Go Back   FileForums > Games > Game Trainers

Closed Thread
 
Thread Tools Display Modes
  #1  
Old 11-02-2010, 12:13
DABhand DABhand is offline
Banned
 
Join Date: Nov 2004
Location: Near my PC
Posts: 5,406
Thanks: 0
Thanked 3 Times in 3 Posts
DABhand is on a distinguished road
(Not a bash thread) h4x0r trainers dropping dll's

Yep a few dll's are dropped by his trainers and no doubt loaded via regsvr32. And some other crap.

They are..

h4x0r.dll
scs.dll
scx.dll

Along with game.jpeg (probably the box art)

chip.dll in windows\system32 ((would have said this is for chip tune playback, but does his trainers have tunes?)). Along with Pvt.tmp in the same folder.

a sicheats.dll on your desktop.

Also in the same folder as the trainer is running from, it creates a skins folder also.

So do avoid this crap, not only is he stealing from trainer makers, he is also potentially malware'ing your system (not sure but there has been reports, he could be looking for ways of getting CH accounts or something). It is also reported that the injected h4x0r.dll is causing problems with other trainers from editing memory locations, thusly making them not work (not tried this myself and dont want to)

Psych was nice enough to create a good old DOS batch file, to be run from root of your system drive, mostly being C:\
Attached Files
File Type: zip H4x0r-Sicheats cleanup script.zip (333 Bytes, 209 views)

Last edited by DABhand; 11-02-2010 at 12:28.
Sponsored Links
  #2  
Old 11-02-2010, 12:51
popsoda popsoda is offline
Registered User
 
Join Date: Aug 2009
Location: Somewhere out there
Posts: 9
Thanks: 0
Thanked 0 Times in 0 Posts
popsoda is on a distinguished road
I can also vouch for these mysterious dll files being left behind after using one of h4x0r's trainers that I downloaded from this site. Not only are they left behind, they are marked as hidden system files on the root of C:\. I always trusted software I download from GCW, but not any more.
  #3  
Old 11-02-2010, 12:58
DABhand DABhand is offline
Banned
 
Join Date: Nov 2004
Location: Near my PC
Posts: 5,406
Thanks: 0
Thanked 3 Times in 3 Posts
DABhand is on a distinguished road
popsoda this is nothing to do with GCW. Its h4x0r's doing.
  #4  
Old 11-02-2010, 13:03
popsoda popsoda is offline
Registered User
 
Join Date: Aug 2009
Location: Somewhere out there
Posts: 9
Thanks: 0
Thanked 0 Times in 0 Posts
popsoda is on a distinguished road
I understand that but they willingly host his files even after numerous people have complained about them over the last 6 months or more. Obviously he's taken that for granted and is now using GCW to spread his password stealing malware through his trainers. Not sure how many more strikes this guy is allowed before he's 'out'.
  #5  
Old 11-02-2010, 13:10
DABhand DABhand is offline
Banned
 
Join Date: Nov 2004
Location: Near my PC
Posts: 5,406
Thanks: 0
Thanked 3 Times in 3 Posts
DABhand is on a distinguished road
Dunno lets hope not for long

But lets not go into bashing h4x0r time, lets hope this helps people
  #6  
Old 11-02-2010, 13:14
popsoda popsoda is offline
Registered User
 
Join Date: Aug 2009
Location: Somewhere out there
Posts: 9
Thanks: 0
Thanked 0 Times in 0 Posts
popsoda is on a distinguished road
I could care less about the whole h4x0r vs Ch thing, but I don't appreciate the malware.
  #7  
Old 11-02-2010, 14:35
h4x0r #'s Avatar
h4x0r # h4x0r # is offline
Registered User
 
Join Date: Apr 2009
Location: Spain
Posts: 200
Thanks: 0
Thanked 5 Times in 2 Posts
h4x0r # is on a distinguished road
Quote:
Originally Posted by DABhand View Post
Yep a few dll's are dropped by his trainers and no doubt loaded via regsvr32. And some other crap.

They are..

h4x0r.dll
scs.dll
scx.dll

Along with game.jpeg (probably the box art)

chip.dll in windows\system32 ((would have said this is for chip tune playback, but does his trainers have tunes?)). Along with Pvt.tmp in the same folder.

a sicheats.dll on your desktop.

Also in the same folder as the trainer is running from, it creates a skins folder also.

So do avoid this crap, not only is he stealing from trainer makers, he is also potentially malware'ing your system (not sure but there has been reports, he could be looking for ways of getting CH accounts or something). It is also reported that the injected h4x0r.dll is causing problems with other trainers from editing memory locations, thusly making them not work (not tried this myself and dont want to)

Psych was nice enough to create a good old DOS batch file, to be run from root of your system drive, mostly being C:\
(not sure but there has been reports, he could be looking for ways of getting CH accounts or something)

HAHAHAHAHAHA!, another sucker CH friend here, LIE!, ARE EQUALLY TO ALL THAT SHIT COME AGAINST ME

great JUDAS are you DABhand, go to CH to cry GOGOGOGO, malware? XDD please no edit my trainers a hex editor, loser and thanks, another user reported to EMPIRE, FALSE ACUSATIONS.

and chip.dll¿?¿?¿?, pleae man, install an antivirus in your pc and format xD

PD: I suppose you FREE access to CH to help bury my reputation not it, though that is something you will not get, people know what kind shit you are, YES OR YES?

Last edited by h4x0r #; 11-02-2010 at 14:42.
  #8  
Old 11-02-2010, 16:23
DABhand DABhand is offline
Banned
 
Join Date: Nov 2004
Location: Near my PC
Posts: 5,406
Thanks: 0
Thanked 3 Times in 3 Posts
DABhand is on a distinguished road
Easy enough for any staff to check your trainers.

And if you learned to read English you will see this wasnt a bashing attempt. And you will also see I didnt say IT IS malware, so get it right, maybe one of your bum chums in your forums can tell you in spanish what is said.

And as for trainer making, I make you look like a sunday school picnic lad. You have no skill what so ever. So dont even sit there and act big.

Your trainers drop .dll's and no this was not started by CH it was found out by others, so your little stupid CH comment has gone right out the window.

Sure report me to Empire, I bet I know who is going to trust more between us 2.

Effin loser.

Last edited by DABhand; 11-02-2010 at 16:34.
  #9  
Old 12-02-2010, 01:18
[Psych] [Psych] is offline
Banned
 
Join Date: Nov 2008
Location: In a heap :-)
Posts: 201
Thanks: 0
Thanked 0 Times in 0 Posts
[Psych] is on a distinguished road
Quote:
Originally Posted by h4x0r # View Post
great JUDAS are you DABhand, go to CH to cry GOGOGOGO, malware? XDD please no edit my trainers a hex editor, loser and thanks, another user reported to EMPIRE, FALSE ACUSATIONS.
This wasn't a bash thread, but I guess you just turned it into one when it wasn't necessary.

Quote:
Originally Posted by h4x0r # View Post
and chip.dll¿?¿?¿?, pleae man, install an antivirus in your pc and format xD
This and the other .dll ARE dropped by at least one of your recent trainers, so don't go all innocent. It gets even more suspicious when you flatout deny it, when it happened right in front of my sodding eyes.

Quote:
Originally Posted by h4x0r # View Post
PD: I suppose you FREE access to CH to help bury my reputation not it, though that is something you will not get, people know what kind shit you are, YES OR YES?
Actually, one could say that your access is how you are able to release 'identical copies' (better word isn't it!) so quickly and easily. This thread has nothing to do with CH, nor does it have anything to do with you personally. No need to get all upset. Hell, this is doing you a favour! You also never unbanned me from your site, not that I was suprised at that. But it's just you lying as usual. Saying stuff for the sake of keeping up appearances I guess. You of all people should know about dyn. IP's, proxies, alternate aliases etc.

Whetever.. Lock?

Last edited by [Psych]; 12-02-2010 at 05:12.
  #10  
Old 12-02-2010, 05:34
EMPiRE EMPiRE is offline
Administrator
 
Join Date: Feb 2002
Posts: 1,338
Thanks: 7
Thanked 147 Times in 101 Posts
EMPiRE is on a distinguished road
Can anyone please tell me which specific trainers are leaving/creating dll's anywhere on disk

I tried a few and could not find any of the files anywhere...

And reports that the h4x0r.dll is causing problems which you did not see for yourself is a bit useless info as we can do nothing with it...

And calling it potential malware is again ridiculous without actual proof that it is malware. Any application in existence could be potential malware when run...

Without giving actual examples it is just bashing h4x0r, can't call it anything else! Can you?!

I am not saying that he is doing nothing wrong, it could be an error on his part or it could be doing this on purpose. But without proof that he is doing this on purpose it is plain useless information!

If anyone is spreading malware to gain access to private information than they are treated accordingly!

So it the end none is being "helped" with this info or are they really?! It is quite the opposite...

So I am not defending anyone, just proof your case before attacking anyone, as you can already see that ignorant users pick this up as GCW is doing this and I really do not like this kind of stupid/useless thinking.
It will only result in a complete ban here of this subject in any way!
  #11  
Old 12-02-2010, 08:30
popsoda popsoda is offline
Registered User
 
Join Date: Aug 2009
Location: Somewhere out there
Posts: 9
Thanks: 0
Thanked 0 Times in 0 Posts
popsoda is on a distinguished road
Wow, never thought I would live to see the day where Empire is actually defending the actions of h4x0r. I guess those kickback rumors were true after all. Man, that's a true shame.
  #12  
Old 12-02-2010, 08:46
popsoda popsoda is offline
Registered User
 
Join Date: Aug 2009
Location: Somewhere out there
Posts: 9
Thanks: 0
Thanked 0 Times in 0 Posts
popsoda is on a distinguished road
BTW, I have submitted all of these .dll files to over 20 antivirus companies for further analysis and inclusion in their new signature updates. Hopefully they can help to eradicate this crap.

It was pretty sneaky slipping malware into trainer files since most sites (including this one) tell people that trainers are safe and to disable their AV to let them run.
  #13  
Old 12-02-2010, 08:59
DABhand DABhand is offline
Banned
 
Join Date: Nov 2004
Location: Near my PC
Posts: 5,406
Thanks: 0
Thanked 3 Times in 3 Posts
DABhand is on a distinguished road
Empire, I was only relaying information.

I said Potentially that doesnt mean IT IS. Same with the h4x0r.dll I said it was reported by a number of people, I didnt try, because I dont want to use his trainers on principle.

So I shouldnt tell people to be careful? You are encouraging people to be less careful and just carry on?

If his new trainers aren't dropping the dll's anymore, there is a chance he has redone them so they dont. Since his trainers were caught doing so. At NO TIME should they be dropping dll's and hidden at that on the root of the system drive, what purpose does that have? Thats suspicious in itself.

Proof it does drop dll's, popsoda just said it did, if you check the net on other places they said it did. Ergo it does.

Anyways, I can see im wasting my time. I shouldn't have bothered to warn people about the guy trying to get people to visit a link that would infect them either.. Since I didnt try it, perhaps its false yes? hmmm
  #14  
Old 12-02-2010, 09:22
DABhand DABhand is offline
Banned
 
Join Date: Nov 2004
Location: Near my PC
Posts: 5,406
Thanks: 0
Thanked 3 Times in 3 Posts
DABhand is on a distinguished road
Here is a pic Psych posted lately, I thought it was Psych's desktop but it turns out to be someone elses. So another piece of proof it drops dll's.



And check the date, back in december last year so this has been going on for a while.
  #15  
Old 12-02-2010, 09:34
[Psych] [Psych] is offline
Banned
 
Join Date: Nov 2008
Location: In a heap :-)
Posts: 201
Thanks: 0
Thanked 0 Times in 0 Posts
[Psych] is on a distinguished road
Just to clarify, this was only intended as a clean-up utility to use if people wish, and not as a bash against h4x0r. Hell, there are other trainer makers who drop .dll's (although for specific hack purposes and only the one). Perhaps I could include it to scan for them too. Bottom-line, I don't care, nor do I need the crap
Closed Thread

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump



All times are GMT -7. The time now is 03:40.


Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2024, vBulletin Solutions Inc.
Copyright 2000-2020, FileForums @ https://fileforums.com