Information Security & US & Life & Love & Fashion & Hacking & Passion

v6.1.6

Core Code changes:

- new: enabled the PE Stuff dialog (still in early stages)
- new: smbios reporting added (misc tools portion)
- update: pid entrypoint code optimised
- update: updated resizing core, and squashed a few bugs
- update: false positive with some anti virus programs is now fixed (gdata and avast)
- update: folderwatch, task manager, cd/dvd filter driver report, services report and folder
locations all have right click context menus allowing the data to be saved to file
- update: uninstaller code tweaked - various fixes on some entries that would not uninstall
- update: update portion is now tweaked, a bit better and more futureproof
- update: windows 7 is now detected right and everything is functional (we are windows 7 compatible)

- bugfix: gui issue when run from context menu (log window will be shown)
- bugfix: file open doing nothing bug fixed - happened on WinXP with no service packs
- bugfix: folderwatch - bugfix in window handler, could have caused a lockup in 9x/me systems

detection additions / changes

- new: check_protectdisc.asm - added ProtectDisc exact v9.0.0, v9.1.0 & v9.2.0 detection
- new: check_g4wl.asm - added Games for Windows Live detection (xlive)
- new: check_steam.asm - added Steam (basic stub) detection
- new: check_activemark.asm - added ActiveMARK v6.50.767 detection

- new: check_breakpointcrypter.asm - added Breakpoint Crypter v0.0.79 detection
- new: check_expressor.asm - added exPresor v1.6.1 (Pro) detection
- new: check_fearzcrypter.asm - added fEaRz Crypter v2.2.0 detection
- new: check_hellcrypter.asm - added HellCrypter v1 detection
- new: check_kratoscrypter.asm - added Kratos Crypter detection
- new: check_npack.asm - added nPack v1.1.800.2008 + unknown version detection
- new: check_obsidium.asm - added Obsidium v1.3.6.1 detection
- new: check_pespin.asm - added PeSpin v0.1 (x64) detection
- new: check_rdgpack.asm - added RDG Pack Lite Edition v0.4 detection
- new: check_roguepack.asm - added RoguePack v4.0 Beta 1 detection
- new: check_rlpack.asm - added RLPack v1.21 detection
- new: check_simplecrypter.asm - added Simpl3 CrYpT3R detection
- new: check_xcrypter.asm - added X-Crypter v2.01 detection
- new: check_zprotect.asm - added in *generic* ZProtect detection

- new: dongle_softdog.asm - added SoftDog Dongle detection

- update: check_protectdisc.asm - removed protection level output (basic/pro) when detecting v9
(this version is all ‘Pro’, no more ‘Basic’ v9 games)
- update: check_activemark.asm - ActiveMark v6.1.335 detection rewritten
(thx Nacho_dj for reporting a bug in American McGee’s Grimm Bundle)

CD/DVD/Image file/sector scan

- update: sector scan updated to handle various movie protections
(css/cpmm, cprm, aacs hddvd, aacs bd), this code is still in the experimental stage,
and needs testing, but seems to work

[i] Init cd/dvd sector scan for Drive O
[i] Detected CSS / CPMM Protection! (0×00000001)
[i] Region Lock Detected -> RegionBitMask: 00000002
[.] Region(s) allowed : 2 (Drive region will need to be changed, you have 2 changes remaining,
your current region is : 1)
- Scan Took : 0.828 Second(s)

- bugfix: fixed bug in cddvd sector scanning code (register got trashed) - not critical..
http://vip-file.com/download/f8fbbf77849/ProtectionID-v6.1.6-2k9.rar.html

faster, more accurate, still better and no more beta - xmas release #2

Core Code changes:

- new: width-RESIZEABLE main window
- new: user can now choose what protection scans to skip
- new: added in new configuration item allowing the user to specify if iso, ccd, mds
etc modules are to be treated as discs (and therby subject to a sector scan)
- new: ability to scan inside microsoft cab files has been implimented

- update: we are now v0.6.1.3
- update: faster scanning core
- update: configuration window has a new look
- update: better 64 bit file handling support added
- update: appended data detection tweaked a little
- update: now if pid is running and an exe is scanned from the context menu, the main
window will change to the log window (looks better.. suggested by loki)
- update: lnk file resolving is now complete, if user has selected to resolve links,
the system handles this all automatically
- update: window position is now centred if a previous window location was not recorded
- update: adjusted ia64/x64 vs. machine check portion of code (thx to teddy rogers)
- update: configuration - windows product key showing is now a configuration item
- update: configuration - now ‘themes’ and ‘flat mode’ can not be selected at the same time,
this is how it should be as themes override flatmode etc… so now only one can
be selected, and the other is ‘auto unselected’ (suggested by syk0)
- update: configuration - addedin code to enable/disable the ‘protection report bubble’ after a scan is completed
- update: Memory Optimiser - the progress bar should get to the start again when user
clicked on Optimize and Purge was successful
- update: Memory Optimiser - code heavily updated, to work in chunks (if largest size requested is not available),
so, end result - more reliable, faster and optimised
- update: misc tools - added in quick uninstall tab
- update: misc tools - added in CD/DVD Filter Driver scanner tab
- update: misc tools - added in Windows Error Code Resolver tab
- update: misc tools - added in CPU Info tab
- update: misc tools - added in windows directory in the system info output
- update: misc tools - added in Folder Locations scanner
- update: misc tools - system information window now reports graphic device names (geforce, etc),
username & computername and terminal services availability also reported
- update: misc tools - windows install date (from registry) is now reported in the misc tools ’system info part’,
windows install date (from folder) is now also reported.
- update: misc tools - tweaked x64 os detection code, so its a lot more reliable
- update: misc tools - windows product key reporting now also handles x64 systems
- update: nfo viewer - extra checking now added - zip, rar and mz executables will NOT be displayed,
instead, a warning message is displayed
- update: process view - added in check for terminate, dump, priority change..
if selected process is pid, the menu items are disabled (for safety and security)
- update: svf checking now reports current offset on the line when processing
- update: sfv processing now works with quoted filenames
- update: winspy - process name is now also reported (if we could obtain it.. )
- update: log window in cd/dvd operations now has a context menu, allowing for…
clear log
copy selection to clipboard
copy log to clipboard
save selection (txt)
save selection (csv)
save log (txt)
save log (csv) - bugfix: admin reflection / reporting was incorrect on 9x/ME systems
- bugfix: ‘admin shield’ icon is now moved, it looked out of place if the other progress bars
showing cpu usage etc were turned off.. (reported by loki)
- bugfix: Export as .txt doesn’t work properly, only the first file does get saved
- bugfix: event bug fixed, which sometimes resulted in pid sticking at about 35% cpu
- bugfix: pause/resume in the queue window was sometimes wrong for the text (reported by r!co)
- bugfix: Fixed SFV bug - Click on make, don’t select any files and press abort.
You can’t use the complete SFV feature as it’s all greyed out (reported by Blazkowicz)
- bugfix: sfv output for large files (mb, gb etc) was VERY wrong, its since corrected
- bugfix: fixed ‘disappearing window’ problem
- bugfix: ‘large icons’ issue fixed in 9x
- bugfix: sfv - abort now works
- bugfix: sfv - output issue should be 110% fixed now (new buffering system used)
- bugfix: task manager -> potential stack bug fixed
- bugfix: configuration - shortcut creation was broken
- bugfix: nfo viewer - fixed potential memory leak on drag/drop
- bugfix: bug in the code checking for digital signatures (found by blazi)
code now performs a sanity check on accessed memory areas

detection additions / changes

- new: check_activemark.asm - added version detection for v6.3.562
- new: check_alawar.asm - added Alawar Try & Buy Activation detection
- new: check_hexalock.asm - added HexaLock Copy Protection detection
- new: check_protectdisc.asm - added more Protect DiSC v8 subversions
- new: check_securom.asm - added in detection for sll modules + SecuROM Matroschka Package
- new: check_acprotect.asm - added ACProtect v2.1, v2.1.1 and v2.1.2 detection
- new: check_angelscrypter.asm - added Angel’s Crypteur v0.2 detection
- new: check_antidote.asm - added AntiDote v1.4 SE detection
- new: check_armadillo.asm - added version detection v6.00 or newer
- new: check_atreprotector.asm - added AT4RE Protector v1.0 detection
- new: check_avlock.asm - added AVLock detection
- new: check_budcrypter.asm - added BUD Crypter detection
- new: check_coolcrypt.asm - added COOLcryptor 0.9 detection
- new: check_cryptwoz.asm - added CryptWOZ v1.0 detection
- new: check_darkcrypt.asm - added DarkCrypt v1.2 (Private Version) detection
- new: check_dcrypt.asm - added DCrypt Private v0.9b detection
- new: check_dotfixniceprotect.asm - added DotFix NiceProtect v1.0 detection
- new: check_dotnetreactor.asm - added dotNet Reactor v3.3 (or newer) detection
- new: check_enigmaprotector.asm - added version grabber for Enigma Protector
- new: check_execrypt.asm - added ExeCRyPT v1.0 [ReBirth] detection
- new: check_exefog.asm - added EXEFog v1.1 detection
- new: check_exewrapper.asm - added ExeWrapper v3.0 (533Soft) detection
- new: check_expressor.asm - added ExPressor v1.6 detection
- new: check_fakuscrypter.asm - added Fakus Crypter detection
- new: check_fastfilecrypt.asm - added FastFileCrypt v1.6 Public detection
- new: check_fatalzcrypt.asm - added Fatalz Crypt v2.14a detection
- new: check_flashbackprot.asm - added Flashback Protector v1.0 detection
- new: check_gieprotector.asm - added Gie Protector v0.2 detection
- new: check_imppacker.asm - added IMP-Packer v1.0 detection
- new: check_kcryptor.asm - added K!Cryptor v0.11 detection
- new: check_kgbcrypter.asm - added KGB Cypter v1.0a detection
- new: check_leetcryptor.asm - added 1337 Cryptor v2 detection
- new: check_lilithcrypter.asm - added Lilith Crypter detection
- new: check_maxtocode.asm - added MaxtoCode .Net Encryption detection
- new: check_minke.asm - added Minke v1.0.1 Executable Crypter detection
- new: check_moneycrypter.asm - added Money Crypter detection
- new: check_morphna.asm - added Morphna Beta 2 detection
- new: check_mortalteamcrypter.asm - added Mortal Team Crypter v2 detection
- new: check_mpress.asm - added MPRESS NET compressor detection
- new: check_mushroomcrypter.asm - added Mu$hr00M CryPtOR v1.0 detection
- new: check_nme.asm - added NME Executable Crypter v1.1 detection
- new: check_npack.asm - added nPack v1.1.500.2008 Beta detections
- new: check_obfuscatornet.asm - added Macrobject Obfuscator.NET detection
- new: check_privateexe.asm - added version detection for v2.00 - v2.25 and v2.30 - v2.70
- new: check_puricrypt.asm - added Puri Crypt v1.2 detection
- new: check_quickpacknt.asm - added QuickPack NT v0.1 detection
- new: check_rcryptor.asm - added RCryptor v1.6d detection
- new: check_rdgpack.asm - added RDG Pack Lite Edition v0.2 detection
- new: check_rdgtejoncrypter.asm - added RDG Tejon Crypter v0.3 detection
- new: check_rlp.asm - added ReversingLabs Protector v0.7.4 beta detection
- new: check_rlpack.asm - added RLPack v1.20 detection
- new: check_roguepack.asm - added RoguePack v3.3 detection
- new: check_russiancryptor.asm - added Russian Cryptor v1.0 detection
- new: check_securepe.asm - added SecurePE v1.5 detection
- new: check_secureshade.asm - added Secure Shade v1.8 detection
- new: check_snoopcrypt.asm - added SnoopCrypt detection
- new: check_thinstall.asm - added THInstall detection
- new: check_tstcrypter.asm - added TsT Crypter detection
- new: check_undergroundcrypter.asm - added UndergroundCrypter v1.0 detection
- new: check_unlimitedcrypter.asm - added UnLimited Crypter v1.0 detection
- new: check_unopix.asm - added UnoPiX v0.94 detection
- new: check_upxlock.asm - added UPX Lock v1.01 - v1.02 detection
- new: check_weruscrypter.asm - added Werus Crypter v1.0 detection
- new: check_wildtangent.asm - added Wild Tangent v2.1 Activation detection
- new: check_windofcrypt.asm - added WindOfCrypt detection
- new: check_wingscrypt.asm - added Wingscrypt v2.0 detection
- new: check_winutilitiesexeprot.asm - added WinUtilities EXE Protector v2.1 detection
- new: check_wlcrypt.asm - added WL-Crypt v1.0 detection
- new: check_xenocode.asm - added XenoCode .NET protector detection
- new: check_xenocode.asm - added XenoCode Postbuild 2007 + 2008 for .NET detection
- new: check_xhackercryptor.asm - added xHacker Cryptor detection
- new: check_xshell.asm - added XShell v1.5 detection
- new: check_zprotect.asm - added ZProtect v1.4.3 detection
- new: check_zylomwrapper.asm - added Zylom Wrapper Crypted Game.exe detection
- new: license_nalpeiron_scan.asm - added Nalpeiron Licensing Service detection
- new: installer_install4y.asm - added Install4j Wizard Module detection
- new: installer_installshield.asm - added InstallShield v12 BETA Version detection
- new: installer_squeezesfx.asm - added Squeeze Self Extractor Module detection
- new: installer_trymediadownload.asm - added Trymedia Systems Download Manager detection
- new: msi and 7zip file type reporting is now done to the log window (similar to the .rar, zip etc reporting)
- new: added in quick detection for starforce protected pdf file
- update: check_aspack.asm - added additional check for ASPack 2.x to avoid a false positive
when scanning a file wrapped by FlashBack with ASPack entrypoint signature
- update: check_codelok.asm - improved detection
- update: check_dotnetreactor.asm - some parts recoded to be more generic & faster
- update: check_execryptor2.asm - improved detection with heuristic checks
- update: check_laserlok.asm - updated to handle older (v3) versions of laserlok
- update: check_passlock2000.asm - improved detection
- update: check_reflexivearcade.asm - executables builds are now reported (if found)
- update: check_safedisc.asm - updated to detect safedisc lite
- update: check_securom.asm - updated to handle VERY old versions & updated to detect a modified paul.dll
- update: check_solidshield.asm - minor modifications, but results in better reporting
- update: check_starforce.asm - updated to handle the new variant (v5.5) and also report bitness of the exe
- update: check_sysiphus.asm - optimized detection
- update: check_themida.asm - updated to handle dll protected Themida files
- update: check_vmprotect.asm - added new generic detection code (catches now dlls we missed before)
- update: check_upx.asm - improved to be ‘more generic’
- update: check_vob.asm.asm - updated to handle older version (4 or less)
- update: dongle_guardant.asm - added reporting of old Guardant Dongle Protections
- update: dongle_hasphlenvelope.asm - improved detection
- update: license_sentinellm - improved for better detection
- update: installer_7zip.asm - improved detection
- bugfix: check_telock.asm - fixed v1.0 detection
- bugfix: check_yzpack.asm - fixed bug resulting in non detections
- bugfix: installer_installshield.asm - fixed possible non detections
CD/DVD/Image file/sector scan

- new: b6i image added into the supported file list
- new: added in ‘Extract Boot Sector’, now the boot sector from the cd/dvd can
be ‘extracted’ to a file.. for use with something else maybe
- new: cddvd_cactus.scan.asm - Cactus Audio detection added to file scan in cddvd module
- new: cddvd_protectdisc.scan.asm - added in sector scan module for protectdisc / protectcd

- update: if a disk is detected as being protected when making the iso, the user will be prompted to continue or not
- update: sector stuff - updated handler to handle udf format disks (BEA01 header instead of CD001)
- update: sector scan - tweaked sector scan for tages a little
- update: sector scan - tweaked the safedisc detection code
- update: sector scan - updated to now NOT stop if a sector 16 read failure happened
- update: sector scan - securom scan updated to handle version 4.x (and probably lower),
which used a different ‘fingerprint’ and some minor tweaks / fixes
- update: sector scan - starforce + starforce keyless scan was heavily updated..
reducing probability of false positives as well as catching some we missed before
- bugfix: sector scan - codelok scan fixed
Download here:

http://pid.gamecopyworld.com/ProtectionID_v6.1.3_2k8_xmas.rar

Exeinfo for Win32 by A.S.L.
ver. 0.0.2.1 - ( 451 sign )
http://letitbit.net/download/8d8b61949380/Exeinfo-PE-v0.0.2.1.rar.html

http://vip-file.com/download/8d8b61969353/Exeinfo-PE-v0.0.2.1.rar.html

AT4RE FastScanner v2.0

Description:
FastScanner is a Detector for most packers , cryptors and compilers for PE Files Programmed in ASM and designed for ‎fast access to most needed plugins.

FastScanner v2.0 Change log:
11/15/2008

1- Arabic interface now available.
2- New Skin for both the scanner and the PE-Editor.
3- Bug Fixed in the scanning algorithm. Now, it’s more powerful.
4- Updated signature file to detect most compilers, packers and protectors.
5- Add a TotalScan button in the scanner.
6- Add a Disasm button in the scanner.
7- Add a sections viewer button in the scanner’s main window.
8- Display the signature file date in the scanner’s main window.
9- Add a new plugin to detect and save overlay.
10- Add a new plugin => Signs-Imitator.
11- Bug fixed in the Add-Sig plugin.
12- Big update in the PE-Editor plugin:
a- section viewer and editor ( add section - delete section - edit section header).
b- new buttons to view exports and imports table.
c- new tab to view and edit the PE’s directory table.
d- new tab to view and dump any process from memory.
e- make a backup copy of the modified files.
http://letitbit.net/download/af3c9a347345/stScannerv2.0-Englishversion.rar.html

_ExeInfo PE ver. 0.0.2.0 - ( 444 sign )
_ Plugin for PEiD / gAPE / FFI - ver. 0.0.0.2
( update version - 28.10.2008 )
_ Plugin for Die.exe - ver. 0.0.0.2

http://letitbit.net/download/017d92846995/exeinfope-v0.0.2.0.zip.html

new version FBA
(FBA) Flashback Best Analisator 1.6.0 (852kb)

http://letitbit.net/download/fec563306979/FBA16.7z.html

New skin!

-Detection improved for Fast and Powerful Mode!
-Signatures Database Up-to-date!
-Heuristic Detection of Binders
-Overlay Detection and Extraction!
-Automatic Check and Update!
-MD5 Hash Detection Very Fast!
-Multiple Support for Plug-ins, for RDG Packer Detector and for other detectors!
-Multiple Detection of formatted MPG,GIF,RAR,ZIP,MP3 etc.
-Detection and extraction of associated

http://letitbit.net/download/1166e6713270/RDG-Packer-Detector-v0.6.6-2k8.rar.html

Detemida v1.0.0.3 - Detection tool for Themida protected programs

Functions:
- Identifing programs proteced by major Themida/WinLicense releases.
- Decode/View Watermarks
- POC to all antivirus companies that Themida protected programs are identical, even with all “Hide from PE Scanners” option on or even heavily DIYed.
- End of hope to those people who wanted to use Themida to protect trojans from antivirus.

Mechenism:
- Fuzzy matching, static decoding.

Results:
- Watermark info and version
- If there is an identical Themida OEP
- 4 Fuzzy matching methods
- 6 Hide from PE Scanners detection with method info
- 3 section data detection

- Decoding Themida encrypted sections
- Coding style pattern matching

As for the last 2 newly added detection methods, there will be false-positive cases, send me the file if you want.

Version history:

Omitted.

http://letitbit.net/download/578a84878240/Detemida.rar.html

from http://www.peid.info
“PEiD v0.95 is now available for download.
PEiD 0.95 got released to stall for the comming 1.0 version and to show that we are still alive.
If you have any questions visit the forum: PEiD Forum”
PEiD detects most common packers, cryptors and compilers for PE files. It can currently detect more than 470 different signatures in PE files.

PEiD is special in some aspects when compared to other identifiers already out there!

1. It has a superb GUI and the interface is really intuitive and simple.
2. Detection rates are amongst the best given by any other identifier.
3. Special scanning modes for *advanced* detections of modified and unknown files.
4. Shell integration, Command line support, Always on top and Drag’n'Drop capabilities.
5. Multiple file and directory scanning with recursion.
6. Task viewer and controller.
7. Plugin Interface with plugins like Generic OEP Finder and Krypto ANALyzer.
8. Extra scanning techniques used for even better detections.
9. Heuristic Scanning options.
10. New PE details, Imports, Exports and TLS viewers
11. New built in quick disassembler.
12. New built in hex viewer.
13. External signature interface which can be updated by the user.

There are 3 different and unique scanning modes in PEiD.

The *Normal Mode* scans the PE files at their Entry Point for all documented signatures. This is what all other identifiers also do.

The *Deep Mode* scans the PE file’s Entry Point containing section for all the documented signatures. This ensures detection of around 80% of modified and scrambled files.

The *Hardcore Mode* does a complete scan of the entire PE file for the documented signatures. You should use this mode as a last option as the small signatures often tend to occur a lot in many files and so erroneous outputs may result.

The scanner’s inbuilt scanning techniques have error control methods which generally ensure correct outputs even if the last mode is chosen. The first two methods produce almost instantaneous outputs but the last method is a bit slow due to obvious reasons!

Author:

Snaker, Qwerton, Jibz
http://www.peid.info/
http://letitbit.net/download/646b02848071/PEiD-v-0.95.rar.html

13.09.2008

added new skin, tools/ antipacker / sign counter / new signatures / bug fixed

http://letitbit.net/download/1355bd893695/exeinfope1.9c.zip.html

http://letitbit.net/download/d6f5d3438033/exeinfope0.0.1.9.B.1.zip.html

exeinfope 0.0.1.9.B

by ASL

SIZE:480K

http://letitbit.net/download/96e28a570848/exeinfope0.0.1.9.B.zip.html

Peid v0.94 cracklab 2008 edition

http://letitbit.net/download/647b7e913266/peid-v0.94-cracklab-2008-edition.rar.html

http://rapidshare.com/files/131394971/Syser.Debugger.v1.97.1900.1038.zip

FOR MORE DEBUGGERS GO  TO THE THAT PAGE THANX

added new sign :

Delphi 2007 v11
387. Microsoft Visual C++ v9.0 ( e8 ) www.microsoft.co
388. ActiveMARK 5.x -> Trymedia Systems - www.trymedia.co *ACM
389. (E Microsoft Visual C++ 9.0 - Visual Studio 2008
390. Microsoft Visual C# / Basic.NET / MS Visual Basic 2005/2008
391. TTProtect 1.0 - 2007/2008 - www.ttprotect.co (.net/dll)
392. TTProtect 1.0 - 2007/2008 - www.ttprotect.co (exe)
393. MPRESS v1.05 - MATCODE comPRESSor for executables © 2007,2008,
MATCODE Software - www.matcode.co
394. MPRESS v1.07 - MATCODE comPRESSor for executables © 2007,2008,
MATCODE Software - www.matcode.co
395. EncryptPE V2.2008.6.18 China Cracking Group - www.encryptpe.co
396. Empathy 2.1 Exe password 2007.08 (using : PE-Inject Engine 1.0 by
M.Strechovsky ) ( pass decode max.12 char)
397. Microsoft Visual Basic v4.0-6.0 DLL (5A)
398. Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 (4xFF25)
399. Borland C++ Copyright ( No Copyr. sign )
400. !EPack 1.4 lite final - by 6aHguT / Team-X 2006.08
ASL

link:

http://www.exeinfo.go.pl/

http://letitbit.net/download/d0b1f0548723/ExeInfo-PE-v0.0.1.8G3.zip.html

http://w17.easy-share.com/1700864626.html

FBA 1.3.0 New Year Edition! [31.12.07]
- Much-plenty of changes
- Is Powerfully renewed Unpackinfo.txt
- Is Added detections on linker and names section
- Are Removed spare, are added new labels from signs.txt
- Is Added generator of the passwords of any length
- Support drag’n'drop
- An Integration in contextual menu
- An Options are now saved in roll, rather then in file
- SM 0.3 -> SM 0.5
- Some inscription(than is packed) at äâîéíîì call are copied in buffer
- Is Added in archive SignMan 1.1 by NEOx
- Are Added in plugins 3 unpackers with the help of ap0x unpack engine Aspack’à 2.12, FSG 2.0, Upx 1.x-2.x + easy scramblers.
- Is Changed design
- UPX ver detector in plugins
- Is Removed check uncared-for mines FBA
- Finally-that FBA detect to FSG 2.0, eXepressor 1.x, WinUpack 0.37-0.39

the info about detection:
- 68 names section
- 18 linker
- 1782 labels packers and protectors
- 66 labels unpackers

http://letitbit.net/download/087b35458671/fbaneweng.zip.html

last update : 2008-05-08

web:http://www.geocities.com/exeinfo_PE/

link:

http://letitbit.net/download/1e4606756407/exeinfope.zip.html

hi

another detector tool, it’s stronger than peid specially in fake signature….

 Web:

 www.RDGSoFT.8k.com

or

 http://rapidshare.com/files/66345625/RDG_Packer_Detector_v0.6.5_Beta.rar

04.10.2007 - Corrected & optimized few procedures , bugs removed , added new sign.

http://www.geocities.com/exeinfo_PE/exeinfope.zip
http://users.cjb.net/exeinfo/exeinfope.zip

hi

u can find it here:

http://users.cjb.net/exeinfo/exeinfope.zip

+Plugin for PEID

http://users.cjb.net/exeinfo/plugin-peid-exeinfo.zip

+Plugin for Die

http://users.cjb.net/exeinfo/plugin-die-exeinfo.zip