Vac Banning

[BlockHit]

So I was hacking and before i started i read mercyy's thread. i also read a few other threads and they said that vac scans your harddrive. I was not making my hacks obvious and was not called out at all. But I want to know if vac bans off of your hard drive and if I need to clear mine. The hacks I used just came out today and most likely were not detected as the post did not have anybody saying they were nor did they have the prefix. so will i get banned for having them running or does vac not scan everysingle second. (Im new to all of this hacking) I deleted the hacks and wont use them again.


Thank you!

[Aborted]

VAC doesn't scan your drive, only active processes.

[BlockHit]

so do you know when/how many times vac scans my processes? and is it 100% ban when i hack. no matter what i do. (if the hacks are not detected)

[420skid420]

so do you know when/how many times vac scans my processes? and is it 100% ban when i hack. no matter what i do. (if the hacks are not detected)

They scan running processes when you are running the game..
If you use detected cheats it's a 100% ban.

[CsGOLeetzHacker]

VAC doesn't scan your drive, only active processes.

So if VAC doesnt know that, for example hack.exe isnt detected by VAC as a process then that would make the hack VAC Undetected for a long long time?

[BlockHit]

so if vac hadn't detected the cheat yet, I'll be safe unless I open the cheat again?

[Color]

so if vac hadn't detected the cheat yet, I'll be safe unless I open the cheat again?

No because if they scanned the processes and did find a detected cheat then you're already marked for a ban down the road.

//Moved

[BlockHit]

im really confused. sorry to bother you. so if i had an undetected cheat, and used it. I will get banned still? even though its not detected? or even if i delete the cheat and vac finds it, ill get banned?

[bobby2000]

im really confused. sorry to bother you. so if i had an undetected cheat, and used it. I will get banned still? even though its not detected? or even if i delete the cheat and vac finds it, ill get banned?

If a hack gets detected (meaning Valve adds it to their database), then VAC will be able to recognize it. If VAC finds the cheat RUNNING while the game is running, then you'll get a ban. If you delete the cheat before VAC updates, you're fine. If the cheat is undetected (still unrecognizable by VAC) you're fine.

[ryanjones99]

If you use an undetected cheat then you're ok but if it gets detected you will be banned. Even if you delete it you will still get VACed. It has been injected into the game and will stay like that.

[Yemiez]

Guys most of these things are just myths (Take 'myths' with a grain of salt as it hasn't been proven otherwise), but there is actually no proof of exactly how VAC scans etc. At the moment it is more believable that they only scan the open processes for byte patterns of known cheats, whatever people say about signatures is mostly just a wierd subject, you cant just change a signature because there is no exact definition of a programs signature, much like how HWID works,
you choose your own methods to generate a user specific ID from their hardware, which is how I'd imagine VAC works when it comes to byte patterns and other program specific stuff.

For example they could create a byte pattern of how certain classes or containers for memory utils, but from how steam works they dont wanna risk banning people just for using some kind of memory class or having a open handle to csgo.exe as many legit process open handles to alot of processes and banning just for having a open handle would cause alot of wrongfull bans.

Which leaves us to the option that they probably scan byte functions for reading the memor. e.g they get a certain byte pattern from a bhop function, and then they just scan the entire process for this exact pattern, and just keep scanning thousands of combinations. Hence why PolyLoader probably lived for such a long time with the random 5-7 variables generations (as the variables also were random the bytes for each variable changed, making it even harder to create more 'wild' patterns) between every semi-colon sucessfully making a random byte pattern for each function.
However, I believe that the way VAC detected the most known PolyCheats were by string detection, PolyLoader had a string encryption method but this was only compile time string encryption, as soon as the program runs and decrypts the string the string stays that way for the entire runtime of the program. If I were Merccy I would probably implement run-time string encryption and some type of virtualization using virtulalloc or some type of x86 compiler I guess, would be harder to implement though depending on includes and such.

Also please dont take this as facts, these are my thoughts and what I belive is how VAC works.

Whew