[unpackme] StarForce Audio/Video unpack/crack it

[Amer]

This is a legal files to test the protection cracking.

 

This file is intended by the company to experience crack the protection and is not intended for sale.
This file was sent to me after I asked Star Force sent me to try Crack their protection.

------------------------------------------------------

Info:

StarForce Audio/Video
StarForce Audio/Video tool provides protection from unauthorized use of audio files (mp3, ogg, wma, wav etc.) and video files (avi, mpg, wmv etc.), intended to be viewed on a personal computer Moreover, this solution allows secure of DVD-Video format for either personal computer and DVD players use.
StarForce Audio/Video helps secure private as well as professional audio/video content and ensure it is
used for intended purposes only.
StarForce Audio/Video is easy to install online using the free protection Studio tool.Protection Technology, Ltd.
StarForce Audio - Video Demo
Protection version 5.70.43.1
Trade Name: SF Audio/Video
Build Info: 5.70.043.001, 04.02.13
Project Guid Hash: 3A2489331DF302A363B196FEA40AE61F
Monday, February 04, 2013 10:29:27 AM
    >>>>>     More Info: Self keygen  <<<<<
-----------------------------------------------------------------------------------

the serial number chr count from 28 to 34 that belonging to the license you purchase.

 

you can use these serials to help you trace the protection:

 

AMER-TUTS4U-UAW9FS-QPKDT4-7U3JXH
AMER-AMER-AMER-AMER-AMER-AMER-AMER

 

when you enter the serial choose > (other) or (I already have an Activation Key)

Self keygen:

at the activation window you'll see the HW ID, you can use it as serial number....!!!

 

the serials work on StarForce protected Notepad file: 4.50.07.00 (Build 29.01.07)

StarForce protected Notepad is also Self keygen....

http://tuts4you.com/download.php?view.1277

------------------------------------------

I DON'T KNOW WAY MY NAME ACCEPTED AS SERIAL NUMBER......

Don’t ask me about this mess, I DON’T KNOW….

-------------------

download:

 

http://rghost.net/48258126

 

http://www1.datafilehost.com/d/55f6e676

-------------------

remember this is legal files to test the protection cracking...

 

sorry for bad English

 

[EvOlUtIoN]

Can you upload in other places such as sendspace?

[EvOlUtIoN]

Can you upload in other places such as sendspace?

[Dreamer]

here you go @  EvOlUtIoN  

http://www.sendspace.com/file/7arar3

password : Dreamer

[Teddy Rogers]

The [unpackme] tag has been added to your topic title.

Please remember to follow and adhere to the topic title format - thankyou!

[This is an automated reply]

[Amer]

more info

link1

link2

 

do not be confused
the sections names (“.aspack”, “.pcle” or “.sforce” and secserv.dll) in NTDLL are not any kinde of code injectionArchaeological excavations reveal the depths NTDLL.DLL very interesting fact.
The boot loader checks the names of the sections of each run executable files (dynamic link library), and if it finds a section named ".Aspack", ".Pcle", ".Sforce" taking a number of actions to ensure backward compatibility and cocks the flags are cut down a lot of protections that have emerged in Vista or disconnect legally.Snippet from NTDLL.DLL sections with names PE- file for that special compatibility mode is activated. text: 77F24FEC aSecserv_dll db 'secserv.dll', 0 ; DATA XREF: sub_77F0B5E5 +36 o. text: 77F24FF8 a_sforce db '.sforce', 0 ; DATA XREF: sub_77F0B717 +85 o. text: 77F25000 a_pcle db '.pcle', 0 ; DATA XREF: sub_77F0B717 +6 F o. text: 77F25006 a_aspack db '.aspack', 0 ; DATA XREF: sub_77F0B717 +59 o
-------------------------------------------------------------------------------
Kaspersky Labs 6  
Virus Bulletin 2005 International Conference, DublinNTDLL.dll in x64 Windows
7DA3CC37 6A 08                  push    8
7DA3CC39 68 BC CB A3 7D         push    offset a_aspack
7DA3CC3E 56                     push    esi
7DA3CC3F E8 1C 1E 05 00         call    strncmp
7DA3CC44 8B D8                  mov     ebx, eax
7DA3CC46 83 C4 0C               add     esp, 0Ch
7DA3CC49 85 DB                  test    ebx, ebx
7DA3CC4B 74 29                  jz      short loc_7DA3CC76
7DA3CC4D 6A 06                  push    6
7DA3CC4F 68 C4 CB A3 7D         push    offset a_pcle
7DA3CC54 56                     push    esi
7DA3CC55 E8 06 1E 05 00         call    strncmp
7DA3CC5A 8B D8                  mov     ebx, eax
7DA3CC5C 83 C4 0C               add     esp, 0Ch
7DA3CC5F 85 DB                  test    ebx, ebx
7DA3CC61 74 13                  jz      short loc_7DA3CC76
7DA3CC63 6A 08                  push    8
7DA3CC65 68 CC CB A3 7D         push    offset a_sforce
7DA3CC6A 56                     push    esi
7DA3CC6B E8 F0 1D 05 00         call    strncmp
•
…checking if one of the sections in the PE file is named “.aspack”, “.pcle” or “.sforce”A special “feature”, continued• If any of the sections in the PE file is called “.aspack”, “.pcle” or “.sforce”, NTDLL calls ZwSetInformationProcess with a certain set of flags
• This results in disabling the NX (DEP) protection for the _entire_ process
• All 32-bit programs packed by ASPack do not benefit from the hardware DEP in Windows, even if enabled and enforced by the system!
• Same is true about applications protected by StarForce, or those with “.pcle” sections
 

[Amer]

edited because the post replicated...

Edited September 4, 2013 by Amer