Cheat Engine

[BlackDeviL13]

First, I will tell about some details.
Let asdf.exe is the target game.
so basically, i want to do memory scan on this game.
this game has a game guard that will protect the memory of the game.
CE is detected by the game guard.
because of that, i injected a DLL to do the scanning process.
this method is working for some scanning, but doesn't work for a few scanning too.
i.e. : it works on "bag slot" scanning, but doesn't return anything at "state" scanning.

"state" is the condition of player.
state = 1 for looking upside and
state = 3 for looking downside
i am sure that the address is between addr1 and addr2.
and i am sure that if we scan state up then scan state down, the right address would be the first one.

I am doing scanning like this:

procedure scanState;
var
n:integer;
state1, state2:byte;
oldProtect, addr1,addr2:cardinal;
begin
addr1:=$0070000;
addr2:=$0A00000;
state1:=1;
state2:=3;
VirtualProtect(Pointer(addr1),addr2-addr1,PAGE_EXECUTE_READ_WRITE,@oldProtect); //unprotected the memory between addr1 and addr2

//first scan
showmessage('Please turn upside');
while(addr1<addr2) do
begin
if (PByte(addr1)^=state1) then
addToSavedBuffer(addr1);
inc(addr1);
end;

//next scan
showmessage('Please turn downside');
for n:=0 to length(savedBuffer)-1 do
if (PByte(savedBuffer[n])^=state2) then
begin
showmessage(inttohex(savedBuffer, 8 ));
break;
end;

VirtualProtect(Pointer($0070000),addr2-$0070000,oldProtect,@oldProtect); //return the old protect
end;

but it didnt return anything.
btw, it works fine on any computer when the GG hasnt been updated.
but now this scanning only works on 64bit operating system.

So, my questions are :
1. Is there any mistakes in my code?
2. If it is because the GG protect it, why I can scan the "bag slot" but can't scan the "state"? I think it is useless to only protect some memory.
3. And is there any solution to scan the "state" address?

Thanks for your help, and sorry for my bad english

[Gniarf]

[BlackDeviL13]

It is not "^=" but "PByte(Address+Offset)^" and "="
the "PByte(Address+Offset)^" is used to read a byte from address+offset and "=" is used to check the equality

For other scan tools, I have tried them in the older gameguard, and they are detected. Because of that, I didn't try them again in this updated gameguard.

And I have tried to make an UCE, but it is still detected by the gameguard.
(I just replaced some string in the source and compiled them again. I know DB suggest to check all instance like unit, form, etc by using "comment and decomment" to know what exactly is detected by the gameguard. But it will take me forever to check all of them.)

About the VirtualProtect, I think so too, but I failed to scan when not used the VirtualProtect, so I think if I used VirtualProtect, I will be able to scan it. Although it still failed to scan

And I ever think that may be the value of the state is changed to something else (i.e. : state upside = 11 or something else) and that value is stored to another address outside my range scan. But I think it is not possible, because in 64-bit OS, this code is still working.
*And I have tried to scan the whole memory ($00000000 - $7FFFFFFF), but it failed too

Any help and suggestion will be very appreciated.
Btw, thanks for the reply