c#wmi
Find suspended windows processes using WMI, why is "ExecutionState" always null?
I'm running the following code in a console program :-
var query = string.Format("select * from Win32_Process");
var searcher = new ManagementObjectSearcher(query);
var collection = searcher.Get();
foreach (ManagementObject o in collection)
{
if(o["CommandLine"] == null) continue;
if (o["ProcessId"] == null) continue;
if( o["ExecutionState"] == null)continue;
var executionState =o["ExecutionState"].ToString();
var commandLine = o["CommandLine"].ToString();
var processId = o["ProcessId"];
Console.WriteLine("{0}: {1} [{2}]",
processId,
executionState,
commandLine);
}
However the Execution state is always null. Anyone know why? I've tried running as Administrator.
using process explorer, I definitely have a process in a suspended state :-
Solution
Looks like ExecutionState isn't implemented and is always null. The official docs don't mention it, but third-party docs do.
- Sort program not working, not sure why
- Fast & accurate atan/arctan approximation algorithm
- What's the difference between strtok_r and strtok_s in C?
- How memory address for pointer to arrays is same as an element in 2D array?
- Which is the best way to suppress "unused variable" warning
- How to use ellipsis in c's case statement?
- How can I exclude non-numeric keys? CS50 Caesar Pset2
- Fast ceiling of an integer division in C / C++
- Is there an invalid pthread_t id?
- How to Implement Universal Setter/Getter Functions for Interrupt-Driven Variables in Embedded C?
- How does SIMD (avx) processing work? for example, if I want 10 32 bit floats how do i fit in a 256 bit avx vector?
- FDCAN problems on STM32G4
- How does the call macro enable mutual recursion between functions f and g in this Hanoi Tower implementation?
- Running test on Rocket core CPU - global variable initialized to 0 is unsuccessful, output wrong value instead
- Interacting with C arrays without knowing the size
- Combination of two strings
- Avoiding strcpy overflow destination warning
- carriage return by fgets
- How to use special characters in C?
- Why does 1.0/100.0 == 0.1/10.0 give True?
- Is it correct to compare pointers in C?
- Force free() to return malloc memory back to OS
- How can I print to standard error in C with 'printf'?
- What is the standard behavior of fread in C on Windows?
- How is strtok removing lines it shouldn't have access to?
- Using array as smart point in C
- Assigning string to malloced 2d char array not working as intended
- How to refactor repetition inside a Makefile?
- Why does an empty preprocessor command still evaluate to something?
- How to implement variable sized array within C struct