Jump to content

Welcome to nsane.forums

Welcome to nsane.forums, like most online communities you need to register to view parts of our community or to make contributions, but don't worry: this is a free and simple process that requires minimal information. Be a part of nsane.forums by signing in or creating an account.

  • Access special members only forums
  • Start new topics and reply to others
  • Subscribe to topics and forums to get automatic updates


Please note: Unfortunetely due to some server side issues, registration via Hotmail / Outlook email addresses do not work, members are requested to use some other email addresses like Gmail to register here.


The search index is currently processing. Leaderboard results may not be complete.

Popular Content

Showing most liked content since 09/16/2017 in all areas

  1. 23 points
    Visual C++ Runtime Installer by burfadel/MDL Visual C++ Runtime Installer (All-In-One) is a single batch file installer that includes all Visual C++ libraries built-in. Before installing drivers on a computer, as soon as you're done with the format, it is advisable to install all the Microsoft Visual C++ libraries to ensure the drivers that depend on it are working properly. This utility is specifically intended to expedite the entire tedious download(s) with only one simple click and quickly completes the entire process within just a couple of minutes. As you may already know, often when you install the Visual C++ Libraries from 2005, it places one of its DLL files (msdia80.dll) incorrectly in the root folder of the largest accessible partition with free space. Then you would have to manually move that file to the correct folder and edit the registry entries for it to point to the correct location. But now by using Visual C++ Runtime Installer (All-In-One), all the files are placed correctly in their right locations - saving you time and potential aggravation. Runtimes included are the latest full Visual C++ Runtimes for 2005, 2008, 2010, 2012, 2013, and 2015. Visual C++ Runtime Installer (All-In-One) can be an efficient go-to solution for techs to keep on a USB Flash Drive for fast multi-system deployment. Changes: updated the C++ 2013 runtime 12.0.40660.0 --> C++ 2017 runtime 12.0.40664.0 slight changes to the installer and x86/x64 selection; let me know if there are any issues! Visual C++ Runtime Installer @ forums.mydigitallife.info Visual C++ Runtime Installer @ forums.guru3d.com Download https://1drv.ms/u/s!AmGuHbW3zvrBmbR6U1DjfO5ZY-4LrQ
  2. 23 points
    Nero 2018 19.0.07000 DOWNLOAD: =========== Nero 19.0.07000 | Trial (362.05 MB) - http://install10.nero.com/stubinfo/2018-NEROTRIAL-19.0.07000/files/Nero2018-19.0.07000_nsx_trial.exe Nero 19.0.07100 | Retail (362.04 MB) - http://ftp22.nero.com/Nero2018/Nero_Standard2018-19.0.07100.exe Nero 19.0.06900 | Retail (362.05 MB) - http://ftp22.nero.com/Nero2018/Nero_Platinum2018-19.0.06900.exe WHAT'S NEW IN NERO PLATINUM 2018: Nero 2018 Platinum is THE standard multimedia software that helps you mastering your digital life with photos, videos, and music on so many devices in ubiquity. Nero 2018 Platinum puts an end to major pain points by allowing users to easily clean up their footage, and to perfectly create and play content faster, quicker, and easier than ever in best quality on any device. Get your image archive cleaned up, safely by removing duplicate images. Use the fully integrated ‘Nero BackItUp’ as part of Nero Platinum 2018 and do your regular backups. In case restore your valuable data easily. Now even access and restore backups created with former versions of ‘Nero BackItUp’. Get your personal archive of movies & TV shows in shape via specialized organizing and playback views with movie titles and movie covers being added automatically. Now, stream your media archive with movies and TV shows to the TV in the living room, and comfortably make use of Nero Streaming Player App as a remote control. ‘Vertical Video ready‘ means that you now can import native vertical video from your smartphone, edit it vertically with all the bells and whistles of a powerful video editor, and export it to native vertical video format. Also make use of outstanding vertical video design themes for auto-editing your vertical video footage. Then share your greatly enhanced vertical video via YouTube, Facebook and other social media channels. Also impress yourself and other people by putting your vertical video with cool new design back to your mobile device in native format. Utilize the 1-click black bar remover and boost up your non-widescreen video & photo footage in any picture format (4:3, 3:2, 1:1, 2:3, 9:16, etc.) for viewing it in widescreen format. For example have the black bars in your digitized 4:3 VHS footage or your vertical smartphone photos and videos nicely compensated when watching your movie files or your video disc on the wide screen TV in the living room. Utilize 18 fresh new movie design templates including unique drag & drop effect-zones for auto-editing your personal movie to show off with Utilize 18 new disc menu templates for your Hollywood style video disc Free Nero 360 VR App lets you watch 360 panorama photos on your Win 10 PC Note: All three versions are the same. Internally all applications are identical and the functionality is the same. ================================================================================================ Nero 2018 - Crack+Patch+Serial [Astron] (NEW) DOWNLOAD: ========== Patch (5.54 MB): Site: http://www.datafilehost.com Sharecode[?]: /d/cb574f0a =========== Note: In addition to the patch I am posting the content of the file "Readme.txt", that accompanies the patch. ================================================================================================ NERO 2018 TRIAL, RETAIL, ONLINE INSTALLER AND STANDALONE APPLICATIONS =================================================================== (UPDATED SETEMBER 21, 2017) A) DOWNLOAD NERO 2018, CONTENT PACK AND ADDITIONAL APPLICATIONS (ONLY OFFICIAL LINKS) =================================================================================== B] INSTALLATION OF NERO 2018 =========================== C) IMPORTANT NOTES ABOUT INSTALLATION/UNINSTALL OF NERO 2018 ============================================================ D) QUESTIONS ABOUT INSTALLERS AND VERSIONS OF NERO 2018 ======================================================= E) TIPS FOR NERO 2018 (NONE IS MANDATORY) ======================================= F) ABOUT THE PATCH ================== ================================================================================================
  3. 22 points
    What are you talking about , guys ? The key from @kalach works as it should be. I made the update to my notebook : it remains PRO and also I made a test : new installation in vm : worked fine as you can see it from the screenshot. The key is below ! Warning : Try not to post screenshots in public with @kalach name or email even if other idiots made it already in the past ! All credits to @kalach Download Site: https://www.upload.ee Sharecode[?]: /files/7477961/License_-_Copy.rar.html
  4. 21 points
    Hackers broke into British company Piriform’s free software for optimizing computer performance last month potentially allowing them to control the devices of more than two million users, the company and independent researchers said on Monday. The malicious program was slipped into legitimate software called CCleaner, which is downloaded for personal computers and Android phones as often as five million times a week. It cleans up junk programs and advertising cookies to speed up devices. CCleaner is the main product made by London’s Piriform, which was bought in July by Prague-based Avast, one of the world’s largest computer security vendors. At the time of the acquisition, the company said 130 million people used CCleaner. A version of CCleaner downloaded in August included remote administration tools that tried to connect to several unregistered web pages, presumably to download additional unauthorized programs, security researchers at Cisco’s (CSCO.O) Talos unit said. Talos researcher Craig Williams said it was a sophisticated attack because it penetrated an established and trusted supplier in a manner similar to June’s “NotPetya” attack on companies that downloaded infected Ukrainian accounting software. “There is nothing a user could have noticed,” Williams said, noting that the optimization software had a proper digital certificate, which means that other computers automatically trust the program. In a blog post, Piriform confirmed that two programs released in August were compromised. It advised users of CCleaner v5.33.6162 and CCleaner Cloud v1.07.3191 to download new versions. A spokeswoman said that 2.27 million users had downloaded the August version of CCleaner while only 5,000 users had installed the compromised version of CCleaner Cloud. Piriform said that Avast, its new parent company, had uncovered the attacks on Sept. 12. A new, uncompromised version of CCleaner was released the same day and a clean version of CCleaner Cloud was released on Sept. 15, it said. The nature of the attack code suggests that the hacker won access to a machine used to create CCleaner, Williams said. CCleaner does not update automatically, so each person who has installed the problematic version will need to delete it and install a fresh version, he said. Williams said that Talos detected the issue at an early stage, when the hackers appeared to be collecting information from infected machines, rather than forcing them to install new programs. Piriform said it had worked with U.S. law enforcement to shut down a server located in the United States to which traffic was set to be directed. It said the server was closed down on Sept. 15 “before any known harm was done”. Source
  5. 18 points
    History https://www.piriform.com/ccleaner/version-history Standard Edition http://download.piriform.com/ccsetup535.exe Professional Edition http://download.piriform.com/ccsetup535pro.exe http://download.piriform.com/pro/ccsetup535_pro.exe Technician Edition http://download.piriform.com/te/ccsetup535_te.exe Business Edition http://download.piriform.com/be/ccsetup535_be_trial.exe http://download.piriform.com/be/ccsetup535_be.exe Business Edition MSI x64 http://download.piriform.com/be/ccsetup535_x64_be.msi Business Edition MSI x86 http://download.piriform.com/be/ccsetup535_x86_be.msi Portable http://www.piriform.com/ccleaner/download/portable/downloadfile v5.35.6210 (20 Sep 2017) - All builds signed with new Digital Signatures
  6. 15 points
    Nero 2018 Standard http://ftp22.nero.com/Nero2018/Nero_Standard2018-19.0.06400.exe Nero 2018 Platinum http://ftp22.nero.com/Nero2018/Nero_Platinum2018-19.0.06500.exe Nero Burning ROM http://ftp22.nero.com/Nero2018/Nero_BurningROM2018-19.0.00500.exe
  7. 15 points
    A few hours ago a cryptocurrency miner appeared on The Pirate Bay website, using the computer resources of visitors to mine Monero coins. The operators of The Pirate Bay are testing it as a new way to generate revenue, but many users aren't happy. Four years ago many popular torrent sites added an option to donate via Bitcoin. The Pirate Bay was one of the first to jump on board and still lists its address on the website. While there’s nothing wrong with using Bitcoin as a donation tool, adding a Javascript cryptocurrency miner to a site is of a totally different order. A few hours ago many Pirate Bay users began noticing that their CPU usage increased dramatically when they browsed certain Pirate Bay pages. Upon closer inspection, this spike appears to have been caused by a Bitcoin miner embedded on the site. The code in question is tucked away in the site’s footer and uses a miner provided by Coinhive. This service offers site owners the option to convert the CPU power of users into Monero coins. The miner does indeed appear to increase CPU usage quite a bit. It is throttled at different rates (we’ve seen both 0.6 and 0.8) but the increase in resources is immediately noticeable. The miner is not enabled site-wide. When we checked, it appeared in the search results and category listings, but not on the homepage or individual torrent pages. There has been no official comment from the site operators on the issue (update, see below), but many users have complained about it. In the official site forums, TPB supermoderator Sid is clearly not in agreement with the site’s latest addition. “That really is serious, so hopefully we can get some action on it quickly. And perhaps get some attention for the uploading and commenting bugs while they’re at it,” Sid writes. Like many others, he also points out that blocking or disabling Javascript can stop the automatic mining. This can be done via browser settings or through script blocker addons such as NoScript and ScriptBlock. Alternatively, people can block the miner URL with an ad-blocker. Whether the miner is a new and permanent tool, or perhaps triggered by an advertiser, is unknown at the point. When we hear more this article will be updated accordingly. Update: We were told that the miner is being tested for a short period (~24 hours) as a new way to generate revenue. This could eventually replace the ads on the site. More info may be revealed later. View: Original Article
  8. 15 points
    All-in-one collection of activators from Ratiborus for Windows XP, Vista, 7, 8, 8.1, 10, Server 2008, 2008 R2, 2012, 2012 R2, Office 2010/2013/2016. Included programs: AAct v3.6 Portable Garbage Collector v1.3.4 x86_x64_06_02_2016 KMSAuto Lite Portable v1.3.3 KMSAuto Net 2016 v1.5.1 Portable KMSCleaner v1.5 Portable MSActBackUp Portable v1.2.1 MSAct++ v2.0.3 Office 2013-2016 C2R Install v6.0.0 PIDKey Lite v1.58 UniCrypt 2016 v2.2 Homepage: http://forum.ru-board.com/topic.cgi?forum=2&topic=5328 Download
  9. 15 points
    KEY Site: https://www.upload.ee Sharecode[?]: /files/7483068/KEY.7z.html
  10. 15 points
    Valid Serial: http://textuploader.com sharecode[?]: /djht9 And new patch!! Big thanks to @Deltafox http://www14.zippyshare.com/ sharecode[?]: v/RbLu3Any/file.html
  11. 14 points
    WinToHDD is a handy and useful Windows software that allows you to install or reinstall Windows without using a CD/DVD or USB drive. With this All-in-One Windows Setup software, you can easily reinstall Windows, install Windows onto disks other than the one where your Windows operating system is installed, or clone current Windows OS installation (Windows vista or later) to other disk. Features: Reinstall Windows With this feature, you can easily reinstall Windows Vista, 7, 8, 10, 2008, 2012, 2016 without using a CD/DVD or USB drive, even if you know nothing about computer technology. Install Windows With this feature, you can easily install Windows Vista, 7, 8, 10, 2008, 2012, 2016 onto disks other than the one where your Microsoft Windows operating system is installed. System Clone WinToUSB also supports cloning your current Windows OS installation (Windows vista or later) to another disk (HDD/SSD), with this feature you can generat an exact copy of the local system to another disk. Multi-Installation USB With this feature, you can create a Windows installation USB flash drive to install any version of Windows 10/8/7/Vista/2016/2012/2008 (64 & 32 bits) on both BIOS and UEFI computers. Homepage History Download | Mirror Link Crack by unknown
  12. 14 points
    Camtasia Studio is the complete professional solution for recording, editing and sharing high-quality screen video on the Web, CD-ROM and portable media players, including iPod. With support for a variety of video standards, you can ensure your content delivery now and in the future. Easily record your screen, PowerPoint, multiple audio tracks, and webcam video to create compelling training videos, screencasts, and presentations without ever leaving your desk. With the power of interactive Camtasia Studio videos, you can deliver high-quality content anytime, to even your most remote audience. Camtasia Studio helps you keep pace in a mobile world by making it easy to publish videos and MP3 files for iPod and other portable media players. Now your marketing message, screencast, lecture, or just-in-time training video can reach your audience practically anywhere - on the bus, in a coffee shop, or while they’re jogging. Camtasia Studio videos are simply designed to share. • Intelligent capture controls that adapt to you • Crystal-clear playback at any size with Camtasia SmartFocus™ • Easy, versatile video sharing with TechSmith ExpressShow™ • Precise editing and butter-smooth onscreen movement • Professional content without a ton of production time With the smartest screen recording tools on the planet, Camtasia Studio makes everything from training videos to PowerPoint presentations to lectures look better, reach more people, and pack more punch. Which makes you look even smarter, too. • Record Anything Easily create training, demonstrations, presentations, online courses... the possibilities are endless. Connect with your audience by including screen recordings, audio, voice narration, PowerPoint, Picture-in-Picture and webcam video. • Edit and Enhance Edit and enhance your video with callouts, titles, credits, zooming, panning, quizzes and additional audio tracks. Camtasia Studio's extensive editing options are at your fingertips. • Share Publish in Flash, QuickTime and a variety of video formats, then share on the Web, CD or DVD. You can use the Production Wizard to assist you in choosing the best format and settings for sharing with your audience, or you can have complete control over audio and video codecs and quality, frame rate, color depth, and inclusion or exclusion of special effects. Homepage What's New Download Medicine ( Keygen by TSZ ) - reuploaded by Recruit Site: https://www.upload.ee Sharecode[?]: /files/7019253/Camtasia.Keygen-TSZ.rar.html
  13. 14 points
    http://dl.memuplay.com/download/Memu-Setup- https://drive.google.com/open?id=0B9m_gT3Og6XZTHdiNVhBdk9VMDQ https://cloud.mail.ru/public/GnhD/vsMXA2MKz CRC32: 58F253F6 MD5: B38F26009915CAB7AED84FFC2FDE180E SHA-1: ACED7622B834B2E9C80C6A02A41ABA0CAA67D688 @jalaffa @anuraag
  14. 13 points
    http://codesector.com/files/teracopy.exe Changelog http://bugs.codesector.com/changelog_page.php?version_id=15 Deleting both files during move operation
  15. 13 points
    Wise Care 365 is a bundle of important registry, disk, and other system utilities for your PC. Easy to use and effective, Wise Care 365 is the best solution to improve your PC's performance. Get Wise Care 365 and your computer will never run slow again! What can Wise Care 365 do? • Clean up, defragment and optimize the Windows Registry • Defragment and free up space on your hard disk • Protect your privacy by erasing personal tracking data • Recover lost files • Hide important files or folders • Prevent unauthorized use of personal applications • Auto shut down your PC • Free up Memory to boost game and enterprise software performance • Simple "One Click Tune-up" option will optimize your PC Why choose Wise Care 365? • An all-in-one utility Wise Care 365 includes both Wise Disk Cleaner and Wise Registry Cleaner. However, with other attractive and exciting features, it is far more than just that. Wise Care 365 will keep your PC in tiptop shape and running at peak performance! • Able to find more hidden problems than any other similar programs. Wise Care 365 can detect more hidden invalid registry issues than other similar programs, which is accredited by CHIP and PCWorld. • Simpler and easier to use It takes just one click to use Wise Care 365. As if by magic, your old PC will transform into a brand new and blazing fast one after Wise Care 365's automatic cleanup and tune-up. • Now with the fastest scanning speed The scanning speed of Wise Care 365 is twice as fast as CCleaner’s, as well as Advanced System Care Pro 5. • Highly reviewed by professionals and users All the features in Wise Care 365 got highly reviewed by PCWorld, PCAdvisor, ComputerBild, CHIP, CNET, ZDNet, and so on. • Highly experienced developers A group of top programmers, all of whom have at least ten-years experience, spent three years creating Wise Care 365 after collecting an abundance of feedback from users.. Homepage Changelog Download Installer Download Portable Keygen AMPD
  16. 13 points
    SIW is an advanced System Information for Windows tool that analyzes your computer and gathers detailed information about system properties and settings and displays it in an extremely comprehensible manner. SIW can create a report file (HTML, JSON, CSV, TXT or XML), and you can run it in batch mode (for Computer Inventory, Hardware, Software and Network Information, Software License Management, Security Audit, Server Configuration Management). The System Information is divided into few major categories: Software Information: Operating System, Software Licenses (Product Keys / Serial Numbers), Passwords Recovery, Installed Programs, Applications, Security, Accessibility, Environment, Regional Settings, File Associations, Running Processes, Loaded DLLs, Drivers, NT Services, Autorun, Scheduled Tasks, Databases, Audio and Video Codecs, Shared DLLs, ActiveX, MMC Snap-Ins, Shell Extensions, Event Viewer, Certificates, etc. Hardware Information: System Summary, Motherboard, BIOS, CPU, Memory, Sensors, Devices, Chipset, PCI/AGP, USB and ISA/PnP Devices, System Slots, Network Adapters, Video Card, Monitor, Sound Devices, Storage Devices, Logical Disks, Disk Drives, CD/DVD Devices, SCSI Devices, S.M.A.R.T., Ports, Battery and Power Policy, Printers, etc. Network Information: Basic/Extended Information about Network Configuration, Network Statistics, Network Connections, Active Directory (Computers, Groups and Users), Network Shares, Open Ports, etc. Tools: Network Tools: MAC Address Changer, Wake On LAN, Remote Licenses (from Windows Folder, Remote Computer or Registry Hive), Hosts Scan, Ping, Trace, etc. Miscellaneous Tools: Eureka! (Reveal lost passwords hidden behind asterisks), Shutdown / Restart, Monitor Test, MUICache Viewer, URL Explorer, Open Files, etc. SIW (Technician's Version) is a standalone utility that does not require installation (Portable Application) - one less installed program on your PC as well the fact that you can run the program directly from an USB flash drive, from a network drive or from a domain login script. SIW is periodically updated (usually once per quarter) in order to provide most accurate results. Client Platform: Windows 10 / Windows 8.1 / Windows 8 / Windows 7 / Vista / Windows XP / WinRE / Winternals ERD Commander Server Platform: Windows 2016 / Windows 2012 (R2) / Windows SBS 2011 / Windows Server 2008 (R2) / Windows Server 2003 (R2) Homepage What's New SIW 2017 v7.6.0912 Added 64-bit build for Technician's Version. Updated Operating System module: Fixed an "error code 0x57 (87)" on Windows 10 Insider. Improved support for Windows PE. Updated devices database. Minor enhancements and compatibility fixes. Download ( Pre - cracked X86 / X64 by pawel97 / ru-board ) Site: http://www.datafilehost.com Sharecode[?]: /d/c0abf9bd Site: https://www.solidfiles.com Sharecode[?]: /v/dkkGpgW8wAnDq Site: http://rgho.st Sharecode[?]: /6Y6BMJ2LR Virus Total : X86 : https://www.virustotal.com/#/file/a47f3288f6473fcd1d68f88a6911c0c590c418fc6395e0f51e5485e4bcab19b4/detection X64 : https://www.virustotal.com/#/file/d3abacddea2a54f48b6e37c7690182a2e54e96085c48cbdbac655a24a4a20331/detection Hosts to block ( just in case ) : www.gtopala.com gtopala.com gtopala.azurewebsites.net
  17. 13 points
    Introduction Supply chain attacks are a very effective way to distribute malicious software into target organizations. This is because with supply chain attacks, the attackers are relying on the trust relationship between a manufacturer or supplier and a customer. This trust relationship is then abused to attack organizations and individuals and may be performed for a number of different reasons. The Nyetya worm that was released into the wild earlier in 2017 showed just how potent these types of attacks can be. Frequently, as with Nyetya, the initial infection vector can remain elusive for quite some time. Luckily with tools like AMP the additional visibility can usually help direct attention to the initial vector. Talos recently observed a case where the download servers used by software vendor to distribute a legitimate software package were leveraged to deliver malware to unsuspecting victims. For a period of time, the legitimate signed version of CCleaner 5.33 being distributed by Avast also contained a multi-stage malware payload that rode on top of the installation of CCleaner. CCleaner boasted over 2 billion total downloads by November of 2016 with a growth rate of 5 million additional users per week. Given the potential damage that could be caused by a network of infected computers even a tiny fraction of this size we decided to move quickly. On September 13, 2017 Cisco Talos immediately notified Avast of our findings so that they could initiate appropriate response activities. The following sections will discuss the specific details regarding this attack. Technical Details CCleaner is an application that allows users to perform routine maintenance on their systems. It includes functionality such as cleaning of temporary files, analyzing the system to determine ways in which performance can be optimized and provides a more streamlined way to manage installed applications. Figure 1: Screenshot of CCleaner 5.33 On September 13, 2017 while conducting customer beta testing of our new exploit detection technology, Cisco Talos identified a specific executable which was triggering our advanced malware protection systems. Upon closer inspection, the executable in question was the installer for CCleaner v5.33, which was being delivered to endpoints by the legitimate CCleaner download servers. Talos began initial analysis to determine what was causing this technology to flag CCleaner. We identified that even though the downloaded installation executable was signed using a valid digital signature issued to Piriform, CCleaner was not the only application that came with the download. During the installation of CCleaner 5.33, the 32-bit CCleaner binary that was included also contained a malicious payload that featured a Domain Generation Algorithm (DGA) as well as hardcoded Command and Control (C2) functionality. We confirmed that this malicious version of CCleaner was being hosted directly on CCleaner's download server as recently as September 11, 2017. In reviewing the Version History page on the CCleaner download site, it appears that the affected version (5.33) was released on August 15, 2017. On September 12, 2017 version 5.34 was released. The version containing the malicious payload (5.33) was being distributed between these dates. This version was signed using a valid certificate that was issued to Piriform Ltd by Symantec and is valid through 10/10/2018. Piriform was the company that Avast recently acquired and was the original company who developed the CCleaner software application. Figure 2: Digital Signature of CCleaner 5.33 A second sample associated with this threat was discovered. This second sample was also signed using a valid digital certificate, however the signing timestamp was approximately 15 minutes after the initial sample was signed. The presence of a valid digital signature on the malicious CCleaner binary may be indicative of a larger issue that resulted in portions of the development or signing process being compromised. Ideally this certificate should be revoked and untrusted moving forward. When generating a new cert care must be taken to ensure attackers have no foothold within the environment with which to compromise the new certificate. Only the incident response process can provide details regarding the scope of this issue and how to best address it. Interestingly the following compilation artifact was found within the CCleaner binary that Talos analyzed: S:\workspace\ccleaner\branches\v5.33\bin\CCleaner\Release\CCleaner.pdb Given the presence of this compilation artifact as well as the fact that the binary was digitally signed using a valid certificate issued to the software developer, it is likely that an external attacker compromised a portion of their development or build environment and leveraged that access to insert malware into the CCleaner build that was released and hosted by the organization. It is also possible that an insider with access to either the development or build environments within the organization intentionally included the malicious code or could have had an account (or similar) compromised which allowed an attacker to include the code. It is also important to note that while previous versions of the CCleaner installer are currently still available on the download server, the version containing the malicious payloads has been removed and is no longer available. Malware Installation and Operation Within the 32-bit CCleaner v5.33 binary included with the legitimate CCleaner v5.33 installer, '__scrt_get_dyn_tls_init_callback' was modified to call to the code at CC_InfectionBase(0x0040102C). This was done to redirect code execution flow within the CCleaner installer to the malicious code prior to continuing with the normal CCleaner operations. The code that is called is responsible for decrypting data which contains the two stages of the malicious payload, a PIC (Position Independent Code) PE loader as well as a DLL file that effectively functions as the malware payload. The malware author had tried to reduce the detection of the malicious DLL by ensuring the IMAGE_DOS_HEADER was zeroed out, suggesting this attacker was trying to remain under the radar to normal detection techniques. The installer then creates an executable heap using HeapCreate(HEAP_CREATE_ENABLE_EXECUTE,0,0). Space is then allocated to this new heap which is where the contents of the decrypted data containing the malware is copied. As the data is copied to the heap, the source data is erased. The PE loader is then called and begins its operation. Once the infection process has been initiated, the installer erases the memory regions that previously contained the PE loader and the DLL file, frees the previously allocated memory, destroys the heap and continues on with normal CCleaner operations. The PE loader utilizes position independent coding practices in order to locate the DLL file within memory. It then maps the DLL into executable memory, calls the DLLEntryPoint to begin execution of the DLL being loaded and the CCleaner binary continues as normal. Once this occurs the malware begins its full execution, following the process outlined in the following sections. CBkrdr.dll The DLL file (CBkdr.dll) was modified in an attempt to evade detection and had the IMAGE_DOS_HEADER zeroed out. The DLLEntryPoint creates an execution thread so that control can be returned to the loader. This thread is responsible for calling CCBkdr_GetShellcodeFromC2AndCall. It also sets up a Return Oriented Programming (ROP) chain that is used to deallocate the memory associated with the DLL and exit the thread. CCBkrdr_GetShellcodeFromC2AndCall This function is responsible for much of the malicious operations that Talos observed while analyzing this malware. First, it records the current system time on the infected system. It then delays for 601 seconds before continuing operations, likely an attempt to evade automated analysis systems that are configured to execute samples for a predefined period of time or determine whether the malware is being executed in a debugger. In order to implement this delay functionality, the malware calls a function which attempts to ping using a delay_in_seconds timeout set to 601 seconds. It then checks to determine the current system time to see if 600 seconds has elapsed. If that condition is not met, the malware terminates execution while the CCleaner binary continues normal operations. In situations where the malware is unable to execute IcmpCreateFile, it then falls back to using Sleep() to implement the same delay functionality. The malware also compares the current system time to the value stored in the following registry location: HKLM\SOFTWARE\Piriform\Agomo:TCID If the value stored in TCID is in the future, the malware will also terminate execution. Figure 3: Delay Routine The malware then checks to determine the privileges assigned to the user running on the system. If the current user running the malicious process is not an administrator the malware will terminate execution. Figure 4: Privilege Check If the user executing the malware does have administrative privileges on the infected system, SeDebugPrivilege is enabled for the process. The malware then reads the value of 'InstallID' which is stored in the following registry location: HKLM\SOFTWARE\Piriform\Agomo:MUID If this value does not exist, the malware creates it using '((rand()*rand() ^ GetTickCount())'. Once the aforementioned activities have been performed, the malware then begins profiling the system and gathering system information which is later transmitted to the C2 server. System information is stored in the following data structure: Figure 5: CCBkdr_System_Information Data Structure Once the system information has been collected, it is encrypted and then encoded using modified Base64. The malware then establishes a Command and Control (C2) channel as described in the following section. Command and Control (C2) While analyzing this malware, Talos identified what appears to be a software bug present in the malicious code related to the C2 function. The sample that Talos analyzed reads a DGA computed IP address located in the following registry location, but currently does nothing with it: HKLM\SOFTWARE\Piriform\Agomo:NID It is unknown what the purpose of this IP address is at this time, as the malware does not appear to make use of it during subsequent operations. In any event, once the previously mentioned system information has been collected and prepared for transmission to the C2 server, the malware will then attempt to transmit it using an HTTPS POST request to 216[.]126[.]225[.]148. The HTTPS communications leverage a hardcoded HTTP Host header that is set to speccy[.]piriform[.]com, a legitimate platform which is also created by Piriform for hardware monitoring. This could make dynamic analysis more difficult as the domain would appear to be legitimate and perhaps even expected depending on the victim infrastructure. The requests also leverage HTTPS but ignore all security errors as the server currently returns a self-signed SSL certificate that was issued to the subdomain defined in the Host header field. In cases where no response is received from the C2 server, the malware then fails back to a Domain Generation Algorithm (DGA) as described in the section 'Domain Generation Algorithm' of this post. Once a C2 server has been identified for use by the malware, it then sends the encoded data containing system profile information and stores the C2 IP address in the following registry location: HKLM\SOFTWARE\Piriform\Agomo:NID The malware then stores the value of the current system time plus two days into the following registry location: HKLM\SOFTWARE\Piriform\Agomo:TCID Data received from the C2 server is then validated to confirm that the received data is in the correct format for a CCBkdr_ShellCode_Payload structure. An example is shown below: Figure 6: CCBkdr_ShellCode_Payload Data Structure The malware then confirms that the value of EncryptedInstallID matches the value that was previously transmitted to the C2 server. It then allocates memory for the final shellcode payload. The payload is then decoded using modified Base64 and stored into the newly allocated memory region. It is then decrypted and called with the addresses of LoadLibraryA and GetProcAddress as parameters. Once the payload has been executed, the memory is deallocated and the following registry value is set to the current system time plus seven days: HKLM\SOFTWARE\Piriform\Agomo:TCID The received buffer is then zeroed out and deallocated. The CCBkdr_ShellCode_Payload structure is also deallocated and the malware then continues with normal CCleaner operations. A diagram describing the high level operation of this malware is below: Figure 7: Malware Operation Process Flow Domain Generation Algorithm In situations where the primary C2 server does not return a response to the HTTP POST request described in the previous section, the malware fails back to using a DGA algorithm. The algorithm used by this malware is time-based and can be calculated using the values of year and month. A list of DGA domains is below: Figure 8: 12 Month DGA Genearation The malware will initiate DNS lookups for each domain generated by the DGA algorithm. If the DNS lookup does not result in the return of an IP address, this process will continue. The malware will perform a DNS query of the active DGA domain and expects that two IP addresses will be returned from the name server managing the DGA domain's namespace. The malware will then compute a secondary C2 server by performing a series of bit operations on the returned IP address values and combine them to determine the actual fallback C2 server address to use for subsequent C2 operations. A diagram showing this process is below: Figure 9: C2 Process Diagram Cisco Talos observed during analysis that the DGA domains had not been registered, so we registered and sinkholed them to prevent attackers from being able to use them for malicious purposes. Potential Impact The impact of this attack could be severe given the extremely high number of systems possibly affected. CCleaner claims to have over 2 billion downloads worldwide as of November 2016 and is reportedly adding new users at a rate of 5 million a week. Figure 10: CCleaner Consumer Demographics If even a small fraction of those systems were compromised an attacker could use them for any number of malicious purposes. Affected systems need to be restored to a state before August 15, 2017 or reinstalled. Users should also update to the latest available version of CCleaner to avoid infection. At the time of this writing that is version 5.34. It is important to note that according to the CCleaner download page, the free version of CCleaner does not provide automated updates, so this might be a manual process for affected users. In analyzing DNS-based telemetry data related to this attack, Talos identified a significant number of systems making DNS requests attempting to resolve the domains associated with the aforementioned DGA domains. As these domains have never been registered, it is reasonable to conclude that the only conditions in which systems would be attempting to resolve the IP addresses associated with them is if they had been impacted by this malware. While most of the domains associated with this DGA have little to no request traffic associated with them, the domains related to the months of August and September (which correlates with when this threat was active in the wild) show significantly more activity. Looking at the DNS related activity observed by Cisco Umbrella for the month of July 2017 (prior to CCleaner 5.33 being released) we observed very little in the way of DNS requests to resolve the IP address for DGA domain associated with this malware: Figure 11: DNS Activity for July 2017 DGA Domain As mentioned earlier in this post, the version of CCleaner that included this malware was released on August 15, 2017. The following graph shows a significant increase in the amount of DNS activity associated with the DGA domain used in August 2017: Figure 12: DNS Activity for August 2017 DGA Domain Likewise, the DGA domain associated with September 2017 reflects the following activity with regards to attempts to resolve the IP associated with it: Figure 13: DNS Activity for September 2017 DGA Domain Note that in on September 1, 2017 it appears that the DNS activity shifted from the DGA domain previously used in August, to the one used in September, which matches the time-based DGA algorithm described in the "Domain Generation Algorithm" section of this blog post. After reaching out to Avast we noted that the server was taken down and became unavailable to already infected systems. As a result, we saw a significant increase in the amount of requests that were being directed at the failback DGA domains used by the malware. Figure 14: Traffic Spike Following Server Takedown It is also worth noting that at the time of this post, antivirus detection for this threat remains very low (The detections are at 1/64 at the time of this writing). Figure 14: VirusTotal Detections for CCleaner Binary As part of our response to this threat, Cisco Talos has released comprehensive coverage to protect customers. Details related to this coverage can be found in the "Coverage" section of this post. Conclusion This is a prime example of the extent that attackers are willing to go through in their attempt to distribute malware to organizations and individuals around the world. By exploiting the trust relationship between software vendors and the users of their software, attackers can benefit from users' inherent trust in the files and web servers used to distribute updates. In many organizations data received from commonly software vendors rarely receives the same level of scrutiny as that which is applied to what is perceived as untrusted sources. Attackers have shown that they are willing to leverage this trust to distribute malware while remaining undetected. Cisco Talos continues to monitor all aspects of the threat landscape to quickly identify new and innovative techniques used by attackers to target organizations and individuals around the world. Coverage The following ClamAV signatures have been released to detect this threat: 6336251, 6336252. Additional ways our customers can detect and block this threat are listed below. Advanced Malware Protection (AMP) is ideally suited to prevent the execution of the malware used by these threat actors. CWS or WSA web scanning prevents access to malicious websites and detects malware used in these attacks. AMP Threat Grid helps identify malicious binaries and build protection into all Cisco Security products. Umbrella, our secure internet gateway (SIG), blocks users from connecting to malicious domains, IPs, and URLs, whether users are on or off the corporate network. Indicators of Compromise (IOCs) File Hashes 6f7840c77f99049d788155c1351e1560b62b8ad18ad0e9adda8218b9f432f0a9 1a4a5123d7b2c534cb3e3168f7032cf9ebf38b9a2a97226d0fdb7933cf6030ff 36b36ee9515e0a60629d2c722b006b33e543dce1c8c2611053e0651a0bfdb2e9 DGA Domains ab6d54340c1a[.]com aba9a949bc1d[.]com ab2da3d400c20[.]com ab3520430c23[.]com ab1c403220c27[.]com ab1abad1d0c2a[.]com ab8cee60c2d[.]com ab1145b758c30[.]com ab890e964c34[.]com ab3d685a0c37[.]com ab70a139cc3a[.]com IP Addresses 216[.]126[.]225[.]148
  18. 12 points
    1 download from utorrent site or bittorrent site and install the program 2 copy are new files from new fix rar to were u installed utorrent or bittorrent Site: https://www.upload.ee Sharecode[?]: /files/7484397/new_fix.rar.html 3 now open program and see the magic 4 no patched exes needed or edited exes now thanks to RadiXX11 for help with this new fix we did sorry for wait guys but my upload was slow so i edited things maybe somepeople can make some portable versions ? i hope admins or mods can upload this to frontpage thanks jalaffa if not this version maybe next time add frontpage ? edit forget frontpage i seen a bug
  19. 12 points
    we will upload soon with new tricks so not need patched exes nomore and can have pro or adfree versions in one fix
  20. 12 points
  21. 12 points
    FileLocator Pro offers the most affordable way to exhaustively search your computer for all your important data. FileLocator Pro offers unique advanced features for digging out information in even the most obscure file formats. Find out why many Windows XP users are switching to FileLocator Pro today! Main Features: Search using Boolean or Regular Expressions Dual/Quad core processor support Word, Excel and PDF searching Open Office, Word Perfect searching through IFilter support LAN/WAN network drives searching (UNC support) Export search results in Text, CSV, HTML, XML, or a customized format using XSLT ZIP, RAR, CAB, 7-Zip, ARJ, Bzip, CHM, CPIO, DEB, GZIP, ISO, LZH, NSIS, TAR archive searching Active Scripting support for the ultimate in search customization Shows surrounding lines of text Customizable search environment Built-in file viewer Launch 3rd party editor at found line (inc. VS.NET) Drag and drop support Print preview Search navigation to quickly browse previous search results Integrates into Windows Shell Homepage: https://www.mythicsoft.com/filelocatorpro/ Changelog : https://www.mythicsoft.com/filelocatorpro/history FileLocator Pro 32/64 bit: https://download.mythicsoft.com/flp/2741/flpro_2741.exe FileLocator Pro Portable - for USB drives or installing without Admin privileges: FileLocator Pro - Portable (32-bit): https://download.mythicsoft.com/flp/2741/flp_in_2741.exe FileLocator Pro - Portable (64-bit): https://download.mythicsoft.com/flp/2741/flp_inx64_2741.exe Separate 32/64-bit MSI installers (For IT Departments) 32-bit MSI: https://download.mythicsoft.com/flp/2741/flpro_x86_msi_2741.zip 64-bit MSI: https://download.mythicsoft.com/flp/2741/flpro_x64_msi_2741.zip Patch By @XenoCoder
  22. 12 points
    http://www.ghisler.com/910_b1.htm http://www.ghisler.com/mailing.htm https://www.totalcommander.ch/beta/tc910x32_64_b1.exe https://www.totalcommander.ch/beta/tc910x64_b1.exe https://www.totalcommander.ch/beta/tc910x32_b1.exe New functions in Total Commander 9.10:
  23. 12 points
    GlassWire protects your computer from threats by providing you with visualized data about your network activity. GlassWire notifies you about suspicious hosts, ARP spoofing attacks, odd changes to your computer, new network connections from unknown applications and numerous other security related alerts. The app's Firewall will provide a secure boundary between your computer and the Internet. You can see the data by viewing it from the Firewall tab; it provides information about what applications have accessed the Internet and it can block any that are suspicious, violating your privacy, or wasting your bandwidth. Key Features Include: Protects your computer and privacy by revealing all your Internet connections. Crisp network visualizer. Easy to use interface. Free firewall protection. GlassWire uses limited system resources. Simplified and self-explanatory user interface. Version 1.2.118 - (September 5, 2017) Hash # A2AC8AA269AD82E6BBA44402659883E9E53089EFFD69D18D9658483112602725 Fixed a bug that caused some GlassWire Basic, Pro, and Elite users to become deactivated in some unusual situations. Due to requests from GlassWire fans, incognito mode now stays persistent after a restart of GlassWire, or after a reboot. Fixed a bug that caused the mini viewer to not save its position with some dual monitor configurations. Fixed a bug that caused some GlassWire to crash if a certain kind of audio driver was used. Homepage Download Page Change Log Download GlassWire Setup GlassWire 1.2.118 Elite [Hook Dll] - Popeyes ~ XU/URET Site: https://www.upload.ee Sharecode[?]: /files/7469807/GlassWire.TEAM.URET.POPEYES_XU.rar.html
  24. 12 points
    Set allows you to update the operating system, as well as integrate the updates in the distribution. Can be installed on any edition of Windows 7 and Server 2008 R2, you and any bit of any language. Including updates for all versions of Internet Explorer, all critical, recommended, and security updates. See details in the update list. It helps to easily update operating system or distribution up to the stage of actual state. Significantly eliminates update time in contrast with Windows Update. Contains unique algorithms for faster search and analysis of updates. It can be used to update any edition of Windows 7. It supports both 32-bit and 64-bit systems, updates are multilingual. It’s portable and can be used without an Internet connection. All updates are carefully tested and evaluated before being added to the package. It contains updates for all versions of IE, including IE11 with all languages. Unwanted updates (spyware, Get Windows 10) are excluded from the package. It supports command line options and can be used with other scripts. It’s available for download via a direct link that has no speed limitations. It streamlines the process of getting Windows fully updated. Many other advanced features are described on the website. Changes in version 17.9.15 Added KB4019990-x86-x64 and KB4040966-x86-x64 Added KB4038777-x86-x64 with disabling telemetry and processor checking (replaces KB2868116-x86-x64, KB3170455-x86-x64 and KB4034664-x86-x64) Added KB4040980-x86-x64 (replaces KB4014504-x86-x64) Homepage UpdatePack7R2 Forum -Russian UpdatePack7R2 Forum -English @ MDL Update7 Integrator by boss911 Download Link Official Direct Download Magnet magnet:?xt=urn:btih:91F9B5CCC55C56A2E03AE13049C01625E5224D0A
  25. 11 points
    The group of unknown hackers who hijacked CCleaner's download server to distribute a malicious version of the popular system optimization software targeted at least 20 major international technology companies with a second-stage payload. Earlier this week, when the CCleaner hack was reported, researchers assured users that there's no second stage malware used in the massive attack and affected users can simply update their version in order to get rid of the malicious software. However, during the analysis of the hackers' command-and-control (C2) server to which the malicious CCleaner versions connected, security researchers from Cisco's Talos Group found evidence of a second payload (GeeSetup_x86.dll, a lightweight backdoor module) that was delivered to a specific list of computers based on local domain names. Affected Technology Firms According to a predefined list mentioned in the configuration of the C2 server, the attack was designed to find computers inside the networks of the major technology firms and deliver the secondary payload. The target companies included: Google Microsoft Cisco Intel Samsung Sony HTC Linksys D-Link Akamai VMware In the database, researchers found a list of nearly 700,000 backdoored machines infected with the malicious version of CCleaner, i.e. the first-stage payload, and a list of at least 20 machines that were infected with the secondary payload to get a deeper foothold on those systems. The CCleaner hackers specifically chose these 20 machines based upon their Domain name, IP address, and Hostname. The researchers believe the secondary malware was likely intended for industrial espionage. CCleaner Malware Links to Chinese Hacking Group According to the researchers from Kaspersky, the CCleaner malware shares some code with the hacking tools used by a sophisticated Chinese hacking group called Axiom, also known as APT17, Group 72, DeputyDog, Tailgater Team, Hidden Lynx or AuroraPanda. "The malware injected into #CCleaner has shared code with several tools used by one of the APT groups from the #Axiom APT 'umbrella'," tweeted director of Global Research and Analysis Team at Kaspersky Lab. Cisco researchers also note that one configuration file on the attacker's server was set for China's time zone, which suggests China could be the source of the CCleaner attack. However, this evidence alone is not enough for attribution. Cisco Talos researchers also said that they have already notified the affected tech companies about a possible breach. Removing Malicious CCleaner Version would Not Help Just removing the Avast's software application from the infected machines would not be enough to get rid of the CCleaner second stage malware payload from their network, with the attackers' still-active C2 server. So, affected companies that have had their computers infected with the malicious version of CCleaner are strongly recommended to fully restore their systems from backup versions before the installation of the tainted security program. "These findings also support and reinforce our previous recommendation that those impacted by this supply chain attack should not simply remove the affected version of CCleaner or update to the latest version, but should restore from backups or reimage systems to ensure that they completely remove not only the backdoored version of CCleaner but also any other malware that may be resident on the system," the researchers say.
  26. 11 points
    TeraCopy is a compact program designed to copy and move files at the maximum possible speed, providing the user a lot of features. TeraCopy is a free utility designed to copy/move files faster and more secure. Can resume broken file transfers. TeraCopy skips bad files during copy and even shows the skipped files at the end of files transfer. TeraCopy will calculate files CRC checksum on the fly to speed up source and target files comparsion. Seamless integration with Windows Explorer allows you to keep working with files as usual. Copy or move files using left mouse button drag or 'Copy' and 'Paste' commands. Thanks to ARMOUR for the update. Download
  27. 11 points
    MSActBackUp - a program to save and restore activation Windows editions: Vista, 7, 8, 8.1, 10, Server 2008, 2008 R2, 2012, 2012 R2 and Office 2010, 2013. System requirements Windows Vista, 7, Windows 8, 8.1, 10, Server 2008, 2008 R2, 2012, 2012 R2, Office 2010/2013 any revisions. **** The program does NOT require any version .NET Framework. Press the corresponding button, check the keys that identify the programs, and if necessary, specify correct keys. When the button becomes active, saving activation is completed. Restore activation Go to the tab "Restore activation", select the folder where you saved the activation and start the recovery process activation. If the recovery fails, try to restore activation with checking "Restore SoftwareProtectionPlatform" To restore an online activation for Windows 8.1, proceed as follows: 1. Disable Internet. 2. Run as administrator file Restore_WPA.cmd. After his execution the system takes to reboot, you must wait for the reboot. 3. Perform the restoring activation with checking "Restore SoftwareProtectionPlatform" Download
  28. 11 points
    CCleaner (Crap Cleaner) is a freeware system optimization, privacy and cleaning tool. It removes unused files from your system allowing Windows to run faster and freeing up valuable hard disk space. It also cleans traces of your online activities such as your Internet history. Additionally it contains a fully featured registry cleaner. But the best part is that it's fast (normally taking less than a second to run) and contains NO Spyware or Adware! Thanks to SalaR for the update. Download
  29. 11 points
    EasyUEFI.WinToHDD.v2.7.RC1.-Read.Nfo-.Keygen.And.Patch-SND New patch with old keygen Site: https://www.upload.ee Sharecode[?]: /files/7482572/EasyUEFI.WinToHDD.v2.7.RC1.-Read.Nfo-.Keygen.And.Patch-SND.zip.html Thanks to Nemo
  30. 11 points
    AAct - KMS-activator By Ratiborus AAct - KMS-activator for operating systems Windows VL editions: Vista, 7, 8, 8.1, 10, Server 2008, 2008 R2, 2012, 2012 R2 and Office 2010, 2013, 2016. Also, you can activate Office 2010 VL on Windows XP. **** The program is written with use of original technologies and implements a different ideology design of such software tools, which is different from my usual practice **** Program does NOT require any version .NET Framework. **** Changes in versions: v3.6 -The program uses the WinDivert driver. Homepage Ratiborus Download page Download Link by Ratiborus Site: http://www.solidfiles.com Sharecode[?]: /v/Yn88a8ZLKwRWw Mirror Site: https://www.upload.ee Sharecode[?]: /files/7482339/AAct_v3.6_Portable.zip.html
  31. 11 points
    Release Notes: http://us.download.nvidia.com/Windows/385.69/385.69-win10-win8-win7-desktop-release-notes.pdf Download Setup: Setup 32-bit (Win10): http://us.download.nvidia.com/Windows/385.69/385.69-desktop-win10-32bit-international-whql.exe Setup 64-bit (Win10): http://us.download.nvidia.com/Windows/385.69/385.69-desktop-win10-64bit-international-whql.exe Setup 32-bit (Win7/Win8/Win8.1): http://us.download.nvidia.com/Windows/385.69/385.69-desktop-win8-win7-32bit-international-whql.exe Setup 64-bit (Win7/Win8/Win8.1): http://us.download.nvidia.com/Windows/385.69/385.69-desktop-win8-win7-64bit-international-whql.exe NVIDIA GeForce v385.69 WHQL for Windows Notebook Release Notes: http://us.download.nvidia.com/Windows/385.69/385.69-win10-win8-win7-notebook-release-notes.pdf Download Setup: Setup 32-bit (Win10): http://us.download.nvidia.com/Windows/385.69/385.69-notebook-win10-32bit-international-whql.exe Setup 64-bit (Win10): http://us.download.nvidia.com/Windows/385.69/385.69-notebook-win10-64bit-international-whql.exe Setup 32-bit (Win7/Win8/Win8.1): http://us.download.nvidia.com/Windows/385.69/385.69-notebook-win8-win7-32bit-international-whql.exe Setup 64-bit (Win7/Win8/Win8.1): http://us.download.nvidia.com/Windows/385.69/385.69-notebook-win8-win7-64bit-international-whql.exe
  32. 11 points
  33. 11 points
    Just for the info: Actually this key is by Dror/Ru-Board (@kalach) http://forum.ru-board.com/topic.cgi?forum=35&topic=39729&start=440#2 Serial by Kabino is not working with this version
  34. 11 points
    XYplorer.v18.40.Incl.Keygen.v1.1 By.DFoX_URET Info : https://www.xyplorer.com/ Download : Site: https://mega.nz Sharecode[?]: /v/Z4EwmhN8/file.html#!BhZ1iIYJ!nrmr91s5Ty-ppeo8Oj-WdRcvAf8MKs0wZMqnIg0R4wA Enjoy ..:: DeltaFoX ::..
  35. 11 points
    the hate for russia is so old now stop with bs comments to us
  36. 11 points
    x64 https://dl5.oo-software.com/files/oodefrag21/210/OODefrag21Professional64Enu.exe x32 https://dl5.oo-software.com/files/oodefrag21/210/OODefrag21ProfessionalEnu.exe
  37. 10 points
    32-bit- https://dl.google.com/release2/chrome/OnSdVVTLywA_61.0.3163.100/61.0.3163.100_chrome_installer.exe 64 bit- https://dl.google.com/release2/chrome/EHD2NI2LsfM_61.0.3163.100/61.0.3163.100_chrome_installer.exe
  38. 10 points
    Download Windows Standard Installer Offline Installer Mac OS X Standard Installer Offline Installer Linux x86_64 Offline Installer x86 OfflineInstaller
  39. 10 points
    Nero 2018 Retail Platinum http://ftp12.deu.nero.com/software/Nero2018/Nero_Platinum2018-19.0.06900.exe Nero 2018 Retail Standard http://ftp12.deu.nero.com/software/Nero2018/Nero_Standard2018-19.0.07100.exe and Content Pack 1 & 2 http://ftp12.deu.nero.com/software/Nero2018/Nero2018_ContentPack1-19.0.01300.exe http://ftp12.deu.nero.com/software/Nero2018/Nero2018_ContentPack2-19.0.01400.exe Credits to firstOS from ru-board for new versions
  40. 10 points
    Site: https://www.upload.ee Sharecode[?]: /files/7478052/c.rar.html
  41. 10 points
    Retail: https://drive.google.com Sharecode[?]: /open?id=0B6J97i3iCkPJNnlNVnpmUG5XZGc
  42. 10 points
    Members are kindly reminded..Key crack patch requests are not allowed in our forums...Any software requests or queries should be posted in the relevant forums......
  43. 10 points
    http://download.techsmith.com/snagit/enu/1314/snagit.exe What's New
  44. 10 points
    Technical description An unauthorized modification of the CCleaner.exe binary resulted in an insertion of a two-stage backdoor capable of running code received from a remote IP address on affected systems. The suspicious code was hidden in the application’s initialization code called CRT (Common Runtime) that is normally inserted during compilation by the compiler. This code modification was executed by the following function calls (functions marked by red represent the CRT modifications): This modification performed the following actions before the main application’s code: It decrypted and unpacked hardcoded shellcode (10 kB large) - simple XOR-based cipher was used for this. The result (16 kB in size) was a DLL (dynamic link library) with a missing MZ header. This DLL was subsequently loaded and executed in an independent thread. Afterwards, a normal execution of CRT code and main CCleaner continued, resulting in the thread with payload running in the background. Illustration of patched CRT code (see the added call to a payload-decryption routine in the modified version): The code executed within that thread was heavily obfuscated to make its analysis harder (encrypted strings, indirect API calls, etc.). The suspicious code was performing the following actions: It stored certain information in the Windows registry key HKLM\SOFTWARE\Piriform\Agomo: MUID: randomly generated number identifying a particular system. Possibly also to be used as communication encryption key. TCID: timer value used for checking whether to perform certain actions (communication, etc.) NID: IP address of secondary CnC server Besides that, it collected the following information about the local system: Name of the computer List of installed software, including Windows updates List of running processes MAC addresses of first three network adapters Additional information whether the process is running with administrator privileges, whether it is a 64-bit system, etc. All of the collected information was encrypted and encoded by base64 with a custom alphabet. The encoded information was subsequently submitted to an external IP address 216.126.x.x (this address was hardcoded in the payload, and we have intentionally masked its last two octets here) via a HTTPS POST request. There was also a [fake] reference to “Host: speccy.piriform.com” in communication. The code then read a reply from the same IP address, providing it with the functionality to download a second stage payload from the aforementioned IP address. The second stage payload is received as a custom base64-encoded string, further encrypted by the same xor-based encryption algorithm as all the strings in the first stage code. We have not detected an execution of the second stage payload and believe that its activation is highly unlikely. In case the IP address becomes unreachable, a backup in the form of DGA (domain name generator) activates and is used to redirect communication to a different location. Fortunately, these generated domains are not under the control of the attacker and do not pose any risk. At this stage, we don’t want to speculate how the unauthorized code appeared in the CCleaner software, where the attack originated from, how long it was being prepared and who stood behind it. The investigation is still ongoing. We want to thank the Avast Threat Labs for their help and assistance with this analysis. Again, we would like to apologize for any inconvenience this incident could have caused to our clients; we are taking detailed steps internally so that this does not happen again, and to ensure your security while using any of our Piriform products. Users of our cloud version have received an automated update. For all other users, if you have not already done so, we encourage you to update your CCleaner software to version 5.34 or higher, the latest version is available for download here.
  45. 10 points
    Exeinfo PE (updated home page: 2017-09-15; v. is under construction) Exeinfo PE is a software that you can use to view various information on any executable file. It is also a powerful resources ripper from executables or DLLs files This product is portable, so installation is not necessary. It means that your Windows registry entries will remain intact but that you can also place the tool on a removable device and run it on any computer. The user interface of Exeinfo PE is based on a small, standard window in which you can insert an EXE or DLL file by using the file browser or the "drag and drop" method. So, you can view the entry point, file offset, linker information, file size, EP section, first bytes, sub-system and overlay. But you can also input HEX data to look into BIN information. In addition, you can open a section viewer in which you can check out each virtual offset and size, RAW data offset and size, flags, name, first bytes (in HEX mode) and section status (executable, readable, writable). Furthermore, you can view header information which revolves around the T:S table, security, exception, resources, debug, architecture and other parameters for the directory, as well as size of headers, number of directories, image base, base of code, and more. In the "Options", you can enable Exeinfo PE to perform a fast scan, ignore EXE errors, integrate into the shell, always be on top and have a big interface. Also, you can select the skin, log file and language. The application uses a moderate amount of system resources and worked smoothly during our tests. We haven't come across any issues. However, there is no help file available, so first-time users wouldn't probably know how to work with Exeinfo PE. We mainly recommend it to experienced individuals. Home: http://exeinfo.atwebpages.com/ Exeinfo PE ver. - 992 + 60 signatures with partial support for 64 bit PE files download 32 bit (2017-07-30 release): http://www.exeinfo.byethost18.com/exeinfope.zip Ext_detector.dll for non exe data file detection ver.4.5.0 (2017-07-21) is included in this Exeinfo PE package Plugins (2017-05-10): http://exeinfo.atwebpages.com/plugins.htm
  46. 10 points
    AnyBurn is a light weight but professional CD / DVD / Blu-ray burning software that everyone must have. It provides a free and complete solution for burning and disc imaging. It is completely free for both home and business use. Main Features: Burn all CD / DVD / Blu-ray disc image files. Backup or a dd files and folders to CD, DVD, or Bluray disc Burn Audio CD which can be played in regular CD player from mp3, m4a, ape, flac, wma files... Rip Audio CD to MP3, FLAC, APE, WMA, WAV files. Copy disc using sector by sector method. Create image files from hard disk files or CD / DVD / BD discs. Convert disc image files between various formats. Create bootable USB drive for Windows 7, 8, 10, or Linux Support both 32-bit and 64-bit Windows. AnyBurn 3.8 (Sep 17, 2017) Some minor bug fixes and enhancements. Home Page Download Page Revision history DOWNLOAD LINKS Download AnyBurn v3.8 (32-bit) Download AnyBurn v3.8 (64-bit) Portable Version (32-bit & 64-bit)
  47. 9 points
    IObit Driver Booster Pro Final Stable Updating drivers is usually an initial step to avoid hardware failure, system instability and hidden security vulnerabilities. To update drivers regularly is also an effective way to enhance your overall PC performance, and maximize your gaming experience. While this process could be risky and frustrating if done manually. Driver Booster PRO is introduced to download and update drivers for you automatically with just one click. Based on cloud library, Driver Booster PRO can always be the first to identify outdated drivers, and download and update driver at an unrivaled speed. With the backup feature, it is an easy, effective and risk free solution to keep your drivers up-to-date. Update Outdated Drivers Safely and Rapidly - Support More Hardware Devices & Improve PC Performance - Update Drivers 300% Faster with Just One Click - Specialized Driver Tweaking for Top Gaming Experience - Backup Drivers for Safe Restore Driver Booster Pro Features: - Download and Update Outdated Drivers with One Click - Enhance Hardware Functionality for Top Performance - Specialized Driver Tweaking for Top Gaming Experience - Automatically Identify Outdated Drivers - Support More Comprehensive Hardware Devices - Enjoy Priority to Update Outdated Drivers Promptly - Backup Drivers for Safe Restore - Download and Update Drivers up to 300% Faster - Automatically Update to the Latest Version What’s New in version 5.0: + Supported more than 1,000,000 official drivers. + New database architecture for more accurate and faster driver matching. + New scan engine connects to server via HTTPS for safer and faster scan. + New download engine for faster downloading speed. + New Auto Driver Update to automatically download and install drivers & game components when PC is idle. + New timeline design for Driver Update History. + Supported the latest driver installation rules of Windows 10 Build 14310 and later, like Anniversary Update and Creators Update. + Supported more game components including Visual C++ 2017 Redistributable, Silverlight 6, Microsoft XML, and Microsoft Games for Windows Marketplace. + Optimized Driver Backups & Restore for more convenient operation. + Enhanced Fix No Sound tool. + Brand-new intuitive UI. + Supported 48 languages. Driver Booster v5.0 RC : + New Download Engine for faster downloading speed + Strengthened the repair ability of Fix No Sound tool + More user-friendly UI + Support for 48 languages + Fixed known bugs Driver Booster v5.0 Beta : + Supported the latest driver installation rules of Windows 10 Build 14310 and later, like Anniversary Update and Creators Update. + Supported more than 1,000,000 official drivers and components to keep them always up-to-date. + Supported more game components including Visual C++ 2017 Redistributable, Silverlight 6, Microsoft XML, and Microsoft Games for Windows Marketplace. + New database architecture for more accurate and faster driver matching. + New Auto Driver Update to automatically download and install drivers & game components when PC is idle. + New scan engine connects to the server via HTTPS for safer and faster scan. + Optimized Driver Backups & Restore for more convenient operation. + New timeline design for Driver Update History + Brand-New UI. Homepage: http://update.iobit.com/dl/db5/driver_booster_setup.exe Release Date: 2017-09-20 OS: Windows Language: Multilingual DOWNLOAD: =========== Installer (15 MB): http://update.iobit.com/dl/driver_booster_setup.exe Installer + Patch[DLL] + Hash Check Remove + Keys: Site: https://dbr.ee Sharecode[?]: /h9sh Site: https://www.upload.ee Sharecode[?]: /files/7478085/DriverBooster5.0.3.357.Pro.rar.html Site: https://www.multiup.eu/en Sharecode[?]: /download/9405d5fa3a986cafdad2191ba07bbc10/DriverBooster5.0.3.357.Pro.rar ==================== Other Downloads: Patch (Igorca) - shared by thebig1825: Site: https://yadi.sk Sharecode[?]: /d/LUWmbcuQ3MU2VC Crack - shared by thebig1825: Site: https://mega.nz Sharecode[?]: /#!ZRNTECIC!DX8OTHFAOV9lKxbw5L3EqYqNixLR1wC-uWP067Cj44Y ====================
  48. 9 points
    Java SE Runtime Environment 9 http://www.oracle.com/technetwork/java/javase/downloads/jre9-downloads-3848532.html
  49. 9 points
    I don't have mutch time nowadays. But here is HitmanPro.Alert 3.7.0 Build 717 BETA [patched] (Compatible with patched hitmanpro) Site: http://www.datafilehost.com Sharecode[?]: /d/ddf41b2b Patched HitmanPro -> P
  50. 9 points