This will return information similar to this:

SERVICE_NAME: WSearch
DISPLAY_NAME: Windows Search
        TYPE               : 10  WIN32_OWN_PROCESS
        STATE              : 4  RUNNING
                                (STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDO
+WN)
        WIN32_EXIT_CODE    : 0  (0x0)
        SERVICE_EXIT_CODE  : 0  (0x0)
        CHECKPOINT         : 0x0
        WAIT_HINT          : 0x0

SERVICE_NAME: wuauserv
DISPLAY_NAME: Automatic Updates
        TYPE               : 20  WIN32_SHARE_PROCESS
        STATE              : 4  RUNNING
                                (STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDO
+WN)
        WIN32_EXIT_CODE    : 0  (0x0)
        SERVICE_EXIT_CODE  : 0  (0x0)
        CHECKPOINT         : 0x0
        WAIT_HINT          : 0x0
[download]

Good luck!

Thanks perlofwisdom for the reply. I've never used the sc command before, and it was interesting to learn about it. However, I don't think this helps with the current problem, since all of the service names that show up in the sc command look "normal" (Wmi, WinVNC4, etc).

I'm looking for a service name in hex, of the form 8BAA28BF-8565-43BE-81C0-E7BBD94187D3, which is stuff that looks like it comes out of the windows registry (I could be wrong on this, I'm hoplessly confused by windows musty innards). I need this type of service name, so I can use Win32::File::CreateFile() on it to create a device file, so I can do an IOCTL on it, to speak directly with the currently running device driver, to have it dump out the permanent MAC address of the hardware, and the current MAC address that the device driver is using (they can be different). Whew...

Excruciating details on this whole effort can be found in id:639048

Putting the question another way. How can I get the hex service name of a device, without knowing the hardcoded $dev value in my example script?

Thanks

-Craig

Looking for values from the output of wmic nic list ... it seems to me that that corresponds to the following Registry tree:

especially:

• One of the subkeys (e.g. "0002"; may actually vary per machine) has an entry 0002//NetCfgInstanceId which value is the same GUID you find in LMachine/SOFTWARE/Microsoft/Windows NT/CurrentVersion/NetworkCards/2//ServiceName (1:1 correspondence on my machines; actual GUID may vary per machine/nic)
• The "ServiceName" (wmic) you mention is the 0002/Ndi//Service entry

Just guesswork from a quick scan, but HTH.

My first thought was that if it's not in the output of wmic nic list full then you won't get it from wmic, but combined with the info from pKai, it looks like you could piece it together.

When I wmic nic list full there's a suspicious "Index" that (on my computer) goes from 1 to 9. When I go into the registry at pKai's:
LMACHINE/SYSTEM/CurrentControlSet/Control/Class/{4D36E972-E325-11CE-BFC1-08002bE10318}
I see an index from 0 to 8, so I'm guessing that between wmic and the registry you could get at what you're after

I'm wondering, though if there isn't an XY problem here. You seem to be where I am when I get myself into the most trouble very focused, tunnel vision, stubbornly fighting with the computer. Is there a better way to solve the problem your working on? Is the permanent MAC / current MAC something you could let go of and solve a different way? If you gave a little more context, perhaps the Monks here could help with that more.

If this is the only way, then I hope our observations on wmic and the registry help.

Can I not hide anything from you perlmonk wizards? :-)

You are correct goibhniu, this is an XY problem, which is why I didn't bother to attach this side issue to the original thread id:639048. I'm actually working on a solution to the original problem, and got stuck on this side issue, trying to understand how to get the hex servicename from the not-hex servicename.

Given that this whole problem may become moot, I'm still interested in knowing if it is possible to find the hex servicename for something without "hardcoding" a probable path in for it. The vague mists of my memory nag at me that there is a way to do this I once explored, but I can't come up with what it is to save my life.

Yes, yes, yes, everyones observations on wmic and the registry are helping very much. I apologize if I can't respond to everyone's thoughts, but I am dole-ing out my meager XP points as fast as I'm allowed.

Thanks to everyone for holding my hand through this uncharted (and spooky) adventure!

-Craig

I remembered Getting MAC Address(s) on Windows PCs. I wasn't so much thinking that service name was a distraction from finding the two MAC address problem. I was wondering if the two MAC address problem might be hiding another problem. Maybe that makes this an XYZ problem?

You can hide all you want form perlmonks. We'll try to help anyway. :)

(total side note here: the way to link to a node is [id://nodeid], not [id:nodeid]. Note the slashes.)

---

I humbly seek wisdom.

this can be done easily if u have the HEX service name with you .... browse thru the registry to HKCR\CLSID\ you will find it there. another way is to go to DCOMCNFG.exe component services\computers\mycomputer\dcom config.

That does not correspond, on my machine.

I suppose you could read all the subkeys of

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkCards

then match $node{Name} to the first value contained in the "Description" of each subkey entry. Update: Working code that gets the GUID, if it exists:

use strict;

use Win32::TieRegistry;
use Data::Dumper;

# Get nic info via wmic (not available on all versions of windows)...
my @devs = split(/^\s*\n/m, `wmic nic list brief /format:value`);
my %Regvalues;
shift(@devs);                    # Remove initial blank line



DumpReg();
Dumpwmic( $_ )for (0..15);

sub Dumpwmic{
   my $d = $devs[shift];                # Take the 2nd device
   my %node = split(/[=\n]/, $d);            # Hashify information
   $node{Name} =~s/\s+$//;
   print Dumper(\%node);
   print $Regvalues{ $node{Name} } . "\n";
}

sub DumpReg{

   my $dev="LMachine/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Netw
+orkCards";

   my $key=$Registry->Open($dev, { Access => "KEY_READ", Delimiter => 
+"/" } );
  foreach my $subKey (  $key->SubKeyNames  ) {
     $Regvalues{ $key->{$subKey}->{Description}  } =   $key->{ $subKey
+}->{ServiceName};
     print "$subKey=" . $key->{$subKey}->{Description} . " " .
        $key->{ $subKey}->{ServiceName} . "\n";

  }
}
[download]

     "As you get older three things happen. The first is your memory goes, and I can't remember the other two... " - Sir Norman Wisdom

Many thanks NetWallah for the great update! Your use of the correct term for the hex servicename (GUID), jogged my memory on when I last looked into this stuff. I may be able to dig up something from the past.

Here is the problem I asking for direction with now:

On my machine, "wmic nic list brief" gives me 22 devices:

Read more... (2 kB)
However, looking at the registry with the following code, I only get information on 3 of the devices:
Read more... (1366 Bytes)
I would like to get the GUID for a device that doesn't appear in the registry. How do I do this?

Anticipating a possible answer: If the GUID doesn't exist, how can I get one created for a given device?

Many, many, thanks!

-Craig