List of DLLs loaded by a specific process by its name

Question

List of DLLs loaded by a specific process by its name

I am trying to list the dll (s) loaded in processe using the following code:

Process[] ObjModulesList = Process.GetProcessesByName("iexplore");

foreach (Process prc in ObjModulesList)
{
    ProcessModuleCollection ObjModules = prc.Modules;
    foreach (ProcessModule objModule in ObjModules)
    {
        string strModulePath = objModule.FileName.ToString();
        Console.WriteLine(strModulePath);
    }
}

I get an error

32-bit processes cannot access the modules of a 64-bit process.

I tried to start my process as an administrator and run iexplore as 64-bit and 32-bit. None of the workers work.

By the way, I need to compile my program into 32-bit.

Any ideas?

+4

c # process 32bit-64bit

AK87 Oct 21 '15 at 14:12

source share

2 answers

x64.

: http://www.codeproject.com/Articles/301/Display-Loaded-Modules-v

-1

EC DeV 21 . '15 14:47

Matteo Umili · Accepted Answer · 2015-10-22T10:08:29+0000

You can use WMI, here is a snippet of code that receives all processes and relative modules:

var wmiQueryString = string.Format("select * from CIM_ProcessExecutable");
Dictionary<int, ProcInfo> procsMods = new Dictionary<int, ProcInfo>();
using (var searcher = new ManagementObjectSearcher(string.Format(wmiQueryString)))
using (var results = searcher.Get())
{
    foreach (var item in resMg.Cast<ManagementObject>())
    {
        try
        {
            var antecedent = new ManagementObject((string)item["Antecedent"]);
            var dependent = new ManagementObject((string)item["Dependent"]);
            int procHandleInt = Convert.ToInt32(dependent["Handle"]);
            ProcInfo pI = new ProcInfo { Handle = procHandleInt, FileProc = new FileInfo((string)dependent["Name"]) };
            if (!procsMods.ContainsKey(procHandleInt))
            {
                procsMods.Add(procHandleInt, pI);
            }
            procsMods[procHandleInt].Modules.Add(new ModInfo { FileMod = new FileInfo((string)antecedent["Name"]) });
        }
        catch (System.Management.ManagementException ex)
        {
            // Process does not exist anymore
        }
    }
}

In procsModswe saved the processes and modules, now we print them:

foreach (var item in procsMods)
{
    Console.WriteLine(string.Format("{0} ({1}):", item.Value.FileProc.Name, item.Key));
    foreach (var mod in item.Value.Modules)
    {
        Console.WriteLine("\t{0}", mod.FileMod.Name);
    }
}

ProcInfo ModInfo:

class ProcInfo
{
    public FileInfo FileProc { get; set; }
    public int Handle { get; set; }
    public List<ModInfo> Modules { get; set; }

    public ProcInfo()
    {
        Modules = new List<ModInfo>();
    }
}

class ModInfo
{
    public FileInfo FileMod { get; set; }
}

List of DLLs loaded by a specific process by its name

More articles: