Release pubh0ok 1.8 (Undetected)

[WimmyWamWaffle]

File Name: pubh0ok 1.8
File Category: Undetected Hacks (VAC Proof)

N-Vision v1.8 Pub H0oK

VAC2 Proof at Day of Release!

Credits
DaftPunk & Jenson
---------------------
Pato
hardcore
Other guys

And of course, Project Detox for stealing this source code and calling it Project Detox VIP Edition!



CHANGELOG: New menu, New ESP style, New Features, New a lot.




Features

Deathmatch Aim

Aim team

Human aim

Nospread

Norecoil

Unconnected

Aim key
Auto shoot

Aimbot On/off

Aim by Distance

Aim Method (FOV/Distance)

Aim Height

Aim spot

Aim FOV

Triggerbot

Silent Aim

Autowall

Health esp (Bar/Numbers)

Name ESP

Box ESP

Entity ESP

Armor ESP

Weapon ESP

Steam_ID ESP

Crosshair (Customizable colors/height/width)

Optical Esp

Clean Screen Shot

Distance ESP

Bunnyhop

Clock

Radar Hack

Customizable Menu positions, RGBA, and other things.

Anti-mute

Spinbot

Anti-aim

No Flash

No Smoke

Text Spam

http://up.forogeneral.com/images/big/28477874.jpg

[CampStaff]

You are attempting to hack other peoples computers, but I am not some random noob here that will allow it...
I do this for a living. And have done this longer than you've been alive.

Malicious TROJAN Detected

Here's a problem you forgot to fix in your hack rar. The EXE was modified 08/26 while all the other files in the rar were modified in March or April. Plus, you are using an old detected cheat. That's a sure way to tell that the exe has been tampered with.

Below is the beginning of our analysis:
[Only registered and activated users can see links. ]

Code:

Opened Files...

    * File: \\.\PIPE\lsarpc
    * File Type: namedpipe
    * Creation/Distribution: OPEN_EXISTING
    * Desired Access: FILE_ANY_ACCESS
    * Share Access: FILE_SHARE_READ FILE_SHARE_WRITE
    * Flags: SECURITY_ANONYMOUS
    * Quantity: 2

    * File: C:\Program Files\Trillian\users\default\msn.ini
    * File Type: file
    * Source File Hash: hash_error
    * Creation/Distribution: OPEN_EXISTING
    * Desired Access: FILE_ANY_ACCESS
    * Share Access: FILE_SHARE_READ FILE_SHARE_WRITE
    * Flags: FILE_ATTRIBUTE_NORMAL SECURITY_ANONYMOUS

    * File: C:\Program Files\Trillian\users\default\aim.ini
    * File Type: file
    * Source File Hash: hash_error
    * Creation/Distribution: OPEN_EXISTING
    * Desired Access: FILE_ANY_ACCESS
    * Share Access: FILE_SHARE_READ FILE_SHARE_WRITE
    * Flags: FILE_ATTRIBUTE_NORMAL SECURITY_ANONYMOUS

    * File: C:\Program Files\Trillian\users\default\yahoo.ini
    * File Type: file
    * Source File Hash: hash_error
    * Creation/Distribution: OPEN_EXISTING
    * Desired Access: FILE_ANY_ACCESS
    * Share Access: FILE_SHARE_READ FILE_SHARE_WRITE
    * Flags: FILE_ATTRIBUTE_NORMAL SECURITY_ANONYMOUS

    * File: C:\Documents and Settings\Jim\Application Data\.purple\accounts.xml
    * File Type: file
    * Source File Hash: hash_error
    * Creation/Distribution: OPEN_EXISTING
    * Desired Access: FILE_ANY_ACCESS
    * Share Access: FILE_SHARE_READ FILE_SHARE_WRITE
    * Flags: FILE_ATTRIBUTE_NORMAL SECURITY_ANONYMOUS

    * File: C:\Documents and Settings\All Users\Application Data\DynDNS\Updater\config.dyndns
    * File Type: file
    * Source File Hash: hash_error
    * Creation/Distribution: OPEN_EXISTING
    * Desired Access: FILE_ANY_ACCESS
    * Share Access: FILE_SHARE_READ FILE_SHARE_WRITE
    * Flags: FILE_ATTRIBUTE_NORMAL SECURITY_ANONYMOUS

    * File: C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\profiles.ini
    * File Type: file
    * Source File Hash: 8F8E835A6FD8950800130093328B710044829458
    * Creation/Distribution: OPEN_EXISTING
    * Desired Access: FILE_ANY_ACCESS
    * Share Access: FILE_SHARE_READ FILE_SHARE_WRITE
    * Flags: FILE_ATTRIBUTE_NORMAL SECURITY_ANONYMOUS

    * File: C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\zh9p648g.default\signons3.txt
    * File Type: file
    * Source File Hash: D81DF062088D4B2300C10029CD8F180030B4A347
    * Creation/Distribution: OPEN_EXISTING
    * Desired Access: FILE_ANY_ACCESS
    * Share Access: FILE_SHARE_READ FILE_SHARE_WRITE
    * Flags: FILE_ATTRIBUTE_NORMAL SECURITY_ANONYMOUS

Code:

             [Only registered and activated users can see links. ]
                           Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion
             
                            
                           Key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
             
                            
                           Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
                           Quantity: 2
             
                            
                           Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\crypt32\Performance
             
                            
                           Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\msasn1
             
                            
                           Key: HKEY_CURRENT_USER\Software\Google\Google Talk\Accounts
             
                            
                           Key: HKEY_CURRENT_USER\Software\Paltalk
             
                            
                           Key: HKEY_LOCAL_MACHINE\SOFTWARE\Valve\Steam
             
                            
                           Key: HKEY_LOCAL_MACHINE\SOFTWARE\Vitalwerks\DUC
             
                            
                           Key: HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\firefox.exe\shell\open\command
             
                            
                           Key: HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IntelliForms\Storage2
             
 

Above is the files and registry keys opened ( stolen ) on the infected computer. Programs such as MSN, AIM and firefox have been scanned for passwords and usernames profiles to be sent to the trojanner.

Quote:

[Only registered and activated users can see links. ]

Report generated: 27.8.2009 at 14.07.40 (GMT 1)
Filename: 1.8ho0k.exe
File size: 164 KB
MD5 Hash: 246ea539f442dd340c9b661201790f07
SHA1 Hash: 035D7B9BFC35F140CD183A87E5CAE3C746A5FA82
Self-Extract Archive: Nothing found
Binder Detector: Nothing found
Detection rate: 1 on 22

Detections

a-squared - -
Avira AntiVir - -
Avast - -
AVG - -
BitDefender - -
ClamAV - -
Comodo - -
Dr.Web - BackDoor.Spy.36
Ewido - -
F-PROT6 - -
Ikarus T3 - -
Kaspersky - -
McAfee - -
NOD32 v3 - -
Norman - -
Panda - -
QuickHeal - -
Solo Antivirus - -
Sophos - -
TrendMicro - -
VBA32 - -
VirusBuster - -