vivianezw
commented
4 years ago Sorry, that's not really perfect. I spotted not so adequate status codes and comments that do not fit after having changed the read error report behavior. The devil is in the details.
The changes are better securing, some bug fixes, and a better icon (and logo). Thoroughly checked the write-method and secured it. DbgPrint error report better standardized, Hyper-V related read errors are noted extra to differentiate them from real unexpected errors. Userspace executable is the latest using the 'x' printing method of Scudette to indicate unreadable memory regions. Also updated all comments in the source code to reflect this change.
Tested with physical memory method on 'vulnerable' barebone Win10 on somebody's PC. (cite: "Looks almost like playing Battleships")
Testsigned winpmem appended (pw: betatest) again for convenience. winpmem_testsigned_15_okt_2020.zip