View Single Post
  #303  
Unread 13th January, 2018, 09:02 AM
Switzz's Avatar
Switzz Switzz is offline
Rampage
 
Join Date: Mar 2005
Location: Denmark CPH
Posts: 87
Default Interesting kicklogs

After ACE10e seems to be behaving we have some interesting logs.
Mainly it seems to log players with AVG and Avast antivirus?
I have the suspision that it's becourse they didn't updated their virus definitions.

The last log is very extensive, but first two of the AV kick logs:

[ACEv10e]: OS.............: Microsoft Windows 7/2008 R2 x64 (Version: 6.1.7600)
[ACEv10e]: CPU............: AMD Phenom(tm) II X4 955 Processor
[ACEv10e]: CPUSpeed.......: 3210.816650 Mhz
[ACEv10e]: NICDesc........: Realtek PCIe GBE Family Controller
[ACEv10e]: MACHash1.......: 3497E4B9B1AFE8AD901B78F86BE76A03
[ACEv10e]: MACHash2.......: 6253340E23AC419C9C81E6C31EB86435
[ACEv10e]: HWID...........: F9AD376DB1EF9B381AF78E3A4991A492
[ACEv10e]: GameVersion....: 436
[ACEv10e]: Renderer.......: D3D8Drv.D3D8RenderDevice
[ACEv10e]: SoundDevice....: Galaxy.GalaxyAudioSubsystem
[ACEv10e]: CommandLine....:
[ACEv10e]: TimeStamp......: 11-00-2018 / 15:50:48
[ACEv10e]: +------------------------------------------------------------------------------+
[ACEv10e]: | Kick Reasons |
[ACEv10e]: +------------------------------------------------------------------------------+
[ACEv10e]: BaseAddress....: 0x77500000
[ACEv10e]: LibraryName....: ntdll.dll
[ACEv10e]: LibraryPath....: C:\Windows\SysWOW64\ntdll.dll
[ACEv10e]: LibrarySize....: 1292592 bytes
[ACEv10e]: LibraryHash....: DB6DD54A93522CA3572D04B56C5DB890
[ACEv10e]: +------------------------------------------------------------------------------+
[ACEv10e]: KickReason.....: Hooked Function
[ACEv10e]: HookType.......: CODE
[ACEv10e]: HookAddress....: 0x7751FDA4
[ACEv10e]: HookOffset.....: 0x0000
[ACEv10e]: HookFunction...: ZwQueryInformationProcess
[ACEv10e]: HookInfo.......: ?7751fa68-e9033c73fd/b816000000
[ACEv10e]: AdditionalInfo.: Mismatch @ 7751fa68
[ACEv10e]: Expected:
[ACEv10e]: > mov eax, 0x16
[ACEv10e]: Found:
[ACEv10e]: > jmp 74c53670
[ACEv10e]: MetaData.......: 74c53670 -> C:\Program Files (x86)\AVG\Antivirus\aswhookx.dll!.text+2670
[ACEv10e]: 74c52880 -> C:\Program Files (x86)\AVG\Antivirus\aswhookx.dll!.text+1880
[ACEv10e]: Kick Status....: Not kicking because bStrictSystemLibraryChecks is set to false


[ACEv10e]: OS.............: Microsoft Windows 10 x64 (Version 10.0.15063)
[ACEv10e]: CPU............: Intel(R) Pentium(R) CPU N3700 @ 1.60GHz
[ACEv10e]: CPUSpeed.......: 1600.000244 Mhz
[ACEv10e]: NICDesc........: Realtek RTL8723BE 802.11 bgn Wi-Fi Adapter
[ACEv10e]: MACHash1.......: 78611E72493DB8E79DD173277165C2B9
[ACEv10e]: MACHash2.......: 7DBF482E813269CC9D5E1CF040818CFF
[ACEv10e]: HWID...........: 22D94E3687AF70AC872B9718C69B50F5
[ACEv10e]: GameVersion....: 436
[ACEv10e]: Renderer.......: OpenGLDrv.OpenGLRenderDevice
[ACEv10e]: SoundDevice....: Galaxy.GalaxyAudioSubsystem
[ACEv10e]: CommandLine....:
[ACEv10e]: TimeStamp......: 11-00-2018 / 14:41:34
[ACEv10e]: +------------------------------------------------------------------------------+
[ACEv10e]: | Kick Reasons |
[ACEv10e]: +------------------------------------------------------------------------------+
[ACEv10e]: BaseAddress....: 0x77480000
[ACEv10e]: LibraryName....: ntdll.dll
[ACEv10e]: LibraryPath....: C:\WINDOWS\SYSTEM32\ntdll.dll
[ACEv10e]: LibrarySize....: 1620880 bytes
[ACEv10e]: LibraryHash....: 5B9013C0E2329F463C148E4B128452DC
[ACEv10e]: +------------------------------------------------------------------------------+
[ACEv10e]: KickReason.....: Hooked Function
[ACEv10e]: HookType.......: CODE
[ACEv10e]: HookAddress....: 0x774CDDA0
[ACEv10e]: HookOffset.....: 0x0000
[ACEv10e]: HookFunction...: RtlQueryEnvironmentVariable
[ACEv10e]: HookInfo.......: ?774cdda0-e93b5870f7/6a206878fb5777
[ACEv10e]: AdditionalInfo.: Mismatch @ 774cdda0
[ACEv10e]: Expected:
[ACEv10e]: > push 0x20
[ACEv10e]: > push 0x7757fb78
[ACEv10e]: Found:
[ACEv10e]: > jmp 6ebd35e0
[ACEv10e]: MetaData.......: 6ebd35e0 -> C:\Program Files\AVAST Software\Avast\aswhookx.dll!.text+25e0
[ACEv10e]: Kick Status....: Not kicking because bStrictSystemLibraryChecks is set to false
[ACEv10e]: +----------------------------------------------------------------------------+
[ACEv10e]: +----------------------------------------------------------------------------+



And the most interesting one:

[ACEv10e]: +------------------------------------------------------------------------------+
[ACEv10e]: | Player Kick |
[ACEv10e]: +------------------------------------------------------------------------------+
[ACEv10e]: PlayerName.....: XXX
[ACEv10e]: PlayerIP.......: x.x.x.x
[ACEv10e]: OS.............: Microsoft Windows 8.1 x64 (Version: 6.3.9600)
[ACEv10e]: CPU............: AMD Six-Core Processor
[ACEv10e]: CPUSpeed.......: 3013.581055 Mhz
[ACEv10e]: NICDesc........: Kontroler Realtek PCIe GBE Family Controller
[ACEv10e]: MACHash1.......: B3C2D39FD4BF715089580A23A0DC6F2C
[ACEv10e]: MACHash2.......: 4C555261F236F9D4DA7A3BDB0B534D83
[ACEv10e]: HWID...........: C31CA351313C583071C69AF8AF54268B
[ACEv10e]: GameVersion....: 436
[ACEv10e]: Renderer.......: D3D10Drv.D3D10RenderDevice
[ACEv10e]: SoundDevice....: Galaxy.GalaxyAudioSubsystem
[ACEv10e]: CommandLine....:
[ACEv10e]: TimeStamp......: 11-00-2018 / 16:10:01
[ACEv10e]: +------------------------------------------------------------------------------+
[ACEv10e]: | Kick Reasons |
[ACEv10e]: +------------------------------------------------------------------------------+
[ACEv10e]: BaseAddress....: 0x74FA0000
[ACEv10e]: LibraryName....: user32.dll
[ACEv10e]: LibraryPath....: C:\Windows\SYSTEM32\USER32.dll
[ACEv10e]: LibrarySize....: 1376768 bytes
[ACEv10e]: LibraryHash....: 94106EEBAF6E43C7E31E26E1C378BBBA
[ACEv10e]: +------------------------------------------------------------------------------+
[ACEv10e]: KickReason.....: Hooked Function
[ACEv10e]: HookType.......: CODE
[ACEv10e]: HookAddress....: 0x74FAD5E0
[ACEv10e]: HookOffset.....: 0x0000
[ACEv10e]: HookFunction...: PostMessageW
[ACEv10e]: HookInfo.......: ?74faac50-e9900072ff/8bff558bec
[ACEv10e]: AdditionalInfo.: Mismatch @ 74faac50
[ACEv10e]: Expected:
[ACEv10e]: > mov edi, edi
[ACEv10e]: > push ebp
[ACEv10e]: > mov ebp, esp
[ACEv10e]: Found:
[ACEv10e]: > jmp 746cace5
[ACEv10e]: MetaData.......: 746cace5 -> C:\Windows\SYSTEM32\guard32.dll!?Exported@@YAXXZ+1 7b55
[ACEv10e]: 746ca9c7 -> C:\Windows\SYSTEM32\guard32.dll!?Exported@@YAXXZ+1 7837
[ACEv10e]: Kick Status....: Not kicking because bStrictSystemLibraryChecks is set to false
[ACEv10e]: +----------------------------------------------------------------------------+
[ACEv10e]: +----------------------------------------------------------------------------+
[ACEv10e]: KickReason.....: Hooked Function
[ACEv10e]: HookType.......: CODE
[ACEv10e]: HookAddress....: 0x74FB0AB0
[ACEv10e]: HookOffset.....: 0x0000
[ACEv10e]: HookFunction...: SetWindowLongW
[ACEv10e]: HookInfo.......: ?74fad5e0-e9e2d371ff/8bff558bec
[ACEv10e]: AdditionalInfo.: Mismatch @ 74fad5e0
[ACEv10e]: Expected:
[ACEv10e]: > mov edi, edi
[ACEv10e]: > push ebp
[ACEv10e]: > mov ebp, esp
[ACEv10e]: Found:
[ACEv10e]: > jmp 746ca9c7
[ACEv10e]: MetaData.......: 746caafa -> C:\Windows\SYSTEM32\guard32.dll!?Exported@@YAXXZ+1 796a
[ACEv10e]: Kick Status....: Not kicking because bStrictSystemLibraryChecks is set to false
[ACEv10e]: +----------------------------------------------------------------------------+
[ACEv10e]: +----------------------------------------------------------------------------+
[ACEv10e]: KickReason.....: Hooked Function
[ACEv10e]: HookType.......: CODE
[ACEv10e]: HookAddress....: 0x74FB4600
[ACEv10e]: HookOffset.....: 0x0000
[ACEv10e]: HookFunction...: PostMessageA
[ACEv10e]: HookInfo.......: ?74fb0ab0-e945a071ff/8bff558bec
[ACEv10e]: AdditionalInfo.: Mismatch @ 74fb0ab0
[ACEv10e]: Expected:
[ACEv10e]: > mov edi, edi
[ACEv10e]: > push ebp
[ACEv10e]: > mov ebp, esp
[ACEv10e]: Found:
[ACEv10e]: > jmp 746caafa
[ACEv10e]: MetaData.......: 746ca2d7 -> C:\Windows\SYSTEM32\guard32.dll!?Exported@@YAXXZ+1 7147
[ACEv10e]: Kick Status....: Not kicking because bStrictSystemLibraryChecks is set to false
[ACEv10e]: +----------------------------------------------------------------------------+
[ACEv10e]: +----------------------------------------------------------------------------+
[ACEv10e]: KickReason.....: Hooked Function
[ACEv10e]: HookType.......: CODE
[ACEv10e]: HookAddress....: 0x74FB9600
[ACEv10e]: HookOffset.....: 0x0000
[ACEv10e]: HookFunction...: SetWindowsHookExW
[ACEv10e]: HookInfo.......: ?74fb4600-e9d25c71ff/8bff558bec
[ACEv10e]: AdditionalInfo.: Mismatch @ 74fb4600
[ACEv10e]: Expected:
[ACEv10e]: > mov edi, edi
[ACEv10e]: > push ebp
[ACEv10e]: > mov ebp, esp
[ACEv10e]: Found:
[ACEv10e]: > jmp 746ca2d7
[ACEv10e]: MetaData.......: 746414a0 -> C:\Windows\SYSTEM32\cssguard32.dll!UpdateProtected Features+b7e0
[ACEv10e]: Kick Status....: Not kicking because bStrictSystemLibraryChecks is set to false
[ACEv10e]: +----------------------------------------------------------------------------+
[ACEv10e]: +----------------------------------------------------------------------------+
[ACEv10e]: KickReason.....: Hooked Function
[ACEv10e]: HookType.......: CODE
[ACEv10e]: HookAddress....: 0x74FC0B70
[ACEv10e]: HookOffset.....: 0x0000
[ACEv10e]: HookFunction...: SetThreadDesktop
[ACEv10e]: HookInfo.......: ?74fb9600-e99b7e68ff/b892100400
[ACEv10e]: AdditionalInfo.: Mismatch @ 74fb9600
[ACEv10e]: Expected:
[ACEv10e]: > mov eax, 0x41092
[ACEv10e]: Found:
[ACEv10e]: > jmp 746414a0
[ACEv10e]: MetaData.......: 746cd34c -> C:\Windows\SYSTEM32\guard32.dll!?Exported@@YAXXZ+1 a1bc
[ACEv10e]: Kick Status....: Not kicking because bStrictSystemLibraryChecks is set to false
[ACEv10e]: +----------------------------------------------------------------------------+
[ACEv10e]: +----------------------------------------------------------------------------+
[ACEv10e]: KickReason.....: Hooked Function
[ACEv10e]: HookType.......: CODE
[ACEv10e]: HookAddress....: 0x74FD4FA0
[ACEv10e]: HookOffset.....: 0x0000
[ACEv10e]: HookFunction...: RegisterHotKey
[ACEv10e]: HookInfo.......: ?74fc0b70-e9d7c770ff/b8af131400
[ACEv10e]: AdditionalInfo.: Mismatch @ 74fc0b70
[ACEv10e]: Expected:
[ACEv10e]: > mov eax, 0x1413af
[ACEv10e]: Found:
[ACEv10e]: > jmp 746cd34c
[ACEv10e]: MetaData.......: 746cd733 -> C:\Windows\SYSTEM32\guard32.dll!?Exported@@YAXXZ+1 a5a3
[ACEv10e]: Kick Status....: Not kicking because bStrictSystemLibraryChecks is set to false
[ACEv10e]: +----------------------------------------------------------------------------+
[ACEv10e]: +----------------------------------------------------------------------------+
[ACEv10e]: KickReason.....: Hooked Function
[ACEv10e]: HookType.......: CODE
[ACEv10e]: HookAddress....: 0x74FF7650
[ACEv10e]: HookOffset.....: 0x0000
[ACEv10e]: HookFunction...: ClipCursor
[ACEv10e]: HookInfo.......: ?74fd4fa0-e98e876fff/b80f130400
[ACEv10e]: AdditionalInfo.: Mismatch @ 74fd4fa0
[ACEv10e]: Expected:
[ACEv10e]: > mov eax, 0x4130f
[ACEv10e]: Found:
[ACEv10e]: > jmp 746cd733
[ACEv10e]: MetaData.......: 746cd8cc -> C:\Windows\SYSTEM32\guard32.dll!?Exported@@YAXXZ+1 a73c
[ACEv10e]: Kick Status....: Not kicking because bStrictSystemLibraryChecks is set to false
[ACEv10e]: +----------------------------------------------------------------------------+
[ACEv10e]: +----------------------------------------------------------------------------+
[ACEv10e]: KickReason.....: Hooked Function
[ACEv10e]: HookType.......: CODE
[ACEv10e]: HookAddress....: 0x7501FE50
[ACEv10e]: HookOffset.....: 0x0000
[ACEv10e]: HookFunction...: SwitchDesktop
[ACEv10e]: HookInfo.......: ?74ff7650-e977626dff/8bff558bec
[ACEv10e]: AdditionalInfo.: Mismatch @ 74ff7650
[ACEv10e]: Expected:
[ACEv10e]: > mov edi, edi
[ACEv10e]: > push ebp
[ACEv10e]: > mov ebp, esp
[ACEv10e]: Found:
[ACEv10e]: > jmp 746cd8cc
[ACEv10e]: MetaData.......: 746cb9dc -> C:\Windows\SYSTEM32\guard32.dll!?Exported@@YAXXZ+1 884c
[ACEv10e]: Kick Status....: Not kicking because bStrictSystemLibraryChecks is set to false
[ACEv10e]: +----------------------------------------------------------------------------+
[ACEv10e]: +----------------------------------------------------------------------------+
[ACEv10e]: KickReason.....: Hooked Function
[ACEv10e]: HookType.......: CODE
[ACEv10e]: HookAddress....: 0x7501FE50
[ACEv10e]: HookOffset.....: 0x0000
[ACEv10e]: HookFunction...: SendMessageCallbackA
[ACEv10e]: HookInfo.......: ?7501fe50-e987bb6aff/8bff558bec
[ACEv10e]: AdditionalInfo.: Mismatch @ 7501fe50
[ACEv10e]: Expected:
[ACEv10e]: > mov edi, edi
[ACEv10e]: > push ebp
[ACEv10e]: > mov ebp, esp
[ACEv10e]: Found:
[ACEv10e]: > jmp 746cb9dc
[ACEv10e]: Kick Status....: Not kicking because bStrictSystemLibraryChecks is set to false
[ACEv10e]: +----------------------------------------------------------------------------+
[ACEv10e]: +------------------------------------------------------------------------------+
[ACEv10e]: BaseAddress....: 0x76780000
[ACEv10e]: LibraryName....: kernelbase.dll
[ACEv10e]: LibraryPath....: C:\Windows\SYSTEM32\KERNELBASE.dll
[ACEv10e]: LibrarySize....: 862720 bytes
[ACEv10e]: LibraryHash....: C2463331464B98D4543DB3F3D5993E57
[ACEv10e]: +------------------------------------------------------------------------------+
[ACEv10e]: KickReason.....: Hooked Function
[ACEv10e]: HookType.......: CODE
[ACEv10e]: HookAddress....: 0x767CA720
[ACEv10e]: HookOffset.....: 0x0000
[ACEv10e]: HookFunction...: SetProcessShutdownParameters
[ACEv10e]: HookInfo.......: ?767a9070-e9d80df2fd/8bff558bec
[ACEv10e]: AdditionalInfo.: Mismatch @ 767a9070
[ACEv10e]: Expected:
[ACEv10e]: > mov edi, edi
[ACEv10e]: > push ebp
[ACEv10e]: > mov ebp, esp
[ACEv10e]: Found:
[ACEv10e]: > jmp 746c9e4d
[ACEv10e]: MetaData.......: 746c9e4d -> C:\Windows\SYSTEM32\guard32.dll!?Exported@@YAXXZ+1 6cbd
[ACEv10e]: 746bbb44 -> C:\Windows\SYSTEM32\guard32.dll!?Exported@@YAXXZ+8 9b4
[ACEv10e]: Kick Status....: Not kicking because bStrictSystemLibraryChecks is set to false
[ACEv10e]: +----------------------------------------------------------------------------+
[ACEv10e]: +----------------------------------------------------------------------------+
[ACEv10e]: KickReason.....: Hooked Function
[ACEv10e]: HookType.......: CODE
[ACEv10e]: HookAddress....: 0x767FBBF0
[ACEv10e]: HookOffset.....: 0x0000
[ACEv10e]: HookFunction...: CopyFileExW
[ACEv10e]: HookInfo.......: ?767ca720-e91f14effdcccc/6a2068b0a77c76
[ACEv10e]: AdditionalInfo.: Mismatch @ 767ca720
[ACEv10e]: Expected:
[ACEv10e]: > push 0x20
[ACEv10e]: > push 0x767ca7b0
[ACEv10e]: Found:
[ACEv10e]: > jmp 746bbb44
[ACEv10e]: > int3
[ACEv10e]: > int3
[ACEv10e]: MetaData.......: 746bb9c9 -> C:\Windows\SYSTEM32\guard32.dll!?Exported@@YAXXZ+8 839
[ACEv10e]: Kick Status....: Not kicking because bStrictSystemLibraryChecks is set to false
[ACEv10e]: +----------------------------------------------------------------------------+
[ACEv10e]: +----------------------------------------------------------------------------+
[ACEv10e]: KickReason.....: Hooked Function
[ACEv10e]: HookType.......: CODE
[ACEv10e]: HookAddress....: 0x7683D7A0
[ACEv10e]: HookOffset.....: 0x0000
[ACEv10e]: HookFunction...: CopyFile2
[ACEv10e]: HookInfo.......: ?767fbbf0-e9d4fdebfdcccc/6a346818bd7f76
[ACEv10e]: AdditionalInfo.: Mismatch @ 767fbbf0
[ACEv10e]: Expected:
[ACEv10e]: > push 0x34
[ACEv10e]: > push 0x767fbd18
[ACEv10e]: Found:
[ACEv10e]: > jmp 746bb9c9
[ACEv10e]: > int3
[ACEv10e]: > int3
[ACEv10e]: MetaData.......: 746c06e7 -> C:\Windows\SYSTEM32\guard32.dll!?Exported@@YAXXZ+d 557
[ACEv10e]: Kick Status....: Not kicking because bStrictSystemLibraryChecks is set to false
[ACEv10e]: +----------------------------------------------------------------------------+
[ACEv10e]: +----------------------------------------------------------------------------+
[ACEv10e]: KickReason.....: Hooked Function
[ACEv10e]: HookType.......: CODE
[ACEv10e]: HookAddress....: 0x7683D7A0
[ACEv10e]: HookOffset.....: 0x0000
[ACEv10e]: HookFunction...: DefineDosDeviceW
[ACEv10e]: HookInfo.......: ?7683d7a0-e9422fe8fd/8bff558bec
[ACEv10e]: AdditionalInfo.: Mismatch @ 7683d7a0
[ACEv10e]: Expected:
[ACEv10e]: > mov edi, edi
[ACEv10e]: > push ebp
[ACEv10e]: > mov ebp, esp
[ACEv10e]: Found:
[ACEv10e]: > jmp 746c06e7
[ACEv10e]: Kick Status....: Not kicking because bStrictSystemLibraryChecks is set to false
[ACEv10e]: +----------------------------------------------------------------------------+
[ACEv10e]: +------------------------------------------------------------------------------+
[ACEv10e]: BaseAddress....: 0x76FF0000
[ACEv10e]: LibraryName....: ntdll.dll
[ACEv10e]: LibraryPath....: C:\Windows\SYSTEM32\ntdll.dll
[ACEv10e]: LibrarySize....: 1502000 bytes
[ACEv10e]: LibraryHash....: AF6B52CFBA71E4E95863827AF199C68B
[ACEv10e]: +------------------------------------------------------------------------------+
[ACEv10e]: KickReason.....: Hooked Function
[ACEv10e]: HookType.......: CODE
[ACEv10e]: HookAddress....: 0x7702C5B0
[ACEv10e]: HookOffset.....: 0x0000
[ACEv10e]: HookFunction...: ZwClose
[ACEv10e]: HookInfo.......: ?7702c3e0-e960db69fd/b80e000300
[ACEv10e]: AdditionalInfo.: Mismatch @ 7702c3e0
[ACEv10e]: Expected:
[ACEv10e]: > mov eax, 0x3000e
[ACEv10e]: Found:
[ACEv10e]: > jmp 746c9f45
[ACEv10e]: MetaData.......: 746c9f45 -> C:\Windows\SYSTEM32\guard32.dll!?Exported@@YAXXZ+1 6db5
[ACEv10e]: 746c1791 -> C:\Windows\SYSTEM32\guard32.dll!?Exported@@YAXXZ+e 601
[ACEv10e]: Kick Status....: Not kicking because bStrictSystemLibraryChecks is set to false
[ACEv10e]: +----------------------------------------------------------------------------+
[ACEv10e]: +----------------------------------------------------------------------------+
[ACEv10e]: KickReason.....: Hooked Function
[ACEv10e]: HookType.......: CODE
[ACEv10e]: HookAddress....: 0x7702C790
[ACEv10e]: HookOffset.....: 0x0000
[ACEv10e]: HookFunction...: ZwTerminateProcess
[ACEv10e]: HookInfo.......: ?7702c5b0-e9dc5169fd/b82b000700
[ACEv10e]: AdditionalInfo.: Mismatch @ 7702c5b0
[ACEv10e]: Expected:
[ACEv10e]: > mov eax, 0x7002b
[ACEv10e]: Found:
[ACEv10e]: > jmp 746c1791
[ACEv10e]: MetaData.......: 746c21af -> C:\Windows\SYSTEM32\guard32.dll!?Exported@@YAXXZ+f 01f
[ACEv10e]: Kick Status....: Not kicking because bStrictSystemLibraryChecks is set to false
[ACEv10e]: +----------------------------------------------------------------------------+
[ACEv10e]: +----------------------------------------------------------------------------+
[ACEv10e]: KickReason.....: Hooked Function
[ACEv10e]: HookType.......: CODE
[ACEv10e]: HookAddress....: 0x7702CA50
[ACEv10e]: HookOffset.....: 0x0000
[ACEv10e]: HookFunction...: ZwCreateSection
[ACEv10e]: HookInfo.......: ?7702c790-e91a5a69fd/b849000000
[ACEv10e]: AdditionalInfo.: Mismatch @ 7702c790
[ACEv10e]: Expected:
[ACEv10e]: > mov eax, 0x49
[ACEv10e]: Found:
[ACEv10e]: > jmp 746c21af
[ACEv10e]: MetaData.......: 746c30d3 -> C:\Windows\SYSTEM32\guard32.dll!?Exported@@YAXXZ+f f43
[ACEv10e]: Kick Status....: Not kicking because bStrictSystemLibraryChecks is set to false
[ACEv10e]: +----------------------------------------------------------------------------+
[ACEv10e]: +----------------------------------------------------------------------------+
[ACEv10e]: KickReason.....: Hooked Function
[ACEv10e]: HookType.......: CODE
[ACEv10e]: HookAddress....: 0x7702CD50
[ACEv10e]: HookOffset.....: 0x0000
[ACEv10e]: HookFunction...: ZwAlpcConnectPort
[ACEv10e]: HookInfo.......: ?7702ca50-e97e6669fd/b875000000
[ACEv10e]: AdditionalInfo.: Mismatch @ 7702ca5
__________________
Switzz, the DmZ with filter

https://www.facebook.com/groups/RomanianNetTdm/ -Facebook Group: Only serious players that like fun! Group: "Unreal Tournament 99 RomainiansNet's TDM Server"
Server Romanianet TDM relics: 108.61.253.20:7777 (NL)
Server 2 Switzz 1v1 ++: 35.187.187.131 (Google LLC)
Reply With Quote