Official site anti-cheat Ultra Core Protector

Home Download F.A.Q. Addons Monitor Forum Support Advertise English version site UCP Anti-Cheat  Russian version site UCP Anti-Cheat
Ultra Core Protector - is the client-server anti-cheat freeware, for server protection from unscrupulous players.

Abilities Supported games  
Half-Life
Condition Zero
Counter-Strike 1.6
Day of Defeat
Adrenaline Gamer
Team Fortress Classic
Counter-Strike Source
MU Online
Ragnarok Online
Half-Life 2 Deathmatch
Adrenaline Gamer 2
Team Fortress 2
Bypass Patchguard to Load Driver on Windows 10

He’s right tho, half way anyway. If you do it fast enough and don’t use SC controller it won’t insta bsod, and there’s a “chance” it won’t bsod later on. (Tbh stupid to have any chance though.)

ex. snippets from my 2014 arma adventures, which used DriveCrypt to run the DSEFix shellcode. Not going to repeat it since everything has been said, but it’s certainly not old and I’m 100% certain people did it before I did..

wchar_t Buffer[128];
wchar_t* ServiceName = (wchar_t*)GetWC(ThisComputer);
swprintf_s(Buffer, L"\\Registry\\Machine\\System\\CurrentControlSet\\Services\\%Ls", ServiceName);
delete[] ServiceName;
RtlInitUnicodeString(usDriverName, Buffer);
DoExploit(true, OS); // set
NTSTATUS ntStatus = NtLoadDriver(usDriverName);
//STATUS_OBJECT_NAME_COLLISION 0xC0000035
//STATUS_OBJECT_NAME_EXISTS 0x40000000
//STATUS_IMAGE_ALREADY_LOADED 0xC000010E
if (ntStatus == 0x40000000 || ntStatus == 0xC0000035 || ntStatus == 0xC000010E)
{
printf("Driver already running.\n");
}
DoExploit(false, OS); // restore

My main thing is everyone said disabling signing didn’t work on win 8.1+ (causes BSOD), but I found out that it actually does (doesn’t cause BSOD). It might be because I use an official windows driver to do the writes, but I really doubt it. From my testing, you can avoid literally any type of PG detection by doing your work in <15ms. This applies to protected processes, registry locks, etc. So I spent weeks and weeks developing a win10 driver loading method and found out recently I could have just done this. BTW that research paper is really a good thing to save. You'll never get detected if you do DKOM/kernel modification with an official Microsoft WHQL signed driver.