I'm getting the modules being used by Chrome to see if the pepflashplayer.dll (FLASH PLAYER) has started
I'm using this code for this
void ListAllProcesses() {
var hProcessSnap = WinAPI.CreateToolhelp32Snapshot(WinAPI.SnapshotFlags.TH32CS_SNAPPROCESS, IntPtr.Zero);
var processEntry = new WinAPI.PROCESSENTRY32();
processEntry.dwSize = (uint)Marshal.SizeOf(typeof(WinAPI.PROCESSENTRY32));
if (WinAPI.Process32First(hProcessSnap, ref processEntry)) {
do {
ListProcessModules(processEntry.th32ProcessID, processEntry.szExeFile);
processEntry = new WinAPI.PROCESSENTRY32();
processEntry.dwSize = (uint)Marshal.SizeOf(typeof(WinAPI.PROCESSENTRY32));
} while (WinAPI.Process32Next(hProcessSnap, ref processEntry));
}
}
void ListProcessModules(uint dwPID, string szExeFile) {
var hModuleSnap = WinAPI.CreateToolhelp32Snapshot(WinAPI.SnapshotFlags.TH32CS_SNAPALL | WinAPI.SnapshotFlags.TH32CS_SNAPMODULE, (IntPtr)dwPID);
var moduleEntry = new WinAPI.MODULEENTRY32();
moduleEntry.dwSize = (uint)Marshal.SizeOf(typeof(WinAPI.MODULEENTRY32));
if (WinAPI.Module32First(hModuleSnap, ref moduleEntry)) {
do {
if (moduleEntry.szModule == "pepflashplayer.dll") {
processID = dwPID;
Debug.WriteLine(processID);
label_ALERTMSG_PROCESSWAIT.Text = "ProcessID: " + dwPID + " - " + moduleEntry.szModule;
label_ALERTMSG_PROCESSWAIT.ForeColor = Color.Lime;
processTimer.Stop();
}
moduleEntry = new WinAPI.MODULEENTRY32();
moduleEntry.dwSize = (uint)Marshal.SizeOf(typeof(WinAPI.MODULEENTRY32));
} while (WinAPI.Module32Next(hModuleSnap, ref moduleEntry));
}
}
The problem is that it only finds the module if it builds in x64.
I tried to do this too
Process[] test = Process.GetProcessesByName("chrome");
foreach (var item in test) {
foreach (var item2 in item.Modules) {
Debug.WriteLine(item2);
CB_TEST.Items.Add(item2.ToString());
}
}
But Modules only runs if it is x64.
Is there another way to do this? check if (pepflashplayer.dll) was started and get the Pid it? that also works on x86