Posted July 22, 200816 yr http://img175.imageshack.us/img175/1461/vaccrapuo2.jpg I will check VAC2 to see what they have changed. It appears that the module went from 0x41000 to 0x4A000 an increase of 0x9000. So obviously this must be a major update. Edited July 22, 200816 yr by [myg0t]wav
July 22, 200816 yr Author English translation please? All it means is VAC2 may have updates to it's detection mechanisms or a few other things.
July 22, 200816 yr Really? Holy shit DX The other forums didnt post this. If I hadnt signed up on this place I'd be screwed :D
July 22, 200816 yr Author Well I have some news about the new update. I haven't seen any new code so I guess that this update may have been for other reasons. As far as I can actually tell by constantly checking ReadProcessMemory all I see is scanning up to the start of .rdata. I guess the reason they only do this instead of what they used to do is perhaps because: 1) Address constant of certain dlls in OrangeBox changes 2) Possibility of something legit modifying an IAT entry. Other than that I can think of no reason to actually reduce the scan range.
July 23, 200816 yr So does that mean ALL hacks other than EA are detected now? Sorry for being a pain DX
July 23, 200816 yr Author Well the first thing to do with any cheat is make sure that it does not use loadlibrary. Second thing is even if it uses peb hiding it can still be detected, so unless it is a polymoprhic cheat that actually changes the entire code section and does something with the file on disk then VAC2 will catch it. Another thing to consider is the game you're using it for. In the case of CSS VAC2 since the April 22nd update been scanning the code section of core dlls. So it's no surprise that any cheat which modifies the code section would get caught. In the case of modifying the static data section well you can do that again, but just be wary of doing it in CSS. If VAC2 does update again they may re-add .rdata scanning. All I am saying by this is becareful what you use. You can cheat and not get caught by VAC2. The reason is mainly due to the fact that VAC2 does not always scan the game process. Many times I have caught them snooping inside other processes. In my personal case of experimenting with X-Spectate which VAC2 just kicks for I have found that with VAC2 it may take many reconnects to finally get kicked. Even so if you do spoofing on their response codes you can easily fool VAC2. Edited July 23, 200816 yr by [myg0t]wav
July 23, 200816 yr WAV is absolutely right. I have been using this mem cheat which i won't mention for over 1 year now...still no bans. Here is hint...vash and skelletor.
