WMI vbscript deploying

I want to monitor if windows games like solitare minesweeper is played during work hours, hence ive come up with below vbscript which will log data when the applications open on ppl's PC's.
Problem is i want to deploy this over GPO and when i put this as a Logon or startup script the machines will just hang during logon cause it gets stuck in that do loop.
I need a vbscript that would run constantly on every machine(not run once and finish), and able to deploy over gpo any ideas how to do this?

Const appendToTextFile = 8
strComputer = "."
wmiNS = "\root\cimv2"
wmiQueryStart = "SELECT * FROM Win32_ProcessStartTrace"
GamesList = array("sol.exe", "spider.exe", "winmine.exe", "freecell.exe", "mshearts.exe", "pinball.exe")
LogFile ="\\test\log.txt"
set wshShell = CreateObject("Wscript.Shell")
UserName = wshShell.expandEnvironmentStrings("%username%")
MachineID = wshShell.expandEnvironmentStrings("%ComputerName%")

set objWMIService = GetObject("winmgmts:\\" & strComputer & wmiNS)
Do      
set colProcessStartTrace = objWMIService.ExecNotificationQuery(wmiQueryStart)
set objItem = colProcessStartTrace.NextEvent
i=0
For each Game In GamesList
If objItem.ProcessName = GamesList(i) Then
      set objFSO = createObject("Scripting.FileSystemObject")
      set objFile = objFSO.OpenTextFile(Logfile, appendToTextFile)
      objFile.write "UID: "       & UserName&"," &vbNullchar
      objFile.write "MID: "       & MachineID&"," &vbNullchar
      objFile.write "GameStarted: "       & objItem.ProcessName&"," &vbNullChar
      objFile.write "PID: "       & objItem.ProcessID&"," &vbNullChar
      objFile.write "Time Started:  "       & now & vbCrLf
      objFile.close
End If
      i=i+1
next      
Loop
sydpoloAsked:
Who is Participating?
 
sydpoloAuthor Commented:
Thx for the script Rob, but it didnt work.
Found a way around it, in gpo i placed it under admin template-->system logon-->run additional programsand its working fine now.
0
 
chandru_solCommented:
Hi,
I would suggest you copy the script file to the local machine to the startup folder and see if that helps
Just give it a try.......

regards
Chandru
0
 
RobSampsonCommented:
Hi, I'm not so sure that you're using the ExecNotificationQuery correctly.....try this (untested) and see if it works:

'============
Const appendToTextFile = 8
strComputer = "."
wmiNS = "\root\cimv2"
GamesList = array("sol.exe", "spider.exe", "winmine.exe", "freecell.exe", "mshearts.exe", "pinball.exe")
'wmiQueryStart = "SELECT * FROM Win32_ProcessStartTrace"
wmiQueryStart = "SELECT * FROM __InstanceCreationEvent " & _
                                    "WITHIN 3 WHERE Targetinstance ISA 'Win32_ProcessStartTrace'"

For Each strGame In GamesList
      If InStr(LCase(wmiQueryStart), LCase("ProcessName")) = 0 Then
            wmiQueryStart = wmiQueryStart & " AND TargetInstance.ProcessName = '" & strGame & "'"
      Else
            wmiQueryStart = wmiQueryStart & " OR TargetInstance.ProcessName = '" & strGame & "'"
      End If
Next

LogFile ="\\test\log.txt"
set wshShell = CreateObject("Wscript.Shell")
UserName = wshShell.expandEnvironmentStrings("%username%")
MachineID = wshShell.expandEnvironmentStrings("%ComputerName%")

Set objWMIService = GetObject("winmgmts:\\" & strComputer & wmiNS)
Set colProcessStartTrace = objWMIService.ExecNotificationQuery(wmiQueryStart)

Do
      Set objLatestEvent = colProcessStartTrace.NextEvent
      Notifier(objLatestEvent.TargetInstance)
Loop

Sub Notifier(object)
      Set objFSO = CreateObject("Scripting.FileSystemObject")
      Set objFile = objFSO.OpenTextFile(Logfile, appendToTextFile)
      objFile.write "UID: "       & UserName&"," &vbNullchar
      objFile.write "MID: "       & MachineID&"," &vbNullchar
      objFile.write "GameStarted: "       & objItem.ProcessName&"," &vbNullChar
      objFile.write "PID: "       & objItem.ProcessID&"," &vbNullChar
      objFile.write "Time Started:  "       & now & vbCrLf
      objFile.close
End Sub
'============

Regards,

Rob.
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
RobSampsonCommented:
Oh, fair enough.  Nice one.  So did you place that in User Configuration?  That means the user who logged on would have to have domain admin priveleges....

Anyway, well done....so if you want to post a request in the Community Support to have this question PAQ'ed with your answer, please do so.  Include a link to this question, and an Admin will close it for you.

Regards,

Rob.
0
 
sydpoloAuthor Commented:
Hi Paul,
Yes its under User Configuration. Ppl who logon dont have domain admin priveleges.

Been running script for few days now and no issues so far.


0
 
RobSampsonCommented:
Cool.  Nice one.  Thanks for the info.  If you feel this is now closed, you can post a request in the Community Support to have this question PAQ'ed with your answer, please do so.  Include a link to this question, and an Admin will close it for you.

Regards,

Rob.
0
 
RobSampsonCommented:
No objections from me.....

Rob.
0
 
Vee_ModCommented:
Closed, 500 points refunded.
Vee_Mod
Community Support Moderator
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.