ended up with:

FOR /F "tokens=2 delims==" %%F IN ('WMIC /namespace:\\root\SecurityCenter2 PATH AntiVirusProduct WHERE "displayName like 'Emsisoft%%'" GET DisplayName /value ^| FIND "="') DO SET "EmsiProduct=%%F"
FOR /F "tokens=2 delims==" %%F IN ('WMIC /namespace:\\root\SecurityCenter2 PATH AntiVirusProduct WHERE "displayName like 'Emsisoft%%'" GET pathToSignedReportingExe /value ^| FIND "="') DO SET "TempEmsiProductDir=%%F"
SET EmsiProductDir=%TempEmsiProductDir:~0,-15%
SET EmsiProductDirDoubleSlash=%EmsiProductDir:\=\\%

For those who are curious about the third line, I only needed the path to the folder, so I am omitting the last 15 characters to remove the last backslash and file name.

As for the fourth line, part of the batch file calls WMIC to get file properties, and for that you need paths with double backslashes (or it won't work), so rather than use another FOR loop to try to change that I am using :\=\\ on the end of the variable name to convert the backslashes into double backslashes. I think this is where I got the idea from, however it looks like there is a more in-depth explanation of it in this article.

Community
  • 1
  • 1
GT500
  • 21
  • 5
  • I made an effort to provide the first answer, and you appear to have completely ignored it! What was wrong with the code I posted seventeen hours before you posted this? The least you could have done was try it and report back! – Compo Dec 23 '16 at 00:37
  • @Compo I had been able to resolve the issue with my code with rojo's help by the time you had left your answer. rojo left his information in a comment though, so I wasn't able to mark it as the answer, which is why I wrote this to give him credit and (eventually) mark it as the answer since it was how I solved the problem. – GT500 Dec 23 '16 at 07:06
  • ...and as both Noodles and yourself pointed out, your commands were still wrong. Now the code you have posted completely ignores the benefit of the `like` suggestion too and includes code unrelated to your original question. – Compo Dec 23 '16 at 07:36
  • @Compo in my question I posted a short example script that I was using for testing, and not the full batch file that I was working on (it's 500+ lines). In my "answer" I posted an exert from the full batch file where the code is working as I need it to, which is why it is different. As for my usage of "like", I copied rojo's example, and it did exactly what I needed it to do. – GT500 Dec 23 '16 at 22:13
0

Here is an attempt at how I may go about this task using the like comparison as has previously been mentioned.

@Echo Off
For /F "UseBackQ Skip=1 Delims=" %%A In (`WMIC^
 /namespace:\\root\SecurityCenter2 PATH AntiVirusProduct^
 Where "DisplayName Like 'Emsisoft%%'" Get pathToSignedProductExe`) Do (
    For /F "Tokens=*" %%B In ("%%~dpA") Do Set "EmsiProductPath=%%~B"
Set EmsiProductPath
Timeout -1

It is completely untested, because even if I was using a Windows PC I wouldn't have an antivirus product installed.

Compo
  • 36,585
  • 5
  • 27
  • 39