public static IEnumerable <UserProcess> Get_WMIProcess(Args_Get_WMIProcess args = null)
{
if (args == null)
{
args = new Args_Get_WMIProcess();
}
var UserProcesses = new List <UserProcess>();
foreach (var Computer in args.ComputerName)
{
try
{
var cls = WmiWrapper.GetClass($@"\\{Computer}\ROOT\CIMV2", "Win32_process", args.Credential);
var procs = WmiWrapper.GetInstances(cls);
foreach (var proc in procs)
{
var owner = WmiWrapper.CallMethod(proc, "GetOwner");
var UserProcess = new UserProcess
{
ComputerName = Computer,
ProcessName = proc.Properties["Caption"].Value.ToString(),
ProcessID = proc.Properties["ProcessId"].Value.ToString(),
Domain = $@"{owner["Domain"]}",
User = $@"{owner["User"]}",
};
UserProcesses.Add(UserProcess);
}
}
catch (Exception e)
{
Logger.Write_Verbose($@"[Get-WMIProcess] Error enumerating remote processes on '{Computer}', access likely denied: {e}");
}
}
return(UserProcesses);
}
public static IEnumerable <UserProcess> Get_NetProcess(Args_Get_WMIProcess args = null)
{
return(GetWMIProcess.Get_WMIProcess(args));
}
