Yes 5020 table appears to fully work with 5021.Quote:
You could probably use 5020, since nothing was added besides textures, am I correct?
United Hackprogrammers Front(UHF)-CO2 Memory Tables
04/19/2008 07:36
joek#241
04/19/2008 08:07
stephanyd#242
Hi .. i just tried ma-global 5020 and DMA Defeats is disable.... so i go back to ma-global 5018
04/21/2008 12:46
VIP_007#243
KAV 6.0.2 alman.b Detected
04/21/2008 20:21
psych0zius#244
wtf's dat für?
04/21/2008 22:45
joek#245
Yes indeed the 5018 table works with client 5021 and if your using co2m8 with the DMA defeats on then you need to select the 5018 table.Quote:
LOL its a text table so it can't hold a virus infection, if your detecting a virus it probably in your system :rolleyes:Quote:
@psych0zius; if you don't know what its for you most likely wont need it :D
04/25/2008 20:43
cyberside0#246
Going to need a new memory table with the new patch 5022 :(
04/26/2008 09:29
joek#247
Yup I pre-ran 5022 and theres lots of changed, I will have to wait till the servers are on 5022 to see how bad it is.Quote:
The new scanner they introduced is a major concern as its just an excuse to scan memory, make sure you firewall it immediately so it can't update itself.
04/26/2008 14:38
nTL3fTy#248
Their "Anti-Trojan" seems like nothing to worry about. Made in VB6, all the strings is uses can be found in an INI file. The scanner is located in the folder zftqat and here are the strings:
Code:
[http] ;Official Website h01 = http://co.91.com ;Anti-Trojan Program h02 = ;Modify Password h03 = https://account.91.com/common/changepw.aspx?flag=co ;Anti-Trojan Program update h04 = http://safe.91.com/en_zf/updata.txt ;Anti-Trojan Program update history h05 = http://safe.91.com/en_zf/ [Language] h01 = Conquer Anti-Trojan Program, TQ h02 = Welcome to Anti-Trojan Scan Program, TQ h03 = This program can scan and delete trojans and viruses automatically. We strongly recommend you to run it before starting. h04 = Click 'Next' to scan and delete trojans and viruses. This is specifically for protecting your game client. Please continue to take anti-virus protection measures independently. h05 = Conquer Official Website h06 = We will try our best to make Conquer clean and safe. h07 = Do not click on any unsafe link. Do not download any unchecked program. Do not follow any instructions on bots. h08 = Note: This program is only made for Conquer to scan and delete trojans. h09 = Click to view history h10 = Forward h11 = Next h12 = Cancel h13 = Trojan and virus scanning. Will find and delete trojans automatically. Please wait. h14 = Display last login account ID. Yes/No? h15 = Run Windows Firewall. Yes/No? h16 = Attention! h17 = It is recommended that you run it before starting. To run manually, please download the program here: h18 = Scanning your system now... Will delete trojans and/or viruses when found. h19 = Conquer Account Protection h20 = To protect your account, we will scan and delete trojans regularly. You can play Conquer simulatneously. A report will be given after scanning. h21 = No trojans have ever been found. h22 = You have never scanned. h23 = You have not scanned today. h24 = Last Scan Date: h25 = TQ Security Center has released a patch. Update now? h26 = Scanning trojan... h27 = Found trojan and deleted. h28 = Found trojan and deleted. h29 = Scanning finished. h30 = No trojans detected. Enjoy Conquer. h31 = No trojans detected. h32 = Prevents trojans infecting Conquer. It is recommended that you run it before starting. h33 = Please wait, checking update now... h34 = Choose scan type: h35 = Security Warning: User name is shown on log on screen. h36 = Security Warning: Program execute file icon changed. h37 = Security Warning: This account has been locked. h38 = Security Warning: The regedit has been modified. h39 = Security Warning: Internet Explorer has been locked. h40 = Security Warning: Task manager has been locked. h41 = Security Warning: Windows firewall turned off. h42 = Security Warning: APPINIT_DLLS assigned keys changed. h43 = Scanning.You can play Conquer simultaneously. A report will be given after scanning. h44 = Report: h45 = Finish
04/26/2008 20:38
sum2#249
thanks +k
04/26/2008 21:31
ahmed soft#250
cocoooooooool man
04/26/2008 22:23
joek#251
Yeah its vb6, but don't think that automatically makes it safe though.Quote:
You will notice it talks to safe.91.com
It uses the MSINET control which of course allows receiving and sending.
Both TQAT.exe and its companion library updata.dll contain embedded encrypted data.
Its also self updating so could easily change from one run to the next,
thats why its in VB so they can easily change it and slot in new program names to look for.
So in my opinion its best to disable it by one method or another and run a real antispyware program and beside everyone should already be running one of those anyway.
04/29/2008 04:42
Real~Death#252
waiting for and update on the addresses ^_^
and thaks joek for finding them:)
when you get some free time could you explain how you find the address for zoom out,i havent figured that one out yet:::::lol I figured it out
and thaks joek for finding them:)
when you get some free time could you explain how you find the address for zoom out,i havent figured that one out yet:::::lol I figured it out
04/29/2008 07:40
Ulfius#253
Looks like
CharName=&H56BC64
OrdX=&H56FF80
OrdY=&H56BD14
ClientZoom=&H56A424 (Normal=256, Zoomed all the way in=512)
CharName=&H56BC64
OrdX=&H56FF80
OrdY=&H56BD14
ClientZoom=&H56A424 (Normal=256, Zoomed all the way in=512)
04/29/2008 07:45
cyberside0#254
well the name works. other than that I'm not sure about the others.
04/30/2008 00:13
Ulfius#255
I'm seeing some inconsistent results with my OrdX and OrdY addresses. I'll look into them later tonight.