09 December 2007

Systweak AntiSpyware v1.0.594.902

Systweak AntiSpyware v1.0.594.902Systweak AntiSpyware has a vast database of spyware infections. It can protect your computer from Malware, Trojans, Sniffers, Adware, BHOs, Exploits, Key Loggers, Worms, Monitoring Programs and similar threats. The infection could be low-risk, annoying pop-up adverts. Or your computer could have a high-risk infection that steals your confidential data or secretly reformats your entire system.

Systweak AntiSpyware delivers all-round protection that can remove all the infections downloaded to your system. It will even protect you at run-time with the built-in Protection Guards.

Latest Definitions
With years of research and a dedicated team of professionals, we have all the key spyware infections in our database, to protect your computer from all types of infections.
Unlike other programs that incorrectly identify important files and registry entries as malware, Systweak AntiSpyware uses the latest technology to ensure that we only delete the bad guys' files.

Optimum Results
Systweak AntiSpyware is an all-in-one solution. The bad guys can infect your system, hurt system performance, steal confidential data, spy on your system, record your chat conversations and browsing habits, remotely control your computer, and run self-replicating, fast-spreading programs that attack security holes in your computer network. Systweak AntiSpyware protects you from all of these, without using much of your systems resources.


Download: http://dl.filekicker.com/send/file/204463-O8JL/antispyware.exe
or: http://dl.filekicker.com/send/file/204036-Y3TW/antispyware.exe http://dl11.filekicker.net/private/$adv-rgn3$1197226857$3b1cf8e68d3b158515ca0e6be7889b7c$/id/$FK14950$204036-Y3TW$/cache/01e597002911d282ac3ed4b59b2a623f2fc209f673a7044d3fa2e088562ebd7da189b815d1e263aeba74bf12929bba0084e0a027/antispyware.exe

READ: http://filekicker.com/
customized block lists.
change filenames without breaking links, deactivate URLs with one click, and create URLs with expiration dates.... Quickly find which sites are generating ... and which are just generating traffic.

...but we mirrors mirror it
Mirror: antispyware.exe - Serial
run in trial mode, disable subscription and download the database update manual see below!

Retail: Systweak.AntiSpyware.v.1.0.564.632

My Result after I have scanned with latest NOD, Kaspersky and Bitdefender as well with some Anti Malware and Anti Spyware applications such as the latest from:
XoftSpySE (include last updates)
Microsoft OneCare 2 (incl. latest updates)
Prevx CSI Malware Scanner v1.2.101.108
Agnitum Outpost Anti-Spyware

21 more Spyware signatures found!!!

- CyberAlert in Regdoctor\setacl.exe (CyberAlert before found in Registry with other tools)
- Adware.Emusic.a in Windows Registry key: hkey_current_user\software\microsoft\internet explorer\toolbar\{1e796980-9cc5-11d1-a83f-00c04fc99d61} (I never install any kinds of toolbars)
- iNetWatcher in wincap\wincap_3_0.exe
- Adware.Agent.o in Windows Registry: hkey_classes_root\simpleext.simpleshlext.1\clsid\ and
hkey_classes_root\simpleext.simpleshlext\clsid\ and
hkey_classes_root\simpleext.simpleshlext\curver\ and in roots of all subkeys by
hkey_classes_root\simpleext.simpleshlext - hkey_classes_root\simpleext.simpleshlext.1
- Tojan-Proxy.Cimuz.av in Windows Registry: hkey_classes_root\interface\{5e2121ed-300-11d4-8d3b-444553540000} - 11 entries in all sub entries of this key
- Trojan-Backdoor.VB.bax in tuneup utilities 2007\tu2007keygen.exe

looks like this:

outdated follow instruction at the end!
Download manually:
open with notepad (it's not a zip file! or rename the extension .zip to .txt)

;***DO NOT ZIP***
;;;this is a plain text file
PROGRAM_VERSION = 1.0.594.902
DATABASE_URL = http://dl.filekicker.com/send/file/204039-R1MP/database.zip
PROGRAM_URL = http://dl.filekicker.com/send/file/204463-O8JL/antispyware.exe

TO update on computer without internet connections / manual database update

copy database.zip when the program is closed to program folder to update the database!!!, by next program start database.zip will be installed and renamed to database.bak

As of December, 10, 2007 Database Version 65 from November, 30 is out of date!

Pirated Licenses will be logged include IP numbers on them server. You been warned!

Internet makes it possible if you paid anything and want service such as regular updates , you have to agree that your private information will be send and logged to the manufacture back . Up to every 2nd program have functions like this present for anonymous trial user and registered customers while registered have records of your address, a profile can be easy done. A active and passive (NAT) Firewall is recommended for in and outgoing traffic!!!

NEWS 11.12.2007 Updates

Here the Weekly Database update url:
Download, close program (AntiSpyware.exe) and copy
database.zip to Program folder, start AntiSpyware.exe!!!

December 08, 2007

SoftPerfect Network Scanner v3.5.0.161

SoftPerfect Network Scanner v3.5.0.161
SoftPerfect Network Scanner is a free multi-threaded IP, NetBIOS and SNMP scanner with a modern interface and several advanced features. It is intended for both system administrators and general users who are interested in computer security. The program pings computers, scans for listening TCP ports and displays which types of resources are shared on the network (including system and hidden).

In addition, it allows you to mount shared folders as network drives, browse them using Windows Explorer, filter the results list and more. SoftPerfect Network Scanner can also check for a user-defined port and report back if one is open. It can also resolve host names and auto-detect your local and external IP range. It supports remote shutdown and Wake-On-LAN.

Key features
Pings computers.
Does not require administrative privileges.
Detects hardware (MAC) addresses even across routers.
Detects hidden shared folders (normally invisible on the network) and write accessible shares.
Detects your internal and external IP addresses.
Scans for listening TCP ports and SNMP services.
Retrieves currently logged-on users.
You can mount and explore network resources.
Can launch external third party applications.
Exports results to HTML, XML, CSV and TXT
Supports Wake-On-LAN and remote shutdown.
It is absolutely free, requires no installation, and does not contain any adware/spyware/malware.

Homepage: http://www.softperfect.com/products/networkscanner
Download: http://www.softperfect.com/download/netscan.exe - Mirror

NOD32 Update Viewer / Update Downloader - Uploader Version

NOD32 Update Viewer / Update Downloader - Uploader Version NOD updates to a local folder or Webserver
Mirror DRWeb (CureIt) updates to a local folder or Webserver
Mirror AVZ updates to a local folder or Webserver

NOD32 Update Viewer v2.15.0.0
NOD32 Update Viewer - the magnificent program of Russian programmer Usernod. This utility will really facilitate a life to any user of the NOD32 Antivirus. The program extends functionality and promotes reliability of receipt of updates for the antivirus of Nod32.
To look through contents of updatings on all servers of ESET company and their "mirrors".
To look through versions of real files (not from update.ver) on all servers of ESET company.
To check and update the list of ESET servers.
To choose servers for check (if do not wish to check - clean a tick) with preservation of a choice.
To compare contents of updatings to yours NOD32 and current "mirror".
To allocate, the new and out-of-date modules of updatings (new - green; become outdated - red).
To show on what servers is Trial updating.
To exclude components NOD32 for 95/98/ME.
To create "mirror" with restoration of names.
To create "mirror" on real files of servers ESET.
To create "mirror" with any accessible language versions of program components.
To create "mirror" of a server from a command line (it is started in systray and is closed after performance).
To create trial "mirror" (for fans).
To load only files new or absent on "mirror".
To copy new files on four FTP a server.
Each hour to check and update a mirror, with search of passwords and removal become outdated (it is started in systray). NEW!
To test servers for presence of updatings, with their subsequent addition in the list of "mirrors".
To add servers from the list of "mirrors", in the list of user servers NOD32.
To delete servers from the list of user servers NOD32, and to transfer them to the list of "mirrors".
To delete servers from the list of "mirrors".
To check passwords on an opportunity of updating from each of servers of ESET company.
To check all passwords on an opportunity of updating from the chosen server of ESET company.
To check earlier the removed passwords, on an opportunity of updating from the chosen server of ESET company.
To check passwords from text and DBF a file, on an opportunity of updating from the chosen server of ESET company.
To check passwords on an opportunity of uploading of various versions NOD32 (Standard, LAN Update Server...).
To check all passwords on an opportunity of uploading of chosen version NOD32 (Standard, LAN Update Server) for 95/98/ME and NT //2000/2003/xp.
To adjust ways and names of files of various versions NOD32.
To store the sorted list of operating passwords.
To keep current passwords in text and DBF files.
To store archive of the out-of-date passwords and to not check them repeatedly.
To delete passwords (become outdated or operating not on all servers ESET).
To delete passwords not allowing download standard version NOD32.
Support Proxy Server works.
Works with mirrors on HTTP and FTP.
Works without NOD32.
The advertising module is added.
To keep only completely downloaded files.
To remember a way to a file with passwords for check.
It is increased it is long a name.
The broad gully a file is added.

Homepage: http://nodview.net.ru

Download without call homes secure: NOD32view.rar - Mirror
Original with call homes: NOD32view.rar
Callhome: http://nodview.net.ru/Files/tmp.rar ( http://nodview.narod.ru http://nodview.net.ru webmoney.ru,... )
exe is UPX Compressed (modified)
without callhomes: NOD32view3.exe
(replace the exe)

NOD32view include all updates for all eset products English/German (09. December 2007).rar
(subfolder nod_upd for remote antivirus signatures updates, subfolder eset_upd for remote product updates - no trials included)
NOD32view include all updates for eset products.rar (39.24 MB)


eMule v0.48a Titan Donkey 4.2 unpacked Exe Stealth 3.16 NTkrnl

Spezial Features:

- AES 256 Bit Support
- Bzip2 Support
- improved customization 4 Highspeedcreditsystem
- Titandonkey Trust Center
- saves highspeed credits on shut down (24h)
- advanced ban protection
- clean Serverlist updater
- Titandonkey Slotmanagement
- improved passive source finding
- reduced CPU Usage
- increased Speed for Higspeed Credit downloads
- Ban some bad Mods (Titanesel Antileech)
- Comm Applejuice System
- Disabled Dead Source List to keep valuable sources
- Removed limitation of search results
- Uploaded data is compressed dynamically to save CPU
- Improved searching of passive sources
- TitanEsel Community
- TitanEsel Suche
- never show files as complete
- Look to Tray with password
- Webbrowser
- dual Serverconnect
- improved source finding for low id
- adjustable Highspeed Credit System (Applejuice)
--> Mehr Infos zu Applejuice
- improved Community Source Exchange
- Fakeresultsfilter 0.23

emule.exe is protected with: Exe Stealth Packer/Protector v.3.16 - www.webtoolmaster.com (NTkrnl)

To view code dump with:
Multi Generic Dumper v.1.1 (C) 2006 by Snow Panther [Unpacking Gods]
Download: Multi generic Dumper 1.1 mdg.exe G option mgd.zip or Download older Version: MULTI_GENERIC_DUMPER_v.1.0.zip

* Multi Generic Dumper v.1.1 (C) 2006 by Snow Panther [Unpacking Gods] *

* Loading process.........: ok
* Original entry point....: $00687976
* Time used for unpack....: 00:01:65480.79
* File EMULE_.EXE created...

* Press any key to continue...

Pre unpacked Titan Downkey 4.2: emule.exe
(EOP not recalc., will not run without future alloc. but you can see the code (emule.exe content, comms, dependence clients, blocked clients, urls,...) with hexedit / olydbg)

Download: eMule.0.48a.Titandonkey.v4.2-Bin.rar

Ollydbg unpacking script:
// WinXP SP2,OllyDbg V1.10,ODbgScript 1.48xxx1.60,FantOm plugin0,58
var br
var pt
var va

gpa "VirtualAlloc","kernel32.dll"
mov va, $RESULT


mov [eip],#CC#
mov br,[esp+8]
bp br
bc br
gpa "LoadLibraryA","kernel32.dll"
mov br,eip
bp br
cmp va,edi
je last
jmp loop

bc br
find eip,#8B????8B????74??#
mov pt,$RESULT+6
mov [pt],#EB#
find eip,#8944241C61FFE0#
cmp $RESULT,0
je quit
mov br,$RESULT
add br,5
bp br
bc br
cmt eip, "This is the entry point"
MSG "OEP Faund ! IAT fixed! Dump it"



Website: http://www.unpack.cn/viewthread.php?tid=19471&extra=page%3D1

08 December 2007

Net Transport v2.52 Build 386

Multi Downloader Net Transport v2.52 Build 386
FTP / SSL (Secure Sockets Layer) / SFTP (SSH File Transfer Protocol)
MMS (Microsoft Media Service)
RTSP (Real-Time Streaming Protocol)
PNM (rename PNM to RTSP)

et Transport is a faster, exciting and the most powerful downloading tool that you ever saw, now support the most prevalent Internet protocols, including: HTTP / HTTPS, FTP / through SSL (Secure Sockets Layer) / SFTP (SSH File Transfer Protocol), MMS (Microsoft Media Services), RTSP (Real-Time Streaming Protocol), PNM (rename PNM to RTSP), BitTorrent, eMule.

With independently developed Enhanced Multi-Threading (EMT) technology, can download MMS and RTSP streaming by multiple threads with perfect video & audio quality. There are some other great features, like "Site Manager" which allows you to keep the active connection with the remote servers. In addition, the support for both SSL and SSH is hardly found in other upload/download tools.

Main Features:
1. You can use the simple but powerful "File Manager" to categorize and manage downloaded files more efficiently.
2. Simple multi-user management. You can maintain several databases by logging on Windows with different username.
3. You can use the inbuilt "Site Explorer" to list the directory structure of the remote server, and easily select the desired files. FTP is the most powerful item in NetXfer.
4. FTP reuse mechanism allows you to use one connection to get different files from the same site. If you like, you can use accessory FTP client tool called "FTP Transport (FtpXfer)".
5. The "Multiple Proxies mode" allows you to assign every working thread a different proxy to break certain site restrictions, like only one connection per IP.
6. Proxies with NTLM authentication can penetrate local firewall, like Microsoft ISA 2000.
7. You can adjust the bandwidth usage of Net Transport to ensure surf at the same time.
8. Monitor browser click. And you can add links through Internet Explorer extended context menu, or drag links to the "drop zone" window, etc.
9. Net Transport can automatically shutdown the system or hang up the modem once all downloads are completed.
10. Multilingual support for the user interface. I will be glad if you help me localize NetXfer.
11. NTLM authentication is supported for both MMS and RTSP. In addition, RN5 authentication works for RTSP.
12. You can use multi-threads for both MMS and RTSP to significantly reduce the time of downloads.
13. Automatically parse streaming script such as .asx, .smi to acquire real URLs.
14. Support SSL encryption for both HTTP and FTP, which is called https and ftps. Also support one-time password to protect your authentication information. Normally password is in the form of clear text, which is easily stolen by IP packet monitor tools. Presently NetXfer is the only one can download https streaming via SOCKS5.
15. Support SSH encryption, which is hardly found in other upload/download tools for Windows.
16. The flexible "Scheduler Manager" is also most powerful item in NetXfer. Even you can record the dynamic URL according to time and save it as your desire filename.
17. In version 2, you can record the clip with range.
18. On BitTorrent protocol, you can use proxy to download, upload by UPnP. NetXfer supports HTTP/HTTPS/UDP Tracker.

Net Transport 2.52 (2007.12.09):
* Added disk cache buffer for P2P task, the default size is 20M per task.
* Fixed that RealMedia file had occasional glitches, a second or two of silence.
* Modified site matching handler, the task without username would do matching process.
* Fixed that you could not click "Connect" button after all eMule servers were disconnected.
* Fixed that NetTransport could not connect to any site under certain condition.

Homepage: http://www.xi-soft.com

Vista x86 (Also including 2000/XP/2003)

UNICODE (NT/2000/XP/2003)

ANSI (95/98/ME)


Prevx CSI Malware Scanner v1.2.101.108 Free and Business License Free

Prevx CSI Free Malware Scanner v1.2.101.108Prevx CSI - FREE Malware Scanner - fast effective scanning and real-time checking against the most comprehensive malware database in the world. Prevx CSI is click-and-go and requires no installation or reboot, which makes it quick and easy to use. Its small size allows you to take it anywhere, use it as many times as you like and even copy or send it to your friends.

Prevx CSI allows you to benefit from the knowledge gained from the entire Prevx community.

- Totally Free
- Instantly scans for all forms of malware to let you know if you're infected
- No Install required
- Runs completely independently and as many times as you like!
- Always up-to-date - checks with the up-to-the-second Prevx community database for the very latest threats

Are you responsible for your company's security? Prevx CSI for Business can be used free of charge in low volume (up to 250 PCs) by business users and large enterprises, subject to a simple registration process. Prevx CSI for Business may also be configured to run in silent mode allowing companies to deploy it easily using a simple login script. Business users also
benefit from a web based console which provides a summary view of all PCs scanned by Prevx CSI with clear details of which ones are infected.

Homepage: http://www.prevx.com/freescan.asp
Download: http://pxnow.prevx.com/zeroL/PREVXCSIFREE.EXE

Register for Free (for Business user)

After Registration Login and Download / Take your License:
enter your registration email and password: http://www.prevx.com/csilogon.asp

Business Edition include a 364 Day Free license:

PR Text:
With Prevx CSI you can easily check out hundreds of PCs in a day. The scanner is a simple click and go program. It does not need any installation or system reboot and it can be run silently from a simple login script.

Once you have verified your registration you are only a few clicks away from being able to run the scanner in your environment. The steps are very simple.

Simply visit the login page: http://www.prevx.com/csilogon.asp enter your registered email and password.

Here you can do the following things:


The Prevx CSI scanner is just 650K bytes in size. Each scanner is customized to report into your own CSI web console. Up to 50 PCs may be scanned an unlimited number of times, and completely free of charge. If you wish to extend your CSI coverage for more than 50 PCs, or you wish to include cleanup ability, then this can be provided through our simple upgrade process. Note that Prevx CSI may also be used on servers too.


The web console provides you with a real time view of the scan results for all of your PCs. You can access it at any time. However, as this is a free service data is usually not retained for more than one month.


The Prevx CSI Web Console will automatically email you once a day if any infected PCs report in for the first time. The system will only generate an email to you if there are newly infected systems that you have not already been informed about. The email will show the Report Group and PC host names of those systems affected. You can logon to the web console to review the PC results in more detail when it is convenient.


Prevx CSI operates a centralized malware research facility. The results of each scan performed by Prevx CSI are uploaded in real time to this database. We use this data to assist in our malware research which in turn improves the detection rate of our products. We already see many new infections days or even weeks ahead of our competitors and as our database grows we will see more malware and see it even earlier. The information we collect is limited to Hashes of files (signatures), path and file names, execution registry keys, the system's host name and the first 3 octets of the IP address of the system being scanned.


PC Security is now about managing scale. The growth of malicious software and the advanced technologies being used by the Cyber criminals is staggering. We have spent the last 3 years developing and preparing a range of products and technologies that can cope with the volumes and increasing sophistication of malicious software. Prevx CSI will help us leverage and showcase our technology. We believe that Prevx CSI will boost our information and intelligence about malicious software while allowing businesses and consumers to understand our technology and the advantages it offers. We also firmly believe that Prevx CSI will raise questions about the ability of many other security technologies to cope in this climate.
