Some recommendations:
1) instead of calling GetProcAddress() on each call, better do it once (eg add this checkup:
if (fnIsWow64Process != nullptr)
fnIsWow64Process =(LPFN_ISWOW64PROCESS) GetProcAddress(GetModuleHandle(L"kernel32"), "IsWow64Process");
2) the recommendation is to use the PROCESS_QUERY_LIMITED_INFORMATION for desired access, not PROCESS_ALL_ACCESS
3) I guess you need to check the result of winapi call, eg:
if (!IsWow64Process(hProcess, &f64))
{
//error here
}
4) instead of "kernelbase.dll" use "kernel32" string
Last edited by sendersu; 10-28-2022 at 03:13.
|