Getting a list of DLLs currently loaded in a process

Last edited on


It can be useful to know which .dlls an application has loaded when analysing DLL-related problems.

For this particular purpose you can use Microsoft's Process Explorer tool.

Getting list of DLLs with Process Explorer

Viewing the list of currently loaded DLLs

⚠️ After starting Process Explorer select the process or application that you want to inspect. We have used notepad++.exe in this example:

Then click ViewLower Pane ViewDLLs (or press Ctrl+D):

⚠️ Now the lower pane view is visible; it lists the DLLs loaded by the selected process only!

Saving the list of DLLs of the selected process

The list of DLLs of the selected (!) process can be saved (which is useful if you want someone else to look at it) by clicking FileSave as... (or press Ctrl+A):

The resulting file starts with the process list and after that it lists the selected process's DLLs:


Process: notepad++.exe Pid: 148

Name	Description	Company Name	Version
advapi32.dll	Erweiterte Windows 32 Base-API	Microsoft Corporation	6.1.7601.17514
apisetschema.dll	ApiSet Schema DLL	Microsoft Corporation	6.1.7600.16385
apphelp.dll	Clientbibliothek für Anwendungskompatibilität	Microsoft Corporation	6.1.7601.17514
cfgmgr32.dll	Configuration Manager DLL	Microsoft Corporation	6.1.7601.17514

Getting list of DLLs with ListDLLs

The command line tool ListDLLs from Microsoft can also list the DLLs loaded by a process:

C:\Users\myuser>listdlls notepad.exe
ListDLLs v3.1 - List loaded DLLs
Copyright (C) 1997-2011 Mark Russinovich
Sysinternals -

notepad.exe pid: 7972
Command line: "C:\Windows\system32\notepad.exe"

Base                Size      Path
0x00000000ff880000  0x35000   C:\Windows\system32\notepad.exe
0x0000000077000000  0x1a9000  C:\Windows\SYSTEM32\ntdll.dll
0x0000000076ee0000  0x11f000  C:\Windows\system32\kernel32.dll
0x00000000fd720000  0x6c000   C:\Windows\system32\KERNELBASE.dll
0x00000000fed20000  0xdb000   C:\Windows\system32\ADVAPI32.dll
0x00000000fd830000  0x9f000   C:\Windows\system32\msvcrt.dll
0x00000000fdb10000  0x1f000   C:\Windows\SYSTEM32\sechost.dll
0x00000000ff0d0000  0x12d000  C:\Windows\system32\RPCRT4.dll
0x00000000ff200000  0x67000   C:\Windows\system32\GDI32.dll
0x0000000076920000  0xfa000   C:\Windows\system32\USER32.dll
0x00000000feeb0000  0xe000    C:\Windows\system32\LPK.dll
0x00000000fd9e0000  0xc9000   C:\Windows\system32\USP10.dll
0x00000000ff270000  0x97000   C:\Windows\system32\COMDLG32.dll
0x00000000fee30000  0x71000   C:\Windows\system32\SHLWAPI.dll
0x00000000fbcc0000  0x1f4000  C:\Windows\WinSxS\\COMCTL32.dll
0x00000000fdf90000  0xd88000  C:\Windows\system32\SHELL32.dll
0x00000000f8c50000  0x71000   C:\Windows\system32\WINSPOOL.DRV
0x00000000feec0000  0x203000  C:\Windows\system32\ole32.dll
0x00000000fdcd0000  0xd7000   C:\Windows\system32\OLEAUT32.dll
0x00000000fc3b0000  0xc000    C:\Windows\system32\VERSION.dll
0x00000000fee00000  0x2e000   C:\Windows\system32\IMM32.DLL
0x00000000fd8d0000  0x109000  C:\Windows\system32\MSCTF.dll
0x00000000fd390000  0xf000    C:\Windows\system32\CRYPTBASE.dll
0x00000000fb9d0000  0x56000   C:\Windows\system32\uxtheme.dll
0x00000000fb5d0000  0x18000   C:\Windows\system32\dwmapi.dll

Saving the list of DLLs

For this standard I/O redirection can be used:

listdlls notepad.exe >temp.txt

The output of the command is then contained in the file temp.txt.