06-27-2010
|
 |
{V][M}VCTF Admin
|
|
Join Date: Jan 2007
Age: 27
|
|
Quote:
[2010-03-31 19:55:05] - [INSECURE CLIENT] <M.A.D>Arclite [ 651fb1cc06f1e0777a53585b987dcf7b ] IP: 87.4.243.189 Security ID: 2 using v3369, security state: PerformingMD5Checks
[2010-03-31 19:55:05] - Found disallowed file(s) 'AntiTCC119Beta22.ini'
[2010-03-31 19:55:05] - Matching custom blacklist wildcard 'AntiTCC11*.ini'
[2010-03-31 19:55:05] - (Please check that there's actually a match, otherwise it's a false positive.)
[2010-03-31 19:55:05] - [INSECURE CLIENT] <M.A.D>Arclite [ 651fb1cc06f1e0777a53585b987dcf7b ] IP: 87.4.243.189 Security ID: 2 using v3369, security state: PerformingMD5Checks
[2010-03-31 19:55:05] - Found disallowed file(s) 'AntiTCC119Beta22.u'
[2010-03-31 19:55:05] - Matching custom blacklist wildcard 'AntiTCC119Beta22.u'
[2010-03-31 19:55:05] - (Please check that there's actually a match, otherwise it's a false positive.)
[2010-03-31 19:55:05] - [INSECURE CLIENT] <M.A.D>Arclite [ 651fb1cc06f1e0777a53585b987dcf7b ] IP: 87.4.243.189 Security ID: 2 using v3369, security state: PerformingMD5Checks
[2010-03-31 19:55:05] - modified file 'AntiTCC119Beta22' (../System/AntiTCC119Beta22.u)
[2010-03-31 19:55:05] - Full MD5/GUID [5ca7cffba74b3c8b3da307a2da579b28/00000000000000000000000000000000]
[2010-03-31 19:55:05] - Expected [4a6a0ec058e71da947e67c017c7854b9/BBEE9F924023E6B3FB299593E457951A]
[2010-03-31 19:55:13] - [INSECURE CLIENT] <M.A.D>Arclite [ 651fb1cc06f1e0777a53585b987dcf7b ] IP: 87.4.243.189 Security ID: 2 using v3369, security state: PerformingMD5Checks
[2010-03-31 19:55:13] - Found disallowed file(s) 'InfamousBot.ini'
[2010-03-31 19:55:13] - Matching custom blacklist wildcard 'InfamousBot.ini'
[2010-03-31 19:55:13] - (Please check that there's actually a match, otherwise it's a false positive.)
[2010-03-31 19:55:13] - [INSECURE CLIENT] <M.A.D>Arclite [ 651fb1cc06f1e0777a53585b987dcf7b ] IP: 87.4.243.189 Security ID: 2 using v3369, security state: PerformingMD5Checks
[2010-03-31 19:55:13] - Found disallowed file(s) 'InfamousBot.u'
[2010-03-31 19:55:13] - Matching custom blacklist wildcard 'InfamousBot.u'
[2010-03-31 19:55:13] - (Please check that there's actually a match, otherwise it's a false positive.)
|
Quote:
[2010-03-30 18:24:22] - [INSECURE CLIENT] MartianMan [ eab1d3631c2dfb26267879ad5f5992d0 ] IP: 74.141.145.33 Security ID: 10 using v3369, security state: PerformingMD5Checks
[2010-03-30 18:24:22] - Found disallowed file(s) 'AntiTCC119Beta22.ini'
[2010-03-30 18:24:22] - Matching custom blacklist wildcard 'AntiTCC11*.ini'
[2010-03-30 18:24:22] - (Please check that there's actually a match, otherwise it's a false positive.)
[2010-03-30 18:24:23] - [INSECURE CLIENT] MartianMan [ eab1d3631c2dfb26267879ad5f5992d0 ] IP: 74.141.145.33 Security ID: 10 using v3369, security state: PerformingMD5Checks
[2010-03-30 18:24:23] - Found disallowed file(s) 'AntiTCC119Beta22.u'
[2010-03-30 18:24:23] - Matching custom blacklist wildcard 'AntiTCC119Beta22.u'
[2010-03-30 18:24:23] - (Please check that there's actually a match, otherwise it's a false positive.)
[2010-03-30 18:24:23] - [INSECURE CLIENT] MartianMan [ eab1d3631c2dfb26267879ad5f5992d0 ] IP: 74.141.145.33 Security ID: 10 using v3369, security state: PerformingMD5Checks
[2010-03-30 18:24:23] - modified file 'AntiTCC119Beta22' (../System/AntiTCC119Beta22.u)
[2010-03-30 18:24:23] - Full MD5/GUID [5ca7cffba74b3c8b3da307a2da579b28/00000000000000000000000000000000]
[2010-03-30 18:24:23] - Expected [4a6a0ec058e71da947e67c017c7854b9/BBEE9F924023E6B3FB299593E457951A]
|
Quote:
[2010-03-22 20:31:05] - [INSECURE CLIENT] Wylie [ facd470bcb02f6a026f9d98577c183c7 ] IP: 24.67.142.16 Security ID: 11 using v3369, security state: SecureDefaultSkins
[2010-03-22 20:31:05] - Found disallowed prefetch file(s) 'WINJECT.EXE-F5D3A440.pf'
[2010-03-22 20:31:05] - Matching custom prefetch blacklist wildcard 'WINJECT.EXE*-????????.pf'
[2010-03-22 20:31:05] - (Please check that there's actually a match, otherwise it's a false positive.)
[2010-03-22 20:31:15] - [INSECURE CLIENT] Wylie [ facd470bcb02f6a026f9d98577c183c7 ] IP: 24.67.142.16 Security ID: 11 using v3369, security state: SecureDefaultSkins
[2010-03-22 20:31:15] - Found disallowed prefetch file(s) 'WINJECT.EXE-F5D3A440.pf'
[2010-03-22 20:31:15] - Matching default prefetch blacklist wildcard '*winject*-????????.pf'
[2010-03-22 20:31:15] - (Please check that there's actually a match, otherwise it's a false positive.)
|
UPDATE---- 8-8-2010
Quote:
[2010-07-30 23:51:18] - [Status] Spectator Fisken [ 017ef6b46f8cacc84127ea2d53bf3462 ] joined the game
[2010-07-30 23:51:37] - [INSECURE CLIENT] Fisken [ 017ef6b46f8cacc84127ea2d53bf3462 ] IP: 81.230.40.212 Security ID: 10 using v3369, security state: CheckClientClasses
[2010-07-30 23:51:37] - Found disallowed file(s) 'HelioS-Hook-v4.3.log'
[2010-07-30 23:51:37] - Matching default blacklist wildcard 'C:\HelioS-*'
[2010-07-30 23:51:37] - (Please check that there's actually a match, otherwise it's a false positive.)
[2010-07-30 23:51:39] - [Disconnect] Fisken [ 017ef6b46f8cacc84127ea2d53bf3462 ] IP: 81.230.40.212 Security ID: 10 using v3369
|
Quote:
[2010-07-17 19:00:53] - [Init] Rootmaschinen.de [ d2e187032f50224978680ffc8374a8f2 ] IP: 217.191.167.217 Security ID: 15 using engine version 3369 on Windows with D3DRenderDevice
[2010-07-17 19:01:27] - [INSECURE CLIENT] Rootmaschinen.de [ d2e187032f50224978680ffc8374a8f2 ] IP: 217.191.167.217 Security ID: 15 using v3369, security state: SecureDefaultSkins
[2010-07-17 19:01:27] - Found disallowed prefetch file(s) 'HELIOSHOOK.EXE-84F21926.pf'
[2010-07-17 19:01:27] - Matching default prefetch blacklist wildcard '*Helios*Hook*-????????.pf'
[2010-07-17 19:01:27] - (Please check that there's actually a match, otherwise it's a false positive.)
|
NOT Cheating, But worth noting, as winject does have other uses.
f5eb7f38396f7490ff88ac5b6689d901
Linked GUIDs
Quote:
39169 2010-04-16 17:11:50 [DD]Rasty 88.85.223.40 f79a957444e7279940699461ae9d10df
38785 2010-04-03 16:10:05 [DD]Rasty 88.85.223.40 f5eb7f38396f7490ff88ac5b6689d901
|
But f79a9 key is warez..
http://www.xraygaming.com/forums/showthread.php?t=1086
Quote:
[19:38] <{V][M}Bot> [00:53] Insecure Client: Poupon - disallowed prefetch file(s) 'WINJECT.EXE-19357ED2.pf'
[19:38] <{V][M}Bot> [00:49] Insecure Client: Poupon - disallowed prefetch file(s) 'WINJECT.EXE-19357ED2.pf'
--------------------------------------------------------------------------
[15:22] <{V][M}Bot> (05:56) {V][M}Some_Mate: pimpin, i see you have been using winject, may i ask why?
[15:22] <{V][M}Bot> (05:38) p!mp!n: exe mutator and patch making
[15:23] <{V][M}Bot> (05:07) p!mp!n: but i dont thinkt that i ask you to look for something on my hdd
[15:23] <{V][M}Bot> (05:03) {V][M}Some_Mate: what sort of patch, i ask because, normally it would be a ban
[15:23] <{V][M}Bot> (04:51) p!mp!n: for winject?
[15:23] <{V][M}Bot> [04:44] p!mp!n disconnected from the server
[15:24] <{V][M}Bot> [04:34] p!mp!n connected as spectator
[15:24] <{V][M}Bot> (04:20) p!mp!n: have lot of pe mutator
[15:24] <{V][M}Bot> (04:16) p!mp!n: extractor
[15:24] <{V][M}Bot> (04:09) p!mp!n: and injector on the hdd
[15:24] <{V][M}Bot> (04:03) p!mp!n: my brother is programmer
[15:24] <{V][M}Bot> (03:42) {V][M}Some_Mate: ok well i thought it better to ask  no problem
[15:24] <{V][M}Bot> (03:35) p!mp!n: hmm, okay
|
Last edited by Some_Mate : 4 Weeks Ago at 12:26 PM.
Reason: Updated
|
Linear Mode
