Protection from injection and modification game process
Hiding the game presence inside the system. Cheats need to find game process for injection. During the search they use process title, game window title, window class title. Modifying this data, the anti-cheat provides defense from 98% of public cheats.
Checking api functions for interception. The interception of api functions – is a code modification of specific function, which is used for data substitution. When you run the anti-cheat, it restores the original handlers of api functions and periodically checks them for validity.
Protection from unknown libraries injection. Most of cheats to achieve their goals inject their own library (*.dll) into the address space of the game. The anti-cheat blocks unknown libraries and can resist all cheats using “injector + cheat module” mechanism.
Protection from remote threads injection. A remote thread – is separately taken basely independent part of the code that runs inside the address space of another process. Recognition of original game and non-game threads provides defense from a large number of injectors that use this mechanism to inject their own module, but also those cheats, which execute their code without by not injecting a library inside the address space of the game.
Deleting all non-game files from the player’s game root folder. Most of the cheats inject into game process only when placed into the game folder. Hence the anti-cheat deletes all non-game files inside the game root folder. When you install UCP, it will delete all non-game files and remove them into backup folder.
Detection and unload of prohibited hack utilities. The anti-cheat scans PC’s memory for prohibited hack utilities, which can modify and receive game process information. The search is provided by the built-in database of signatures, which is always complementing and improving. In particular cases, when high-risk programs are detected, a BSOD window will appear.