Cheat Engine

[Raeza]

Ok! So this may be long, but anyway . . .

There is a game (ok, a couple of games, but one main game) that I am playing. I have been using various cheat program to alter values in it, but I was always saddened that I could not save the addresses for when I played the game at a later time. However, I held out hope that there might be a cheating program that would allow me to save addresses, and so I set out on an epic quest to find one. After not too much effort, I discovered Cheat Engine, and I rejoiced! But then I discovered that my game(s) changes the addresses of the stats I want to alter when I close the game, and I was saddened, for this meant that I had to refind the stats each time. But then, after progressing in the tutorial, I discovered that Cheat Engine had a way to get around this, and I rejoiced again! But when I attempted to enact this on my game as I had enacted it in the tutorial, an error message popped up and said I couldn’t attach the debugger to the process, and that I should try doing it through the process picker or check that I had debugging rights. After briefly wondering what this process picker was (and then finding I had already been using it and feeling silly) I did that, and I got an error 87 message. So I dutifully read this sticky on the error 87, and tried to find the kernel data retriever so as to run it as instructed. And for a time I could not find it; however, it was not long before I thought, “Ah ha! It must be in this “Kernel Stuff” folder. But the only thing there was the “Unload Kernel Module.” And so (after reading a bit) I decided, “It must be that I am destined to run this thing, for surely the kernel data retriever will appear after I have done so!” But when I tried to run the “Unload Kernel Mode,” yet another error message came back saying “Failed to find driver in registry.” Unsure as to what this driver might be or where I might find it, I poked around some more, and decided that perhaps I needed this DBVM thing. Unfortunately, after right clicking on the Cheat Engine logo, I was told my system could not run DBVM. I then tried changing the settings from Windowsdebugger to VEHdebugger in Debugger Options in settings; now I was able to attach the debugger, but nothing showed up in "The following opcodes writes to . . . " box when I changed the values.

Thus, my quest is currently stalled and I am at a loss. I have used both Cheat Engine 6.2 and Cheat Engine 6.1, but the results are the same in both. My system is 32 bit Windows Vista. My graphics card seems to be "Mobile Intel(R) 965 Express Chipset Family," although I find that to be an odd name for a graphics card (I vaguely remember reading somewhere on the forum that the graphics card had something to do with if you could do kernel stuff) I am sorry my post is so long, and I am sorry if I have missed some obvious answer.

[Dark Byte]

Get a 32-bits widows install for kernelmode debugging or debugger override
If you are on 64-bit windows only dbvm can enable kernelmode debugging (blame microsoft) and for that you need a intel processor with VT capabilities

As for the VEH debugger, are you sure it did not crash the game when using 6.1? Because 6.1 blindly replaces breakpoints and 6.2 refuses it by default (can be changed in settings)

And try the pointerscanner

[Raeza]

Okay! So I downloaded and installed a kernalmode debugging tool, and victory was achieved! I am now able to attach the debugger to my game. Yay! Thank you so much!

Unfortunately, I'm now having different problems. My first problem is that when I try to find the location using the "Find what writes to this address" method, I'm getting an equation that is more complicated than I know how to deal with.

Basically, it's this (this is for Stamina):

[Dark Byte]

Pointer is ecx, offset is edx*4
Eax is the new value written to the address

As long as the pointerscanner does not return 0 addresses the results are fine. There are multiple paths to the same location, just pick one (407133 is actually very little, usually you find billions)
Tip: Do a delayed rescan and switch to the game. Some pointers are only valid when tabbed out/in a menu

[Raeza]

Ok! After a week (?) of much poking, today I have managed to get something resembling a handle on this stuff! Using a combination of the point scanner and the debugging mode, I've figured out how to find all the values that I'm interested in for one game, and will work at poking the other one later. Thank you so very, very, very much, both for making Cheat Engine and for all your generous and speedy help! Yay for you!