I call cvars and pbshots the only definite proofs. Here's why:
People often also protect accused cheaters, because the proof is not enough in their opinion. Like cvars pbbans. Actually the clanbase site states that a trace of a cheat (for example a cvar) is enough for a one-season ban. In my very own personal opinion I agree with this. If someone is afraid of forcevar variable injections, he can remove all the content of his profile etconfig.cfg, make it write-protected and only use the autoexec.cfg. Some people believe an autoexec.cfg in a .pk3 could result in a cvar-injection. For testing purpose I have made such a cvar_injection.pk3 with a autoexec.cfg with the command "seta cvar_blablaimpossible 1". It worked. But my default autoexec.cfg of course wasn't executed. Since the etconfig.cfg of course gets executed you should again remove all it's content and make it write-protected. Such a pk3 would then be noticed very fast. Also a 'cl_allowdownload 0' would remove the risk of downloading such a pk3.
In your pb directory is a pbsslog.htm with checksums of all the taken pbshots, so you can check if someone has faked your pbshot.
People often also protect accused cheaters, because the proof is not enough in their opinion. Like cvars pbbans. Actually the clanbase site states that a trace of a cheat (for example a cvar) is enough for a one-season ban. In my very own personal opinion I agree with this. If someone is afraid of forcevar variable injections, he can remove all the content of his profile etconfig.cfg, make it write-protected and only use the autoexec.cfg. Some people believe an autoexec.cfg in a .pk3 could result in a cvar-injection. For testing purpose I have made such a cvar_injection.pk3 with a autoexec.cfg with the command "seta cvar_blablaimpossible 1". It worked. But my default autoexec.cfg of course wasn't executed. Since the etconfig.cfg of course gets executed you should again remove all it's content and make it write-protected. Such a pk3 would then be noticed very fast. Also a 'cl_allowdownload 0' would remove the risk of downloading such a pk3.
In your pb directory is a pbsslog.htm with checksums of all the taken pbshots, so you can check if someone has faked your pbshot.
