I want to use MemoryCopy to copy any specified memory range (such as from memory location &h10000 to &h20000) into a byte array and then save the retrieved data to a file. Unfortunately this is a VERY HIT AND MISS technique. More than half the time, copying from any random place in memory crashes the program. I could think it might if it wrote TO THE WRONG LOCATION but it is always writing to a byte array of the correct size. I don't see how READING FROM any random location causes crashes, but it does.

I found I need to LOCK the allocate and lock the memory with GlobalAlloc and GlobalLock. Unfortunately with GlobalAlloc I can specify the NUMBER OF BYTES to lock, but not the offset. What I need is to specify an EXACT OFFSET and byte count, or else an EXACT START AND END to the range of bytes. Then I can specify any range of bytes I want, and dump them to a file. I know police forensics software can do this (like for checking the RAM in a computer if the bad-guy left his comp running, to see if the bad-guy has any in-memory incriminating evidence on his compmuter). And I figured they just used standard Windows API calls.

If you can tell me exactly what API calls I can use to dump the memory of any general range of bytes in RAM, please let me know.

Thanks in advance.