Official V3n0M Thread

Queen-Of-Evil · 08/10/2007, 02:13

Most suspicious thing is :
AhnLab-V3 2007.8.9.2 2007.08.09 -
AntiVir 7.4.0.57 2007.08.09 -
Authentium 4.93.8 2007.08.09 -
Avast 4.7.1029.0 2007.08.09 -
AVG 7.5.0.476 2007.08.09 -
BitDefender 7.2 2007.08.10 -
CAT-QuickHeal 9.00 2007.08.09 -
ClamAV 0.91 2007.08.10 -
DrWeb 4.33 2007.08.10 -
eSafe 7.0.15.0 2007.07.31 suspicious Trojan/Worm
eTrust-Vet 31.1.5045 2007.08.09 -
Ewido 4.0 2007.08.09 -
FileAdvisor 1 2007.08.10 -
Fortinet 2.91.0.0 2007.08.10 -
F-Prot 4.3.2.48 2007.08.09 -
F-Secure 6.70.13030.0 2007.08.09 -
Ikarus T3.1.1.12 2007.08.09 not-a-virus:Client-IRC.Win32.mIRC.603
Kaspersky 4.0.2.24 2007.08.10 -
McAfee 5094 2007.08.09 -
Microsoft 1.2704 2007.08.10 -
NOD32v2 2448 2007.08.10 -
Norman 5.80.02 2007.08.09 -
Panda 9.0.0.4 2007.08.09 -
Prevx1 V2 2007.08.10 -
Rising 19.35.33.00 2007.08.09 -
Sophos 4.19.0 2007.08.01 -
Sunbelt 2.2.907.0 2007.08.10 -
Symantec 10 2007.08.10 -

HMMMmmmmmm,,,, Top one Says SUSPISIOUS cause it uses ADVANCES Heuristics for POSSIBLE THREATS..... the bottom one Knows its a Mirc based communication protocal (* Thats Java for you *) and therefore knows its safe... Learn to understand what your reading, only KIDS like you would gain any satisfaction from wasting time with virus!. I Mean what is this 1998?, I was back in the hacking scene when Virus WHERE around, back then it was "ooohhhh ahhhhhhhh", Now its everybodies out to "infect" everyone else or something.... I mean GROW UP! Id hardly waste my time putting togther a team, making a project and loosing sleep over doing something as pathetic as that.

And as for other backdoors... well i know for a fact that the Nproxy core was clean, cause i PERSONALLY cleaned it for myself for PERSONAL use LONG BEFORE I even thougt about the V3n0M Idea, and I made sure then it was safe. Only other additions have been the Edited Official TQ 4353 Patch (* Are you accusing THEM then? *) The *M*s Multihack and Lake292s files (* Or are you accusing them? *). You see your blatent lies are offence, for you in your attempt at flaming me have insulted other peaple aswell!.

InsaneDeath · 08/10/2007, 02:18

Quote:

Originally posted by Queen-Of-Evil@Aug 10 2007, 02:13
Most suspicious thing is :
AhnLab-V3 2007.8.9.2 2007.08.09 -
AntiVir 7.4.0.57 2007.08.09 -
Authentium 4.93.8 2007.08.09 -
Avast 4.7.1029.0 2007.08.09 -
AVG 7.5.0.476 2007.08.09 -
BitDefender 7.2 2007.08.10 -
CAT-QuickHeal 9.00 2007.08.09 -
ClamAV 0.91 2007.08.10 -
DrWeb 4.33 2007.08.10 -
eSafe 7.0.15.0 2007.07.31 suspicious Trojan/Worm
eTrust-Vet 31.1.5045 2007.08.09 -
Ewido 4.0 2007.08.09 -
FileAdvisor 1 2007.08.10 -
Fortinet 2.91.0.0 2007.08.10 -
F-Prot 4.3.2.48 2007.08.09 -
F-Secure 6.70.13030.0 2007.08.09 -
Ikarus T3.1.1.12 2007.08.09 not-a-virus:Client-IRC.Win32.mIRC.603
Kaspersky 4.0.2.24 2007.08.10 -
McAfee 5094 2007.08.09 -
Microsoft 1.2704 2007.08.10 -
NOD32v2 2448 2007.08.10 -
Norman 5.80.02 2007.08.09 -
Panda 9.0.0.4 2007.08.09 -
Prevx1 V2 2007.08.10 -
Rising 19.35.33.00 2007.08.09 -
Sophos 4.19.0 2007.08.01 -
Sunbelt 2.2.907.0 2007.08.10 -
Symantec 10 2007.08.10 -

HMMMmmmmmm,,,, Top one Says SUSPISIOUS cause it uses ADVANCES Heuristics for POSSIBLE THREATS..... the bottom one Knows its a Mirc based communication protocal (* Thats Java for you *) and therefore knows its safe... Learn to understand what your reading, only KIDS like you would gain any satisfaction from wasting time with virus!. I Mean what is this 1998?, I was back in the hacking scene when Virus WHERE around, back then it was "ooohhhh ahhhhhhhh", Now its everybodies out to "infect" everyone else or something.... I mean GROW UP! Id hardly waste my time putting togther a team, making a project and loosing sleep over doing something as pathetic as that.

And as for other backdoors... well i know for a fact that the Nproxy core was clean, cause i PERSONALLY cleaned it for myself for PERSONAL use LONG BEFORE I even thougt about the V3n0M Idea, and I made sure then it was safe. Only other additions have been the Edited Official TQ 4353 Patch (* Are you accusing THEM then? *) The *M*s Multihack and Lake292s files (* Or are you accusing them? *). You see your blatent lies are offence, for you in your attempt at flaming me have insulted other peaple aswell!.

For someone who only wants to develop this, you seem highly offended.
I have not made any attempt whatsoever to flame you, only posting what I know to be facts.

There IS a trojan in there, my antivirus is not overreacting, and you need to go fuck yourself because you're just another person here to make a quick buck.

Queen-Of-Evil · 08/10/2007, 02:29

Ok sure, whatever you say, while im actually trying to help peaple you and anyone else who reads a Comodo Trojan warning,,, READ THERE OFFICIAL THREAD ABOUT THE FAKE WARNINGS HERE!!!

It IS A KNOWN FAKE ERROR!!!

If you spent as much time being "Paranoid Android" researching your "Ubor Haxorz Evilizt planz" As getting all excited, yourd see what a fool yourve been... my request for the warning stands... I did attempt to resolve this with you, but you "Knew" Better,

*Edit* Dm and everyone else here can assure you im always easily offended and highly "Temperd"... Its my way :uglylol:

Dilthor · 08/10/2007, 03:17

ummmmmm whats wrong with this error Queen...

"application failed to initialize error(oxc000135) something"

raiceforsas · 08/10/2007, 03:18

Well if there was a trojan or something why we don't see postings about accounts that gotten hacked?

a1blaster · 08/10/2007, 03:28

Ok, enough!

The scans are showing bad because of Clickteam Install Creator that queen is using to make it self installing.<hr>Here's my scans.
[*]First, unedited V3n0M-4353-Build2.exe>>>

Quote:

File V3n0M-4353-Build2.exe received on 08.10.2007 01:37:26 (CET)Antivirus Version Last Update Result
AhnLab-V3 2007.8.9.2 2007.08.09 -
AntiVir 7.4.0.57 2007.08.09 -
Authentium 4.93.8 2007.08.09 -
Avast 4.7.1029.0 2007.08.09 -
AVG 7.5.0.476 2007.08.09 -
BitDefender 7.2 2007.08.10 -
CAT-QuickHeal 9.00 2007.08.09 -
ClamAV 0.91 2007.08.10 -
DrWeb 4.33 2007.08.10 -
eSafe 7.0.15.0 2007.07.31 suspicious Trojan/Worm <-More then likely because of UPX packer that is used! This is know false possitive.
eTrust-Vet 31.1.5045 2007.08.09 -
Ewido 4.0 2007.08.09 -
FileAdvisor 1 2007.08.10 -
Fortinet 2.91.0.0 2007.08.10 -
F-Prot 4.3.2.48 2007.08.09 -
F-Secure 6.70.13030.0 2007.08.09 -
Ikarus T3.1.1.12 2007.08.09 not-a-virus:Client-IRC.Win32.mIRC.603 <-It states not-a-virus. What do you think that means?
Kaspersky 4.0.2.24 2007.08.10 -
McAfee 5094 2007.08.09 -
Microsoft 1.2704 2007.08.10 -
NOD32v2 2448 2007.08.10 -
Norman 5.80.02 2007.08.09 -
Panda 9.0.0.4 2007.08.09 -
Prevx1 V2 2007.08.10 -
Rising 19.35.33.00 2007.08.09 -
Sophos 4.19.0 2007.08.01 -
Sunbelt 2.2.907.0 2007.08.10 -
Symantec 10 2007.08.10 -
TheHacker 6.1.7.166 2007.08.09 Backdoor/mIRC-based.d <-After searching web no know definition can be found for this.
VBA32 3.12.2.2 2007.08.09 -
VirusBuster 4.3.26:9 2007.08.09 -
Webwasher-Gateway 6.0.1 2007.08.09 -

Additional information
File size: 3571817 bytes
MD5: b9291890f0f939792dd4c67fa9d1d703
SHA1: 4d44228dc9d7980760833acd4f888b8e6257a394
packers: UPX
packers: UPX, ZLIB
packers: UPX

[*]Second, a scan of just a .rar file made of all included in the above install file>>>

Quote:

File Conquer_2.0.venom.rar received on 08.10.2007 01:38:41 (CET)Antivirus Version Last Update Result
AhnLab-V3 2007.8.9.2 2007.08.09 -
AntiVir 7.4.0.57 2007.08.09 -
Authentium 4.93.8 2007.08.09 -
Avast 4.7.1029.0 2007.08.09 -
AVG 7.5.0.476 2007.08.09 -
BitDefender 7.2 2007.08.10 -
CAT-QuickHeal 9.00 2007.08.09 -
ClamAV 0.91 2007.08.10 -
DrWeb 4.33 2007.08.10 -
eSafe 7.0.15.0 2007.07.31 -
eTrust-Vet 31.1.5045 2007.08.09 -
Ewido 4.0 2007.08.09 -
FileAdvisor 1 2007.08.10 -
Fortinet 2.91.0.0 2007.08.10 -
F-Prot 4.3.2.48 2007.08.09 -
F-Secure 6.70.13030.0 2007.08.09 -
Ikarus T3.1.1.12 2007.08.09 -
Kaspersky 4.0.2.24 2007.08.10 -
McAfee 5094 2007.08.09 -
Microsoft 1.2704 2007.08.10 -
NOD32v2 2448 2007.08.10 -
Norman 5.80.02 2007.08.09 -
Panda 9.0.0.4 2007.08.09 Suspicious file <-Just that suspicious, result from probable hueristic scan.
Rising 19.35.33.00 2007.08.09 -
Sophos 4.19.0 2007.08.01 -
Sunbelt 2.2.907.0 2007.08.10 -
Symantec 10 2007.08.10 -
TheHacker 6.1.7.166 2007.08.09 -
VBA32 3.12.2.2 2007.08.09 -
VirusBuster 4.3.26:9 2007.08.09 -
Webwasher-Gateway 6.0.1 2007.08.09 -

Additional information
File size: 3211201 bytes
MD5: c1dde3948591f64f07e0b3e3ffcd25b5
SHA1: 2c95f6d8c8b4ac137384b60a6d3e5543fdb76d01

[*]Third, Self install made by me using Clickteam Install Creator >>>

Quote:

File Mytest.exe received on 08.10.2007 01:29:50 (CET)Antivirus Version Last Update Result
AhnLab-V3 2007.8.9.2 2007.08.09 -
AntiVir 7.4.0.57 2007.08.09 -
Authentium 4.93.8 2007.08.09 -
Avast 4.7.1029.0 2007.08.09 -
AVG 7.5.0.476 2007.08.09 -
BitDefender 7.2 2007.08.10 -
CAT-QuickHeal 9.00 2007.08.09 -
ClamAV 0.91 2007.08.10 -
DrWeb 4.33 2007.08.10 -
eSafe 7.0.15.0 2007.07.31 suspicious Trojan/Worm
eTrust-Vet 31.1.5045 2007.08.09 -
Ewido 4.0 2007.08.09 -
FileAdvisor 1 2007.08.10 -
Fortinet 2.91.0.0 2007.08.10 -
F-Prot 4.3.2.48 2007.08.09 -
F-Secure 6.70.13030.0 2007.08.09 -
Ikarus T3.1.1.12 2007.08.09 not-a-virus:Client-IRC.Win32.mIRC.603
Kaspersky 4.0.2.24 2007.08.10 -
McAfee 5094 2007.08.09 -
Microsoft 1.2704 2007.08.10 -
NOD32v2 2448 2007.08.10 -
Norman 5.80.02 2007.08.09 -
Panda 9.0.0.4 2007.08.09 -
Prevx1 V2 2007.08.10 -
Rising 19.35.33.00 2007.08.09 -
Sophos 4.19.0 2007.08.01 -
Sunbelt 2.2.907.0 2007.08.10 -
Symantec 10 2007.08.10 -
TheHacker 6.1.7.166 2007.08.09 Backdoor/mIRC-based.d
VBA32 3.12.2.2 2007.08.09 -
VirusBuster 4.3.26:9 2007.08.09 -
Webwasher-Gateway 6.0.1 2007.08.09 -

Additional information
File size: 3739358 bytes
MD5: fc2d1e005c2c38d7d75706189c3f541d
SHA1: c17872049abd9f4ca1dd99e902a67f9aa8fe75d9
packers: UPX
packers: UPX, ZLIB
packers: UPX

You'll see that the bad scans are back. There coming from Clickteam Install Creator being used to make the self install program.
The size difference your seeing is because I used different pictures and icons to make my file, plus there is one extra folder from decompiling the QOProxy.jar which is just lakes edited proxy.

@Queen-Of-Evil > Now my 2 cents on the files that you do include in the install program.
Why include all the extra files?
All that is needed to run V3n0M are[*]Conquer.exe[*]V3n0M-Lite.exe[*]v3n0m01.ini[*]key1a.dat[*]key1b.dat[*]Server.dat[*]version.dat[*]conquer.ico[*]tqzf.ico[*]V3n0M.ico[*]itemz.txt[*]V3n0M-4353-Build2.txt
Maybe including Lakes stuff if he wants added to this project.[*]qoproxy.ini[*]QOProxy.jar[*]itemz.txt

Leave the other stuff out.
Your installing a old COtobo.dll that will over write a fixed one if it is installed.
How do you know if somebody doesn't want to keep the Minimaps they have now, instead of the ones you include?
Why is there a ItemType.txt (decrypted itemtype.dat) which your putting in the wrong folder anyhow?
You install M's Multihack v1.14.exe but make no mention of it or include a shortcut to it.
The ma-global.inf you install in the wrong place, needs to be in the C:\ root directory.
You install other .ini's that belong to other programs you don't include, which will over write the ones that somebody is already using.

In conclusion just include the stuff that is relevant to V3n0M.
The other programs can be updated when the person wants to, by going to the thread that they got the original program from.
Your attempting to make a hack pack.
That really isn't a good idea. Makes allot of work for you to keep up to date.
Plus people won't know where to go for the support of the programs.

Recommendations:[*]Just include the stuff you need for your project.[*]Don't make it self install.[*]Make good instructions on what to do.[*]If you can't handle the questions being posted in threads or have the temperament to handle them, then stop your project here.

I'll be PMing you about questions on V3n0M-Lite.exe anyhow.
I finally got around to comparing the hex coding of V3n0M-Lite.exe and Nproxy.exe.
Besides decompiling it and having questions about what was left in.

Queen-Of-Evil · 08/10/2007, 04:02

------> @Queen-Of-Evil > Now my 2 cents on the files that you do include in the install program.
Why include all the extra files?
All that is needed to run V3n0M are

Conquer.exe

V3n0M-Lite.exe

v3n0m01.ini

key1a.dat

key1b.dat

Server.dat

version.dat

conquer.ico

tqzf.ico

V3n0M.ico

itemz.txt

V3n0M-4353-Build2.txt
Maybe including Lakes stuff if he wants added to this project.

qoproxy.ini

QOProxy.jar

itemz.txt

*Repsponce: this is the whole IDEA, that its a simple LARGE download package so peaple can do ONE download and thats it, no need to scour the forums, and with other constant updates being done to maintain it... this isnt some little "Tool" Its a package,,, the readme/cntents clearly implies this...

------------> Why is there a ItemType.txt (decrypted itemtype.dat) which your putting in the wrong folder anyhow?

*Responce: The ItemType.txt is used for the edited autohunter, its how we choose to use the files...

------------> You install M's Multihack v1.14.exe but make no mention of it or include a shortcut to it.
The ma-global.inf you install in the wrong place, needs to be in the C:\ root directory.

*Responce: ACTUALLY It does install there,,, shouldve checkd a1, I made it default to the C:\ drive unlike the rest

As for the overwriting, thatll be changed for asked overwrites, or a backup feature will be added.... It IS a Pack and a Conversion in Process. As for the additions of M's multi hack, that was simply because A) *M* said it was ok, and B) Its a Favorite tool for most peaple. Keeping it updated is just a case of him sending it to me over MSN, as where already on each others list. The program WILL have a self installer and WILL have the Un-installer working correctly... Im well aware of attempting to keep the Project updated thats why theres other peaple aside from me working on it!. I Have kept restraint as far as DM has allowed, have refrained from use of Profanities or Gross flaming, and followed correct procedures by reporting FAKE readings which you yourself have confirmed are FAKE readings.

Sorry to sound angry but this is ridiculous, you try helping peaple and just get peaple mouthing of from all angles...

Tw3ak · 08/10/2007, 04:19

LOL this totally explains now why people are pmin me tellin me my cotobo worked yesterday or even days before and it isn't now ect ect i bet they are downloading this and when they install it,there overwriting my fixed cotobo for queens non working outdated one in this installer thus why it doesn't work anymore for them afterwards.Thx A1 i'll have a few answers for a few people in my thread now.

And further more i dunno if this is flaming or not i think it's just stating my opinions so here goes.

and those opinions are

1 queen is hypin herself out to be alot more of a big thing then she really is programming wise or anything else..And i state this for 2 reasons.( no offense queen )

1) venom is nothing more then a edited nproxy nothing compiled herself or fixed for that matter..Which is why it doesn't work right anyway because she doesn't know how to fix it after 4353.

2) Venom beta( lakes edition ) the 2nd choice it installs again i find to be nothing queen did other then add lakes proxycode to the installer and if indeed it's a recompiled version of lakes i'm sure someone else told her/showed her the code to fix because she stated herself she didn't know how to fix it ..again nothing she did herself other then add lakes proxy to a installer..So basically she's braggin about this and that like she's some bigtime hacker lol when all i see is basically a scam artist getting +k for others work other then her own i have seen nothing that has impressed upon me that she is any smarter then a rock when it comes to coding/developing anything...Maybe she knows packet and packet editing who knows but other then that i seriously doubt especially when it makes no sense to say you know packet editing yet in another thread say ya dunno how to fix a proxy enless someone is willing to show ya what to fix which is odd considering that majority of it uses packets lol.
And i have to agree with A1 on this that all this installer does is cause people problems when it has soo many OTHER peoples work added into a installer and when they run it all they dunno why something doesn't work because it is bloated with too much garbage.

If people were smart they would just use Lakes official proxy and be done with it and quit messin with this sloppy installer ****.

Queen-Of-Evil · 08/10/2007, 04:28

Umm Tw3ak,, its well known it worked FINE before 4353, and caff himself no longer has the source, as weve already discussed a Full de-compile produces 2 class files only instead of 8 cause caff collapsed the file tree when he made it then used a packer to scramble the code... check it in hex and yourll see "packing" for ages near the bottom. Therefore its UN-Fixable, Lakes proxy was used first as a direct install cause peaple wanted a Aimbot, and they like his proxy, but his Autohunt sux and Nproxys FTW, so simple solution is to have both.

The inclusion of the old Cotobo.dll was a simple oversight showing that it clearly all came directly from the CO folder itself i was using. Self installer stays, My CO folder is clutterd to hell cause no-one else uses self installers, Ive fixed the un-installer, and It no longer automatically overwrites map files.

Botter2daMax · 08/10/2007, 06:20

Maybe in the install process let the user decide what to install and what not to install useing check box's or something.

IRC.Win32.mIRC.603

mIRC version 6.03 is an IRC client. Internet Relay Chat is a dedicated network used for real-time communication.

This is an IRC Client being installed on you computer which can be used to relay info from your computer to the internet...Why would you need this in the install package?

XxDarkKillaxX · 08/10/2007, 06:36

this doesnt work for me

u need to give full instructions of what to do

snydez5320 · 08/10/2007, 06:57

Hey Queen, people that flame you seem to be paranoid morons. I used Build2 and loved it. great job. 1 problem with it tho. the autolooter picked up all items, and not just gold bullions but gold as well... has this been fixed? just wondering. ANYWAYS again, great job, i plan on trying out Build3 right now. +k

WhiteJem · 08/10/2007, 09:24

Quote:

Originally posted by Botter2daMax@Aug 10 2007, 06:20
Maybe in the install process let the user decide what to install and what not to install useing check box's or something.

IRC.Win32.mIRC.603

mIRC version 6.03 is an IRC client. Internet Relay Chat is a dedicated network used for real-time communication.

This is an IRC Client being installed on you computer which can be used to relay info from your computer to the internet...Why would you need this in the install package?

i wonder...

Coatl 2.0 · 08/10/2007, 09:32

he has you there it is just a carbon copy of nproxy you havnt done anything to it that makes it your own proxy

raiceforsas · 08/10/2007, 12:42

I did everything how i needed to do it and its still not working I stil lget that "Conection failed duo server maintenance or internet congestion" etc etc.\
So i made a Video of everything I did. Can someone look at this video and tell me what I am doing wrong.
Lets hope this one will help me out

. If it works Yyou will make me sooo happy that you get a +Karma XD.