Welcome to nsane.forums

Welcome to nsane.forums, like most online communities you need to register to view parts of our community or to make contributions, but don't worry: this is a free and simple process that requires minimal information. Be a part of nsane.forums by signing in or creating an account.

  • Access special members only forums
  • Start new topics and reply to others
  • Subscribe to topics and forums to get automatic updates

Archived

This topic is now archived and is closed to further replies.

anuraag

UltimateDefrag 4.0.95.0

79 posts in this topic

Detection ratio: 4 / 41? - rather scary (lmao), and one detection refers to a packer

Share this post


Link to post
Share on other sites

@ALL

Both XenoCoder versions (Cracked and Portable) provided on mediafire, seems to be infected with PUA.Win32.Packer.XenocodeVirtual trojan. See Report 1 and Report 2 . So, use it with care.

Yeah, I prefer don't use.

Share this post


Link to post
Share on other sites

@sternog: Well i'm not writed my arrogant opinion (IMAO=In My Arrogant Opinion),

i have writed "seems to be infected" and "So, use it with care".

There are no coincidences like this in real life:

uploader=XenoCoder and

virus name=PUA.Win32.Packer.XenocodeVirtual

even if "Detection ratio is 4 / 41"

I think, i have just adviced users.

Just as informations for user that want to register uncracked version.

Here is the way used to register old 3.0.100.39 version.

1.add regsitry keys:

Windows Registry Editor Version 5.00[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\RNG]"SdHash"=dword:20bf4853"SdInfo"=hex:11,00,14,00,1a,00,05,00,1a,00,14,00,16,00,04,00,03,00,0b,00,12,00,\  18,00,03,00,09,00,0a,00,11,00,1d,00,11,00,1e,00,11,00,1e,00,01,00,02,00,06,\  00,0a,00,1c,00,14,00,16,00,53,00,32,00,37,00,3e,00,3a,00,3d,00,53,00

2.add ini section at end of C:\windows\win.ini

[Udbdef]bootparam=1006976730

Now, the new version, after installing, allready add to win.ini

[Udbdef]bootparamex4=some value
so it seems that disktrix use same method to register like old version, even if changed "machine ID code"

But no valid key to track registry keys added when register, and does not work anymore with old registry keys.

Share this post


Link to post
Share on other sites

LMAO means "Laughing my arse off".P.S. I`m really tired of reading this paranoid bs. Just buy the app.

3 people like this

Share this post


Link to post
Share on other sites

PUA means just Potentially Unwanted Application, it's like Trojan.Generic (which is in 99% a false positive). MoleBox is also an great packer, just because some stupid script kiddys used it to pack malware you will get Packed.MoleBox infection from some different antivirus engines and such environments earn bad reputations because of that, totally wrongly.

And when you see which AV's detected what (on both, cracked and portable): TR/Dropper.Gen (AntiVir), PUA.Win32.Packer.XenocodeVirtual (ClamAV) and Trojan/PSW.Dybalom.awy (Jiangmin) it is still a 3/42 detection rate, not 4/42. I think there is nothing to worry about.

If you think that this really is kind of virus, you should stay away from boards like this and use official unfixed releases instead only.

Share this post


Link to post
Share on other sites

PUA means just Potentially Unwanted Application, it's like Trojan.Generic (which is in 99% a false positive). MoleBox is also an great packer, just because some stupid script kiddys used it to pack malware you will get Packed.MoleBox infection from some different antivirus engines and such environments earn bad reputations because of that, totally wrongly.

And when you see which AV's detected what (on both, cracked and portable): TR/Dropper.Gen (AntiVir), PUA.Win32.Packer.XenocodeVirtual (ClamAV) and Trojan/PSW.Dybalom.awy (Jiangmin) it is still a 3/42 detection rate, not 4/42. I think there is nothing to worry about.

If you think that this really is kind of virus, you should stay away from boards like this and use official unfixed releases instead only.

And Why this?:

if you don't like my portable?, use this hier...

Site: http://www.mediafire.com

Sharecode: /download.php?812d4ag0yaagl3h

Thanks XenoCoder, It looks like, it's working.

However, it would be great if you can make a "keygen" for it because I prefer to use any name in the Registration Dialog, but it's ok if you can't, it's still great anyway.

BTW, why there is an "Outbound traffic" where

Remote computer:4.53.147.244

Remote port:TCP 443 (https)

IP address country: United States

IP address state: Washington

IP address city: Seattle

IP address country: United States

IP address state: Washington

IP address city: Seattle

ISP of this IP [?]: Level 3 Communications

Organization: Level 3 Communications

Because I didn't get this "Outbound traffic" when I used the "Trial Mode".

Thanks again sir!!!

Share this post


Link to post
Share on other sites

It's spoon.net -_-

1 person likes this

Share this post


Link to post
Share on other sites

ok.

Share this post


Link to post
Share on other sites

Look at this on top of the page, use URLtoIP and start.spoon.net gives you the IP 4.53.147.244, the one from above. I never used spoon, could be some usage statistic that will be collected from them every time you start those apps. No clue if the program works anyway when you just block that traffic.

Share this post


Link to post
Share on other sites

I'm getting irreversible smulation crap yet again when I crack it.

Share this post


Link to post
Share on other sites

Trojan Dropper! This crack is useless!!

Share this post


Link to post
Share on other sites

prove it :rolleyes:

Share this post


Link to post
Share on other sites

FIX:

Site: http://www.mediafire.com/

Sharecode: ?k8fz3vdsq27te5b [?]

ps can some give me a sharecode tuturial please? ;) i hope it works now..if not let me now! B)

1 person likes this

Share this post


Link to post
Share on other sites

if you don't like my portable?, use this hier...

Site: http://www.mediafire.com

Sharecode: /download.php?812d4ag0yaagl3h

Crack

Site; http://www.file-upload.net

Sharecode: /download-4430668/Crack.rar.html

Password nsane

It's the same file as the XenoCoder's one!!

Why you "erer65" just re-post the same file (cracked by XenoCoder) and btw you don't give his credit :unsure:

BTW, can anyone CONFIRM that it's SAFE to use the the crack that XenoCoder posted? As I've tried it, and it's working well, but don't sure if it's safe,

also I just block the outbound connection to

Remote computer:4.53.147.244

Remote port:TCP 443 (https)

That what I did, any experienced members please confirm it.

Thank you so much

1 person likes this

Share this post


Link to post
Share on other sites

Just tested XenoCoder crack and works. None problem found and of course there is no virus .

WinXP Pro SP3 (x86)

1 person likes this

Share this post


Link to post
Share on other sites

The fix is not a problem, it just you Posted Image

Share this post


Link to post
Share on other sites

download not working - try to upload to other site

Share this post


Link to post
Share on other sites

download not working

Remove [/site][sc] from the link. Then it works.

Share this post


Link to post
Share on other sites

download not working

Remove [/site][sc] from the link. Then it works.

Did you get the file after inserting the captcha ?

I tried several times ...

Share this post


Link to post
Share on other sites

Thanks, will add it when i get more as 10MB from the file. :D

Site: http://www.mediafire.com

Sharecode: /?1ogvgt1aqy836uq [?]

Share this post


Link to post
Share on other sites

This is all out of fun or really meant?

If Kaspersky can find anything, what do you want from VirusTotal?

If you man are ? use condom to stay safe!!!... condom size does not matter... ^_^

RETN

2 people like this

Share this post


Link to post
Share on other sites

Thanks, will add it when i get more as 10MB from the file. :D

Site: http://www.mediafire.com

Sharecode: /?1ogvgt1aqy836uq [?]

Thank you , from mediafire I get it in 10sec. :)

Share this post


Link to post
Share on other sites