can't identify windows architecture (x64 or x86)

[H4Security]

Hi ,

My code is working for the old version, but with version "3.4," it's not working. I believe it is an issue with detecting the architecture; when I trace the code's problem, it's trying to access winpmem x86 version where the system is x64.

CreateFile C:\Users*\source\repos*\x64\Debug\att_winpmem_32.sys NAME NOT FOUND

[ufrisk]

Thank You for reporting this issue. I found a bug which affected this logic. I just pushed a small bug fix release (to the related leechcore project).

The MemProcFS binary release should be updated as well; can you please see if it's working for you now and confirm if it is.

Please note that it seems like winpmem is broken on the latest WIndows 10 2004 release. There is not much I can do about that rather than wait. Please see issue here: https://github.com/Velocidex/c-aff4/issues/144

[ufrisk]

I'm assuming this issue is resolved since I have not heard anything else back after the fix I made earlier. Thank you for reporting the issue. Also, if you should still should happen to have problems please let me know.