A.lemane Posted June 13, 2017 Share Posted June 13, 2017 "Preventing IDM From Dialing Home using Cfosspeed" lets start by saying that am not really good at this ^^ (explication) my input in this is so simple compare to dcs18 and Undertaker in fact this wouldn't be possible without there observations ^^ u should exit idm right now and As a precaution, ensure your IDM is disabled from starting-up with Windows (inspirational credits to FR33W1LL) Spoiler 1 download & install Cfosspeed if u dont have it Spoiler https://www.nsanedown.com/?request=13630716 2 set the ip blocker feature Spoiler & 3 and now u can either put these in the blacklist.txt file or download mine from bellow and put it in that path Spoiler Ps : if u cant find one there simply create it & this is the path of the fille "C:\ProgramData\cFos\cFosSpeed\blocklist.txt" blocklist.txt 50.22.78.28 - 50.22.78.28 50.22.78.29 - 50.22.78.29 50.22.78.31 - 50.22.78.31 50.97.41.98 - 50.97.41.98 50.97.82.44 - 50.97.82.44 69.41.163.49 - 69.41.163.49 69.41.163.149 - 69.41.163.149 75.125.34.148 - 75.125.34.148 75.125.34.157 - 75.125.34.157 169.55.0.224 - 169.55.0.224 169.55.40.5 - 169.55.40.5 173.255.137.80 - 173.255.137.80 173.255.134.84 - 173.255.134.84 174.127.73.80 - 174.127.73.80 174.127.73.85 - 174.127.73.85 174.133.70.98 - 174.133.70.98 174.133.70.101 - 174.133.70.101 184.173.149.184 - 184.173.149.184 184.173.188.104 - 184.173.188.104 184.173.188.106 - 184.173.188.106 184.173.188.107 - 184.173.188.107 185.80.220.22 - 185.80.220.22 185.80.221.18 - 185.80.221.18 202.134.64.74 - 202.134.64.74 207.44.199.16 - 207.44.199.16 207.44.199.159 - 207.44.199.159 207.44.199.165 - 207.44.199.165 4 and now to apply all that u need to either restart ur pc or simply run this command Spoiler ""C:\Program Files\cFosSpeed\spd.exe" reload -iplist" 5 for those ho r having a problem re registering idm Spoiler register with this On 6/12/2017 at 1:57 PM, A.lemane said: ill upload two registry files one to register idm and the other one dos the opposite IDM registration.reg Unregister.IDM.reg and if it still shows popups @@ go back to the first page and redo the step 1 and thats it ^^ good luck 6 downloading future updates Spoiler simply past the latest idm setup link https://whoer.net/webproxy or http://webproxy.to/ there r many out there or u can just remote upload it ^^ blocklist.txt Link to comment Share on other sites More sharing options...
hamanokaito Posted June 14, 2017 Share Posted June 14, 2017 8 hours ago, NokiAlpha said: i am getting this error while running your file on windows10 64bit LTSB. How to fix this? I use winrar compress file .exe If you have use winrar or 7zip you can extract the file into the same directory after run NapLaiDangKyIDM.exe P/s: Update test on win 32b ltbs working good. I think your win problem. Link to comment Share on other sites More sharing options...
Undertaker Posted June 14, 2017 Share Posted June 14, 2017 8 hours ago, NokiAlpha said: i am getting this error while running your file on windows10 64bit LTSB. How to fix this? Did you try to run the file while retaining its original name "IDMFIXALL.exe"? Link to comment Share on other sites More sharing options...
Undertaker Posted June 14, 2017 Share Posted June 14, 2017 9 hours ago, sledge101 said: Furthermore, to update to later version, hopefully this will not be patch again, just download the latest version and install the update offline then re run the script again. Well see how it goes... I'm assuming, you're using hamanokaito's method. Then do we need to re-run the script at each update? Or is it just your personal choice? 8 hours ago, sledge101 said: As i encountered a fake serial dialog before during testing ----------- even offline. If you receive fake serial nag even while offline that suggests that your registry has not been completely sanitized. IDM still has traces in your registry. 7 hours ago, sledge101 said: 2. btw, i've disabled the idmbroker.exe in the registry Again, is it recommended or your personal choice? I ask this because the goal here is to not harm or change or modify, in any sense, files related to IDM. Look forward to your reply. Link to comment Share on other sites More sharing options...
Undertaker Posted June 14, 2017 Share Posted June 14, 2017 8 hours ago, dcs18 said: Just a heads-up, the 2 most predominant IDM IPs responsible ATM for blacklisting activation are:— 169.55.0.224 185.80.221.18 Because you mentioned a new IP, I checked it in my system and both Adguard as well as WFC are showing:- 169.55.0.224 169.55.40.5 No mention of the highlighted IP 7 hours ago, dcs18 said: COMODO is the only firewall that has (so far) been able to retain my activation without any assistance from any other tool such as DNS, hosts or PLP — it just blocks each and every one of those 31 IDM IPs. No bypass, download complete serial nag or system restart thing? BTW did you let the connection pass to IDM servers once to test if Comodo is able to restore and retain activation afterwards? 7 hours ago, dcs18 said: https://i.imgur.com/ZAEMqOT.png No connection to registration server? Link to comment Share on other sites More sharing options...
Undertaker Posted June 14, 2017 Share Posted June 14, 2017 5 hours ago, A.lemane said: "Preventing IDM From Dialing Home using Cfosspeed" Nicely detailed and worked-out tutorial A.lemane Is there not an option to configue cfos or IP blocker to work for just IDM and not the whole system? Now, I'm also (just a little bit) motivated to complete the Adguard routing post. Link to comment Share on other sites More sharing options...
hamanokaito Posted June 14, 2017 Share Posted June 14, 2017 Hi guys. i have infor for my fix. My fix just use for win 7,8,10 versions Pro. The remaining versions will be updated later. <== You can use fix but you will got fake key. Update : English for my code and add windows 10 32b LTSB. Site: https://mega.nz Sharecode[?]: /#!YUd2kbYb!a92Krk3mc2P32sAdbD1J7t5GPnIYSLxT8PG2BUhcVPQ Password: hamanokaito P/s: I will collaborate with sledge101 to create a fix full for guys. So you can use temporary fix with cmd command. My english not good. Sorry for that ! Link to comment Share on other sites More sharing options...
dcs18 Posted June 14, 2017 Author Share Posted June 14, 2017 8 hours ago, A.lemane said: "Preventing IDM From Dialing Home using Cfosspeed" The OP and credits duly updated (your original idea has been promoted to the very top of the first post — right on the Notice.) 3 hours ago, Undertaker said: 11 hours ago, dcs18 said: Just a heads-up, the 2 most predominant IDM IPs responsible ATM for blacklisting activation are:— 169.55.0.224 185.80.221.18 Because you mentioned a new IP, I checked it in my system and both Adguard as well as WFC are showing:- 169.55.0.224 169.55.40.5 No mention of the highlighted IP No bypass, download complete serial nag or system restart thing? BTW did you let the connection pass to IDM servers once to test if Comodo is able to restore and retain activation afterwards? No connection to registration server? The test was carried out with a blacklisted IP on a contaminated registry — all connections which are not able to be blocked by other firewalls are being duly blocked by COMODO (I think I know the COMODO secret of success, now.) The activation was intentionally allowed to be blacklisted a number of times to test whether COMODO could reactivate and retain subsequent activations, without sanitizing or uninstalling the blacklisted copy — COMODO discharged its duties with perfection. 185.80.221.18 (which is on the block list,) is the IP to which IDM ATM, calls home to blacklist activation, during downloads — Tonec keeps rotating these IPs, though. Link to comment Share on other sites More sharing options...
dcs18 Posted June 14, 2017 Author Share Posted June 14, 2017 3 hours ago, Undertaker said: Now, I'm also (just a little bit) motivated to complete the Adguard routing post. Please do that, by all means — it would also lead to a number of folks switching over their ad. blocker to Adguard {take my own case — I've now switched over to the COMODO firewall — who would've even imaging that I'd ever quit using Windows Firewall Control (WFC.)} Thanks to the new implementation of blacklisting activation by Tonec — so many new (and, also well kept secret) solutions have started emerging. Link to comment Share on other sites More sharing options...
Undertaker Posted June 14, 2017 Share Posted June 14, 2017 35 minutes ago, dcs18 said: 185.80.221.18 (which is on the block list,) is the IP to which IDM ATM, calls home to blacklist activation, during downloads — Tonec keeps rotating these IPs, though. It still ain't calling it here? What's happening? 14 minutes ago, dcs18 said: Please do that, by all means — it would also lead to a number of folks switching over their ad. blocker to Adguard Already done http://www.nsaneforums.com/topic/222515-compilation-of-tutorials-guides-tips-updates/?do=findComment&comment=1221215 Link to comment Share on other sites More sharing options...
dcs18 Posted June 14, 2017 Author Share Posted June 14, 2017 7 minutes ago, Undertaker said: 41 minutes ago, dcs18 said: 185.80.221.18 (which is on the block list,) is the IP to which IDM ATM, calls home to blacklist activation, during downloads — Tonec keeps rotating these IPs, though. It still ain't calling it here? What's happenening? 7 minutes ago, Undertaker said: 20 minutes ago, dcs18 said: Please do that, by all means — it would also lead to a number of folks switching over their ad. blocker to Adguard {take my own case — I've now switched over to the COMODO firewall — who would've even imaging that I'd ever quit using Windows Firewall Control (WFC.)} Already done http://www.nsaneforums.com/topic/222515-compilation-of-tutorials-guides-tips-updates/?do=findComment&comment=1221215 Nah, nah — make a new post, for it and leave a link on the existing tutorial pointing to the new location. Link to comment Share on other sites More sharing options...
sledge101 Posted June 14, 2017 Share Posted June 14, 2017 4 hours ago, Undertaker said: I'm assuming, you're using hamanokaito's method. Then do we need to re-run the script at each update? Or is it just your personal choice? If you receive fake serial nag even while offline that suggests that your registry has not been completely sanitized. IDM still has traces in your registry. Again, is it recommended or your personal choice? I ask this because the goal here is to not harm or change or modify, in any sense, files related to IDM. Look forward to your reply. @dcs18, just got back from work... will post my answer as im checking it now. Link to comment Share on other sites More sharing options...
Undertaker Posted June 14, 2017 Share Posted June 14, 2017 1 minute ago, dcs18 said: https://i.imgur.com/CSLkbKI.png It comes at download start or download complete? Also you have retail or trial installed? 2 minutes ago, dcs18 said: Nah, nah — make a new post, for it and leave a link on the existing tutorial pointing to the new location. OK, will do it later Link to comment Share on other sites More sharing options...
dcs18 Posted June 14, 2017 Author Share Posted June 14, 2017 I've been testing it out on a very minute-sized file and since my connection is relatively quick, can't say for sure (shall confirm this point later after trying it out on larger downloads) — by past experience, IDM call this IP somewhere in the later half but have seen them doing it even at the very start-point. You might probably not be seeing it due to the extra-dependency on other forms of helper blocking such as hosts or IPSec — in my case, it's pure firewall blocking of IPs only (without having resorted to even my domain blocking capability or HIPS.) Link to comment Share on other sites More sharing options...
Undertaker Posted June 14, 2017 Share Posted June 14, 2017 Just now, dcs18 said: You might probably not be seeing it due to the extra-dependency on other forms of helper blocking such as hosts or IPSec — in my case, it's pure firewall blocking of IPs only Have completely cleared and cleansed my hosts as well as IPSec entries, relying solely on Adguard now. I will try a download now and revert back(Adguard has the logs of all the connection that IDM is making with both the address it is connecting to and the associated IP address). BTW you didn't tell whether it's a retail install or trial install. p.s. That amazon download link was downloading with IDM here(with no modification to the URL). Link to comment Share on other sites More sharing options...
dcs18 Posted June 14, 2017 Author Share Posted June 14, 2017 Just now, Undertaker said: BTW you didn't tell whether it's a retail install or trial install. In the last 12 hours have been using both, as an over-install — just installing on top of the existing copy (without a de-installation.) Have done this so many times that I'm not really sure which one is on my system, right now — Trial or Retail. Link to comment Share on other sites More sharing options...
dcs18 Posted June 14, 2017 Author Share Posted June 14, 2017 Another noteworthy point, I tried COMODO just because it possesses domain blocking capabilities (to displace the hosts method and IPSec method, as well) and the HIPS (to displace the PLP method.) However, I never had to use those capabilities (only the firewall is enabled) . . . . . I repeat — on my system, COMODO has been blocking IDM based merely on IPs and I think I know the technical reason for this. Link to comment Share on other sites More sharing options...
Undertaker Posted June 14, 2017 Share Posted June 14, 2017 14 minutes ago, dcs18 said: You might probably not be seeing Ah yes, I see it now. The reason was it's not testing at each download For e.g. It didn't test when I downloaded SIB,WFC but did so when I downloaded WinRar So maybe associated with size of download. I see it again connecting to test.downloadmanager.com(185.80.221.18) (this was stopped for a few days back like after ver6.28 build 12 but looks like it's back now). And it connects at start of download(all info courtesy of Adguard) Link to comment Share on other sites More sharing options...
sledge101 Posted June 14, 2017 Share Posted June 14, 2017 @Taker, regarding the fake serial nag i mentioned before, i got that offline without hamanokaitos fix. And given the fact that my registry is clean , i make sure of that. This is related to the timing of the serial key placement in the dm and idm serial + some update settings in DM registry which should be disabled first. if one of them is missing while opening it you will get that dialog. @Taker, with regards, to your question about idmbroker in the registry, not necessary, you can retain that settings there. @Taker, regarding future updates and even before the previous version updating to latest retail build 12, every manual update online or offline, doesnt matter which mode you prefer, will recreate 2 persistent registry keys and episodically vp key( some reported none recurrence , some have, for me there is no recurrence anymore ) {7B8E9164-324D-4A2E-A46D-0165FB2000EC} {5ED60779-4DE2-4E07-B862-974CA4FF2E9C} However, once you activated the program, it seems it doesnt matter anymore as long as updates are disabled and proper blocking techniques are implemented. I hope this answers your question. Link to comment Share on other sites More sharing options...
dcs18 Posted June 14, 2017 Author Share Posted June 14, 2017 3 minutes ago, Undertaker said: I see it again connecting to test.downloadmanager.com(185.80.221.18) (this was stopped for a few days back like after ver6.28 build 12 but looks like it's back now). . . . . . . and, they'll keep rotating it to screw the patches — BTW, IDM V7 is just about to go live with new surprises from Tonec. BTW, I've got a new trick up my sleeve, too — to ensure that firewall activation is retained for many more years. Link to comment Share on other sites More sharing options...
sledge101 Posted June 14, 2017 Share Posted June 14, 2017 With regards to blocking techniques, there are a lot, in my case, as i am not really fond of installing a lot of softwares, Neverheless, as long as the blocking is working well to meet your expectations and you are comfortable using it,,, its ok. In summary for IDM postinstallation 1. Clean 2. Block 3. Activate Link to comment Share on other sites More sharing options...
dcs18 Posted June 14, 2017 Author Share Posted June 14, 2017 On 6/18/2014 at 0:34 PM, exodius said: @dcs18 Do I need WFC to use this method? Would it work if I only use native w7 firewall? Windows Firewall (as most other popular firewalls) has a bug which cannot possibly block the present Tonec implementation of DNS cache poisoning, riding piggyback on svchost.exe packets — the bad news, Tonec has even been successful in bypassing the reverse DNS protection. To my knowledge only the COMODO firewall overcomes this new implementation and if I remember correctly, the Kaspersky firewall should also possess this capability (not sure though, it's been more than I year since I had the opportunity to work with the Kaspersky firewall.) Unfortunately, bitter but true developing news — most firewalls have this bug and it's gonna be challenging to convince the Publishers (they need to be reminded that COMODO had this capability right from their best old version — the V3.) COMODO is at V10, now — they've spammed that awesome version with bloatware just to appease the masses. Link to comment Share on other sites More sharing options...
hamanokaito Posted June 14, 2017 Share Posted June 14, 2017 @sledge101 {7B8E9164-324D-4A2E-A46D-0165FB2000EC} {5ED60779-4DE2-4E07-B862-974CA4FF2E9C} 2 key above check Serial Key IDM. But idm know we hack 2 this key, so idm make random key for each version of windows. P/s: I tracked domain for idm and i see some domain. Link to comment Share on other sites More sharing options...
dcs18 Posted June 14, 2017 Author Share Posted June 14, 2017 Was using the following hostnames — just a heads-up for those interested: 1d.4e.1632.ip4.static.sl-reverse.com 1f.4e.1632.ip4.static.sl-reverse.com 62.29.6132.ip4.static.sl-reverse.com 65.46.85ae.static.theplanet.com b8.95.adb8.ip4.static.sl-reverse.com data.internetdownloadmanager.com download.internetdownloadmanager.com gate.cmul.net idm-tonec.netdna-ssl.com internetdownloadmanager.com key.internetdownloadmanager.com mirror.internetdownloadmanager.com mirror.tonec.com mirror1.internetdownloadmanager.com mirror2.internetdownloadmanager.com mirror3.internetdownloadmanager.com mirror3.tonec.com mirror4.internetdownloadmanager.com mirror4.tonec.com mirror5.internetdownloadmanager.com mirror5.tonec.com mirror6.internetdownloadmanager.com mirror7.internetdownloadmanager.com mirror8.internetdownloadmanager.com mirror9.internetdownloadmanager.com registeridm.com retail.internetdownloadmanager.com secure.internetdownloadmanager.com secure.registeridm.com star.tonec.com star2.iivx.com telemetry.internetdownloadmanager.com test.internetdownloadmanager.com tonec.com www.dyxnet.com www.internetdownloadmanager.com www.registeridm.com www.tonec.com Link to comment Share on other sites More sharing options...
sledge101 Posted June 14, 2017 Share Posted June 14, 2017 ns1.tonec.com ns2.tonec.com proxy.internetdownloadmanager.com Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.