特定进程按名称加载的DLL列表 [英] List of DLLs loaded by specific process by its name
本文介绍了特定进程按名称加载的DLL列表的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我正在尝试使用以下代码列出要处理的dll:
I'm trying to list dll(s) loaded to processe with the following code:
Process[] ObjModulesList = Process.GetProcessesByName("iexplore");
foreach (Process prc in ObjModulesList)
{
ProcessModuleCollection ObjModules = prc.Modules;
foreach (ProcessModule objModule in ObjModules)
{
string strModulePath = objModule.FileName.ToString();
Console.WriteLine(strModulePath);
}
}
我遇到错误
32位进程无法访问64位进程的模块。
A 32 bit processes cannot access modules of a 64 bit process.
<我试图以管理员身份运行进程,并以64位和32位运行iexplore。
I tried to run my process as administrator, and running iexplore as 64-bit and as 32-bit. None of those working.
BTW,我必须将程序编译为32位。
BTW, I have to compile my program to 32-bit.
任何想法?
推荐答案
您可以使用WMI,这是一段获取所有进程和相关模块的代码:
You can use WMI, here is a piece of code that gets all processes and relative modules:
var wmiQueryString = string.Format("select * from CIM_ProcessExecutable");
Dictionary<int, ProcInfo> procsMods = new Dictionary<int, ProcInfo>();
using (var searcher = new ManagementObjectSearcher(string.Format(wmiQueryString)))
using (var results = searcher.Get())
{
foreach (var item in resMg.Cast<ManagementObject>())
{
try
{
var antecedent = new ManagementObject((string)item["Antecedent"]);
var dependent = new ManagementObject((string)item["Dependent"]);
int procHandleInt = Convert.ToInt32(dependent["Handle"]);
ProcInfo pI = new ProcInfo { Handle = procHandleInt, FileProc = new FileInfo((string)dependent["Name"]) };
if (!procsMods.ContainsKey(procHandleInt))
{
procsMods.Add(procHandleInt, pI);
}
procsMods[procHandleInt].Modules.Add(new ModInfo { FileMod = new FileInfo((string)antecedent["Name"]) });
}
catch (System.Management.ManagementException ex)
{
// Process does not exist anymore
}
}
}
在 procsMods 中,我们存储了进程和模块,现在我们将它们打印出来:
In procsMods we have stored processes and modules, now we print them:
foreach (var item in procsMods)
{
Console.WriteLine(string.Format("{0} ({1}):", item.Value.FileProc.Name, item.Key));
foreach (var mod in item.Value.Modules)
{
Console.WriteLine("\t{0}", mod.FileMod.Name);
}
}
这些是 ProcInfo 和 ModInfo 类:
class ProcInfo
{
public FileInfo FileProc { get; set; }
public int Handle { get; set; }
public List<ModInfo> Modules { get; set; }
public ProcInfo()
{
Modules = new List<ModInfo>();
}
}
class ModInfo
{
public FileInfo FileMod { get; set; }
}
这篇关于特定进程按名称加载的DLL列表的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
