Solved

Need Help Converting VB Script/WMI code into VB.NET Code (Remote Process Kill)

Posted on 2004-09-16
6
1,850 Views
Last Modified: 2012-08-14
As the subject implies, I need help converting VB Script / WMI code into VB.NET.

I need this utility to kill processes on remote machines:


Here is the current VB Script/WMI code that works:
*****************************************************
Option Explicit
Dim objShell
Dim objNet
Dim strTitle
Dim mach
Dim Computer
Dim CompHost
Dim Process
Dim Processes
Dim StpScript
Dim StpService
Dim objWMIService
Dim colServices
Dim objService
Dim errReturnCode
Dim colProcessList
Dim objProcess

Set objShell = CreateObject("wscript.shell")
Set objNet = CreateObject("wscript.network")

mach = "test_machine_name"

Processes = Array("'radexecd'","'radsched'","'radstgms'","'radpinit'","'radskman'","'radrexxw'","'radiamsi'","'radconct'","'radpnlwr'","'nvdutils'","'wscript'")            

 
  For Each Process In Processes
 Set objWMIService = GetObject("winmgmts:" _
    & "{impersonationLevel=impersonate}!\\" & mach & "\root\cimv2")
 Set colServices = objWMIService.ExecQuery _
    ("SELECT * FROM Win32_Service WHERE Name = "&Process&"")
  For Each objService in colServices
    errReturnCode = objService.StopService()
  Next
    Next



*******************************************************************
Now, Here is what I have in my Visual Studio VB.net form
*******************************************************************

Dim objShell
        Dim objNet
        Dim strTitle
        Dim mach
        Dim Computer
        Dim CompHost
        Dim Process
        Dim Processes As New ArrayList
        Dim StpScript
        Dim StpService
        Dim objWMIService
        Dim colServices
        Dim objService
        Dim errReturnCode
        Dim colProcessList
        Dim objProcess

        'On Error Resume Next

        mach = ComboBox2.Text

        Processes.Add("radskman")
        Processes.Add("radpinit")
        Processes.Add("radconct")
        Processes.Add("radrexxw")

        Dim strWinMgt
        Dim strQuery, strComputerName
        Dim Process_Collection


        For Each Process In Processes
            strWinMgt = "winmgmts://" & strComputerName & ""
            strQuery = "select * from Win32_Process where Name = " & Process & ""
            Process_Collection = GetObject(strWinMgt).ExecQuery(strQuery)

            For Each objService In Process_Collection
                errReturnCode = objService.StopService()
            Next
        Next



**************

The only real difference I am seeing here is around this line in the WMI script:

 Set objWMIService = GetObject("winmgmts:" _
    & "{impersonationLevel=impersonate}!\\" & mach & "\root\cimv2")

**************


Im not sure how to set the impersonationLevel in VB.net like it should be.....

Results are if I use the .NET form, it does not stop the processes, but the VB script does.... can anyone help?
0
Comment
Question by:phesser
  • 4
  • 2
6 Comments
 
LVL 7

Expert Comment

by:sj_hicks
ID: 12081441
Note that you should be using the Terminate.  The StopService method does not exist in Win32_Process.

Below is code I've use to call the WMI shutdown WMI method in VB.NET (*tested*).  This shows how one way of executing WMI methods ion VB.NET:

        Dim strComputer As String = "."
        Dim options As New ConnectionOptions
        options.Impersonation = ImpersonationLevel.Impersonate
        options.EnablePrivileges = True
        ' Select all from WMI class Win32_OperatingSystem
        Dim ms As New ManagementScope("\\" & strComputer & "\root\CIMV2", options)
        Dim q As New SelectQuery("SELECT * FROM Win32_OperatingSystem")
        Dim search As New ManagementObjectSearcher(ms, q)

        ' methodArgs defines the options to shutdown with
        Dim methodArgs() As Object = {shutdownFlags, 0}
        ' enum each entry for Win32_OperatingSystem and call WMI Win32Shutdown method
        Dim os As ManagementObject
        For Each os In search.Get()
            os.InvokeMethod("Win32Shutdown", methodArgs)
        Next


So you'd probably need to do something like the following (*untested*) to terminate processes:

        Dim strComputer As String = "."
        Dim options As New ConnectionOptions
        options.Impersonation = ImpersonationLevel.Impersonate
        options.EnablePrivileges = True

        Dim ms As New ManagementScope("\\" & strComputer & "\root\CIMV2", options)
        Dim q As New SelectQuery(""select * from Win32_Process where Name=" & strProcessName)
        Dim search As New ManagementObjectSearcher(ms, q)

        Dim os As ManagementObject
        For Each os In search.Get()
            os.InvokeMethod("Terminate")
        Next


Hope this helps.
0
 

Author Comment

by:phesser
ID: 12084206
sj_hicks,

I tried your process and had 2 problems, here is my code snippet::

**************************************************************
        Processes.Add("radskman")
        Processes.Add("radpinit")
        Processes.Add("radconct")
        Processes.Add("radrexxw")

        Dim strWinMgt
        Dim strQuery, strComputerName
        Dim Process_Collection

        Dim strComputer As String = "."
        Dim options As New ConnectionOptions
        options.Impersonation = ImpersonationLevel.Impersonate
        options.EnablePrivileges = True

        For Each Process In Processes
            Dim ms As New ManagementScope("\\" & strComputer & "\root\CIMV2", options)
            Dim q As New SelectQuery("select * from Win32_Process where Name=" & Process & "")
            Dim search As New ManagementObjectSearcher(ms, q)

            Dim os As ManagementObject
            For Each os In search.Get()
                os.InvokeMethod("Terminate")
            Next
        Next


****************************************************

I had to format the line below differently:
Dim q As New SelectQuery("select * from Win32_Process where Name=" & Process & "")

And this line was getting an error " Overload resolution failed becase no "InvokeMethod" accepts this number of arguments"
os.InvokeMethod("Terminate")

Have any clues on how to fix it?
0
 

Author Comment

by:phesser
ID: 12087093
Raising the points, really need an answer on this one...

IMPORTANT NOTE:  These are processes that are 'spawned' from services..these are not services directly, if that makes a difference.

0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 

Author Comment

by:phesser
ID: 12089599
Also note, applications like PSKill work to kill these processes...thats what I am trying to mimic but with inherent vb.net code.

Increasing points to 350.
0
 
LVL 7

Accepted Solution

by:
sj_hicks earned 400 total points
ID: 12098131
Hey phesser,

The modified code below is tested and successfully kills the process named myapp.exe.  I've only tested on current computer, but WMI shouldn't have any problems killing the processes on remote machines if you have the appropriate access.  This code requires a reference to System.Management.

        Dim strProcess As String
        Dim methodArgs() As Object = {}
        Dim strComputer As String = "."
        Dim options As New ConnectionOptions

        strProcess = "myapp.exe"

        options.Impersonation = ImpersonationLevel.Impersonate
        options.EnablePrivileges = True

        Dim ms As New ManagementScope("\\" & strComputer & "\root\CIMV2", options)
        Dim q As New SelectQuery("select * from Win32_Process where Name='" & strProcess & "'")
        Dim search As New ManagementObjectSearcher(ms, q)

        Dim wmiprocess As ManagementObject
        For Each wmiprocess In search.Get()
            wmiprocess.InvokeMethod("Terminate", methodArgs)
        Next
0
 

Author Comment

by:phesser
ID: 12103358
sj_hicks, you are the man, appreciate the help...that works quite well :)

Increasing the points to 400 for exceptional work.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Library to convert HTML to PDF. 8 57
Get String split 5 48
Open a word document 23 33
How to Retrieve data from SQl database into multiple Textboxes VB.net 25 36
Article by: Kraeven
Introduction Remote Share is a simple remote sharing tool, enabling you to see, add and remove remote or local shares. The application is written in VB.NET targeting the .NET framework 2.0. The source code and the compiled programs have been in…
A while ago, I was working on a Windows Forms application and I needed a special label control with reflection (glass) effect to show some titles in a stylish way. I've always enjoyed working with graphics, but it's never too clever to re-invent …
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now