2

In Sysinternals Process Explorer there exists a tab ".NET Assemblies".

This tab is only shown in the properties for processes that actually use .NET Assemblies.

How can I get the same information on any running process using PowerShell or C#?

Thanks.

Timo Sperisen
  • 463
  • 7
  • 8
  • Check [this](http://stackoverflow.com/questions/383686/how-do-you-loop-through-currently-loaded-assemblies) – 3615 Sep 22 '16 at 06:58
  • Thanks. Unfortunately it looks as if that code is meant for 'Self Reflection' of a Process. I want to read out info on other processes currently running. – Timo Sperisen Sep 22 '16 at 07:15
  • Ok, then you can use MDBG to attach to that process and analize it's assemblies. But maybe it's an overkill and there is some easier way. – 3615 Sep 22 '16 at 07:25

2 Answers2

2

After looking at this answer I've realized that maybe there is no easy way to get what you need. So let's go with MDBG to solve your challenge for managed processes:

        _engine = new MDbgEngine();
        _engine.Attach(p.Id, RuntimeEnvironment.GetSystemVersion());
        _engine.Processes.Active.Go().WaitOne();
        foreach (MDbgAppDomain appDomain in _engine.Processes.Active.AppDomains) {
            foreach (CorAssembly assembly in appDomain.CorAppDomain.Assemblies) {
                Console.WriteLine(assembly.Name);
            }

        }

You will have to using MDBG package from nuget: <package id="Microsoft.Samples.Debugging.MdbgEngine" version="1.4.0.0" targetFramework="net452" />

Community
  • 1
  • 1
3615
  • 3,787
  • 3
  • 20
  • 35
  • Thanks for that input. I used that and was able to some extent to gather the assemblies. For some processes ( like chrome) it seems to hang. – Timo Sperisen Sep 23 '16 at 14:56
  • @TimoSperisen As I mentioned in response it works only for .NET managed processes, while Chrome as far as I know is written mainly in C++ and not running on CLR. What does the tab ".NET Assemblies" shows for chrome in Sysinternals Process Explorer ? – 3615 Sep 23 '16 at 15:05
  • @TimoSperisen To avoid hunging you may try something like [this](http://stackoverflow.com/a/2080161/5246145) (never tested it) – 3615 Sep 23 '16 at 15:11
  • Thanks for the link. That example seemed to work better! – Timo Sperisen Sep 27 '16 at 16:28
1

ClrMD (Microsoft.Diagnostics.Runtime) could be used.

An example of Powershell usage:

  • download Microsoft.Diagnostics.Runtime nupkg file and unpack it to get Microsoft.Diagnostics.Runtime.dll

  • get an ID of the target process

  • run script below using the process ID and correct path to Microsoft.Diagnostics.Runtime.dll

     [int]$targetProcessId=12345
 [Reflection.Assembly]::LoadFile('.\Microsoft.Diagnostics.Runtime.dll')

 $dataTarget = [Microsoft.Diagnostics.Runtime.DataTarget]::AttachToProcess($targetProcessId, 1) #AttachFlags.Noninvasive
 try
 {
     $clrRuntime = $dataTarget.ClrVersions[0].CreateRuntime()

     foreach ($domain in $clrRuntime.AppDomains) {
         Write-Host "Domain ID: " $domain.Id ", Name: " $domain.Name

         foreach ($clrModule in $domain.Modules) {           
             Write-Host "`t`t" $clrModule.Name
         }
     }
 }
 finally
 {
     $dataTarget.Dispose()
 }
Renat
  • 7,718
  • 2
  • 20
  • 34