Modern anti-cheats do not trust a single reading of your hardware. They cross-check — and that is what catches most naive spoofing attempts.
How the cross-checks work
An anti-cheat reads the same kind of information several ways and compares the answers. A few things it looks for:
- Internal consistency. A motherboard identifier that points to one vendor while another value points to a different one is an obvious contradiction.
- Plausible values. Identifiers follow real manufacturer patterns. A value that does not fit any real pattern stands out.
- Stability over time. Hardware that appears to change without a reboot, or changes suspiciously often, is a signal in itself.
Why a half-finished change fails
This is the key point: a partial, inconsistent change is often worse than no change at all. If one identifier is rewritten and a related one is not, the contradiction is exactly what the cross-checks are built to find. HWIDChanger changes its set of identifiers — Windows IDs, the disk volume serial, MAC addresses — together and consistently, so they agree with each other. It does not touch firmware-level values such as SMBIOS, the CPU and the GPU; those simply remain real, which is consistent in its own way.
HWID is only one layer
Even a clean hardware profile does not make you invisible. Anti-cheats also analyse behaviour — input patterns, reaction times. Hardware identity is one layer of the picture, not the whole of it.