?
Solved

Antonymous Process power shell script

Posted on 2015-02-18
9
Medium Priority
?
101 Views
Last Modified: 2015-02-19
I've been looking for a script that can check if a certain process is running and if it's not start it back up and keep monitoring if it stops start it back up again.
0
Comment
Question by:Network Zero
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
9 Comments
 
LVL 71

Expert Comment

by:Chris Dent
ID: 40619177
All you really need is an infinite loop.
while ($true) {
  $Process = Get-Process ExeName
  if (-not $Process) {
    # Insert code to start the process here. Could be as simple as:
    Start-Process ExeName
  }
  # Sleep a little while to control the speed of the loop
  Start-Sleep -Seconds 10
}

Open in new window

Now the problem of monitoring is moved a step back, what watches the watcher?

Chris
0
 
LVL 70

Expert Comment

by:Qlemo
ID: 40619196
In fact I would use a process termination event trigger instead. But that does not change much, it would still be an "endless loop" monitoring the process.
0
 
LVL 7

Author Comment

by:Network Zero
ID: 40619269
Qlemo how it look with a process termination event trigger?
0
Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

 
LVL 7

Author Comment

by:Network Zero
ID: 40619272
Like this?

---------

while ($true) {
  $Process = Get-Process ExeName
  if (-not $Process) {
    # Insert code to start the process here. Could be as simple as:
    Start-Process Time.exe
  }
  # Sleep a little while to control the speed of the loop
  Start-Sleep -Seconds 10
}
0
 
LVL 70

Accepted Solution

by:
Qlemo earned 2000 total points
ID: 40619348
No, it is much more simple. E.g. for NotePad, starting Calc (to not get into an endless loop when testing):
Register-WmiEvent -query 'select * from Win32_ProcessStopTrace where Processname=''notepad.exe''' -action { Start-Process Calc.exe }

Open in new window

Keep the PS you run that in opened, otherwise the registration will be removed again. In an all-in-one command, e.g. in Task Scheduler, you would use
PowerShell -NoExit -Command "& {Register-WmiEvent -query 'select * from Win32_ProcessStopTrace where Processname=''notepad.exe''' -action { Start-Process Calc.exe }}"

Open in new window

0
 
LVL 7

Author Comment

by:Network Zero
ID: 40619932
Qlemo when I ran

Register-WmiEvent -query 'select * from Win32_ProcessStopTrace where Processname=''notepad.exe''' -action { Start-Process Calc.exe }

Open in new window


It came up with calculators like a million times I had to shut down my computer is there any way to prevent it from opening more then once.

or will the task manager stop that. I want to run it on a server so don't want it to crash with a zillion exe's lol.
0
 
LVL 70

Expert Comment

by:Qlemo
ID: 40620074
This should only start one (!) calculator if Notepad is closed (!).
0
 
LVL 7

Author Comment

by:Network Zero
ID: 40620221
I ran the script

I had IE not running,  nothing happened

I opened IE and closed it.

And calc opened. I closed it then 3 more calcs came up

Calc
I opened and close IE again now I have 4 calculators LOL

I feel like I'm being attacked by calculators lol.. how can we keep it one calculator or one exe
Screenshot-6.png
0
 
LVL 7

Author Closing Comment

by:Network Zero
ID: 40620433
BOMB !!!  THIS WAS WHAT  I WAS LOOK FOR! I was able to take the script and make it work and I learned a bunch of stuff in the way!
0

Featured Post

Ransomware Attacks Keeping You Up at Night?

Will your organization be ransomware's next victim?  The good news is that these attacks are predicable and therefore preventable. Learn more about how you can  stop a ransomware attacks before encryption takes place with our Ransomware Prevention Kit!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Previously, on our Nano Server Deployment series, we've created a new nano server image and deployed it on a physical server in part 2. Now we will go through configuration.
Recently we ran in to an issue while running some SQL jobs where we were trying to process the cubes.  We got an error saying failure stating 'NT SERVICE\SQLSERVERAGENT does not have access to Analysis Services. So this is a way to automate that wit…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question