hola.  yendo al grano estoy tratando de hacer un soft que me detecte algo inyectado (dll . exe) inyectado dentro del notepad. pero se complica y lo unico que se me ocurrio fue  jugar con este code y inyectando dll al notepad(por el pid)  y con ReadMemory al puntero del programa obtenido por el pid. pero cada ves que le  inyecto algo lo obtenido con el ReadMemory sigue igual!! . que estoy haciendo mal
Code

Private Const PAGE_READWRITE As Long = &H4
 
Private Const STANDARD_RIGHTS_REQUIRED As Long = &HF0000
Private Const SYNCHRONIZE As Long = &H100000
Private Const PROCESS_ALL_ACCESS As Long = (STANDARD_RIGHTS_REQUIRED Or SYNCHRONIZE Or &HFFF)
 
 
Private Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long
Private Declare Function GetProcAddress Lib "kernel32" (ByVal hModule As Long, ByVal lpProcName As String) As Long
Private Declare Function GetModuleHandle Lib "kernel32" Alias "GetModuleHandleA" (ByVal lpModuleName As String) As Long
 
Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
Private Declare Function CreateRemoteThread Lib "kernel32" (ByVal hProcess As Long, lpThreadAttributes As Long, ByVal dwStackSize As Long, lpStartAddress As Long, lpParameter As Any, ByVal dwCreationFlags As Long, lpThreadId As Long) As Long
 
 Private Declare Function ReadProcessMemory Lib "kernel32" (ByVal hProcess As Long, ByVal lpBaseAddress As Any, lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long
 
 
Public Function Leed(pId As Long) As Integer
Dim proc As Long
Dim load As Long
 
 
 Dim ReadMemory As String, i As Long
 
   Dim bytValue As Long
On Error GoTo Error
 
proc = OpenProcess(PROCESS_ALL_ACCESS, False, pId)
load = GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA")
 
 
 For i = load To Int(load + 100) Step 2
       '
 
       ReadProcessMemory proc, ByVal i, bytValue, 1, 0&
 
 
       ReadMemory = ReadMemory & Chr(bytValue)
    Next
RichTextBox1.Text = ReadMemory ' 
 
 
CloseHandle proc
 
 
Exit Function
Error:
 
Me.Caption = ""
'nota: para que se actualize constantemente la funcion Leed esta dentro de un timer con intervalo de 10 milisecon
End Function

ese es mi code. pero los primeros  50  caracteres siguen igual, y  la dll si se inyecto . como detecto ese segmento inyectado  

gracias MCKSys . entonce con GetProcAddress estoy errado. no se me ocurre otra cosa.  como hago para leer o obtener los identificadores de las dll cargadas. o saber que hay cargado o no !!