|
#1
|
|||
|
|||
(Not a bash thread) h4x0r trainers dropping dll's
Yep a few dll's are dropped by his trainers and no doubt loaded via regsvr32. And some other crap.
They are.. h4x0r.dll scs.dll scx.dll Along with game.jpeg (probably the box art) chip.dll in windows\system32 ((would have said this is for chip tune playback, but does his trainers have tunes?)). Along with Pvt.tmp in the same folder. a sicheats.dll on your desktop. Also in the same folder as the trainer is running from, it creates a skins folder also. So do avoid this crap, not only is he stealing from trainer makers, he is also potentially malware'ing your system (not sure but there has been reports, he could be looking for ways of getting CH accounts or something). It is also reported that the injected h4x0r.dll is causing problems with other trainers from editing memory locations, thusly making them not work (not tried this myself and dont want to) Psych was nice enough to create a good old DOS batch file, to be run from root of your system drive, mostly being C:\ Last edited by DABhand; 11-02-2010 at 12:28. |
Sponsored Links |
#2
|
|||
|
|||
I can also vouch for these mysterious dll files being left behind after using one of h4x0r's trainers that I downloaded from this site. Not only are they left behind, they are marked as hidden system files on the root of C:\. I always trusted software I download from GCW, but not any more.
|
#3
|
|||
|
|||
popsoda this is nothing to do with GCW. Its h4x0r's doing.
|
#4
|
|||
|
|||
I understand that but they willingly host his files even after numerous people have complained about them over the last 6 months or more. Obviously he's taken that for granted and is now using GCW to spread his password stealing malware through his trainers. Not sure how many more strikes this guy is allowed before he's 'out'.
|
#5
|
|||
|
|||
Dunno lets hope not for long
But lets not go into bashing h4x0r time, lets hope this helps people |
#6
|
|||
|
|||
I could care less about the whole h4x0r vs Ch thing, but I don't appreciate the malware.
|
#7
|
||||
|
||||
Quote:
HAHAHAHAHAHA!, another sucker CH friend here, LIE!, ARE EQUALLY TO ALL THAT SHIT COME AGAINST ME great JUDAS are you DABhand, go to CH to cry GOGOGOGO, malware? XDD please no edit my trainers a hex editor, loser and thanks, another user reported to EMPIRE, FALSE ACUSATIONS. and chip.dll¿?¿?¿?, pleae man, install an antivirus in your pc and format xD PD: I suppose you FREE access to CH to help bury my reputation not it, though that is something you will not get, people know what kind shit you are, YES OR YES? Last edited by h4x0r #; 11-02-2010 at 14:42. |
#8
|
|||
|
|||
Easy enough for any staff to check your trainers.
And if you learned to read English you will see this wasnt a bashing attempt. And you will also see I didnt say IT IS malware, so get it right, maybe one of your bum chums in your forums can tell you in spanish what is said. And as for trainer making, I make you look like a sunday school picnic lad. You have no skill what so ever. So dont even sit there and act big. Your trainers drop .dll's and no this was not started by CH it was found out by others, so your little stupid CH comment has gone right out the window. Sure report me to Empire, I bet I know who is going to trust more between us 2. Effin loser. Last edited by DABhand; 11-02-2010 at 16:34. |
#9
|
|||
|
|||
Quote:
Quote:
Quote:
Whetever.. Lock? Last edited by [Psych]; 12-02-2010 at 05:12. |
#10
|
|||
|
|||
Can anyone please tell me which specific trainers are leaving/creating dll's anywhere on disk
I tried a few and could not find any of the files anywhere... And reports that the h4x0r.dll is causing problems which you did not see for yourself is a bit useless info as we can do nothing with it... And calling it potential malware is again ridiculous without actual proof that it is malware. Any application in existence could be potential malware when run... Without giving actual examples it is just bashing h4x0r, can't call it anything else! Can you?! I am not saying that he is doing nothing wrong, it could be an error on his part or it could be doing this on purpose. But without proof that he is doing this on purpose it is plain useless information! If anyone is spreading malware to gain access to private information than they are treated accordingly! So it the end none is being "helped" with this info or are they really?! It is quite the opposite... So I am not defending anyone, just proof your case before attacking anyone, as you can already see that ignorant users pick this up as GCW is doing this and I really do not like this kind of stupid/useless thinking. It will only result in a complete ban here of this subject in any way! |
#11
|
|||
|
|||
Wow, never thought I would live to see the day where Empire is actually defending the actions of h4x0r. I guess those kickback rumors were true after all. Man, that's a true shame.
|
#12
|
|||
|
|||
BTW, I have submitted all of these .dll files to over 20 antivirus companies for further analysis and inclusion in their new signature updates. Hopefully they can help to eradicate this crap.
It was pretty sneaky slipping malware into trainer files since most sites (including this one) tell people that trainers are safe and to disable their AV to let them run. |
#13
|
|||
|
|||
Empire, I was only relaying information.
I said Potentially that doesnt mean IT IS. Same with the h4x0r.dll I said it was reported by a number of people, I didnt try, because I dont want to use his trainers on principle. So I shouldnt tell people to be careful? You are encouraging people to be less careful and just carry on? If his new trainers aren't dropping the dll's anymore, there is a chance he has redone them so they dont. Since his trainers were caught doing so. At NO TIME should they be dropping dll's and hidden at that on the root of the system drive, what purpose does that have? Thats suspicious in itself. Proof it does drop dll's, popsoda just said it did, if you check the net on other places they said it did. Ergo it does. Anyways, I can see im wasting my time. I shouldn't have bothered to warn people about the guy trying to get people to visit a link that would infect them either.. Since I didnt try it, perhaps its false yes? hmmm |
#14
|
|||
|
|||
Here is a pic Psych posted lately, I thought it was Psych's desktop but it turns out to be someone elses. So another piece of proof it drops dll's.
And check the date, back in december last year so this has been going on for a while. |
#15
|
|||
|
|||
Just to clarify, this was only intended as a clean-up utility to use if people wish, and not as a bash against h4x0r. Hell, there are other trainer makers who drop .dll's (although for specific hack purposes and only the one). Perhaps I could include it to scan for them too. Bottom-line, I don't care, nor do I need the crap
|
Thread Tools | |
Display Modes | |
|
|