Spiritual Healer AutoLeveler

Page 1 of 6 1 23 Last »
02/11/2007 10:55 leavemealone#1
Name: Conquer Online Spiritual Healer AutoLeveler
Author: Future (leavemealone)

Requirments:

* 2 LoverForEver Rings
* 3 Normal Rings (Use lvl 1 or 10 Rings Make things Cheap)

How To Set Up:

1. Put Your Sit Button to F2
2. Put Your Normal Rings on F3
3. Put Your Put Your LoveForEver Rings on F4
4. Set Your Current Skill to Spiritual Healing
5. Run Spiritual Healer AutoLeveler.exe
6. Have Fun!

*Note* Make Sure Both the LoveForEver Rings Are the Same
*Note* Make Sure Both the Normal Rings are the Same

*Note* Make Sure your mouse Curser is on the Conquer Screen if your Using Window.

*NOTE* This Macro Was Made with AutoIt & IM-Worm.Win32.Sohanad.t is Harmless which is part of AutoIt Please Read Here [Only registered and activated users can see links. Click Here To Register...]

Dont just Download and leave Please Give Me FeedBack.

Enjoy,
Future
02/11/2007 12:29 bombica23#2
very nice (can u make that program will stop if u press button ?) +k
02/11/2007 12:42 leavemealone#3
Ill try k, im new to this stuff...hehe
02/11/2007 13:49 rafi.14#4
nice... :cool:
02/11/2007 13:53 leavemealone#5
Thanks good to have some nice feedback.
02/11/2007 14:09 hepan#6
clean?
02/11/2007 14:19 leavemealone#7
Scan it, trust me its clean id do nothing to hurt the community. :D
02/11/2007 19:03 a1blaster#8
Quote:
Originally posted by bombica23+Feb 11 2007, 05:29--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td>QUOTE (bombica23 @ Feb 11 2007, 05:29)</td></tr><tr><td id='QUOTE'>very nice (can u make that program will stop if u press button ?) +k[/b]
<!--QuoteBegin--leavemealone@Feb 11 2007, 05:42
Ill try k, im new to this stuff...hehe[/quote]
I find you made this with AutoIt v3 so this might help you out with Stopping the program, I found in the (fag) for AutoIt v3.
Code:
If you want to make your script exit when you press a certain key combination then use the HotKeySet&#40;&#41; function to make a user function run when the desired key is pressed. This user function should just contain the Exit keyword.
Here some code that will cause the script to exit when CTRL+ALT+x is pressed&#58;

HotKeySet&#40;&#34;^!x&#34;, &#34;MyExit&#34;&#41;
...
...
; Rest of Script
...
...
Func MyExit&#40;&#41;
  Exit 
EndFunc
Now as far as scanning goes it's not going to look good because of the AutoIt v3.
So here goes, scan for the unrared file is>
Quote:
Complete scanning result of "Spiritual_Healer_AutoLeveler.exe", received in VirusTotal at 02.11.2007, 18:10:22 (CET).

Antivirus Version Update Result
AntiVir 7.3.1.36 02.09.2007 no virus found
Authentium 4.93.8 02.09.2007 no virus found
Avast 4.7.936.0 02.11.2007 no virus found
AVG 386 02.10.2007 no virus found
BitDefender 7.2 02.11.2007 no virus found
CAT-QuickHeal 9.00 02.09.2007 no virus found
ClamAV devel-20060426 02.11.2007 no virus found
DrWeb 4.33 02.11.2007 no virus found
eSafe 7.0.14.0 02.09.2007 suspicious Trojan/Worm
eTrust-Vet 30.4.3384 02.10.2007 no virus found
Ewido 4.0 02.11.2007 no virus found
Fortinet 2.85.0.0 02.11.2007 no virus found
F-Prot 4.2.1.29 02.09.2007 no virus found
F-Secure 6.70.13030.0 02.10.2007 no virus found
Ikarus T3.1.0.31 02.11.2007 IM-Worm.Win32.Sohanad.aa
Kaspersky 4.0.2.24 02.11.2007 no virus found
McAfee 4960 02.09.2007 no virus found
Microsoft 1.2204 02.11.2007 no virus found
NOD32v2 2053 02.11.2007 no virus found
Norman 5.80.02 02.09.2007 no virus found
Panda 9.0.0.4 02.11.2007 no virus found
Prevx1 V2 02.11.2007 no virus found
Sophos 4.13.0 02.08.2007 no virus found
Sunbelt 2.2.907.0 02.09.2007 no virus found
Symantec 10 02.11.2007 no virus found
TheHacker 6.1.6.056 02.11.2007 no virus found
UNA 1.83 02.09.2007 Worm.Win32.Sohanad.t
VBA32 3.11.2 02.10.2007 IM-Worm.Win32.Sohanad.t
VirusBuster 4.3.19:9 02.10.2007 no virus found


Aditional Information
File size: 200687 bytes
MD5: 3b30a96e38394951074ae9ff2330cff1
SHA1: 57fdb2651d4a3d9600b630042e4327bb37cee4c9
packers: UPX
packers: UPX
packers: UPX
I even decompressed the UPX, heres scan>
Quote:
Complete scanning result of "Spiritual_Healer_AutoLeveler.exe", received in VirusTotal at 02.11.2007, 18:03:55 (CET).

Antivirus Version Update Result
AntiVir 7.3.1.36 02.09.2007 no virus found
Authentium 4.93.8 02.09.2007 no virus found
Avast 4.7.936.0 02.11.2007 no virus found
AVG 386 02.10.2007 no virus found
BitDefender 7.2 02.11.2007 no virus found
CAT-QuickHeal 9.00 02.09.2007 no virus found
ClamAV devel-20060426 02.11.2007 no virus found
DrWeb 4.33 02.11.2007 no virus found
eSafe 7.0.14.0 02.09.2007 no virus found
eTrust-Vet 30.4.3384 02.10.2007 no virus found
Ewido 4.0 02.11.2007 no virus found
Fortinet 2.85.0.0 02.11.2007 suspicious
F-Prot 4.2.1.29 02.09.2007 no virus found
F-Secure 6.70.13030.0 02.10.2007 no virus found
Ikarus T3.1.0.31 02.11.2007 no virus found
Kaspersky 4.0.2.24 02.11.2007 no virus found
McAfee 4960 02.09.2007 no virus found
Microsoft 1.2204 02.11.2007 no virus found
NOD32v2 2053 02.11.2007 no virus found
Norman 5.80.02 02.09.2007 no virus found
Panda 9.0.0.4 02.11.2007 no virus found
Prevx1 V2 02.11.2007 no virus found
Sophos 4.13.0 02.08.2007 no virus found
Sunbelt 2.2.907.0 02.09.2007 no virus found
Symantec 10 02.11.2007 no virus found
TheHacker 6.1.6.056 02.11.2007 no virus found
UNA 1.83 02.09.2007 Worm.Win32.Sohanad.t
VBA32 3.11.2 02.10.2007 IM-Worm.Win32.Sohanad.t
VirusBuster 4.3.19:9 02.10.2007 no virus found


Aditional Information
File size: 417263 bytes
MD5: 089bcbab91784bb0e2f600489b86bdf6
SHA1: 6205b864cc98e11616550533b3309b74cf6395fd
As you can see getting rid of UPX changed the scan a little.
But the IM-Worm.Win32.Sohanad.t comes from the AutoIt v3.

I went to AutoIt v3 forum site>[Only registered and activated users can see links. Click Here To Register...] and found this there.>
Quote:
If you have been using AutoIt for any length of time you will know that it is a great, and powerful scripting language. As with all powerful languages there comes a downside. Virus creation by those that are malicious.

AutoIt has no virii installed on your system, and if a script you have created has been marked as a virus, (and you're not malicious) then this is a false positive. They found a set of instructions in an AutoIt EXE out there somewhere, took the general signature of the file, and now all AutoIt EXE's are marked (or most of them). This can be due to several reasons.
AutoIt is packed with UPX. UPX is an open source software compression packer. It is used with many virii (to make them smaller).
Malicious scripter got the AutoIt script engine recognized as a virus.
And I am sure there are more ways your executable could be marked, but that covers the basics.

Now I am sure you are wanting to know what you can do to get back up and running without being recognized as a virus. You have to send in a report to the offending AV company alerting them to the false positive they have made. It never hurts to send in your source code along with a compiled exe, to help them realize their mistake.

You may have to wait up to 24 hours for them to release an update. The time it takes really depends on the offending AV company.

Anti-Virus Links
AntiVir
Website
Contact
Avast!
Website
Contact
McAfee
Website
Contact (email address)
Symantec (Norton)
Website
Contact
AVG
Website
Contact (It says sales or other ?'s I assume this will work)
ClamWin
Website
Contact
ClamAV
Website
Contact (I would only contact the ones with "virusdb maintainer or virus submission management")
BitDefender
Website
Contact
ZoneLabs
Website
Contact
Norman
Website
Contact (email address)
eSafe
Website
Contact (login required)
A2 (A-Squared)
Website
Contact (email address)
Edit: Added Website links and Contact links.

I hope this helps you understand why your AutoIt executables are marked as virii.
JS
The list of AV sites where links but they don't copy and paste over.

I know that it's just a macro because I used Exe2Aut.exe to decompile it and found nothing wrong. Just a .au3 script file. Like I siad before it's the AutoIt v3 that causes the faulse possitive.

So either live with the flack you'll get or do as they say above and write all the AV sites. LOL
Maybe think of some other macro program to use, would be another choice.
02/11/2007 20:44 leavemealone#9
Its harmless from what i know... Because its what happens when i compile with it so it aint me puttting shit in.
02/11/2007 20:49 a1blaster#10
Quote:
Originally posted by leavemealone@Feb 11 2007, 13:44
Its harmless from what i know... Because its what happens when i compile with it so it aint me puttting shit in.
If you would read what I posted thats what this means>
But the IM-Worm.Win32.Sohanad.t comes from the AutoIt v3.
02/11/2007 21:17 leavemealone#11
Quote:
Originally posted by a1blaster+Feb 11 2007, 20:49--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td>QUOTE (a1blaster @ Feb 11 2007, 20:49)</td></tr><tr><td id='QUOTE'> <!--QuoteBegin--leavemealone@Feb 11 2007, 13:44
Its harmless from what i know... Because its what happens when i compile with it so it aint me puttting shit in.
If you would read what I posted thats what this means>
But the IM-Worm.Win32.Sohanad.t comes from the AutoIt v3. [/b][/quote]
Yea thanks for posting that, because i didnt wanna be made out to be a scammer, or hacker or some shit lol.
02/12/2007 15:57 Pastetas#12
How many rings i need to have?lol
02/12/2007 20:51 dannyoreilly#13
what if u dnt hav a love forever ring
02/12/2007 21:24 leavemealone#14
You need a love4ever ring so it takes ur max hp up, so then u get exp for using Spiritual Healing.
02/12/2007 22:12 jjn#15
Can't use it with other items? Because love4ever rings are not availible in my server :S
Page 1 of 6 1 23 Last »