3735943886 · August 4, 2023 17:27
diff --git a/GetLastInputInfoFromWMI.c b/GetLastInputInfoFromWMI.c
 #pragma comment (lib, "ole32")
 #pragma comment (lib, "oleaut32")
 #pragma comment (lib, "wbemuuid")

 #include <stdio.h>
 #include <windows.h>
 #include <wbemidl.h>

 void GetLastInputInfoFromWmi()
 {
 	HRESULT hr = 0;

 	IWbemLocator *locator  = NULL;
 	IWbemServices *services = NULL;
 	IEnumWbemClassObject *results  = NULL;

 	BSTR resource = SysAllocString(L"ROOT\\CIMV2");
 	BSTR language = SysAllocString(L"WQL");
 	BSTR query = SysAllocString(L"SELECT * FROM Win32_process where name=\"csrss.exe\"");

 	hr = CoInitializeEx(0, COINIT_MULTITHREADED);
 	hr = CoInitializeSecurity(NULL, -1, NULL, NULL, RPC_C_AUTHN_LEVEL_DEFAULT, RPC_C_IMP_LEVEL_IMPERSONATE, NULL, EOAC_NONE, NULL);

 	hr = CoCreateInstance(&CLSID_WbemLocator, 0, CLSCTX_INPROC_SERVER, &IID_IWbemLocator, (LPVOID *) &locator);
 	hr = locator->lpVtbl->ConnectServer(locator, resource, NULL, NULL, NULL, 0, NULL, NULL, &services);

 	hr = services->lpVtbl->ExecQuery(services, language, query, WBEM_FLAG_BIDIRECTIONAL, NULL, &results);

 	if (results != NULL)
 	{
 		IWbemClassObject *result = NULL;
 		ULONG returnedCount = 0;

 		while((hr = results->lpVtbl->Next(results, WBEM_INFINITE, 1, &result, &returnedCount)) == S_OK)
 		{
 			VARIANT roCnt, seId;
 			ULONGLONG lCnt = 0;

 			hr = result->lpVtbl->Get(result, L"SessionId", 0, &seId, 0, 0);
 			printf("Session ID %d\n", seId.uintVal);
 			
 			hr = result->lpVtbl->Get(result, L"ReadOperationCount", 0, &roCnt, 0, 0);
 			VarUI8FromStr(roCnt.bstrVal, GetSystemDefaultLCID(), 0, &lCnt);
 			printf("Read Operation Count %llu\n", lCnt);

 			result->lpVtbl->Release(result);
 		}
 	}

 	results->lpVtbl->Release(results);
 	services->lpVtbl->Release(services);
 	locator->lpVtbl->Release(locator);

 	CoUninitialize();

 	SysFreeString(query);
 	SysFreeString(language);
 	SysFreeString(resource);

 }

 void main()
 {
 	GetLastInputInfoFromWmi();
 }
	#pragma comment (lib, "ole32")
	#pragma comment (lib, "oleaut32")
	#pragma comment (lib, "wbemuuid")

	#include <stdio.h>
	#include <windows.h>
	#include <wbemidl.h>

	void GetLastInputInfoFromWmi()
	{
	HRESULT hr = 0;

	IWbemLocator *locator = NULL;
	IWbemServices *services = NULL;
	IEnumWbemClassObject *results = NULL;

	BSTR resource = SysAllocString(L"ROOT\\CIMV2");
	BSTR language = SysAllocString(L"WQL");
	BSTR query = SysAllocString(L"SELECT * FROM Win32_process where name=\"csrss.exe\"");

	hr = CoInitializeEx(0, COINIT_MULTITHREADED);
	hr = CoInitializeSecurity(NULL, -1, NULL, NULL, RPC_C_AUTHN_LEVEL_DEFAULT, RPC_C_IMP_LEVEL_IMPERSONATE, NULL, EOAC_NONE, NULL);

	hr = CoCreateInstance(&CLSID_WbemLocator, 0, CLSCTX_INPROC_SERVER, &IID_IWbemLocator, (LPVOID *) &locator);
	hr = locator->lpVtbl->ConnectServer(locator, resource, NULL, NULL, NULL, 0, NULL, NULL, &services);

	hr = services->lpVtbl->ExecQuery(services, language, query, WBEM_FLAG_BIDIRECTIONAL, NULL, &results);

	if (results != NULL)
	{
	IWbemClassObject *result = NULL;
	ULONG returnedCount = 0;

	while((hr = results->lpVtbl->Next(results, WBEM_INFINITE, 1, &result, &returnedCount)) == S_OK)
	{
	VARIANT roCnt, seId;
	ULONGLONG lCnt = 0;

	hr = result->lpVtbl->Get(result, L"SessionId", 0, &seId, 0, 0);
	printf("Session ID %d\n", seId.uintVal);

	hr = result->lpVtbl->Get(result, L"ReadOperationCount", 0, &roCnt, 0, 0);
	VarUI8FromStr(roCnt.bstrVal, GetSystemDefaultLCID(), 0, &lCnt);
	printf("Read Operation Count %llu\n", lCnt);

	result->lpVtbl->Release(result);
	}
	}

	results->lpVtbl->Release(results);
	services->lpVtbl->Release(services);
	locator->lpVtbl->Release(locator);

	CoUninitialize();

	SysFreeString(query);
	SysFreeString(language);
	SysFreeString(resource);

	}

	void main()
	{
	GetLastInputInfoFromWmi();
	}