How to identify 32-bit processes

Question

How to identify 32-bit processes

I am writing a C # plugin for an audit application that needs to get a list of 32-bit applications running inside a 64-bit OS. At this point, I'm stuck on how to identify a 32-bit process.

Please help me.

+4

c # .net 64bit

AbrahamJP Apr 13 '11 at 6:49

source share

2 answers

Take a look at http://social.msdn.microsoft.com/Forums/en-US/netfxtoolsdev/thread/491ea0b3-3e5b-4fa2-a2c3-2f1e485aed0c/ .

I think this is possible with WMI.

+2

Jahan zinedine Apr 13 '11 at 6:53

source share

Chriswue · Accepted Answer · 2011-04-13T06:56:48+0000

You can use the IsWow64Process API IsWow64Process to determine if a process runs under 32-bit emulation on a 64-bit OS.

Here is the pinvoke link

Update . I compared this a bit with the following results:

Enumerating all processes using Process.GetProcesses() takes most of the time, approx. 12 ms on my laptop having 93 processes.
Getting the handle and making an IsWow64Process call took approx. 0.1 ms per process on the same laptop.
Getting all processes using WMI takes approx. 520 ms on one laptop (93 processes also work).

Basically: if you cope with the fact that the process may disappear after you get the list, and before you manage to request it, using the pinvoke method seems to me faster and faster than using WMI. Although WMI may be less intrusive (from a process point of view).

How to identify 32-bit processes

More articles: