20 July 2008

emule v0 49a v1.4.8.1 cracked Virus Alert!!!

2 comments
File emule_v0_49a_v1.4.8.1_cracked.rar received on 07.20.2008 16:20:42 (CET)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED
http://www.virustotal.com/analisis/bc73933a915a09814b465fe059602236
Result: 20/33 (60.61%)

Antivirus Version Last Update Result
AhnLab-V3 2008.7.17.0 2008.07.18 -
AntiVir 7.8.1.11 2008.07.20 Rkit/Agent.ajn.8
Authentium 5.1.0.4 2008.07.20 -
Avast 4.8.1195.0 2008.07.20 Win32:Adware-gen
AVG 8.0.0.130 2008.07.19 BackDoor.Generic9.ALQH
BitDefender 7.2 2008.07.20 -
CAT-QuickHeal 9.50 2008.07.18 Rootkit.Agent.ajn
ClamAV 0.93.1 2008.07.20 PUA.Game.Casino-1
DrWeb 4.44.0.09170 2008.07.20 -
eSafe 7.0.17.0 2008.07.20 Rootkit.Win32.Agent.
eTrust-Vet 31.6.5966 2008.07.18 -
Ewido 4.0 2008.07.20 Rootkit.Agent.ajn
F-Prot 4.4.4.56 2008.07.20 -
F-Secure 7.60.13501.0 2008.07.20 Rootkit.Win32.Agent.ajn
Fortinet 3.14.0.0 2008.07.20 W32/Agent.AJN!tr.rkit
GData 2.0.7306.1023 2008.07.20 Rootkit.Win32.Agent.ajn
Ikarus T3.1.1.34.0 2008.07.20 Virus.Rootkit.Win32.Agent.ajn
Kaspersky 7.0.0.125 2008.07.20 Rootkit.Win32.Agent.ajn
McAfee 5342 2008.07.18 -
Microsoft 1.3704 2008.07.20 -
NOD32v2 3282 2008.07.19 a variant of Win32/PTCasino
Norman 5.80.02 2008.07.18 W32/Rootkit.GUH
Panda 9.0.0.4 2008.07.20 Adware/GoodSearchNow
Prevx1 V2 2008.07.20 System Back Door
Rising 20.53.62.00 2008.07.20 -
Sophos 4.31.0 2008.07.20 -
Sunbelt 3.1.1536.1 2008.07.18 -
Symantec 10 2008.07.20 Hacktool.Rootkit
TheHacker 6.2.96.385 2008.07.19 Trojan/Agent.ajn
TrendMicro 8.700.0.1004 2008.07.18 -
VBA32 3.12.8.1 2008.07.20 Rootkit.Win32.Agent.ajn
VirusBuster 4.5.11.0 2008.07.19 -
Webwasher-Gateway 6.6.2 2008.07.20 Rootkit.Agent.ajn.8
Additional information
File size: 3411102 bytes
MD5...: 46d9fe7779137c2f8e7c8de68c777254
SHA1..: c7cf302c7767e2f5b9eb3a64286c7969e64d3ac1
SHA256: 7f6f05dc96c6f711ace173b91723f065d0ef4fb006e29f88f0eb388e709e3773
SHA512: eb79529e8d9fbb7721a79e4379e713e702454f3d87aaf8f4109da4c35ca67d38
8b9a0ae9ad72e6a1b039b3e2f45a90dc0e2020283051b9b0235630542639ab1e
PEiD..: -
PEInfo: -
Prevx info: http://info.prevx.com/aboutprogramtext.asp?PX5=16594E800016610846474FBE55CF7E00E1F39F03

Please submit to

Microsoft: http://support.microsoft.com/kb/921161/
Rising: http://sample.rising-global.com/webmail/upload_en.htm
McAfee ???
Spybot - Search & Destroy: ???
BitDefender: ???
AhnLab-V3: ???
DrWeb: ???
Comodo BOClean Anti-Malware 4.27 ??? (find nothing)
UnHackMe 4.8 Build 289 Beta ??? (find nothing)

How to get it away without installing another AV:
try but didn't found anything
Norman Malware Cleaner: Built 2008.07.07 http://download.norman.no/public/Norman_Malware_Cleaner.exe
or try: http://www.prevx.com/freescan.asp: http://pxnow.prevx.com/zeroL/PREVXCSIFREE.EXE
Symantec Online scan: http://security.symantec.com/sscv6/default.asp?langid=ge

Avast AV, Boot scan found under system config Rootkit during boot scan and removed it!

According to Prevx:
This executable program has a file size of 5,195,264 bytes, it is most frequently called 22_GUI_1.EXE in ed2k network: emule v0,49a v1.4.8.1 cracked.rar and is most frequently located in the %mai%\ folder.
This file is considered unsafe and is part of the malware group, BackDoor.Ntrootkit. It was first seen on Wednesday, May 7 2008. It has been seen frequently by 18 users in this section of the community. The file was first seen in SPAIN but has been seen in other locations, including The EUROPEAN UNION.
22_GUI_1.EXE has been seen to perform the following behavior:
- Can make outbound communication to other computers, IM chat rooms and other services using IRC protocols
22_GUI_1.EXE has been the subject of the following behavior:
- Deleted as a process from disk

eMule 0.49a DreaMule 3.2

2 comments

The version 3.2 of DreaMule is on the way bringing several innovations. Currently the staff has already received a beta (I say one more Release Candidate is therefore completely stable), and very soon we will launch!

Moreover the DreaMule is becoming as important and increasingly used internationally as in Spain that its creator is becoming celebrity

Look at the interview Bruno Cabral for Softonic, one of the largest sites for downloads of Spain or something like Baixaki Superdownloads from there:
http://es.onsoftware.com/p/entrevista-al-creador-de-DreaMule-un-genio-precoz
eMule 0.49a DreaMule 3.2
Homepage: http://dreamule.org/forum/bb3portal.php
Sourceforge: http://sourceforge.net/project/showfiles.php?group_id=100764
Homepage: http://sourceforge.net/projects/pootzmod/
BBS

7-Zip 4.59 alpha 5 by Igor Pavlov

0 comments
7-Zip 4.59 alpha 5 was released.

7-Zip for 32-bit Windows:
http://www.7-zip.org/alpha/7z459a5.exe

7-Zip for 64-bit Windows x64:
http://www.7-zip.org/alpha/7z459a5-x64.msi

What's new after 7-Zip 4.59 alpha 4:
- 7-Zip now uses less memory when it compresses big number of files.
- Some internal changes.

BBS: http://sourceforge.net/forum/forum.php?thread_id=2126997&forum_id=45797

older Version Alpha 4

ExeInfo PE ver. 0.0.1.8 G3 - ( 400 sign ) by A.S.L

1 comments

64 MB max file

many reconstruction and removed few proc. and conditions ( maybe not work correctly )

added new sign :

Delphi 2007 v11
387. Microsoft Visual C++ v9.0 ( e8 ) www.microsoft.com
388. ActiveMARK 5.x -> Trymedia Systems - www.trymedia.com *ACM
389. (E8) Microsoft Visual C++ 9.0 - Visual Studio 2008
390. Microsoft Visual C# / Basic.NET / MS Visual Basic 2005/2008
391. TTProtect 1.0 - 2007/2008 - www.ttprotect.com (.net/dll)
392. TTProtect 1.0 - 2007/2008 - www.ttprotect.com (exe)
393. MPRESS v1.05 - MATCODE comPRESSor for executables (C) 2007,2008, MATCODE Software - www.matcode.com
394. MPRESS v1.07 - MATCODE comPRESSor for executables (C) 2007,2008, MATCODE Software - www.matcode.com
395. EncryptPE V2.2008.6.18 China Cracking Group - www.encryptpe.com
396. Empathy 2.1 Exe password 2007.08 (using : PE-Inject Engine 1.0 by M.Strechovsky ) ( pass decode max.12 char)
397. Microsoft Visual Basic v4.0-6.0 DLL (5A)
398. Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 (4xFF25)
399. Borland C++ Copyright ( No Copyr. sign )
400. !EPack 1.4 lite final - by 6aHguT / Team-X 2006.08


old options fixed ( only user bugs )

and ...

Please send not recognized pe files ( packer / protector ), bugs and suggestions ! project is still open A.S.L

Homepage: http://www.exeinfo.go.pl/

Download: exeinfope2008.07.09_0.0.1.8.G3.zip 522.15 KB - Mirror

Exeinfo PE – unprotect exe file from overlay ( xor method ) info How to use it Exeinfo_overlay_xor.pdf

19 July 2008

eMule 0.49b beba v2.1 pre (eMule 0.49b beba 2.1 BETA 3 by Tuxman)

11 comments
Not Official now!
eMule 0.49b beba v2.1 BETA3
eMule v0.49b beba v2.1 BETA3
compiled Date: 14-07-2007

- merged: eMule 0.49b Beta 1

- improved: added link to beba's online version check [Tuxman]
- improved: added radiobuttons for the new FDC modes
- improved: FDC needs more than one match now [Tuxman]
- improved: MiniMule's transparency code should work even better now [Avi3k]
- improved: added support for additional file types [Tuxman]
- improved: improved MediaInfo.dll support [Tuxman]

- fix (b): downloading list was accidentally cleared in some cases [Tuxman]
- fix (o): removed unused A4AF icon from PPgTweaks [Tuxman]

- changed: small Infinite Queue display changes [dlarge]
- improved: added an option to draw files affected by FDC with a red background [Tuxman]
* add PaintFDCRed = 1 to the preferences.ini file under [beba] to enable it
- improved: added default IPFilter.dat and server.met download URLs [Tuxman]
- improved: added more file types to "don't compress" list [aSceT]

- fix (o): fixed IP check in AttachToAlreadyKnown [Xman]
- fix (b): long category names don't overlap the Drop Buttons anymore [Tuxman]
- fix (b): several Client Analyzer fixes [gidi/WiZaRd]

- changed: "AntiLeech Info" is now hidden if the client is not bad [Tuxman]
- changed: set the minimum upload slots for very fast connections to 4 [Tuxman]

Homepage: http://ddos.isleoftortuga.org/forum/index.php?showtopic=10172&st=0
BBS: http://ddos.isleoftortuga.org/forum/index.php?showforum=122

Download eMule v0.49b beba v2.1 BETA3:
nightlybin.7z 1.55 MB - Mirror
nightlysrc.7z 1.46 MB - Mirror
Download eMule v0.49b beba v2.1 BETA1
Beta String to Beta1 - in case show version Beta3 is a bug/error: nightlybin.7z 1.55 MB

(Arcor Hosting have that traffic/bandwidth limit on webhosting server! Mirrors are here)

1st official eMule Mod based on eMule 0.49b Beta!
Not a leecher mod! Beba Mod run fast in download and upload!
Versiones beta pueden contener pequeños errores!
Es por ello que el nombre de Beta.
Betas may contain small bugs which is normal in early Software Beta Status and user have to calculate with it!

eMule v0.49a XdP 2.1

19 comments
eMule 0.49a XDP v2.1
**************************************************
eMule v0.49a | -XdP- v2.1
-- developed by umeK --
**************************************************

18-07-2008
- Authent. removed
- Not exe protect/packed with Thermidia

Download: emule_0.49a_xdp_2.1.rar 1.89 MB - Mirror

Archive