Runscanner v1.5.0.39 Final

RunScanner is a completely free windows system utility which scans your system for all configured running programs.

You can use runscanner to detect autostart programs, spyware, adware, homepage hijackers, unverified drivers and other problems.

You can import and export your results and let other people help you to solve your problems.

Features
- Top rated freeware
- Scanning of 80+ hijack locations
- Online malware analysis of results
- Powerful process killer
Kill multiple processes at once
Kill and rename
Kill and delete
Delete at next reboot
- Saving and importing of .run files
(all information available)
- Save to text log file
- Verification of file signatures
Host file editor
- MD5 hash calculation of files + online file rating
- Online lookup of scanned entries. (Runscanner database + Google)
- Regedit jump
- Explorer jump
- Extended filters
Marking of items.
A user with problems can save the .run file, an expert can mark the items that need fixing and send the .run file back to the user

New features in this version:
New design in all modes
Layout is now shown correctly for people with "large fonts" enabled
Certificates of files are now analysed in all modes for signer/issuer
Certificates are now shown as a certificate image in the grid instead of the green/red icons
Virusscanner integration with Virustotal (upload file for scanning)
Integration with Bit9 FileAdvisor (lookup MD5 hash)
Integration with CastleCops (lookup MD5 hash)
New Classic mode : This mode is targetted at removing hijacks, it only shows non-whitelisted items and there is an easy "Fix selected items" button, all other "safe" startup items can still be found in the expert mode.
Added "Item fixer" tab in expert mode.
Added "classic mode / hijack" tab in expert mode.
Quick scan is removed in expert mode.
New in expert mode : loaded modules analyzer.
Warning if windows version is not supported. (Only win2000 or higher is supported)
Added drivers with type = 2
Disabled drivers and services are now automatically whitelisted in classic mode.
Runscanner now finds drivers with undefined imagepath.
Scanning is done a bit faster, the most processor intense part of the scan is still calculating the MD5 hashes
No internet connection is needed anymore during the scan.
Vista : Process killer now shows also protected processes

Bug fixes:
Fixed bug with corrupt MDAC installation in windows XP (used by history database)
Fixed visual bug with screen flash after quit.
Fixed bug with EOleSysError on incorrect/corrupt startup shortcuts.
Fixed bug with corrupt taskscheduler service.
Fixed bug with corrupt .run files.

Whitelist added:
A list of safe certificate publishers (56)
Standard search pages
Standard start pages
Standard safe zones (microsoft,...)
Blacklisted dangerous policies (DisableTaskMgr,DisableRegistryTools,DisableCMD,...)

Homepage: http://www.runscanner.net
Download: http://www.runscanner.net/runscanner15/runscanner.exe - Mirror

Systweak AntiSpyware v1.0.594.902

Systweak AntiSpyware has a vast database of spyware infections. It can protect your computer from Malware, Trojans, Sniffers, Adware, BHOs, Exploits, Key Loggers, Worms, Monitoring Programs and similar threats. The infection could be low-risk, annoying pop-up adverts. Or your computer could have a high-risk infection that steals your confidential data or secretly reformats your entire system.

Systweak AntiSpyware delivers all-round protection that can remove all the infections downloaded to your system. It will even protect you at run-time with the built-in Protection Guards.

Latest Definitions
With years of research and a dedicated team of professionals, we have all the key spyware infections in our database, to protect your computer from all types of infections.
Unlike other programs that incorrectly identify important files and registry entries as malware, Systweak AntiSpyware uses the latest technology to ensure that we only delete the bad guys' files.

Optimum Results
Systweak AntiSpyware is an all-in-one solution. The bad guys can infect your system, hurt system performance, steal confidential data, spy on your system, record your chat conversations and browsing habits, remotely control your computer, and run self-replicating, fast-spreading programs that attack security holes in your computer network. Systweak AntiSpyware protects you from all of these, without using much of your systems resources.

Homepage:
http://www.systweakantispyware.com
http://www.systweak.com
http://70.86.229.178/

Download: http://dl.filekicker.com/send/file/204463-O8JL/antispyware.exe
or: http://dl.filekicker.com/send/file/204036-Y3TW/antispyware.exe http://dl11.filekicker.net/private/$adv-rgn3$1197226857$3b1cf8e68d3b158515ca0e6be7889b7c$/id/$FK14950$204036-Y3TW$/cache/01e597002911d282ac3ed4b59b2a623f2fc209f673a7044d3fa2e088562ebd7da189b815d1e263aeba74bf12929bba0084e0a027/antispyware.exe

WE BETTER DO NOT HOTLINK WHY?
READ: http://filekicker.com/
customized block lists.
change filenames without breaking links, deactivate URLs with one click, and create URLs with expiration dates.... Quickly find which sites are generating ... and which are just generating traffic.

...but we mirrors mirror it
Mirror: antispyware.exe - Serial
run in trial mode, disable subscription and download the database update manual see below!

Retail: Systweak.AntiSpyware.v.1.0.564.632

My Result after I have scanned with latest NOD, Kaspersky and Bitdefender as well with some Anti Malware and Anti Spyware applications such as the latest from:
XoftSpySE (include last updates)
Microsoft OneCare 2 (incl. latest updates)
Prevx CSI Malware Scanner v1.2.101.108
Agnitum Outpost Anti-Spyware

21 more Spyware signatures found!!!

- CyberAlert in Regdoctor\setacl.exe (CyberAlert before found in Registry with other tools)
- Adware.Emusic.a in Windows Registry key: hkey_current_user\software\microsoft\internet explorer\toolbar\{1e796980-9cc5-11d1-a83f-00c04fc99d61} (I never install any kinds of toolbars)
- iNetWatcher in wincap\wincap_3_0.exe
- Adware.Agent.o in Windows Registry: hkey_classes_root\simpleext.simpleshlext.1\clsid\ and
hkey_classes_root\simpleext.simpleshlext\clsid\ and
hkey_classes_root\simpleext.simpleshlext\curver\ and in roots of all subkeys by
hkey_classes_root\simpleext.simpleshlext - hkey_classes_root\simpleext.simpleshlext.1
- Tojan-Proxy.Cimuz.av in Windows Registry: hkey_classes_root\interface\{5e2121ed-300-11d4-8d3b-444553540000} - 11 entries in all sub entries of this key
- Trojan-Backdoor.VB.bax in tuneup utilities 2007\tu2007keygen.exe
...

ATTENTION THIS PROGRAM SEND BY UPDATE REQUEST YOUR IDENTIFICATION
looks like this:
http://www.systweakantispyware.com/updatecheck.asp?regver=0&machineid=00-12-FF-88-A1-2C&key=0K00TT-12NIYZ-ABC10Z-DEF11R&username=

outdated follow instruction at the end!
Download manually:
http://www.systweakantispyware.com/updatecheck/antispy.zip
open with notepad (it's not a zip file! or rename the extension .zip to .txt)

content:
;***DO NOT ZIP***
;;;this is a plain text file
[CURRENTVERSION]
DATABASE_VERSION = 65
PROGRAM_VERSION = 1.0.594.902
DATABASE_URL = http://dl.filekicker.com/send/file/204039-R1MP/database.zip
PROGRAM_URL = http://dl.filekicker.com/send/file/204463-O8JL/antispyware.exe

TO update on computer without internet connections / manual database update
Download:
http://dl.filekicker.com/send/file/204039-R1MP/database.zip

copy database.zip when the program is closed to program folder to update the database!!!, by next program start database.zip will be installed and renamed to database.bak

As of December, 10, 2007 Database Version 65 from November, 30 is out of date!

Pirated Licenses will be logged include IP numbers on them server. You been warned!

Internet makes it possible if you paid anything and want service such as regular updates , you have to agree that your private information will be send and logged to the manufacture back . Up to every 2nd program have functions like this present for anonymous trial user and registered customers while registered have records of your address, a profile can be easy done. A active and passive (NAT) Firewall is recommended for in and outgoing traffic!!!

NEWS 11.12.2007 Updates

Here the Weekly Database update url:
http://www.systweakantispyware.com/updatecheck/database.zip
Download, close program (AntiSpyware.exe) and copy database.zip to Program folder, start AntiSpyware.exe!!!

DATABASE VERSION 68
December 08, 2007

SoftPerfect Network Scanner v3.5.0.161

SoftPerfect Network Scanner is a free multi-threaded IP, NetBIOS and SNMP scanner with a modern interface and several advanced features. It is intended for both system administrators and general users who are interested in computer security. The program pings computers, scans for listening TCP ports and displays which types of resources are shared on the network (including system and hidden).

In addition, it allows you to mount shared folders as network drives, browse them using Windows Explorer, filter the results list and more. SoftPerfect Network Scanner can also check for a user-defined port and report back if one is open. It can also resolve host names and auto-detect your local and external IP range. It supports remote shutdown and Wake-On-LAN.

Key features
Pings computers.
Does not require administrative privileges.
Detects hardware (MAC) addresses even across routers.
Detects hidden shared folders (normally invisible on the network) and write accessible shares.
Detects your internal and external IP addresses.
Scans for listening TCP ports and SNMP services.
Retrieves currently logged-on users.
You can mount and explore network resources.
Can launch external third party applications.
Exports results to HTML, XML, CSV and TXT
Supports Wake-On-LAN and remote shutdown.
It is absolutely free, requires no installation, and does not contain any adware/spyware/malware.

Homepage: http://www.softperfect.com/products/networkscanner
Download: http://www.softperfect.com/download/netscan.exe - Mirror

NOD32 Update Viewer / Update Downloader - Uploader Version 2.15.1.0

Mirror NOD updates to a local folder or Webserver
Mirror DRWeb (CureIt) updates to a local folder or Webserver
Mirror AVZ updates to a local folder or Webserver

NOD32 Update Viewer v2.15.0.0
NOD32 Update Viewer - the magnificent program of Russian programmer Usernod. This utility will really facilitate a life to any user of the NOD32 Antivirus. The program extends functionality and promotes reliability of receipt of updates for the antivirus of Nod32.
To look through contents of updatings on all servers of ESET company and their "mirrors".
To look through versions of real files (not from update.ver) on all servers of ESET company.
To check and update the list of ESET servers.
To choose servers for check (if do not wish to check - clean a tick) with preservation of a choice.
To compare contents of updatings to yours NOD32 and current "mirror".
To allocate, the new and out-of-date modules of updatings (new - green; become outdated - red).
To show on what servers is Trial updating.
To exclude components NOD32 for 95/98/ME.
To create "mirror" with restoration of names.
To create "mirror" on real files of servers ESET.
To create "mirror" with any accessible language versions of program components.
To create "mirror" of a server from a command line (it is started in systray and is closed after performance).
To create trial "mirror" (for fans).
To load only files new or absent on "mirror".
To copy new files on four FTP a server.
Each hour to check and update a mirror, with search of passwords and removal become outdated (it is started in systray). NEW!
To test servers for presence of updatings, with their subsequent addition in the list of "mirrors".
To add servers from the list of "mirrors", in the list of user servers NOD32.
To delete servers from the list of user servers NOD32, and to transfer them to the list of "mirrors".
To delete servers from the list of "mirrors".
To check passwords on an opportunity of updating from each of servers of ESET company.
To check all passwords on an opportunity of updating from the chosen server of ESET company.
To check earlier the removed passwords, on an opportunity of updating from the chosen server of ESET company.
To check passwords from text and DBF a file, on an opportunity of updating from the chosen server of ESET company.
To check passwords on an opportunity of uploading of various versions NOD32 (Standard, LAN Update Server...).
To check all passwords on an opportunity of uploading of chosen version NOD32 (Standard, LAN Update Server) for 95/98/ME and NT //2000/2003/xp.
To adjust ways and names of files of various versions NOD32.
To store the sorted list of operating passwords.
To keep current passwords in text and DBF files.
To store archive of the out-of-date passwords and to not check them repeatedly.
To delete passwords (become outdated or operating not on all servers ESET).
To delete passwords not allowing download standard version NOD32.
Support Proxy Server works.
Works with mirrors on HTTP and FTP.
Works without NOD32.
The advertising module is added.
To keep only completely downloaded files.
To remember a way to a file with passwords for check.
It is increased it is long a name.
The broad gully a file is added.

Homepage: http://nodview.net.ru

Download without call homes secure: NOD32view.rar - Mirror
Original with call homes: NOD32view.rar
Callhome: http://nodview.net.ru/Files/tmp.rar ( http://nodview.narod.ru http://nodview.net.ru webmoney.ru,... )
exe is UPX Compressed (modified)
without callhomes: NOD32view3.exe
(replace the exe)

NOD32view include all updates for all eset products English/German (09. December 2007).rar
(subfolder nod_upd for remote antivirus signatures updates, subfolder eset_upd for remote product updates - no trials included)
NOD32view include all updates for eset products.rar (39.24 MB)

.

eMule v0.48a Titan Donkey 4.2 unpacked Exe Stealth 3.16 NTkrnl

Spezial Features:

- AES 256 Bit Support
- Bzip2 Support
- improved customization 4 Highspeedcreditsystem
- Titandonkey Trust Center
- saves highspeed credits on shut down (24h)
- advanced ban protection
- clean Serverlist updater
- Titandonkey Slotmanagement
- improved passive source finding
- reduced CPU Usage
- increased Speed for Higspeed Credit downloads
- Ban some bad Mods (Titanesel Antileech)
- Comm Applejuice System
- Disabled Dead Source List to keep valuable sources
- Removed limitation of search results
- Uploaded data is compressed dynamically to save CPU
- Improved searching of passive sources
- TitanEsel Community
- TitanEsel Suche
- never show files as complete
- Look to Tray with password
- Webbrowser
- dual Serverconnect
- improved source finding for low id
- adjustable Highspeed Credit System (Applejuice)
--> Mehr Infos zu Applejuice
- improved Community Source Exchange
- Fakeresultsfilter 0.23

Remarks:
emule.exe is protected with: Exe Stealth Packer/Protector v.3.16 - www.webtoolmaster.com (NTkrnl)

To view code dump with:
Multi Generic Dumper v.1.1 (C) 2006 by Snow Panther [Unpacking Gods]
Download: Multi generic Dumper 1.1 mdg.exe G option mgd.zip or Download older Version: MULTI_GENERIC_DUMPER_v.1.0.zip

* Multi Generic Dumper v.1.1 (C) 2006 by Snow Panther [Unpacking Gods] *

* Loading process.........: ok
* Original entry point....: $00687976
* Time used for unpack....: 00:01:65480.79
* File EMULE_.EXE created...

* Press any key to continue...

Pre unpacked Titan Downkey 4.2: emule.exe
(EOP not recalc., will not run without future alloc. but you can see the code (emule.exe content, comms, dependence clients, blocked clients, urls,...) with hexedit / olydbg)

Download: eMule.0.48a.Titandonkey.v4.2-Bin.rar

Ollydbg unpacking script:
// WinXP SP2,OllyDbg V1.10,ODbgScript 1.48xxx1.60,FantOm plugin0,58
var br
var pt
var va

gpa "VirtualAlloc","kernel32.dll"
mov va, $RESULT


run

mov [eip],#CC#
mov br,[esp+8]
bp br
run
bc br
gpa "LoadLibraryA","kernel32.dll"
bp $RESULT
run
bc $RESULT
rtr
mov br,eip
bp br
loop:
cmp va,edi
je last
run
jmp loop

last:
bc br
sti
find eip,#8B????8B????74??#
mov pt,$RESULT+6
mov [pt],#EB#
find eip,#8944241C61FFE0#
cmp $RESULT,0
je quit
mov br,$RESULT
add br,5
bp br
run
bc br
sti
cmt eip, "This is the entry point"
MSG "OEP Faund ! IAT fixed! Dump it"
ret

quit:
ret

Download

Website: http://www.unpack.cn/viewthread.php?tid=19471&extra=page%3D1

Net Transport v2.52 Build 386

Multi Downloader Net Transport v2.52 Build 386
HTTP / HTTPS
FTP / SSL (Secure Sockets Layer) / SFTP (SSH File Transfer Protocol)
MMS (Microsoft Media Service)
RTSP (Real-Time Streaming Protocol)
PNM (rename PNM to RTSP)
BitTorrent
eMule

et Transport is a faster, exciting and the most powerful downloading tool that you ever saw, now support the most prevalent Internet protocols, including: HTTP / HTTPS, FTP / through SSL (Secure Sockets Layer) / SFTP (SSH File Transfer Protocol), MMS (Microsoft Media Services), RTSP (Real-Time Streaming Protocol), PNM (rename PNM to RTSP), BitTorrent, eMule.

With independently developed Enhanced Multi-Threading (EMT) technology, can download MMS and RTSP streaming by multiple threads with perfect video & audio quality. There are some other great features, like "Site Manager" which allows you to keep the active connection with the remote servers. In addition, the support for both SSL and SSH is hardly found in other upload/download tools.

Main Features:
1. You can use the simple but powerful "File Manager" to categorize and manage downloaded files more efficiently.
2. Simple multi-user management. You can maintain several databases by logging on Windows with different username.
3. You can use the inbuilt "Site Explorer" to list the directory structure of the remote server, and easily select the desired files. FTP is the most powerful item in NetXfer.
4. FTP reuse mechanism allows you to use one connection to get different files from the same site. If you like, you can use accessory FTP client tool called "FTP Transport (FtpXfer)".
5. The "Multiple Proxies mode" allows you to assign every working thread a different proxy to break certain site restrictions, like only one connection per IP.
6. Proxies with NTLM authentication can penetrate local firewall, like Microsoft ISA 2000.
7. You can adjust the bandwidth usage of Net Transport to ensure surf at the same time.
8. Monitor browser click. And you can add links through Internet Explorer extended context menu, or drag links to the "drop zone" window, etc.
9. Net Transport can automatically shutdown the system or hang up the modem once all downloads are completed.
10. Multilingual support for the user interface. I will be glad if you help me localize NetXfer.
11. NTLM authentication is supported for both MMS and RTSP. In addition, RN5 authentication works for RTSP.
12. You can use multi-threads for both MMS and RTSP to significantly reduce the time of downloads.
13. Automatically parse streaming script such as .asx, .smi to acquire real URLs.
14. Support SSL encryption for both HTTP and FTP, which is called https and ftps. Also support one-time password to protect your authentication information. Normally password is in the form of clear text, which is easily stolen by IP packet monitor tools. Presently NetXfer is the only one can download https streaming via SOCKS5.
15. Support SSH encryption, which is hardly found in other upload/download tools for Windows.
16. The flexible "Scheduler Manager" is also most powerful item in NetXfer. Even you can record the dynamic URL according to time and save it as your desire filename.
17. In version 2, you can record the clip with range.
18. On BitTorrent protocol, you can use proxy to download, upload by UPnP. NetXfer supports HTTP/HTTPS/UDP Tracker.

Net Transport 2.52 (2007.12.09):
* Added disk cache buffer for P2P task, the default size is 20M per task.
* Fixed that RealMedia file had occasional glitches, a second or two of silence.
* Modified site matching handler, the task without username would do matching process.
* Fixed that you could not click "Connect" button after all eMule servers were disconnected.
* Fixed that NetTransport could not connect to any site under certain condition.

Homepage: http://www.xi-soft.com

Downloads:
Vista x86 (Also including 2000/XP/2003)
http://www.xi-soft.com/downloads/NXSetup_Vista(x86).zip

UNICODE (NT/2000/XP/2003)
http://www.xi-soft.com/downloads/NXSetup_multi.zip

ANSI (95/98/ME)
http://www.xi-soft.com/downloads/NXSetup(9x)_multi.zip

Patch:
Net.Transport.Patch.rar