I put the following command ''sc start Driver'' and this message appears ''[SC] StartService FAIL 123:
The file name, directory name, or volume label syntax is incorrect.'' What could it be?

Is this a function that is hooked by the driver in the kernel? If so why isnt it present in the kernel driver, and how can i change it to avoid detection?

i cant compile it into dll

CE works but in Reclass it wont inject.

can you please provide information how to find functions that are patchguard free or list of them?

Can't build driver
Looks like it is not allowed to use Sample as name

Error 1284 Class "Sample" is reserved for use by Microsoft. Driver
Error 1285 Cannot specify [ClassInstall32] section for Microsoft-defined class. Driver

I get this error when I load the driver and open APEX.
Please give me a solution.

Does it trigger PG?

Hello this is my first time trying smap and I could not create an issue there, when I try to run the example cmd line I get this message
[error at C:\Users\admin\Downloads\smap-master\smap-master\smap\translator.cpp:847] unexpected instruction (00000000000233B3, shr r11, 0x05) with index operand while parsing jump table (00000000000233C2)
which seems to be related to a instruction from memmove, is there any possible solution? Thanks

Using this project everything works like a charm.
But as soon as I try to Attach the CE-Debugger to "check what writes this address" I get a CE-Error that it cannot attach the debugger.
But without the dll injected into CE the same works.
Any ideas...
Do I need to add some apis to make this work or why could this be?

Hey Guys,

I experience below error when trying to import dll into cheat engine.
Failed to find "NtConvertBetweenAuxiliaryCounterAndPerformanceCounter"

https://cdn.discordapp.com/attachments/1221843927548563618/1221922014336516176/image.png?ex=6614568e&is=6601e18e&hm=116e2f7a93f208e232e4a5e62643607771c6e9092819444d89bae61129247cb7&

https://cdn.discordapp.com/attachments/1221843927548563618/1221922099380224090/image.png?ex=661456a2&is=6601e1a2&hm=c27286fcfe35736656dbd1b2b6d8d45cdade3cd1d6aef65ce56672042d47c005&

https://cdn.discordapp.com/attachments/1221843927548563618/1221922214358810764/image.png?ex=661456be&is=6601e1be&hm=9947d7773daa3bca7ad489f9345e21381782b207981423341892f5ae2adf2d26&

There is a problem with cheat engine 7.4 and above, how do I change it?

Testing this with CE the noseh version works fine manual mapping.

But if I self sign the driver and load it using sc create and sc start after injecting the DLL into CE memory fails to load in calculator.exe

I can see [dbg] success in Dbgview, using win 1909

Default ce windows debug no access crash

1. dbvm nomal debug -> no access read & write breakpoint
2. default windows debug -> no access process select crash

veh or dbvm have a detection vector

Normal windows cannot connect to debug access

Can I connect debug stubs with the kernel to bypass debug detection?

Hello btbd,
I was wondering, how could i make CE / ReClass work with access, like you showed in the gif.
Thank you very much.

PS : I've tried to load the driver, it loaded successfully but i'm still unable to make CE or ReClass work. Thanks, have a great day !

I am using Cheat Engine 7.1 winver 1909, I loaded the driver and in debugview it shows [dbg] sucess. I injected the DLL into CE but when opening memory view on protected processes it still doesn't show anything so I decided to test on processhacker and whenever I open module list on a process in processhacker it crashes. Edit: on CE it gets stuck on this https://prnt.sc/tymana on memory view window

Can release the DLL file? can't compile due to error.

If I understand it right it should be possible to to inject the DLL in any x64 bit application which needs to get a handler to a protected process? Is it possible to inject this into an own written C# application which needs access to a protected process to read and write memory?

hello, i've loaded driver but after inject dll to CE it's stucking when selecting process, im using windows 10 1903 latest update, can you help to fix it ?

The hook is detected on eac now

After hours of modifying CE I injected the DLL and it gave me this error, tried searching for it but not much answers
I'm on Windows 11