H@tKeysH@@k.dll and Information on Trainer Maker Kit (TMK)

Some of the information found on the internet suggested that game trainers created by the TMK will use a file called H@tKeysH@@k.dll to capture key presses and that this is the same as a trojan explained at TrendMicro.

I downloaded the TMK and created a trainer that did nothing but load in and display a message with a button, but the trainer didn't place the H@tKeysH@@k.dll file in the system directory. After this failure, I created a second trainer that still did nothing except that the button properties were changed to include a Hotkey combination and this change then put H@tKeysH@@k.dll into the system. In the help information for buttons it states ' Using hotkey add 20k to your final trainer '

I checked the file size against the information given by TrendMicro and found that they are exactly the same.

Information from TrendMicro

 'drops a DLL file H@tKeysH@@K.dll (20,480 Bytes).'

I do wonder how it is that these files have the same name and file size.

I checked System information > Software Environment > System Hooks to check that H@tKeysH@@k.dll closed down with the game trainer and I was pleased to see that it did.

The information at TrendMicro states that the Trojan is NOT in the wild, the Distribution potential is Low, Reported infections is Low and the Overall risk rating is Very Low. It also has a completely different way of infection/installation and says that it is Destructive.

I know of at least 2 freely available game trainers on the net that will place the H@tKeysH@@k.dll into your system directory and I have no doubt that there are many more.

Whether this file poses a security risk or just a way of monitoring key press combinations from inside the chosen game, there is no reason for you to allow the H@tKeysH@@k.dll to stay in the system directory. Why not delete it as the next time you use the trainer it will be put back or maybe only use game trainers that don't have it.