Oh, and if anyone cares. I spent around 8 hours figuring out what the kernel level anticheat does (as best as you can thanks to encrytion bullshit) and what is a safe way to play games with (chinese) kernel anticheats. ACE in itself behaves very properly for anticheat standarts; it doesnt keylog and does not try to overtake your browser infos. It does read RAM, so if you have your browser open, your passwords and active login sessions might be able to be read. Not saying thats what ACE does (Tencent getting caught stealing sensitve data would cost them billions by current EU, Indian (for some reason those poopeaters dont fuck around with this kernel shit), chinese and american laws) because honestly, Kuro and Tencent have a bigger incentive to play by the rules and rake in soft power and unholy amounts of money the proper way. Stealing sensitive data like passwords would not nearly be as profitable as one might expect in comparing to Tencents annual income, for example.
BUT. There are some shady things that ACE anticheat does in every chinese game that it is being implemented in. There is a file it drops that is called "mstmc.ttf". It drops it in C:\\Windows\Fonts (!!!) and it is not a font file (!!!!!). It is also hidden and reinstalls itself each time you open up the game (!!!!!!!!). Now, i found a few posts of chinese people complaining about this specific file for various reasons but nothing concrete that could imply some spyshit. Still, if you want to check if you have this file on your system, you can only do so via powershell, which is also very supicious. Here is the line:
>Get-Item "C:\Windows\Fonts\mstmc.ttf" | Format-List *
here is how to delete it (it reinstalls anyway each time you boot Wuwa)
>Remove-Item -Path "C:\Windows\Fonts\mstmc.ttf" -Force
Another thing you should know, is that ACE probably has its fingers inside your Crypto folders:
>C\ProgramData\Microsoft\Crypto\RSA\MachineKeys
You should look at the dates of the files and which ones were last modified that align with ACE anticheat usage. This thing is most likely a fingerprint of your computer and has some sensitive data about your system that is needed by ACE.
Besides the obvious ACE-base.sys driver in your system32\drivers folder, there is only one thing that is the most suspicious of them all and its in plain sight: The AntiCheatExpert folder in C:\\ProgramData (hidden folder). It has a .dat file that is not a .dat file. Virustotal recognizes it as an obfuscated .zip file with an executable inside it. Weird, isnt it? Keep an eye on that one as well. Oh, and the WuWa folder itself has ACE anticheat stuff inside it as well;
>Wuthering Waves Game\Client\Binaries\Win64
Its just a folder saying ACE anticheat, easy to spot.
Why am i typing all this? All these things remain on your computer even after you uninstall ACE anticheat (which i do with every closing of the game). Even if the anticheat stops operation when the game is not running like a good boy, i still feel kind of unsafe with all these other lingering drivers and hidden files and folders still on my system. So if you want to be super safe, delete these things after each session.
>but what about regedit, anon?
Basically everything ACE leaves in regedit is quite harmless or poses very low risk, if at all. No issues there (nice job, ACE, unironically).
So yeah. Just wanted to leave that here. Im going back to farming pulls for elf!