Register for your free account! | Forgot your password?

You last visited: Today at 15:23

  • Please register to post and access all features, it's quick, easy and FREE!

Advertisement


Advertise with us!

Regarding VMAX PROJECT

Discussion on Regarding VMAX PROJECT within the SRO Private Server forum part of the Silkroad Online category.

Closed Thread
 
Old   #1
 
elite*gold: 0
The Black Market: 0/0/0
Join Date: May 2017
Posts: 108
Received Thanks: 17
Unhappy Regarding VMAX PROJECT

This amazing project is made by MeGaMaX
a great project in my opinion, but just no so good for its price tag :/(my opinion)

so, my question..
anyone know how it checks for the use time ?

megamax provide keys for 2 weeks use (free)
after that the .exe's is blocked..

so my obvious thinking, it assigns the keys to hwid.. but i was mistaken..
maybe creates a file somewhere that stats the use time ? idk.. searched here and there.. but not a successful attempt. even tried ccleaner for cleaning cache and temp folder.. still not successful ..

if we just know how is assigns those keys.. it would be easy to bypass it..
-Prestige.. is offline  
Old 06/09/2017, 01:37   #2
 
blapanda's Avatar
 
elite*gold: 0
The Black Market: 0/0/0
Join Date: Jul 2009
Posts: 1,860
Received Thanks: 757
It's not worth bypassing something, which nearly does nothing better than people would expect. Besides of his greed, there is nothing on those so called "amazing project".

The best thing you could do is: get the respective server modules for your server, get all public offsets for them, get or code yourself a packet filter, have fun doing your thing without any rise of suspicion.
blapanda is offline  
Old 06/09/2017, 04:10   #3
 
elite*gold: 0
The Black Market: 0/0/0
Join Date: May 2017
Posts: 108
Received Thanks: 17
Quote:
Originally Posted by blapanda View Post
It's not worth bypassing something, which nearly does nothing better than people would expect. Besides of his greed, there is nothing on those so called "amazing project".

The best thing you could do is: get the respective server modules for your server, get all public offsets for them, get or code yourself a packet filter, have fun doing your thing without any rise of suspicion.
even thou he's infact greedy, he's good!
well being stated as amazing .. thats my opinion ..
at last, a packet filter won't do what this project does..
and still my question is not answered
-Prestige.. is offline  
Old 06/09/2017, 10:47   #4
 
blapanda's Avatar
 
elite*gold: 0
The Black Market: 0/0/0
Join Date: Jul 2009
Posts: 1,860
Received Thanks: 757
There are tools tracking any kind of data and registry creation, modification and deletion.
Search for those, set a VM, run that tool, set it up, run your server files with his module, have fun playing hide and seek.
blapanda is offline  
Old 06/09/2017, 14:26   #5
 
elite*gold: 0
The Black Market: 0/0/0
Join Date: May 2017
Posts: 108
Received Thanks: 17
Code:
1:00:01.3438982 PM	GlobalManager.exe	25884	RegQueryKey	HKLM	SUCCESS	Query: HandleTags, HandleTags: 0x0
1:00:01.3439270 PM	GlobalManager.exe	25884	RegQueryKey	HKLM	SUCCESS	Query: Name
1:00:01.3439470 PM	GlobalManager.exe	25884	RegOpenKey	HKLM\SOFTWARE\WOW6432Node\Microsoft\CTF\KnownClasses	NAME NOT FOUND	Desired Access: Read
1:00:01.3445086 PM	GlobalManager.exe	25884	RegQueryKey	HKLM	SUCCESS	Query: HandleTags, HandleTags: 0x0
1:00:01.3445217 PM	GlobalManager.exe	25884	RegQueryKey	HKLM	SUCCESS	Query: Name
1:00:01.3445386 PM	GlobalManager.exe	25884	RegOpenKey	HKLM\Software\WOW6432Node\Microsoft\Rpc	REPARSE	Desired Access: Read
1:00:01.3445733 PM	GlobalManager.exe	25884	RegOpenKey	HKLM\SOFTWARE\Microsoft\Rpc	SUCCESS	Desired Access: Read
1:00:01.3445899 PM	GlobalManager.exe	25884	RegSetInfoKey	HKLM\SOFTWARE\Microsoft\Rpc	SUCCESS	KeySetInformationClass: KeySetHandleTagsInformation, Length: 0
1:00:01.3445990 PM	GlobalManager.exe	25884	RegQueryValue	HKLM\SOFTWARE\Microsoft\Rpc\MaxRpcSize	NAME NOT FOUND	Length: 144
1:00:01.3446095 PM	GlobalManager.exe	25884	RegCloseKey	HKLM\SOFTWARE\Microsoft\Rpc	SUCCESS	
1:00:01.3446438 PM	GlobalManager.exe	25884	RegOpenKey	HKLM\System\CurrentControlSet\Control\ComputerName\ActiveComputerName	REPARSE	Desired Access: Read
1:00:01.3446532 PM	GlobalManager.exe	25884	RegOpenKey	HKLM\System\CurrentControlSet\Control\ComputerName\ActiveComputerName	SUCCESS	Desired Access: Read
1:00:01.3446631 PM	GlobalManager.exe	25884	RegSetInfoKey	HKLM\System\CurrentControlSet\Control\ComputerName\ActiveComputerName	SUCCESS	KeySetInformationClass: KeySetHandleTagsInformation, Length: 0
1:00:01.3446697 PM	GlobalManager.exe	25884	RegQueryValue	HKLM\System\CurrentControlSet\Control\ComputerName\ActiveComputerName\ComputerName	SUCCESS	Type: REG_SZ, Length: 32, Data: DESKTOP-TL2MBHT
1:00:01.3446800 PM	GlobalManager.exe	25884	RegCloseKey	HKLM\System\CurrentControlSet\Control\ComputerName\ActiveComputerName	SUCCESS	
1:00:01.3446894 PM	GlobalManager.exe	25884	RegOpenKey	HKLM\System\Setup	SUCCESS	Desired Access: Read
1:00:01.3446979 PM	GlobalManager.exe	25884	RegSetInfoKey	HKLM\SYSTEM\Setup	SUCCESS	KeySetInformationClass: KeySetHandleTagsInformation, Length: 0
1:00:01.3447039 PM	GlobalManager.exe	25884	RegQueryValue	HKLM\SYSTEM\Setup\OOBEInProgress	SUCCESS	Type: REG_DWORD, Length: 4, Data: 0
1:00:01.3447130 PM	GlobalManager.exe	25884	RegCloseKey	HKLM\SYSTEM\Setup	SUCCESS	
1:00:01.3447210 PM	GlobalManager.exe	25884	RegOpenKey	HKLM\System\Setup	SUCCESS	Desired Access: Read
1:00:01.3447281 PM	GlobalManager.exe	25884	RegSetInfoKey	HKLM\SYSTEM\Setup	SUCCESS	KeySetInformationClass: KeySetHandleTagsInformation, Length: 0
1:00:01.3447338 PM	GlobalManager.exe	25884	RegQueryValue	HKLM\SYSTEM\Setup\SystemSetupInProgress	SUCCESS	Type: REG_DWORD, Length: 4, Data: 0
1:00:01.3447421 PM	GlobalManager.exe	25884	RegCloseKey	HKLM\SYSTEM\Setup	SUCCESS	
1:00:01.3447529 PM	GlobalManager.exe	25884	RegQueryKey	HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options	SUCCESS	Query: HandleTags, HandleTags: 0x400
1:00:01.3447618 PM	GlobalManager.exe	25884	RegOpenKey	HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GlobalManager.exe	NAME NOT FOUND	Desired Access: Query Value, Enumerate Sub Keys
1:00:01.3448553 PM	GlobalManager.exe	25884	RegQueryKey	HKLM	SUCCESS	Query: HandleTags, HandleTags: 0x0
1:00:01.3448630 PM	GlobalManager.exe	25884	RegQueryKey	HKLM	SUCCESS	Query: Name
1:00:01.3448750 PM	GlobalManager.exe	25884	RegOpenKey	HKLM\Software\WOW6432Node\Policies\Microsoft\Windows NT\Rpc	REPARSE	Desired Access: Read
1:00:01.3448895 PM	GlobalManager.exe	25884	RegOpenKey	HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Rpc	NAME NOT FOUND	Desired Access: Read
1:00:01.3449363 PM	GlobalManager.exe	25884	RegQueryKey	HKLM	SUCCESS	Query: HandleTags, HandleTags: 0x0
1:00:01.3449443 PM	GlobalManager.exe	25884	RegQueryKey	HKLM	SUCCESS	Query: Name
1:00:01.3449554 PM	GlobalManager.exe	25884	RegOpenKey	HKLM\Software\WOW6432Node\Microsoft\Rpc	REPARSE	Desired Access: Query Value
1:00:01.3449682 PM	GlobalManager.exe	25884	RegOpenKey	HKLM\SOFTWARE\Microsoft\Rpc	SUCCESS	Desired Access: Query Value
1:00:01.3449802 PM	GlobalManager.exe	25884	RegSetInfoKey	HKLM\SOFTWARE\Microsoft\Rpc	SUCCESS	KeySetInformationClass: KeySetHandleTagsInformation, Length: 0
1:00:01.3449870 PM	GlobalManager.exe	25884	RegQueryValue	HKLM\SOFTWARE\Microsoft\Rpc\IdleTimerWindow	NAME NOT FOUND	Length: 144
1:00:01.3449947 PM	GlobalManager.exe	25884	RegCloseKey	HKLM\SOFTWARE\Microsoft\Rpc	SUCCESS	
1:00:01.3457269 PM	GlobalManager.exe	25884	CreateFile	C:\Windows\SysWOW64\user32.dll	SUCCESS	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
1:00:01.3457924 PM	GlobalManager.exe	25884	QueryBasicInformationFile	C:\Windows\SysWOW64\user32.dll	SUCCESS	CreationTime: 3/18/2017 9:58:59 PM, LastAccessTime: 3/18/2017 9:58:59 PM, LastWriteTime: 3/18/2017 9:59:00 PM, ChangeTime: 5/14/2017 2:05:39 PM, FileAttributes: A
1:00:01.3458058 PM	GlobalManager.exe	25884	CloseFile	C:\Windows\SysWOW64\user32.dll	SUCCESS	
1:00:01.3463569 PM	GlobalManager.exe	25884	RegQueryKey	HKLM	SUCCESS	Query: HandleTags, HandleTags: 0x0
1:00:01.3463675 PM	GlobalManager.exe	25884	RegQueryKey	HKLM	SUCCESS	Query: Name
1:00:01.3463820 PM	GlobalManager.exe	25884	RegOpenKey	HKLM\Software\WOW6432Node\Microsoft\Input	REPARSE	Desired Access: Read
1:00:01.3464060 PM	GlobalManager.exe	25884	RegOpenKey	HKLM\SOFTWARE\Microsoft\Input	SUCCESS	Desired Access: Read
1:00:01.3464214 PM	GlobalManager.exe	25884	RegSetInfoKey	HKLM\SOFTWARE\Microsoft\Input	SUCCESS	KeySetInformationClass: KeySetHandleTagsInformation, Length: 0
1:00:01.3464285 PM	GlobalManager.exe	25884	RegQueryValue	HKLM\SOFTWARE\Microsoft\Input\IsOneCore	NAME NOT FOUND	Length: 144
1:00:01.3464376 PM	GlobalManager.exe	25884	RegCloseKey	HKLM\SOFTWARE\Microsoft\Input	SUCCESS	
1:00:01.3465671 PM	GlobalManager.exe	25884	CreateFile	C:\Windows\SysWOW64\secruntime.dll	NAME NOT FOUND	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a
1:00:01.3467612 PM	GlobalManager.exe	25884	RegQueryKey	HKLM	SUCCESS	Query: HandleTags, HandleTags: 0x0
1:00:01.3467703 PM	GlobalManager.exe	25884	RegQueryKey	HKLM	SUCCESS	Query: Name
1:00:01.3467832 PM	GlobalManager.exe	25884	RegOpenKey	HKLM\Software\WOW6432Node\Microsoft\Input	REPARSE	Desired Access: Read
1:00:01.3468120 PM	GlobalManager.exe	25884	RegOpenKey	HKLM\SOFTWARE\Microsoft\Input	SUCCESS	Desired Access: Read
1:00:01.3468365 PM	GlobalManager.exe	25884	RegSetInfoKey	HKLM\SOFTWARE\Microsoft\Input	SUCCESS	KeySetInformationClass: KeySetHandleTagsInformation, Length: 0
1:00:01.3468433 PM	GlobalManager.exe	25884	RegQueryValue	HKLM\SOFTWARE\Microsoft\Input\IsOneCore	NAME NOT FOUND	Length: 144
1:00:01.3468519 PM	GlobalManager.exe	25884	RegCloseKey	HKLM\SOFTWARE\Microsoft\Input	SUCCESS	
1:00:01.3469882 PM	GlobalManager.exe	25884	CreateFile	C:\Windows\SysWOW64\secruntime.dll	NAME NOT FOUND	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a
1:00:01.3475147 PM	GlobalManager.exe	25884	RegQueryKey	HKLM	SUCCESS	Query: HandleTags, HandleTags: 0x0
1:00:01.3475242 PM	GlobalManager.exe	25884	RegQueryKey	HKLM	SUCCESS	Query: Name
1:00:01.3475490 PM	GlobalManager.exe	25884	RegOpenKey	HKLM\Software\WOW6432Node\Microsoft\Input	REPARSE	Desired Access: Read
1:00:01.3475795 PM	GlobalManager.exe	25884	RegOpenKey	HKLM\SOFTWARE\Microsoft\Input	SUCCESS	Desired Access: Read
1:00:01.3475931 PM	GlobalManager.exe	25884	RegSetInfoKey	HKLM\SOFTWARE\Microsoft\Input	SUCCESS	KeySetInformationClass: KeySetHandleTagsInformation, Length: 0
1:00:01.3476003 PM	GlobalManager.exe	25884	RegQueryValue	HKLM\SOFTWARE\Microsoft\Input\IsOneCore	NAME NOT FOUND	Length: 144
1:00:01.3476094 PM	GlobalManager.exe	25884	RegCloseKey	HKLM\SOFTWARE\Microsoft\Input	SUCCESS	
1:00:01.3477443 PM	GlobalManager.exe	25884	CreateFile	C:\Windows\SysWOW64\secruntime.dll	NAME NOT FOUND	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a
1:00:01.3478161 PM	GlobalManager.exe	25884	RegQueryKey	HKLM	SUCCESS	Query: HandleTags, HandleTags: 0x0
1:00:01.3478352 PM	GlobalManager.exe	25884	RegQueryKey	HKLM	SUCCESS	Query: Name
1:00:01.3478480 PM	GlobalManager.exe	25884	RegOpenKey	HKLM\Software\WOW6432Node\Microsoft\Input	REPARSE	Desired Access: Read
1:00:01.3478631 PM	GlobalManager.exe	25884	RegOpenKey	HKLM\SOFTWARE\Microsoft\Input	SUCCESS	Desired Access: Read
1:00:01.3478763 PM	GlobalManager.exe	25884	RegSetInfoKey	HKLM\SOFTWARE\Microsoft\Input	SUCCESS	KeySetInformationClass: KeySetHandleTagsInformation, Length: 0
1:00:01.3478831 PM	GlobalManager.exe	25884	RegQueryValue	HKLM\SOFTWARE\Microsoft\Input\IsOneCore	NAME NOT FOUND	Length: 144
1:00:01.3478914 PM	GlobalManager.exe	25884	RegCloseKey	HKLM\SOFTWARE\Microsoft\Input	SUCCESS	
1:00:01.3480439 PM	GlobalManager.exe	25884	CreateFile	C:\Windows\SysWOW64\secruntime.dll	NAME NOT FOUND	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a
1:00:01.3480995 PM	GlobalManager.exe	25884	RegQueryKey	HKLM	SUCCESS	Query: HandleTags, HandleTags: 0x0
1:00:01.3481080 PM	GlobalManager.exe	25884	RegQueryKey	HKLM	SUCCESS	Query: Name
1:00:01.3481212 PM	GlobalManager.exe	25884	RegOpenKey	HKLM\Software\WOW6432Node\Microsoft\Input	REPARSE	Desired Access: Read
1:00:01.3481366 PM	GlobalManager.exe	25884	RegOpenKey	HKLM\SOFTWARE\Microsoft\Input	SUCCESS	Desired Access: Read
1:00:01.3481497 PM	GlobalManager.exe	25884	RegSetInfoKey	HKLM\SOFTWARE\Microsoft\Input	SUCCESS	KeySetInformationClass: KeySetHandleTagsInformation, Length: 0
1:00:01.3481568 PM	GlobalManager.exe	25884	RegQueryValue	HKLM\SOFTWARE\Microsoft\Input\ResyncResetTime	NAME NOT FOUND	Length: 144
1:00:01.3481739 PM	GlobalManager.exe	25884	RegQueryValue	HKLM\SOFTWARE\Microsoft\Input\MaxResyncAttempts	NAME NOT FOUND	Length: 144
1:00:01.3481973 PM	GlobalManager.exe	25884	RegCloseKey	HKLM\SOFTWARE\Microsoft\Input	SUCCESS	
1:00:01.3493836 PM	GlobalManager.exe	25884	RegOpenKey	HKCU	SUCCESS	Desired Access: Read
1:00:01.3494033 PM	GlobalManager.exe	25884	RegQueryKey	HKCU	SUCCESS	Query: HandleTags, HandleTags: 0x0
1:00:01.3494144 PM	GlobalManager.exe	25884	RegQueryKey	HKCU	SUCCESS	Query: Name
1:00:01.3494868 PM	GlobalManager.exe	25884	RegOpenKey	HKCU\Software\Microsoft\Windows\CurrentVersion\ImmersiveShell	SUCCESS	Desired Access: Query Value
1:00:01.3495013 PM	GlobalManager.exe	25884	RegSetInfoKey	HKCU\Software\Microsoft\Windows\CurrentVersion\ImmersiveShell	SUCCESS	KeySetInformationClass: KeySetHandleTagsInformation, Length: 0
1:00:01.3495093 PM	GlobalManager.exe	25884	RegQueryValue	HKCU\Software\Microsoft\Windows\CurrentVersion\ImmersiveShell\TabletMode	SUCCESS	Type: REG_DWORD, Length: 4, Data: 0
1:00:01.3495233 PM	GlobalManager.exe	25884	RegCloseKey	HKCU\Software\Microsoft\Windows\CurrentVersion\ImmersiveShell	SUCCESS	
1:00:01.3495358 PM	GlobalManager.exe	25884	RegQueryKey	HKCU	SUCCESS	Query: HandleTags, HandleTags: 0x0
1:00:01.3495444 PM	GlobalManager.exe	25884	RegQueryKey	HKCU	SUCCESS	Query: Name
1:00:01.3495569 PM	GlobalManager.exe	25884	RegOpenKey	HKCU\Software\Microsoft\Windows\DWM	SUCCESS	Desired Access: Query Value
1:00:01.3495681 PM	GlobalManager.exe	25884	RegSetInfoKey	HKCU\Software\Microsoft\Windows\DWM	SUCCESS	KeySetInformationClass: KeySetHandleTagsInformation, Length: 0
1:00:01.3495755 PM	GlobalManager.exe	25884	RegQueryValue	HKCU\Software\Microsoft\Windows\DWM\ColorPrevalence	SUCCESS	Type: REG_DWORD, Length: 4, Data: 0
1:00:01.3495900 PM	GlobalManager.exe	25884	RegCloseKey	HKCU\Software\Microsoft\Windows\DWM	SUCCESS	
1:00:01.3497334 PM	GlobalManager.exe	25884	RegCloseKey	HKCU	SUCCESS	
1:00:01.3499555 PM	GlobalManager.exe	25884	RegOpenKey	HKCU	SUCCESS	Desired Access: Read
1:00:01.3499695 PM	GlobalManager.exe	25884	RegQueryKey	HKCU	SUCCESS	Query: HandleTags, HandleTags: 0x0
1:00:01.3499777 PM	GlobalManager.exe	25884	RegQueryKey	HKCU	SUCCESS	Query: Name
1:00:01.3499900 PM	GlobalManager.exe	25884	RegOpenKey	HKCU\Software\Microsoft\Windows\CurrentVersion\ImmersiveShell	SUCCESS	Desired Access: Query Value
1:00:01.3499994 PM	GlobalManager.exe	25884	RegSetInfoKey	HKCU\Software\Microsoft\Windows\CurrentVersion\ImmersiveShell	SUCCESS	KeySetInformationClass: KeySetHandleTagsInformation, Length: 0
1:00:01.3500063 PM	GlobalManager.exe	25884	RegQueryValue	HKCU\Software\Microsoft\Windows\CurrentVersion\ImmersiveShell\TabletMode	SUCCESS	Type: REG_DWORD, Length: 4, Data: 0
1:00:01.3500268 PM	GlobalManager.exe	25884	RegCloseKey	HKCU\Software\Microsoft\Windows\CurrentVersion\ImmersiveShell	SUCCESS	
1:00:01.3500502 PM	GlobalManager.exe	25884	RegQueryKey	HKCU	SUCCESS	Query: HandleTags, HandleTags: 0x0
1:00:01.3500581 PM	GlobalManager.exe	25884	RegQueryKey	HKCU	SUCCESS	Query: Name
1:00:01.3500832 PM	GlobalManager.exe	25884	RegOpenKey	HKCU\Software\Microsoft\Windows\DWM	SUCCESS	Desired Access: Query Value
1:00:01.3500912 PM	GlobalManager.exe	25884	RegSetInfoKey	HKCU\Software\Microsoft\Windows\DWM	SUCCESS	KeySetInformationClass: KeySetHandleTagsInformation, Length: 0
1:00:01.3500972 PM	GlobalManager.exe	25884	RegQueryValue	HKCU\Software\Microsoft\Windows\DWM\ColorPrevalence	SUCCESS	Type: REG_DWORD, Length: 4, Data: 0
1:00:01.3501260 PM	GlobalManager.exe	25884	RegCloseKey	HKCU\Software\Microsoft\Windows\DWM	SUCCESS	
1:00:01.3503555 PM	GlobalManager.exe	25884	RegCloseKey	HKCU	SUCCESS	
1:00:01.3535703 PM	GlobalManager.exe	25884	RegQueryValue	HKLM\System\CurrentControlSet\Control\WMI\Security\3e0e3a92-b00b-4456-9dee-f40aba77f00e	NAME NOT FOUND	Length: 524
1:00:01.3543150 PM	GlobalManager.exe	25884	Thread Exit		SUCCESS	Thread ID: 8520, User Time: 0.0156250, Kernel Time: 0.0000000
1:00:01.3543167 PM	GlobalManager.exe	25884	Thread Exit		SUCCESS	Thread ID: 26160, User Time: 0.0156250, Kernel Time: 0.0000000
1:00:01.3543199 PM	GlobalManager.exe	25884	Thread Exit		SUCCESS	Thread ID: 12080, User Time: 0.0000000, Kernel Time: 0.0000000
1:00:01.3543216 PM	GlobalManager.exe	25884	Thread Exit		SUCCESS	Thread ID: 7624, User Time: 0.0000000, Kernel Time: 0.0000000
1:00:01.3543279 PM	GlobalManager.exe	25884	Thread Exit		SUCCESS	Thread ID: 25968, User Time: 0.0000000, Kernel Time: 0.0000000
1:00:01.3543384 PM	GlobalManager.exe	25884	Thread Exit		SUCCESS	Thread ID: 10300, User Time: 0.0000000, Kernel Time: 0.0000000
1:00:01.3543404 PM	GlobalManager.exe	25884	Thread Exit		SUCCESS	Thread ID: 16580, User Time: 0.0000000, Kernel Time: 0.0000000
1:00:01.3543432 PM	GlobalManager.exe	25884	Thread Exit		SUCCESS	Thread ID: 8996, User Time: 0.0000000, Kernel Time: 0.0000000
1:00:01.3543432 PM	GlobalManager.exe	25884	Thread Exit		SUCCESS	Thread ID: 24780, User Time: 0.0312500, Kernel Time: 0.0000000
1:00:01.3551193 PM	GlobalManager.exe	25884	RegOpenKey	HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\GRE_Initialize	REPARSE	Desired Access: Read
1:00:01.3551373 PM	GlobalManager.exe	25884	RegOpenKey	HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize	SUCCESS	Desired Access: Read
1:00:01.3551512 PM	GlobalManager.exe	25884	RegSetInfoKey	HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize	SUCCESS	KeySetInformationClass: KeySetHandleTagsInformation, Length: 0
1:00:01.3551595 PM	GlobalManager.exe	25884	RegQueryValue	HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize\DisableMetaFiles	NAME NOT FOUND	Length: 20
1:00:01.3551758 PM	GlobalManager.exe	25884	RegCloseKey	HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize	SUCCESS	
1:00:01.3552222 PM	GlobalManager.exe	25884	CloseFile	C:\Windows\Fonts\StaticCache.dat	SUCCESS	
1:00:01.3553229 PM	GlobalManager.exe	25884	Thread Exit		SUCCESS	Thread ID: 26360, User Time: 1.7187500, Kernel Time: 0.1250000
1:00:01.3566748 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Program Files (x86)\Internet Download Manager\idmmkb.dll	SUCCESS	Name: \Program Files (x86)\Internet Download Manager\idmmkb.dll
1:00:01.3566919 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Windows\SysWOW64\TextInputFramework.dll	SUCCESS	Name: \Windows\SysWOW64\TextInputFramework.dll
1:00:01.3567042 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Windows\SysWOW64\usermgrcli.dll	SUCCESS	Name: \Windows\SysWOW64\usermgrcli.dll
1:00:01.3567170 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Windows\SysWOW64\CoreUIComponents.dll	SUCCESS	Name: \Windows\SysWOW64\CoreUIComponents.dll
1:00:01.3567287 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Windows\SysWOW64\WinTypes.dll	SUCCESS	Name: \Windows\SysWOW64\WinTypes.dll
1:00:01.3567407 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Windows\SysWOW64\CoreMessaging.dll	SUCCESS	Name: \Windows\SysWOW64\CoreMessaging.dll
1:00:01.3567518 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Windows\SysWOW64\dpapi.dll	SUCCESS	Name: \Windows\SysWOW64\dpapi.dll
1:00:01.3567629 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Windows\SysWOW64\odbc32.dll	SUCCESS	Name: \Windows\SysWOW64\odbc32.dll
1:00:01.3567743 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Windows\SysWOW64\winspool.drv	SUCCESS	Name: \Windows\SysWOW64\winspool.drv
1:00:01.3567860 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Windows\SysWOW64\bcrypt.dll	SUCCESS	Name: \Windows\SysWOW64\bcrypt.dll
1:00:01.3567977 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Windows\SysWOW64\ntmarta.dll	SUCCESS	Name: \Windows\SysWOW64\ntmarta.dll
1:00:01.3568088 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Windows\SysWOW64\uxtheme.dll	SUCCESS	Name: \Windows\SysWOW64\uxtheme.dll
1:00:01.3568205 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Windows\SysWOW64\dwmapi.dll	SUCCESS	Name: \Windows\SysWOW64\dwmapi.dll
1:00:01.3568316 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Windows\SysWOW64\IPHLPAPI.DLL	SUCCESS	Name: \Windows\SysWOW64\IPHLPAPI.DLL
1:00:01.3568425 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Windows\SysWOW64\version.dll	SUCCESS	Name: \Windows\SysWOW64\version.dll
1:00:01.3568533 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Windows\SysWOW64\cryptbase.dll	SUCCESS	Name: \Windows\SysWOW64\cryptbase.dll
1:00:01.3568641 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Windows\SysWOW64\sspicli.dll	SUCCESS	Name: \Windows\SysWOW64\sspicli.dll
1:00:01.3568755 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Windows\SysWOW64\powrprof.dll	SUCCESS	Name: \Windows\SysWOW64\powrprof.dll
1:00:01.3568864 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Windows\SysWOW64\kernel32.dll	SUCCESS	Name: \Windows\SysWOW64\kernel32.dll
1:00:01.3568975 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Windows\SysWOW64\win32u.dll	SUCCESS	Name: \Windows\SysWOW64\win32u.dll
1:00:01.3569083 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Windows\SysWOW64\ucrtbase.dll	SUCCESS	Name: \Windows\SysWOW64\ucrtbase.dll
1:00:01.3569192 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Windows\SysWOW64\ole32.dll	SUCCESS	Name: \Windows\SysWOW64\ole32.dll
1:00:01.3569294 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Windows\SysWOW64\msctf.dll	SUCCESS	Name: \Windows\SysWOW64\msctf.dll
1:00:01.3569400 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Windows\SysWOW64\msvcrt.dll	SUCCESS	Name: \Windows\SysWOW64\msvcrt.dll
1:00:01.3569514 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Windows\SysWOW64\KernelBase.dll	SUCCESS	Name: \Windows\SysWOW64\KernelBase.dll
1:00:01.3569616 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Windows\System32\wow64win.dll	SUCCESS	Name: \Windows\System32\wow64win.dll
1:00:01.3569733 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Windows\System32\wow64.dll	SUCCESS	Name: \Windows\System32\wow64.dll
1:00:01.3569844 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Windows\System32\wow64cpu.dll	SUCCESS	Name: \Windows\System32\wow64cpu.dll
1:00:01.3569961 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Windows\SysWOW64\psapi.dll	SUCCESS	Name: \Windows\SysWOW64\psapi.dll
1:00:01.3570075 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Windows\SysWOW64\shlwapi.dll	SUCCESS	Name: \Windows\SysWOW64\shlwapi.dll
1:00:01.3570181 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Windows\SysWOW64\imm32.dll	SUCCESS	Name: \Windows\SysWOW64\imm32.dll
1:00:01.3570286 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Windows\SysWOW64\ws2_32.dll	SUCCESS	Name: \Windows\SysWOW64\ws2_32.dll
1:00:01.3570389 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Windows\SysWOW64\combase.dll	SUCCESS	Name: \Windows\SysWOW64\combase.dll
1:00:01.3570492 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Windows\SysWOW64\kernel.appcore.dll	SUCCESS	Name: \Windows\SysWOW64\kernel.appcore.dll
1:00:01.3570603 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Windows\SysWOW64\bcryptprimitives.dll	SUCCESS	Name: \Windows\SysWOW64\bcryptprimitives.dll
1:00:01.3570714 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Windows\SysWOW64\advapi32.dll	SUCCESS	Name: \Windows\SysWOW64\advapi32.dll
1:00:01.3570831 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Windows\SysWOW64\sechost.dll	SUCCESS	Name: \Windows\SysWOW64\sechost.dll
1:00:01.3570939 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Windows\SysWOW64\rpcrt4.dll	SUCCESS	Name: \Windows\SysWOW64\rpcrt4.dll
1:00:01.3571050 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Windows\SysWOW64\oleaut32.dll	SUCCESS	Name: \Windows\SysWOW64\oleaut32.dll
1:00:01.3571153 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Windows\SysWOW64\windows.storage.dll	SUCCESS	Name: \Windows\SysWOW64\windows.storage.dll
1:00:01.3571259 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Windows\SysWOW64\msvcp_win.dll	SUCCESS	Name: \Windows\SysWOW64\msvcp_win.dll
1:00:01.3571370 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Windows\SysWOW64\gdi32.dll	SUCCESS	Name: \Windows\SysWOW64\gdi32.dll
1:00:01.3571472 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Windows\SysWOW64\user32.dll	SUCCESS	Name: \Windows\SysWOW64\user32.dll
1:00:01.3571584 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Windows\SysWOW64\SHCore.dll	SUCCESS	Name: \Windows\SysWOW64\SHCore.dll
1:00:01.3571689 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Windows\SysWOW64\gdi32full.dll	SUCCESS	Name: \Windows\SysWOW64\gdi32full.dll
1:00:01.3571795 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Windows\SysWOW64\profapi.dll	SUCCESS	Name: \Windows\SysWOW64\profapi.dll
1:00:01.3571900 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Windows\SysWOW64\shell32.dll	SUCCESS	Name: \Windows\SysWOW64\shell32.dll
1:00:01.3572006 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Windows\SysWOW64\cfgmgr32.dll	SUCCESS	Name: \Windows\SysWOW64\cfgmgr32.dll
1:00:01.3572120 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Windows\SysWOW64\ntdll.dll	SUCCESS	Name: \Windows\SysWOW64\ntdll.dll
1:00:01.3572228 PM	GlobalManager.exe	25884	QueryNameInformationFile	C:\Windows\System32\ntdll.dll	SUCCESS	Name: \Windows\System32\ntdll.dll
1:00:01.3572818 PM	GlobalManager.exe	25884	Process Exit		SUCCESS	Exit Status: 0, User Time: 1.7812500 seconds, Kernel Time: 0.1250000 seconds, Private Bytes: 12,640,256, Peak Private Bytes: 15,810,560, Working Set: 18,821,120, Peak Working Set: 20,283,392
1:00:01.3573174 PM	GlobalManager.exe	25884	CloseFile	C:\Windows	SUCCESS	
1:00:01.3573596 PM	GlobalManager.exe	25884	CloseFile	F:\TEST VSROMAX	SUCCESS	
1:00:01.3573933 PM	GlobalManager.exe	25884	RegCloseKey	HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DllNXOptions	SUCCESS	
1:00:01.3573993 PM	GlobalManager.exe	25884	RegCloseKey	HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options	SUCCESS	
1:00:01.3574044 PM	GlobalManager.exe	25884	RegCloseKey	HKLM\System\CurrentControlSet\Control\Nls\Sorting\Versions	SUCCESS	
1:00:01.3574101 PM	GlobalManager.exe	25884	RegCloseKey	HKLM\System\CurrentControlSet\Control\Session Manager	SUCCESS	
1:00:01.3574175 PM	GlobalManager.exe	25884	RegCloseKey	HKLM	SUCCESS	
1:00:01.3574301 PM	GlobalManager.exe	25884	RegCloseKey	HKCU	SUCCESS	
1:00:01.3574392 PM	GlobalManager.exe	25884	RegCloseKey	HKLM\System\CurrentControlSet\Control\Nls\Sorting\Ids	SUCCESS	
1:00:01.3574435 PM	GlobalManager.exe	25884	RegCloseKey	HKLM\System\CurrentControlSet\Control\Nls\Locale	SUCCESS	
1:00:01.3574472 PM	GlobalManager.exe	25884	RegCloseKey	HKLM\System\CurrentControlSet\Control\Nls\Locale\Alternate Sorts	SUCCESS	
1:00:01.3574509 PM	GlobalManager.exe	25884	RegCloseKey	HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\PropertyBag	SUCCESS	
1:00:01.3574563 PM	GlobalManager.exe	25884	RegCloseKey	HKLM\System\CurrentControlSet\Control\Nls\Language Groups	SUCCESS
Quote:
Originally Posted by blapanda View Post
There are tools tracking any kind of data and registry creation, modification and deletion.
Search for those, set a VM, run that tool, set it up, run your server files with his module, have fun playing hide and seek.
WOULD U MIND CHECKING IT OUT WITH ME ??? .. TON OF DATA MAKING ME CONFUSED LEL.
-Prestige.. is offline  
Old 06/09/2017, 15:24   #6
 
blapanda's Avatar
 
elite*gold: 0
The Black Market: 0/0/0
Join Date: Jul 2009
Posts: 1,860
Received Thanks: 757
Quote:
Originally Posted by -Prestige.. View Post
Code:
-snip-


WOULD U MIND CHECKING IT OUT WITH ME ??? .. TON OF DATA MAKING ME CONFUSED LEL.
Regular microsoft runtime libraries. Nothing suspicious.

Mega might have coded a server-side check to the globalmanager rather than creating an external file which can be manipulated. The same process alike Goofy, Cherno and Co did back then (and people keept wondering why their serverfiles went public afterall).
blapanda is offline  
Old 06/09/2017, 15:27   #7
 
elite*gold: 0
The Black Market: 0/0/0
Join Date: May 2017
Posts: 108
Received Thanks: 17
Quote:
Originally Posted by blapanda View Post
Regular microsoft runtime libraries. Nothing suspicious.

Mega might have coded a server-side check to the globalmanager rather than creating an external file which can be manipulated. The same process alike Goofy, Cherno and Co did back then (and people keept wondering why their serverfiles went public afterall).
NOPE, FILES RUN OFFLINE SUCCESSFULLY ..


EDIT: EVEN THOU IF IT WAS A SERVERSIDE CHECK.. WOULD HAVE BEEN TOO EASY TO GET BYPASSED USING FIDDLER!!
-Prestige.. is offline  
Old 06/09/2017, 16:57   #8
 
B1Q's Avatar
 
elite*gold: 350
The Black Market: 11/0/0
Join Date: Aug 2015
Posts: 1,999
Received Thanks: 1,184
as far as i remember it was protected using Enigma which is SO EASY TO CRACK

just google it
B1Q is offline  
Thanks
2 Users
Old 06/10/2017, 00:18   #9
 
elite*gold: 0
The Black Market: 0/0/0
Join Date: May 2017
Posts: 108
Received Thanks: 17
Quote:
Originally Posted by B1QB0SS :3 View Post
as far as i remember it was protected using Enigma which is SO EASY TO CRACK

just google it
i was just w8ing ur replay <3 .. love u giving just a brief as possible responds
-Prestige.. is offline  
Closed Thread

« hiring personel | Can anyone help me Please to find this? »

Similar Threads Similar Threads
Regarding project tako and easyfarm
01/05/2017 - Final Fantasy XI - 0 Replies
never mind
Response from Gm regarding ts1 and the situation regarding ts2
11/14/2014 - 12Sky2 - 7 Replies
Hungames is an independent company as it seems, ts2.5 is the latest korean version of the game and alt1 agreed to make a version for us as well, and here is the key part of the gms response hi there, sorry for the late reply. "1. TS1, we can open it, but now it's not a good time. when Hun TS2 bacome more stabilized we'll try to wrok on it. 2. 2.5 is actually a newest Korean version. and they have more contents that other servers dont have. and yes, also we will work on our own contents...
[HELP]Project: 12sky2 Cracking project
08/13/2009 - 12Sky2 - 8 Replies
Free File Hosting Made Simple - MediaFire I need help cracking this client (the objective is to disable X-TRAP) for 12sky2.ph tnx for those who will help currently using OLLYDBG for debugging some codes...
A NEW Project (Same Idea as Project Manifesto)
07/28/2009 - CO2 Private Server - 73 Replies
This is based off the original idea of project manifesto which I BELIEVE was a open source sorta deal This meaning that the community contributes to the source instead of having a select few work on the server by itself and everyone else play the server Franqeutly i am tired of ALL these servers that pop up last a few days then finish honestly it gets REALLY old Leave Your comments what you think This is MY OPINION nothing else
[Project] New Private Server Project
12/04/2008 - CO2 Private Server - 25 Replies
yo im fireblaze new in co private servers old in c# i started on epvp because of the conquer section later i found out that there is a private server section to and i downloaded a source and saw that it is a c# source (a language that i know) i tryed to get connected to some private servers but it failed:p well the servers failed to keep the server online. my plan is this, i never know that private servers of conquer where possible (yeah i readed something on the internet about it and...



All times are GMT +2. The time now is 15:23.

elitepvpers - play less, get more - Top

Powered by vBulletin®
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
SEO by vBSEO ©2011, Crawlability, Inc.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Support | Contact Us | FAQ | Advertising | Privacy Policy | Terms of Service | Abuse
Copyright ©2024 elitepvpers All Rights Reserved.