A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware. Brought to you by Winsider Seminars & Solutions, Inc. @ http://www.windows-internals.com
Hi, I've ran into issues with a new and innovative anticheat method where an anticheat will posit pages that will never be read by the game and therefore purposefully invalidate the page, and if a function like NtReadVirtualMemory is called it causes the page to be marked as valid, which the anticheat detects by doing QueryWorkingSetEx or NtQueryVirtualMemory otherwise.
The new function I've created has a new setting that is off by default because I have found in testing that Windows naturally invalidates pages and causes random regions of memory to not be read. However it seems to have not caused problems within core functionality thus far and the user just notices missing pages scattered about.
I've marked this PR as a draft for feedback. I am considering adding a UI element to toggle this setting so users can be safe or unsafe easily.
Hi, I've ran into issues with a new and innovative anticheat method where an anticheat will posit pages that will never be read by the game and therefore purposefully invalidate the page, and if a function like
NtReadVirtualMemory
is called it causes the page to be marked as valid, which the anticheat detects by doingQueryWorkingSetEx
orNtQueryVirtualMemory
otherwise.The new function I've created has a new setting that is off by default because I have found in testing that Windows naturally invalidates pages and causes random regions of memory to not be read. However it seems to have not caused problems within core functionality thus far and the user just notices missing pages scattered about.
I've marked this PR as a draft for feedback. I am considering adding a UI element to toggle this setting so users can be safe or unsafe easily.