11 August 2008

eMule v0.49b Applejuice v3.1 NoAds - Super Source Finder always on

eMule v0.49b Applejuice v3.1 NoAds - Super Source Finder always on
New check's removed

- Usenext.de Ads
- Startpage from AJ to Google you can browse from here :)
- Super Source Finder Always on / Timer removed

Tested with Applejuce 3.1 clients communication
(ClientInfos.dll) Default ; if not you can see on the known clients connected in black color, click view shared files on clients (Unknown) these clients where kad doesn't return by connecting to kick them!

Clients in der Warteschlange nach Super Source Finder usage/Nutzung, in schwarzer Farbe angezeigt (Unbekannt), auf "Dateinen einsehen" klicken das kickt die vom Kad nicht aufgeloesten Source Clienten.



Download:

eMule.v0.49b.Applejuice.v3.1.bin.hacked.rar - Mirror - Mirror

File is Mpress exe compressed.
MPRESS executable packer is tested before by softpedia and all other major freeware sites. If it show by compressing emule.exe, fileshare software a trojan, the result is wrong. Test it by self and pack some emules with mpress.
http://www.cnet.de/downloads/windows/86619/mpress.htm

Here is the result emule.exe unpacked which shows KAV and the 3 more corporated AV's are wrong.
As a little bit more intelligent AV, NOD or Bitdefender never did show a false positive by mpress packed files.

unpacked:
http://www.virustotal.com/de/analisis/93662dce2b84d070023ed0c8eedbab24
stay F-Secure may read the false positive trojan alert name from headers which remains the name MPRESS2 6.

Homepage: http://www.applejuicenet.de/6.0.html
BBS: http://www.extreme-unlimited.org/extremeboard1/portal.php

4 comments:

Anonymous said...

if do Clinetsinfo to emule it send:

*** Chat session Start : http://emule-project.net
http://emule-project.net:
You have faked your TLN-Boost Credirs!You will not get Upload from Community Clients!

Du hast deine TLN-Boost Credits gefaket!Du wirst keinen Upload von Community Clients bekommen!

Anonymous said...

thanks for the hack yo

Zulu said...

My Kaspersky says the file emule.exe has a Trojan-Downloder.Win32.Agent.aazk.
Can someone comment of this ?

Recon said...

Yups, Kasper Analys Labs doesn' like the file compressor for emule.exe MATCODE Compressor MPRESS

www.matcode.com/mpress.xml
www.download3k.com/System-Utilities/Compression-Utilities/Download-MPRESS.html
http://downloads.zdnet.com/Windows/Utilities+and+Drivers+-+Windows/File+Compression+-+Utilities+-+Windows/

Just change to a more intelligent AV Product. Kaspersky can as well not unpack all files packed with Armadillo and show some as a virus even if Kaspersky says by self them AV can unpack and scan it since version 4 or 5 it fails and show many false positive.

How I can help you:
1st complain to KAV that they support all possible packer scanning before they put it to any given virus name lists, all files compressed with this or that.

2nd set them a refferenz to softpedia cause they have tested this packer already and sealed as virus free.

3th dont believe - download mpress from the homepage as written above, pack some files and see what KAV tells you - all compressed files with mpress will be shown as virus.

4th write another coment here if you have more experience about av research and how they work so I will post some unpacker that you can unpack the emule.exe and the false positive will be away.
I think RL-dePacker V1.4 if not ollydbg unpacking script can unpack it.

But you dont need to use Applejuice if KAV dont want you to use this version or?

Post a Comment

We would appreciate if you as readers of our blog, show us some feedback by signing up to this site with Friend Connect.
This will encourage us to publish updates in the future.

Archive