VAC vs The People [How to avoid VAC]

[R0ger1]

Hell users, I would like to take a moment to share some widely available information, common knowledge and best practises and focus it into this single thread post in the hope that users will read it and continue to move forwards with the best practises in place. This post will start with the three basic questions regarding VAC, our current knowledge of VAC, then how to avoid/circument these features.

What is VAC?
An advanced system put into place, a "net" of sorts, to "catch" people cheating in VAC-Enabled games.

Why do systems use VAC?
Some game developers believe that any modification to a game which they have not sanctioned is detrimental to the reputation of their game.

Should we be worried about VAC?
Yes and no.

In 2014, Gabe Newell (founder of Valve)took to the internet and communicated directly with the gaming community. This communication came about after a rise in Anti-Cheat systems being implemented and some of their unethical practises. During this process, developers would often reverse-engineer and liase with one another in order to bring about a bigger, and better Anti-Cheat service and community. During this time, a rise was seen in Anti-Cheat systems "copying" one anothers features.

Amongst the battle of Anti-Cheat vs Cheat, some advanced weaponry was deployed. This included the implementation of pattern detections, signature scanning, machine learning and even going as far as remote file access. During the same year, the lead deverloper over at BattleEye was caught doing exactly the latter. They were actively uploading files from a users machine onto their cloud servers for permanent storage and analysis. A developer over at BattleEye was able to catch Valve doing the same thing, so in order to remain on par with their Anti-Cheat competition implemented the same features.

Following the 2014 VAC/Anti-Cheat saga, and through the years of gaming and communication with gamers and developers alike, I believe I can offer a comprehensive (not complete) way of implementing the best practises to avoid VAC detection.

ISSUES:

1. VAC logs everything
2. VAC scans all your logs
3. VAC remembers and learns
4. VAC is sneaky
5. VAC keeps an eye on which websites you visit/contact

SOLUTIONS:

Wipe your logs (save this into a text file with the extension .bat and run the file with Admin Rights)

 

@echo off
FOR /F "tokens=1,2*" %%V IN ('bcdedit') DO SET adminTest=%%V
IF (%adminTest%)==(Access) goto noAdmin
for /F "tokens=*" %%G in ('wevtutil.exe el') DO (call :do_clear "%%G")
echo.
echo Event Logs have been cleared!
goto theEnd
:do_clear
echo clearing %1
wevtutil.exe cl %1
goto :eof
:noAdmin
echo You must run this script as an Administrator!
echo.
:theEnd

Stop or disable any kind of machine learning you already have on your system that remembers your behaviour over time.

 

net.exe stop Superfetch

Modify your hardware ID tag(s), change the MAC address of your graphics card or whatever devices you think are necessary (VAC will remember your hardware setup, it is a common method for vendors to recognize a user with multiple accounts)

Use a VPN, there a paid or free alternatives. Yes, there are unlimited data FREE VPN services that have no advertisements to cover their costs, however don't use these VPN services for anything asides gaming, and try to keep Authenticator active at all times. (VAC logs your IP Addresses)

Make sure you are using protected cheats VMProtect, Themida etc (These are tools that hide what code is running)
Use a reliable developer that updates their cheats every 48-72, even if there is no actual update and it's only to pad the file with junk code to change the signature. If all else fails, pad the exe file to change it's signature yourself (yes regardless of what people say there are ways of doing this, I have done it for years) also do the same with any dll's and even any text files. Change the filesizes and signatures of every single file included in the cheat.

Run your cheats from a removable storage drive (USB) as in the event of your system being scanned, this will be the last thing to get scanned after your primary hard drive. Better still, store it on a Floppy Drive, if you have one. As these drives make a lot of noise when being accessed, there is NO WAY to discreetly scan a file on a Floppy Drive. I feel old now.

Flush your DNS cache (VAC scans to see if your cheats require you to "login") run the following code in an elevated command prompt.

 

ipconfig /flushdns

If you're browsing cheat forums, make sure your browser is in private mode.



If a user would like to reformat this post or can somehow put the information I have into a better format, please message me.

Sources used:

Gabe Newell
Valve
BattleEye
Microsoft
Reddit
Google
Twitter
WinAero