TechQA.

Using WMI, how can I determine whether a remote process is 32-bit or 64-bit?

1.4k views Asked by At

I have a collection of win32_process objects queried from a remote machine using WMI. How do I determine whether each process is 32-bit or 64-bit?

c# 64-bit wmi win32-process
Original Q&A
2

There are 2 answers

1
Helen On

WMI doesn't have this functionality. The solution is to test each process's Handle using IsWow64Process via P/Invoke. This code should help you get the idea.

4
Xcalibur37 On

Try this:

/// <summary>
/// Retrieves the platform information from the process architecture.
/// </summary>
/// <param name="path"></param>
/// <returns></returns>
public static string GetPlatform(string path)
{
    string result = "";
    try
    {
        const int pePointerOffset = 60;
        const int machineOffset = 4;
        var data = new byte[4096];
        using (Stream s = new FileStream(path, FileMode.Open, FileAccess.Read))
        {
            s.Read(data, 0, 4096);
        }
        // Dos header is 64 bytes, last element, long (4 bytes) is the address of 
        // the PE header
        int peHeaderAddr = BitConverter.ToInt32(data, pePointerOffset);
        int machineUint = BitConverter.ToUInt16(data, peHeaderAddr +
                                                      machineOffset);
        result = ((MachineType) machineUint).ToString();
    }
    catch { }

    return result;
}



public enum MachineType
{
    Native = 0,
    X86 = 0x014c,
    Amd64 = 0x0200,
    X64 = 0x8664
}

Related Questions in C#

Related Questions in 64-BIT

Related Questions in WMI

Related Questions in WIN32-PROCESS

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions