Jump to content
nsane.forums

Archived

This topic is now archived and is closed to further replies.

anuraag

UltimateDefrag 4.0.95.0

Recommended Posts

LOQUILLO

@ALL

Both XenoCoder versions (Cracked and Portable) provided on mediafire, seems to be infected with PUA.Win32.Packer.XenocodeVirtual trojan. See Report 1 and Report 2 . So, use it with care.

Yeah, I prefer don't use.

Share this post


Link to post
Share on other sites
vmanda

@sternog: Well i'm not writed my arrogant opinion (IMAO=In My Arrogant Opinion),

i have writed "seems to be infected" and "So, use it with care".

There are no coincidences like this in real life:

uploader=XenoCoder and

virus name=PUA.Win32.Packer.XenocodeVirtual

even if "Detection ratio is 4 / 41"

I think, i have just adviced users.

Just as informations for user that want to register uncracked version.

Here is the way used to register old 3.0.100.39 version.

1.add regsitry keys:

Windows Registry Editor Version 5.00[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\RNG]"SdHash"=dword:20bf4853"SdInfo"=hex:11,00,14,00,1a,00,05,00,1a,00,14,00,16,00,04,00,03,00,0b,00,12,00,\  18,00,03,00,09,00,0a,00,11,00,1d,00,11,00,1e,00,11,00,1e,00,01,00,02,00,06,\  00,0a,00,1c,00,14,00,16,00,53,00,32,00,37,00,3e,00,3a,00,3d,00,53,00

2.add ini section at end of C:\windows\win.ini

[Udbdef]bootparam=1006976730

Now, the new version, after installing, allready add to win.ini

[Udbdef]bootparamex4=some value
so it seems that disktrix use same method to register like old version, even if changed "machine ID code"

But no valid key to track registry keys added when register, and does not work anymore with old registry keys.

Share this post


Link to post
Share on other sites
SnakeMasteR

PUA means just Potentially Unwanted Application, it's like Trojan.Generic (which is in 99% a false positive). MoleBox is also an great packer, just because some stupid script kiddys used it to pack malware you will get Packed.MoleBox infection from some different antivirus engines and such environments earn bad reputations because of that, totally wrongly.

And when you see which AV's detected what (on both, cracked and portable): TR/Dropper.Gen (AntiVir), PUA.Win32.Packer.XenocodeVirtual (ClamAV) and Trojan/PSW.Dybalom.awy (Jiangmin) it is still a 3/42 detection rate, not 4/42. I think there is nothing to worry about.

If you think that this really is kind of virus, you should stay away from boards like this and use official unfixed releases instead only.

Share this post


Link to post
Share on other sites
LOQUILLO

PUA means just Potentially Unwanted Application, it's like Trojan.Generic (which is in 99% a false positive). MoleBox is also an great packer, just because some stupid script kiddys used it to pack malware you will get Packed.MoleBox infection from some different antivirus engines and such environments earn bad reputations because of that, totally wrongly.

And when you see which AV's detected what (on both, cracked and portable): TR/Dropper.Gen (AntiVir), PUA.Win32.Packer.XenocodeVirtual (ClamAV) and Trojan/PSW.Dybalom.awy (Jiangmin) it is still a 3/42 detection rate, not 4/42. I think there is nothing to worry about.

If you think that this really is kind of virus, you should stay away from boards like this and use official unfixed releases instead only.

And Why this?:

if you don't like my portable?, use this hier...

Site: http://www.mediafire.com

Sharecode: /download.php?812d4ag0yaagl3h

Thanks XenoCoder, It looks like, it's working.

However, it would be great if you can make a "keygen" for it because I prefer to use any name in the Registration Dialog, but it's ok if you can't, it's still great anyway.

BTW, why there is an "Outbound traffic" where

Remote computer:4.53.147.244

Remote port:TCP 443 (https)

IP address country: United States

IP address state: Washington

IP address city: Seattle

IP address country: United States

IP address state: Washington

IP address city: Seattle

ISP of this IP [?]: Level 3 Communications

Organization: Level 3 Communications

Because I didn't get this "Outbound traffic" when I used the "Trial Mode".

Thanks again sir!!!

Share this post


Link to post
Share on other sites
SnakeMasteR

Look at this on top of the page, use URLtoIP and start.spoon.net gives you the IP 4.53.147.244, the one from above. I never used spoon, could be some usage statistic that will be collected from them every time you start those apps. No clue if the program works anyway when you just block that traffic.

Share this post


Link to post
Share on other sites
Alanon

I'm getting irreversible smulation crap yet again when I crack it.

Share this post


Link to post
Share on other sites
Blackchildcx

FIX:

Site: http://www.mediafire.com/

Sharecode: ?k8fz3vdsq27te5b [?]

ps can some give me a sharecode tuturial please? ;) i hope it works now..if not let me now! B)

Share this post


Link to post
Share on other sites
whatwhat001

if you don't like my portable?, use this hier...

Site: http://www.mediafire.com

Sharecode: /download.php?812d4ag0yaagl3h

Crack

Site; http://www.file-upload.net

Sharecode: /download-4430668/Crack.rar.html

Password nsane

It's the same file as the XenoCoder's one!!

Why you "erer65" just re-post the same file (cracked by XenoCoder) and btw you don't give his credit :unsure:

BTW, can anyone CONFIRM that it's SAFE to use the the crack that XenoCoder posted? As I've tried it, and it's working well, but don't sure if it's safe,

also I just block the outbound connection to

Remote computer:4.53.147.244

Remote port:TCP 443 (https)

That what I did, any experienced members please confirm it.

Thank you so much

Share this post


Link to post
Share on other sites
jofre

Just tested XenoCoder crack and works. None problem found and of course there is no virus .

WinXP Pro SP3 (x86)

Share this post


Link to post
Share on other sites
AlienForce1

download not working

Remove [/site][sc] from the link. Then it works.

Did you get the file after inserting the captcha ?

I tried several times ...

Share this post


Link to post
Share on other sites
XenoCoder

This is all out of fun or really meant?

If Kaspersky can find anything, what do you want from VirusTotal?

If you man are ? use condom to stay safe!!!... condom size does not matter... ^_^

RETN

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

×