EasyMap for Diablo II v1.1 - Release

[miltyur]

the the reply for easymap plz!!!!!!!

oops i mean post the link for easymap plz!!!!!!!!

[Dark.Zero]

do we know for sure that its backdoored for sure??? or we just assuming..... bc a lot of people checked it and came up with nothing

[Shady772]

The bnet fourms actually have a topic or two about this maphack..if u search around for it on there im sure u can find it....People on there are saying stay away from it (even more than the normal bnet reps condeming the usual maphack) lol

[Nightbreed]

This mh works pretty well and so far i still have my accounts, but you have to hit - to reveal map everytime you go to a new area which is rather annoying

[lopolop]

i deleted the files.. but just to be sure can someone give me the list of files in it so i can do a search on my computer to delete them....

[Cauhtemoc]

Reposting so that it'll actually get read:

DELETE ALL TRACES OF THIS MAPHACK.

Netter will always be the same. =\

http://www.battle.net/forums/thread....=new&tmp=1#new

I just saw that thread as well. What has been reported there, however, is from one single person. No one else has noticed anything even similar to that. The guy even said that the report may have been false, and he only posted it because he didn't want to take any chances.

I have done what I can to check the program out, and I can assure you that it does not contain any 'normal' keylogger (it does not, in any way, record any keystrokes what so ever).

What I cannot assure you of, however, is that it doesn't send out any data, perhaps containing your account name and password, but if that's the case, then that only applies to Diablo, and nothing else (hence, changing your Diablo passwords will be enough).

I checked it with at least 10 different packet sniffers before I posted this topic, just to make sure that the file was clean in every way possible, but Jan is an amazing coder, far better than myself, and possibly some variable transmission coding on his side to vary the delay in sending data prevented any of this from being detected (that is, assuming it does send out packages, which still is uncertain).

Jan made a maphack, that's for sure, but whether or not it has a backdoor is still a mystery.

All links on the first topic has been removed, and until this is cleared up, stay away from this program!

wow, netter sure is mean, but cant any1 here jus take that process out that can take our stuff?

It's still uncertain whether or not it does actually record your passwords, but if it's true, this is hidden deep as hell within the coding, and disguised incredibly well. It would be easier to just wait for mousepad's maphack.

[Bioxx]

LMAO, some people I swear. This thing has been scanned by every AV tool known to man and no-one has found anything wrong with it, don't assume anything. Yeah netter is a dumbass for doing what he did, but at the moment this thing works, I'll bet the only reason why mousie is taking so long is cause he's just trying to devise a way to stop the cracking of his file. I don't like that greedy bastard. I knwo I'll prolly get flamed by his fanboi's but oh well. this is what we have for now, and with the ladder reseting soon, it's just in time. Until someone says otherwise, this is a clean file. Innocent until proven guilty.

[shadowphoenix]

A backdoor or keylogger program might not always register as a virus(no "malicious code"). They sell programs that let u monitor keystrokes(meant to watch over little kids, or the cheating spouse:) and also ones that open ports to communicate (pcanywhere) and none of them are bothered by AV programs.

BTW I saw a post somewhere bout it openin a port for OUTGOIN data that normally isn't open by the game, suspicious much?

[Bioxx]

well if anyone had any proof of this than i'd concede my point but something wierd might happen on someones computer and they'll instantly blame it on this mh, just because of his record, which isn't fair to him, or anyone else whom might quit using this prog just because of an inadvertant error.

[psychobolt]

Scanned it on http://www.ravantivirus.com/scan/indexn.phpDoesn't have trojans and viruses, can somebody confirm?

[LostTrance]

LMAO, some people I swear. This thing has been scanned by every AV tool known to man and no-one has found anything wrong with it, don't assume anything. Yeah netter is a dumbass for doing what he did, but at the moment this thing works, I'll bet the only reason why mousie is taking so long is cause he's just trying to devise a way to stop the cracking of his file. I don't like that greedy bastard. I knwo I'll prolly get flamed by his fanboi's but oh well. this is what we have for now, and with the ladder reseting soon, it's just in time. Until someone says otherwise, this is a clean file. Innocent until proven guilty.

In order to find a backdoor you cant just scan it with a AV. You need a decompiler and have to read through it line by line to find it. At least I think, correct me if I'm wrong.

[Cauhtemoc]

In order to find a backdoor you cant just scan it with a AV. You need a decompiler and have to read through it line by line to find it. At least I think, correct me if I'm wrong.

No, that's very much correct. It's not as simple as it seems however, Jan is an amazing programmer, and if he wanted to hide something from being found, then there would be little to nothing anyone can do, unless you were to go through offset by offset, which would probably take a week at least.

If it does contain a backdoor, then it's hidden deep as hell within the coding, and disguised incredibly well.

Jan has made a maphack, that's for sure, but whether or not it has a backdoor is still a mystery.

[jedimaster86]

don't assume anything.

This saying can go either way; it's true that you can't really assume that it doesn't have a backdoor on it, but you can't also assume that it doesn't have a backdoor on it.

Innocent until proven guilty.

The only thing here is that netter has certainly been proven guilty in the past; lets say Osama bin Laden walked right into the US and wanted to do something good, how many of us would believe him? (i know his terrorist crimes were far worse then netter's crimes, but it's just meant to be relative).
--------------------------------
However, if you guys seem to really want the file that bad and don't care about heeding any of our warnings, there are other places to find it. Here at d2sector we don't want to put up a link to a file that could even have a chance of containing some malicious code that would love to chomp on your computer; we need to be absolutely sure that it is clean before distributing a link. Sadly, but for its just reasons, netter is not one of the more well-liked people out there due to his earlier actions; that created a type of negative profiling on him that will never be erased.

[hawktheslayer]

I don't know about his crimes in the past but, I'll still play the new ladder without MH, I can live with it. If it comes a hassel that I can't find places though, I might try this.

Speaking of Osama bin Ladin...

I heard that he tried to buy cocaine from Columbian Drug Lords, spike it with poison, and ship it into the United States hoping to kill thousands even millions. Lol they wouldn't sell it to him though... then he tried to get heroin and I think he got some too :-D

^ That was just very offtopic but w/e lol.

[maistyle2k]

STAY AWAY FROM THIS. Although the no trojans/viruses seem to be detected on this, we can obviously tell the effort he put into this has been poor for one. Two, there are tons of loggers/backdoors that do not get detected as anything suspicious. And I have also noticed that just recently I have been getting more "your cd-key is in use" bull-crap. This may obviously be coincidence, but I really believe there may be something to watch for here..especially with this guys reputation.

[cyberfire2k4]

BTW I saw a post somewhere bout it openin a port for OUTGOIN data that normally isn't open by the game, suspicious much?

yea, the thing is though, just because you read something on the internet it dosent make it true... many programs use port 1010 including, but not limited to AoL, Trillian, older versions of ICQ, Edonkey, Emule, Napster, Kazaa, and Gnutilla clients, and BitTorrent...

So, lets assume he was telling the truth, he /she could have also had a program running in the background, maybe its just me but i have music playing in the background, and at least 1 web browser open...

Anyways, i used it... its a good filler untill a better one can be found, meh...

Also, just run a software firewall and have it log all connections, i have been using it for a few nights now and i have not yet seen any suspicious activity... i use ZoneAlarm and a hardware firewall with max security settings... YMMV

--Cyberfire

[pharlab]

Can someone plz post LINK to where i can get this maphack .....

Thx

[maistyle2k]

I have not downloaded anything in the past two days besides this, and my cd-key has been in use for about 30 minutes now. This also happened last night. Sorry, but I really dont believe you guys should be trusting a person like Netter. People act like they have turned good, just to get under you. Once a scammer, always a scammer. Btw, just because trojans/ viruses are not detected with your scanners, does not mean anything. A talented programmer would be able to disguise malacious coding like hot-knife through butter. You guys really think a person who would steal hundreds of accounts in the past, and sell them for cash, would turn good. Nice try.

[Guju-]

Ok this map hack is shit... FIRST, IF YOU USE IT... it will **** up your battle.net connection (if you want to know if it did it to you or not go check this file in your d2folder bnetlog.txt... open it check if the ip of the server is 127.0.0.1. IF IT IS YOU R FUDK UP and do what im telling here.)

BY THE WAY, I DIDNT WROTE THIS.

The problem is that there is an cheat on your machine, either maphack or D2loader is my guess as these are the usual suspects for this problem, you see the creators of these programme buried a few things in them, like a spam bot, a key logger a dialer and a small programme that when "triggered" online sends your details of to the trigger holder and then changes the IP into a local loopback address so you cannot get online until they have stripped all the characters.
IF you are lucky, they may not have got around to you yet, if not, then all your stuff belongs to them (along with any credit card numbers that you have used on that machine)
Now the thing to do is get rid of the cheat, TOTALLY! That includes the zip file you downloaded, then reinstall D2 as you have got the programme buried in there probably, and HOPE that they have not been on and stripped your characters, oh, and change your password AND the password to your email account AFTER you have cleaned yourself up (and don't bother saying you did not cheat, 127 does NOT happen byitself).
AFTER cleaning up, go online, go into chat, change channel to "ghvfghsm" or something silly andwait there for AT LEAST 2 minutes without doing ANYTHING! If you get the message "noone hears you" you didn't clean your machine well enough.


Get rid of MapHack/D2loader, INCLUDING the .zip file you originally downloaded.
Download stand-alone patch ONLY get the ONE you NEED, put it in “my documents”:
D2
http://www.blizzard.com/support/?id=msc0387p
Lod
http://www.blizzard.com/support/?id=mdt0387p
Uninstall the game.
Delete of the game folder COMPLETELY
Get rid of the registry keys***.
Scan disk.
Defragment your HD.
Install game.
Patch game OFFLINE.
Connect

***UNINSTALL the game first Start>Run>regedit
IF there is ONLY diabloII on the machine then you can get rid of the whole of the battle.net and Blizzard entertainment branches in ALL HKEYS, otherwise.
>HKEY_CURRENT_USER>Software>Blizzard Entertainment> DiabloII highlight and delete.
>HKEY_CURRENT_USER>Software>Battle.net > diabloii battle.net gateways, highlight, delete.

Now we need to know if you have Starcraft or Warcraft 3 installed, IF YOU DO, be CAREFUL with these steps or you could end up reinstalling all 3 games!
Then look in
>HKEY_LOCAL_MACHINE> Software>Blizzard entertainment> DiabloII highlight, delete
HKEY_LOCAL_MACHINE> Software> Battle.net Highlight, delete

If any or all of these keys can not be found, do NOT worry, some of them may have been removed during the uninstallation process.

Remove the illegal program(s) from your computer.

Run these scans, or similar:

Trend Micro free virus scan:
http://housecall.trendmicro.com/housecall/start_corp.asp

Spybot Search and Destroy:
http://www.safer-networking.org

Adaware SE:
http://www.lavasoft.de

SpySweeper:
http://www.webroot.com


Reset your server list. To do this automatically:
http://ftp.blizzard.com/pub/misc/BattleNet.zip
(ask if you’d rather do this manually)

Try to connect to battle.net now. If you are still not able to, check your "hosts" file. To do so:

Click on Start then Search or Find files and folders to search your hard drive for a specific file.
In the file name field, type the word "hosts" (without the quotes) and search for that file.
Once Windows has found this file, you may want to make a backup copy and name it hosts.bak.
Double-click the hosts file (not the backup) and choose to open it using Notepad.
The term ".battle.net" should not appear anywhere in this document.

* If you see any ".battle.net" entries, please delete them.

Close the Notepad document and choose Yes when it asks you if you want to save the file.

* Once you can connect, change all of your account passwords. Also note that your cd keys are now in danger of any loggers that may have come with whatever was installed.

AND THEN YOU WILL BE ABLE TO RECONNECT. BY THE WAY **** YOU NETTER.


Edit : Listen to me... WAIT 4 MOUSEPAD ...

[Yawgy]

Thanks a ton Guju- for the info on how to get rid of it, I just uninstalled everything and did as you said. I checked my account, changed the passwords, and everything is fine thanks to those instructions.

~Yawgy