MALWATE WARNING: (2Moons hack Trainer v3)

Yeah don't mess with it unless you know what to do :).

Btw, anyone got the first release of the trainer (some months ago)? Is that trainer clean? If it is, it could be that someone else appended the malware into it. It doesn't have to be VxWxV. Just thought of that...

the first V3 trainer? or THE FIRST trainer he made?

Quote:

Originally Posted by waidas123 the first V3 trainer? or THE FIRST trainer he made?

The v3 I suppose. Anyway the one with the same visual looks :).

no I think hes talking about V1 and V2

also I found the gadu-gadu keygen trying to extract the scripts lol
I was looking for resemblances to the known scripts and in the presses I think I borke the keyen and it was giving an error every time it took a screen shot lol.

I would like to extract the Trainer only but Im not sure what is the trainer and what is not.
I would like to learn tho

Quote:

Originally Posted by 6Drako9 no I think hes talking about V1 and V2 I would like to extract the Trainer only but Im not sure what is the trainer and what is not. I would like to learn tho

If you say so, idk what it's called but I mean the one with the same visual looks and functions. It was released before. I wonder if it was a clean one or one like this too.

The good thing about the runtime SFXes are that they store all the files in a temporary folder. The clean trainer can be found there too. And the Gadu-Gadu.exe . It would be much harder if the trainer would've been compiled to work malicious. But no, all malicious things are just appended in a runtime SFX :).

can someone tell me if the [Only registered and activated users can see links. Click Here To Register...]
its clear, and the fist , kind of cheat were clear ?, 'cause i'm usin him percect usa hack , share folder( from the fist tut, that he deleted)

Quote:

Originally Posted by vitorjun can someone tell me if the [Only registered and activated users can see links. Click Here To Register...] its clear, and the fist , kind of cheat were clear ?, 'cause i'm usin him percect usa hack , share folder( from the fist tut, that he deleted)

It should be ok. All CSV files are always clean. Idk about the additional tools.

Quote:

Originally Posted by InstantDeath Looks like the Malware has been appended to the trainer by Microsoft CAB SFX. I managed to extract the trainer from the SFX. So what I'm saying is that the trainer isn't a malware but there has been a malware appended to the trainer in the form as an runtime SFX archive.

So...I'm seeing two files inside the trainer exe - 2MOONS~2.EXE & server.exe.

Just viewing the server.exe in winrar's internal viewer, I can see the address it sends data to.

What did you use to view the internals on these?

Is there anything compelling in the trainer?

I 'spose I could sandbox it, and use a throwaway account with it to test.

Quote:

Originally Posted by L.e.v.i.a.t.h.a.n My ORYGINAL Trainer is Clear and Dont Have any Virus. And all LINKS what post NOOBS are not MY so I dont now what They do Wich Him.

Its Hard to believe you .. , Well Number One Reason is , You barely posted on this thread , How long it take you to come up with that lie? No Offense does he Speak English?

So....I extracted and am using the trainer itself after dumping the server.exe.

But shouldn't the original thread be nuked for 1-click?

Quote:

Originally Posted by L.e.v.i.a.t.h.a.n Hmm U now what I tell u? GTFO and dont begin me for hack u Noob wana Hack so do Them.

I'm lost are you a fucking stupid ass retard or what?

Quoting Stupid Kid

"U now I what tell u?

GTFO and dont begin me for hack?"

I'm not asking for your stupid hack cunt. So stfu you stupid fucking idiot , you qqing about me saying you put the shit in it only makes you look worst. Really don't care if I get an Infraction for that.

Quote:

Originally Posted by L.e.v.i.a.t.h.a.n Hmm U now what I tell u? GTFO and dont begin me for hack u Noob wana Hack so do Them.

Sure Sounds like VXV lol.

Quote:

Originally Posted by SillyLittleWhore So....I extracted and am using the trainer itself after dumping the server.exe. But shouldn't the original thread be nuked for 1-click?

It should, but the mods are somewhere else than on E*pvp.

Quote:

Originally Posted by Keith1 Sure Sounds like VXV lol.

Wonder why? :p...

Quote:

Originally Posted by L.e.v.i.a.t.h.a.n My ORYGINAL Trainer is Clear and Dont Have any Virus. And all LINKS what post NOOBS are not MY so I dont now what They do Wich Him.

lol at you man no offense but everybody knows, all mods and all people who were there when u posted trainer v 3 know that it had keylogger in it made by you, wanna ask any MOD lol? you still got that childish sence of humor and a big ego :) Well hope sometime you'll grow up, best of luck to you man ;)

Amen