Multi Password Recovery v1.1.7 Portable.exe

Multi Password Recovery v1.1.7 Portable. No need to install it! Multi Password Recovery (MPR) - multifunctional password recovery and auditing solution for Windows. MPR instantly finds and recovers passwords from more than 100 popular applications (FTP, E-mail clients, Instant Messengers, Browsers and so on). It also checks saved passwords for vulnerabilities, can delete lost and stored passwords, shows passwords hidden behind asterisks, copies SAM file, can generate new passwords. Latest version is 1.1.7 (13-Aug-2009). Changes: [+] New modules: Windows Live Mail, Windows Mail password recovery [+] Mail Commander was added to advanced decryption wizard [+] Better autorun detection [*] Minor GUI updates [-] Google Chrome browser bugfixes More infos at http://passrecovery.com/ !!!WARNING!!!WARNING!!!WARNING!!!WARNING!!!WARNING!!!WARNING!!! Some antiviruses detect this as a "not-a-virus:PSWTool.Win32.PasswordRecovery.a". That's what it is, not-a-virus, and a Password Recovery Tool. If you don't want it on your computer, don't use it!!!! The Portable SFX EXE file is built up using WinRAR. You can use it to extract the files and check them one by one if you want to be sure of what is running on your machine. This has also been built on an XP x86 machine, I don't know if this program can run on a x64 or Vista machine. I't's up to you to check it if you are using them. SUGGESTIONS ON USING P2P DOWNLOADS ================================== 1) It's always better to run all downloaded programs using Sandboxie or a similar virtual machine until you are sure they are clean. 2) When in doubt, scan them with an Internet Scan service as the ones provided by Jotti and VirusTotal http://virusscan.jotti.org/ http://www.virustotal.com/ This will ***NOT*** give you any warranty that a file passing their analysis is clean, nor that if they see them as a troian it's so or not just another false positive, but helps you to decide and at least ask for help or infos. 3) Remember, trust nobody, and when in doubt, go to point 1) 4) If you find any upload containing trojans or whatsoever malicious or unclean, instead of start cursing in the comments of the upload, take the time to go to the Suprbay Forum at: http://suprbay.org/forumdisplay.php?f=34 and report links and comments there, and someone will take care of all the nasties. That's the only way to keep TPB and its uploads fresh and clean. That's for what is regarding security. If after testing it you see that you like it and it's useful for you, show your support by buying it! Enjoy and remember to seed... :o)

udp://tracker.openbittorrent.com:80
udp://open.demonii.com:1337
udp://tracker.coppersurfer.tk:6969
udp://exodus.desync.com:6969

Ov4ar (2009-08-15)

Thanks maaan :)

sharebird (2009-08-15)

Three days ago I downloaded on of the poster's other torrents, R-Studio, found here:

A scan of the download came up clean, and the portable app runs with no virus warnings.
However, when I open an open/save dialog within the app, Avira pops up warning me of a virus, with the following info:
AV program: Avira
Virus: BDS/Backdoor.7168.C
Exe: svchost.exe
Location: C:\Users\\Application Data\Thinstall\R-Studio 5.0\1000000600002i\svchost.exe
This happens every time I open or save an image from within the app.
I asked for confirmation in the that torrent's comment, however it is a month old, and not getting a lot of reads, so I am posting here asking anyone to verify similar behavior in this or other torrents from NoExcuses... he has a shitload of portable apps, available, and if he has managed to hide a virus that only runs when a file dialog pops up, that's a huge problem.
I am not referring to the PSWTool.Win32.Password Recovery.a virus the poster indicates you will see on this torrent... I am talking about a back-door trojan that does not appear until after the app runs.
All of the warnings NoExcuses posts about being careful, don't trust any post, etc., may very well be meant to lull downloaders into a false sense of security.
Can anyone verify either the torrent I linked to, or any of his newer torrents, to see if they are getting the same warnings? If you don't have an antivirus program, look in the application data directory for the program to see if there is a svchost.exe file that shows up when you are working with the app, especially opening or saving files.
Again, this virus does not appear until running the app and opening or saving a file... a virus scan on the exe before-hand turns up clean.
I am not making any accusations yet, I am simply looking for independent verification of what I'm seeing.
TY

Yunichi (2009-08-15)

Extract contents with 7-zip.
Inside is a Trojan infected file. (ldr.exe)
I can confirm. Scanned with AVG.

 NoExcuses (2009-08-15)

@sharebird
The Portable program have been made using Thinstall, that monitors and packs up the files of a regular installation with a regular license. The svchost.exe is a system file that gets recalled by many other programs, don't ask me why or when, also my AV sometimes warns me about running it, and mostly from surely clean programs, so I don't care. I see that sometimes thinstalled programs tend to be recognized as trojans by some AVs, probably because they recognize some part of the code as a signature, and that's common for almost all the AVs. When in doubt, as already stated also in the notes, run all, and I mean *ALL* the downloaded programs from anywhere in Sandboxie or something similar, so you can see in the window what's it's running and your AV have the opportunity to check all the runned files. Like in your comment, you can pick the svchost.exe file where it gets expanded and scan it on an internet scannig service like Jotti or VirusTotal, and see what they say. Obviously you can never be completely sure for anything, and obviously even if a lot of AVs detects something as a Trojan or a Virus doesn't mean that it's so. I have a whole bunch of Keygens that get a hell of hits from my AV but I know that they are clean. That's the real problem with signatures, if someone uses a packer used sometimes from virus makers, all applications packed with it tend to be detected as infected, even if they are not.
@Yunichi
The ldr.exe is used also in the previous versions of cracked MPR, and it does nothing else than launching properly the pirated program. If you don't want to run it, you can buy a license and use the program without the crack. As said, nobody forces you to use it. Also, scan the file with other AVs, AVG is prone to give a hell of detections on almost everything. Try to run one of the KG for AVG with the AV active and see. Obviously you can imagine why. That's one of the reasons I stopped using AVG, Paranoid, that's the word...

 NoExcuses (2009-08-15)

@sharebird

This is the result of the VT scan of the svchost.exe file that you name. Effectively it gets a few hits from minor AVs, while the Big Ones doesn't find anything wrong in it. Looks like Thinstall uses a stripped down version of the regular program delivered by M$, but as the version of Thinstall that I use is quite old, I suppose that if there was a virus in its creations they should have been coming up earlier. Time to put Avira too in the Paranoid list. Anyway, if you trust more in your AV than in my Portable no problem, use the normal setup or build your own portable using Thinstall/Thinapp or something similar.
@Yunichi

Also the ldr.exe gets a few hits from minor AVs only, mainly I think because it has been packed with UPX, thing that some AVs find suspicious. Even Total Commander has stopped using UPX not because is bad, but because many AVs detects clean packed programs as infected. As already said, get a better AV...
Not all the things are how they look, and not all the things look how they are...

sharebird (2009-08-19)

Thanks NE, but I think fredpc's comment here:

is spot on, that the Thinstall app used to generate these portable apps is infected... The apps themselves are scanning clean, but when they run they unpack a svchost.exe, usually as part of a file open dialog.
I appreciate your efforts and don't want to undermine them, but right now all of your portable apps are suspect.
: (
Sorry mate, but you might want do do what fredpc did, download a different copy of thinstall.
Spreading the word, because this particular virus hides itself very well.

 NoExcuses (2009-08-19)

@sharebird
Read my answer here:

and try to remember always of false positives...

 NoExcuses (2009-08-19)

@sharebird
BTW, you are attaching your comments to almost all my uploads, also the ones not built up with Thinstall, so that for sure they could not be infected by the supposed virus you say. I'm quite tolerant, but not too much, so if you want to add your comments only to the uploads that show the problem should be great, not also to the good ones. Don't spread panic around about uploads that you haven't tested, and as I say in my comments, if you find something wrong in any upload, not only in mine, go tell it at

and the mods will take care of them.
These uploads are free of charge for all and if your AV tells you not to use some of them, then obey but stop spreading havoc on all the other uploads, specially when they don't have any problem. Spreading around wrong comments is considered annoying, and you can be banned for that...

Kaiba142 (2009-08-24)

What is a reg key in here?

wellknown01 (2009-09-12)

I ran this through Eset nod 32 4.0 av it's fine. Ran it in sandboxie is fine and works without requiring to register. I ran it outside of sandboxie and it requires to buy or register in order to work.

pnx2325 (2010-03-26)

Tnx - from the Phil's

odinrlives (2011-05-20)

HI!, I had met the headache things that I had forgotten Windows login password. The login screen rejected my passwords. I was frustrated because there was very important data on my disk and I couldn't reinstall the OS. ............. However, I fortunately got to know the Windows Password Recovery Tools below .
1. Windows Password Recovery Tool 3.0( http://www.windowspasswordsrecovery.com )
2. Windows Password Key 8.0( http://www.lostwindowspassword.com )
3. Password Recovery Bunlde( http://www.recoverlostpassword.com )
4. Any Windows Password Reset 7 ( http://www.windowspasswordreset.net )
5. Windows Password Recovery ( http://www.windowspasswordrecovery.net )
6. windows password cracker ( http://www.windowspasswordcracker.com )
I compare these tools and try the first one, it help me to recover my forgotten windows xp password in only five minutes.