Well, I guess this goes without saying, but change your passwords if you downloaded this. Its obviously not detected by some leading antivirus software, so even if you didn't detect it, don't assume its real. Its a rootkit, so it won't show up under process lists, and even if you think you got rid of it, it is probably still running. I am submitting it to antivirus companies now, so hopefully it will be detected in the next few days/weeks.
From the image he posted, you can tell it captures firefox password files. To see what he may have gotten, check what passwords Firefox saves for you. This can be done in the Firefox options menu, under security. Anything you see should be changed immediately.
Research is currently being done on this, and it has already been determined this was made from a **** program posted on that "hackforums" website. There's a remover there, but I still wouldn't take the chances. I recommend you use another computer or reformat your current one before doing anything else. You should change all important passwords now, even if you don't think he got 'em. If he got any bank information or such, consider alerting the authorities.
The keylogger used was "". It has a 'Cure Yourself' feature to re-enable task manager and registry modification.
For those who got infected, run the "Cure Yourself" feature, ctrl-alt-delete and kill the still running epvpers bypass. You may want to delete the stuff in your Documents and Settings/[Username]/Local Settings/Temp folder.
Also, to Halfslashed and VladiSan, you two may want to provide some evidence before you start pointing fingers at others. The two of you sound like you want it to be Iesuok which just makes it easier for people to be suspicious of you two.
VladiSan, your path from Ferghus->Ferghus mod->Lorek->Iesuok = You're an idiot.
Sure, I may've taken some shots in the dark myself, but at least it didn't sound as stupid as your "hypothesis".
Anyways, before you guys start forming a lynch mob against Iesuok, you probably want to make sure it is in fact him.
Btw- Right click the executable, go to properties, click on version tab. The name listed is "Predator Stubv.2". Google that. You'd think people would refrain from running anything named Predator.
Everyone who downloaded this thingy should scan his pc or just format and setting everything up new.
This redro guy got banned and so will se thread be closed and the link edited.
[PROJEKT] Epvpers Power Hack 05/09/2011 - WarRock - 57 Replies Hallo!
Ich hab mal ein Projekt gestartet.
Der "Epvpers Power Hack".
Das ist ein Hack für Warrock.
Er wird in Visual Basic 2008 / C++ geschrieben.
Da ich beide Sprachen perfekt beherrsche wird das kein Problem sein :)
Der Hack wird alle funktionen haben, die es gibt, mit noch ein paar extra Funktionen.
Außerdem wird der "Hack" mit Plugins erweiterbar sein.
So kann man später Plugins in VisualBasic / C++ entwickeln.
Ein Plugin könnte z.B. ein Bugfix oder eine neue Funktion z.B. ein neuer...
BETA PW-MOD-MS (multi-client, bypass, zoom-hack, jump-hack, mount-jumphack, fly-hack) 12/10/2009 - PW Hacks, Bots, Cheats, Exploits - 28 Replies tell me if it works not yet tested :o
u can also upload your client here for modding request but you have to wait because im busy. :o
UPDATE: Im busy so ive just done some quick fixing dunno if it work now try it again.
". It has a 'Cure Yourself' feature to re-enable task manager and registry modification.
