Roth Consulting Perl Script: WMI

#  WMI_Kill.pl
#  Example 9.15:
#  ----------------------------------------
#  From "Win32 Perl Scripting: Administrators Handbook" by Dave Roth
#  http://www.roth.net/books/handbook/
#  Published by New Riders Publishing.
#  ISBN # 1-57870-215-1
#
#  This script uses WMI to kill processes on remote machines.
#
#  Syntax:
#     WMI_Kill.pl \\machine Process1 [Process2 ...]
#
#     \\machine.....Computer name of remote machine (use . for local)
#     Process.......PID or name of process to kill
#                   eg: 1234 or IExplore.exe 
#                   You can use regex: IExplore.* 
#
#
#
print "From the book 'Win32 Perl Scripting: The Administrator's Handbook' by Dave Roth\n\n";


use Win32::OLE qw( in );

$Machine = "." unless( $Machine = shift @ARGV );
$Machine =~ s#^[\\/]+## if( $ARGV[0] =~ m#^[\\/]{2}# );

# This is the WMI moniker that will connect to a machine's 
# CIM (Common Information Model) repository
$CLASS = "WinMgmts:{impersonationLevel=impersonate}!//$Machine";

# Get the WMI (Microsoft's implementation of WBEM) interface
$WMI = Win32::OLE->GetObject( $CLASS )
  || die "Unable to connect to \\$Machine:" . Win32::OLE->LastError();

# Get the collection of Win32_Process objects
$ProcList = $WMI->InstancesOf( "Win32_Process" );

# Try to kill each PID passed in
foreach $Pid ( @ARGV )
{
  my $KillList = GetProc( $Pid, $ProcList );
  if( scalar @$KillList )
  {
    foreach my $Proc ( @$KillList )
    {
      print "Killing $Proc->{Name} ($Proc->{ProcessID})...";
  
      # We found the correct Win32_Process object so 
      # call its Terminate method
      $Result = $Proc->Terminate( 0 );
      if( 0 == $Result )
      {
        print "Successfully terminated";
      }
      else
      {
        print "Failed to terminate";
      }
      print "\n";
    }
  }
  else
  {
    print "$Pid not found.";
  }
}

sub GetProc
{
  my( $Pid, $ProcList ) = @_;
  if( $Pid =~ /^\d+$/ )
  {
    $List = GetProcByPid( $Pid, $ProcList );
  }
  else
  {
    $List = GetProcByName( $Pid, $ProcList );
  }
  return( $List );
}

sub GetProcByPid
{
  my( $Pid, $ProcList ) = @_;
  
  # Cycle through each Win32_Process object 
  # until you find the right one
  foreach my $Proc ( in( $ProcList ) )
  {
    return( [ $Proc ] ) if( $Pid == $Proc->{ProcessID} );
  }
  return( [] );
}

sub GetProcByName
{
  my( $Name, $ProcList ) = @_;
  my( @Procs );
  my( $Regex ) = ( $Name =~ m#[$^\\/*?{}\[\]]+# );
  
  # Cycle through each Win32_Process object 
  # until you find the right one
  foreach my $Proc ( in( $ProcList ) )
  {
    if( $Regex )
    {
      push( @Procs, $Proc ) if( $Proc->{Name} =~ /$Name/i );
    }
    else
    {
      push( @Procs, $Proc ) if( lc $Name eq lc $Proc->{Name} );
    }
  }
  return( \@Procs );
}

	Are you searching for a children's bike trailer?
	Would you like to try growing an avocado plant?
	Easily lose weight by increasing your metabolism.
	What, exactly, is a Calorie?
	Want to know about schooling your child using the Montessori method.

`Name:`	`WMI_Kill.pl`
`Version:`	`20050817`
`Last Updated:`	`2005.08.17`
`Author:`	`Dave Roth`
`Description:`	`Terminates running processes on local or remote machine using WMI`
`Explanation:`	`No explanation has been provided`

Perl Script: WMI_Kill.pl

The WMI_Kill.pl Script: