[Gilder] Monitor Very Useful!!

[[Shon3m]]

this always you to see ur gilder at work from a dif house or if ur at work ^^

* Open WoWGlider
* Click on "configure"
* Go to the "Remote Control" feature (on the lower right side)
* Turn on remote feature by clicking "Enable"
* Set up a port or leave it on 3200 (not very secure)
* Set up a password (remember it )
if You use any software firewall (kerio, Windows XP integrated firewall)
You have to accept connection on port where WoWGlider is listening (default 3200)

Windows XP Service Pack 2 Firewall
* Go to "My Computer"
* Right click on the icon "Network neighboor" then left click on "properties"
* Right click on then connection that give you the internet then left click on "properties"
* Go to "Advanced" tab
* Go to "Windows Firewall" square
* Click on "Settings"
* Go to "Exceptions" tab
* Click on "Add a port"
* Type a name for this exception, exemple WoWGlider
* enter the port of where WoWGlider is listening (default 3200)
* press ok until all windows is close
* on the computer where WoWGlider run do:
- Click on Windows "Start menu"
- Click on "execute"
- in the white field type "cmd" then press enter. You get in a black windows
- type "telnet 127.0.0.1 3200" (3200 is default port, please change it if you have set up ip elsewhere)
- you get to a black screen without anything, now, in this black windows, type your password then press enter...
- you should get "Authenticated OK"
=> If yes, all is right
=> If not, something is missing in your WoWGlider configuration, perhaps the port settings or the password you set up

fyi i didn't make this i just redid what to do on the forums because im sure this hasn't been psted here but if it has plz pst a link for me so i can delete this thread

here's the scan http://www.virustotal.com/analisis/7...4fbd00f78e4e4c


download here

[Ryoushi.]

You need to supply a link for a virus scan, e.g. VirusTotal - Free Online Virus and Malware Scan

Also, a better explanation and preferably a screenshot would be good.

[[Shon3m]]

ok ^^ can do

[Ironmage]

Virus scan plz

[JoeBiden]

Seems fine then, GJ, +rep

[[Shon3m]]

you want me to get a program that screenshots my desktop?
Where does the screenie get sent to? You?

Untill you post a virus-scan I suggest no-body download this, it's uploaded at filebeam.

yes it sends it to ur pc you can do this at work or school its program that u can put on a usb drive an take it any where

[Hackingmac]

i cant read that lol

[ponu]

That color... MY EYES ARE GONNA EXPLODE :S
Please, Dont use colors like that.

[~OddBall~]

I'm confused as to how someone can possibly think that is an easy colour to read? WTF were you high?

[Krillere]

Idd. it's impossible to read that color.

[somecoolname]

lol telnet is the most insecure thing in the world, you really should never have it enabled on your computer.

[[Shon3m]]

well you don't have to use this then lol....

[~Jagris]

Anyone have a new link that one isnt working.

[Marlo]

OK theres something fishy going on here.

The scan you gave shows a REALbasic made script.
The second show somthing completely different? (Delphi?)

Could be nothing but then again it could be somthing.

Yours:

Code:

File size: 578539 bytes
MD5...: edc4dc9fc3fa9176fc3f0bc0c6dd5f1c
SHA1..: eb70c338ec0009d1eec4e643a0a5c7c599d3cf6e
SHA256: b80a9a9666d8312cad9a878175fb008f58fd9823f77ae06dc164f7a2c07109ff
SHA512: 420bfe8c3e60edfdd656901ac31a24cb9410720dd2adf3c78530fe3a0209a35c
afec3bc566e204c045bbfbbe039925e5e53684ec25b86b5fa6bb912aaf00d3f5
ssdeep: 12288:2YvXQHBZmrMjQ4np14IzsvMqiJ15tiwLmul8jNKVBntCk:2YvXWHmr2Zp1
4c1qiD5trLmI8MVBtCk
PEiD..: -
TrID..: File type identification
RAR Archive (83.3%)
REALbasic Project (16.6%)
PEInfo: -
packers (Kaspersky): PE_Patch.PECompact, PecBundle, PECompact
packers (F-Prot): PecBundle, PECompact

Mine:

Code:

File size: 583680 bytes
MD5...: bee500f48d3cee79a3172b9e7a4c5232
SHA1..: cf2e883a68926f97326d5048c9d61b9d7b683592
SHA256: 99d1fa9b2482e97f86462cd1560114a87a1adfa34f4a22eaf0f666054064f3d2
SHA512: a0985179bd3d108d7ff3d3aace7a39b5d03c4236be380a26f5face194f015074
f61ae7b799f23988c48b26b2ec667d500ef10710ddc1124924118e0075ff9d34
ssdeep: 12288:X2dANCwQBzD0KuzG8ChQZXqCav1gh/SpUVBLyyPnNC:i7R1DN/lw4gpSpc
PnN
PEiD..: PECompact 2.xx --> BitSum Technologies
TrID..: File type identification
Win32 EXE PECompact compressed (v2.x) (48.0%)
Win32 EXE PECompact compressed (generic) (33.8%)
Win32 Executable Generic (6.9%)
Win32 Dynamic Link Library (generic) (6.1%)
Win16/32 Executable Delphi generic (1.6%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x401000
timedatestamp.....: 0x2a425e19 (Fri Jun 19 22:22:17 1992)
machinetype.......: 0x14c (I386)

( 2 sections )
name viradd virsiz rawdsiz ntrpy md5
CODE 0x1000 0x15c000 0x8aa00 8.00 15329c36bd89d2d20c60f0f82c2d95ad
.rsrc 0x15d000 0x4000 0x3a00 6.05 8544e10806ee4743f15df089f2804f3d

( 13 imports )
> kernel32.dll: LoadLibraryA, GetProcAddress, VirtualAlloc, VirtualFree
> user32.dll: GetKeyboardType
> advapi32.dll: RegQueryValueExA
> oleaut32.dll: SysFreeString
> version.dll: VerQueryValueA
> gdi32.dll: UnrealizeObject
> ole32.dll: CreateStreamOnHGlobal
> comctl32.dll: ImageList_SetIconSize
> winspool.drv: OpenPrinterA
> shell32.dll: Shell_NotifyIconA
> wsock32.dll: WSACleanup
> netapi32.dll: Netbios
> winmm.dll: PlaySoundA

( 0 exports )
packers (Kaspersky): PE_Patch.PECompact, PecBundle, PECompact
packers (F-Prot): PecBundle, PECompact
CWSandbox info: <a href='http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=bee500f48d3cee79a3172b9e7a4c5232' target='_blank'>http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=bee500f48d3cee79a3172b9e7a4c5232</a>

[[Shon3m]]

OK theres something fishy going on here.

The scan you gave shows a REALbasic made script.
The second show somthing completely different? (Delphi?)

Could be nothing but then again it could be somthing.

Yours:

Code:

File size: 578539 bytes
MD5...: edc4dc9fc3fa9176fc3f0bc0c6dd5f1c
SHA1..: eb70c338ec0009d1eec4e643a0a5c7c599d3cf6e
SHA256: b80a9a9666d8312cad9a878175fb008f58fd9823f77ae06dc164f7a2c07109ff
SHA512: 420bfe8c3e60edfdd656901ac31a24cb9410720dd2adf3c78530fe3a0209a35c
afec3bc566e204c045bbfbbe039925e5e53684ec25b86b5fa6bb912aaf00d3f5
ssdeep: 12288:2YvXQHBZmrMjQ4np14IzsvMqiJ15tiwLmul8jNKVBntCk:2YvXWHmr2Zp1
4c1qiD5trLmI8MVBtCk
PEiD..: -
TrID..: File type identification
RAR Archive (83.3%)
REALbasic Project (16.6%)
PEInfo: -
packers (Kaspersky): PE_Patch.PECompact, PecBundle, PECompact
packers (F-Prot): PecBundle, PECompact

Mine:

Code:

File size: 583680 bytes
MD5...: bee500f48d3cee79a3172b9e7a4c5232
SHA1..: cf2e883a68926f97326d5048c9d61b9d7b683592
SHA256: 99d1fa9b2482e97f86462cd1560114a87a1adfa34f4a22eaf0f666054064f3d2
SHA512: a0985179bd3d108d7ff3d3aace7a39b5d03c4236be380a26f5face194f015074
f61ae7b799f23988c48b26b2ec667d500ef10710ddc1124924118e0075ff9d34
ssdeep: 12288:X2dANCwQBzD0KuzG8ChQZXqCav1gh/SpUVBLyyPnNC:i7R1DN/lw4gpSpc
PnN
PEiD..: PECompact 2.xx --> BitSum Technologies
TrID..: File type identification
Win32 EXE PECompact compressed (v2.x) (48.0%)
Win32 EXE PECompact compressed (generic) (33.8%)
Win32 Executable Generic (6.9%)
Win32 Dynamic Link Library (generic) (6.1%)
Win16/32 Executable Delphi generic (1.6%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x401000
timedatestamp.....: 0x2a425e19 (Fri Jun 19 22:22:17 1992)
machinetype.......: 0x14c (I386)

( 2 sections )
name viradd virsiz rawdsiz ntrpy md5
CODE 0x1000 0x15c000 0x8aa00 8.00 15329c36bd89d2d20c60f0f82c2d95ad
.rsrc 0x15d000 0x4000 0x3a00 6.05 8544e10806ee4743f15df089f2804f3d

( 13 imports )
> kernel32.dll: LoadLibraryA, GetProcAddress, VirtualAlloc, VirtualFree
> user32.dll: GetKeyboardType
> advapi32.dll: RegQueryValueExA
> oleaut32.dll: SysFreeString
> version.dll: VerQueryValueA
> gdi32.dll: UnrealizeObject
> ole32.dll: CreateStreamOnHGlobal
> comctl32.dll: ImageList_SetIconSize
> winspool.drv: OpenPrinterA
> shell32.dll: Shell_NotifyIconA
> wsock32.dll: WSACleanup
> netapi32.dll: Netbios
> winmm.dll: PlaySoundA

( 0 exports )
packers (Kaspersky): PE_Patch.PECompact, PecBundle, PECompact
packers (F-Prot): PecBundle, PECompact
CWSandbox info: <a href='http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=bee500f48d3cee79a3172b9e7a4c5232' target='_blank'>http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=bee500f48d3cee79a3172b9e7a4c5232</a>

where did u scan ur eh?