Technical Information
- [<HKLM>\System\CurrentControlSet\Services\AAErrorPort] 'ImagePath' = '%TEMP%\ActiveAnticheat\aaerrport.exe'
- [<HKLM>\System\CurrentControlSet\Services\PRProt] 'ImagePath' = '%TEMP%\ActiveAnticheat\1223460\active64.sys'
- 'AAErrorPort' %TEMP%\ActiveAnticheat\aaerrport.exe
- 'PRProt' %TEMP%\ActiveAnticheat\1223460\active64.sys
- <Current directory>\clmods.dll
- %TEMP%\activeanticheat\1223460\sn_1223460.dat
- %TEMP%\activeanticheat\aaerrport.exe
- %TEMP%\activeanticheat\1223460\active64.sys
- %WINDIR%\temp\uddebd4.tmp
- %TEMP%\activeanticheat\cookie.dat
- %TEMP%\activeanticheat\1223460\active64.sys
- %WINDIR%\temp\uddebd4.tmp
- '20#.#7.222.222':53
- 'ac#.##ebattle.club':11000
- DNS ASK st#####ics.active-ac.ru
- '%TEMP%\activeanticheat\aaerrport.exe'