Jump to content

UltimateDefrag 4.0.95.0


anuraag

Recommended Posts

Detection ratio: 4 / 41? - rather scary (lmao), and one detection refers to a packer

Link to comment
Share on other sites


  • Replies 78
  • Views 10k
  • Created
  • Last Reply

@ALL

Both XenoCoder versions (Cracked and Portable) provided on mediafire, seems to be infected with PUA.Win32.Packer.XenocodeVirtual trojan. See Report 1 and Report 2 . So, use it with care.

Yeah, I prefer don't use.
Link to comment
Share on other sites


@sternog: Well i'm not writed my arrogant opinion (IMAO=In My Arrogant Opinion),

i have writed "seems to be infected" and "So, use it with care".

There are no coincidences like this in real life:

uploader=XenoCoder and

virus name=PUA.Win32.Packer.XenocodeVirtual

even if "Detection ratio is 4 / 41"

I think, i have just adviced users.

Just as informations for user that want to register uncracked version.

Here is the way used to register old 3.0.100.39 version.

1.add regsitry keys:

Windows Registry Editor Version 5.00[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\RNG]"SdHash"=dword:20bf4853"SdInfo"=hex:11,00,14,00,1a,00,05,00,1a,00,14,00,16,00,04,00,03,00,0b,00,12,00,\  18,00,03,00,09,00,0a,00,11,00,1d,00,11,00,1e,00,11,00,1e,00,01,00,02,00,06,\  00,0a,00,1c,00,14,00,16,00,53,00,32,00,37,00,3e,00,3a,00,3d,00,53,00

2.add ini section at end of C:\windows\win.ini

[Udbdef]bootparam=1006976730

Now, the new version, after installing, allready add to win.ini

[Udbdef]bootparamex4=some value
so it seems that disktrix use same method to register like old version, even if changed "machine ID code"

But no valid key to track registry keys added when register, and does not work anymore with old registry keys.

Link to comment
Share on other sites


LMAO means "Laughing my arse off".P.S. I`m really tired of reading this paranoid bs. Just buy the app.

Link to comment
Share on other sites


SnakeMasteR

PUA means just Potentially Unwanted Application, it's like Trojan.Generic (which is in 99% a false positive). MoleBox is also an great packer, just because some stupid script kiddys used it to pack malware you will get Packed.MoleBox infection from some different antivirus engines and such environments earn bad reputations because of that, totally wrongly.

And when you see which AV's detected what (on both, cracked and portable): TR/Dropper.Gen (AntiVir), PUA.Win32.Packer.XenocodeVirtual (ClamAV) and Trojan/PSW.Dybalom.awy (Jiangmin) it is still a 3/42 detection rate, not 4/42. I think there is nothing to worry about.

If you think that this really is kind of virus, you should stay away from boards like this and use official unfixed releases instead only.

Link to comment
Share on other sites


PUA means just Potentially Unwanted Application, it's like Trojan.Generic (which is in 99% a false positive). MoleBox is also an great packer, just because some stupid script kiddys used it to pack malware you will get Packed.MoleBox infection from some different antivirus engines and such environments earn bad reputations because of that, totally wrongly.

And when you see which AV's detected what (on both, cracked and portable): TR/Dropper.Gen (AntiVir), PUA.Win32.Packer.XenocodeVirtual (ClamAV) and Trojan/PSW.Dybalom.awy (Jiangmin) it is still a 3/42 detection rate, not 4/42. I think there is nothing to worry about.

If you think that this really is kind of virus, you should stay away from boards like this and use official unfixed releases instead only.

And Why this?:

if you don't like my portable?, use this hier...

Site: http://www.mediafire.com

Sharecode: /download.php?812d4ag0yaagl3h

Thanks XenoCoder, It looks like, it's working.

However, it would be great if you can make a "keygen" for it because I prefer to use any name in the Registration Dialog, but it's ok if you can't, it's still great anyway.

BTW, why there is an "Outbound traffic" where

Remote computer:4.53.147.244

Remote port:TCP 443 (https)

IP address country: United States

IP address state: Washington

IP address city: Seattle

IP address country: United States

IP address state: Washington

IP address city: Seattle

ISP of this IP [?]: Level 3 Communications

Organization: Level 3 Communications

Because I didn't get this "Outbound traffic" when I used the "Trial Mode".

Thanks again sir!!!

Link to comment
Share on other sites


SnakeMasteR

Look at this on top of the page, use URLtoIP and start.spoon.net gives you the IP 4.53.147.244, the one from above. I never used spoon, could be some usage statistic that will be collected from them every time you start those apps. No clue if the program works anyway when you just block that traffic.

Link to comment
Share on other sites


I'm getting irreversible smulation crap yet again when I crack it.

Link to comment
Share on other sites


Blackchildcx

FIX:

Site: http://www.mediafire.com/

Sharecode: ?k8fz3vdsq27te5b [?]

ps can some give me a sharecode tuturial please? ;) i hope it works now..if not let me now! B)

Link to comment
Share on other sites


whatwhat001

if you don't like my portable?, use this hier...

Site: http://www.mediafire.com

Sharecode: /download.php?812d4ag0yaagl3h

Crack

Site; http://www.file-upload.net

Sharecode: /download-4430668/Crack.rar.html

Password nsane

It's the same file as the XenoCoder's one!!

Why you "erer65" just re-post the same file (cracked by XenoCoder) and btw you don't give his credit :unsure:

BTW, can anyone CONFIRM that it's SAFE to use the the crack that XenoCoder posted? As I've tried it, and it's working well, but don't sure if it's safe,

also I just block the outbound connection to

Remote computer:4.53.147.244

Remote port:TCP 443 (https)

That what I did, any experienced members please confirm it.

Thank you so much

Link to comment
Share on other sites


Just tested XenoCoder crack and works. None problem found and of course there is no virus .

WinXP Pro SP3 (x86)

Link to comment
Share on other sites


The fix is not a problem, it just you Posted Image

Link to comment
Share on other sites


AlienForce1

download not working

Remove [/site][sc] from the link. Then it works.

Did you get the file after inserting the captcha ?

I tried several times ...

Link to comment
Share on other sites


This is all out of fun or really meant?

If Kaspersky can find anything, what do you want from VirusTotal?

If you man are ? use condom to stay safe!!!... condom size does not matter... ^_^

RETN

Link to comment
Share on other sites


Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...