1.5.2.351 legitimate version?

tatooine

I noticed this jv16 PT version, 1.5.2.351, was just uploaded to a somewhat obscure website, but there's no version change on the site here or via "check for updates", so I thought I should mention it in case it's bogus.

It's listed under new downloads.

redseujac

Sorry, we encountered an error while displaying this content. If you're a user, please try again later. If you're an administrator, take a look in your Flarum log files for more information.

jv16

It must be an error, the latest version is 1.5.2.350, as redseujac said.

tatooine

No problem here, Jouni, but I thought maybe you'd want to contact CMPnet in case someone uploaded some garbage posing as a Macecraft representative.

tullik

Sorry, we encountered an error while displaying this content. If you're a user, please try again later. If you're an administrator, take a look in your Flarum log files for more information.

bspeight

I don't think it's an error, I think it's a hack.

It is now all over the web (though not in any of the usual places), and in many places being referred to as Freeware.

I got caught, installed it, and realised there was something wrong, when I found I had 1 folder called jv16PowerTools 2006 (the original one), and another called jv16 Power Tools 2006 (highly dubious!).

I have removed it, but I hope it has not done any damage!

Regards...

Bernard

bspeight

I have tracked down where I found 1.5.2.351. Unbelievably it was CNET Download.com. The following is the blurb that accompanies it on their site:

"SoftLab SoftWare

An amazing set of tools to help you fix, repair, optimize and tune up your computer easier than ever. Does your computer seem to get slower day by day. Are you experiencing any computer problems such as crashes. jv16 Power Tools 2006 is the solution, try it now for free. This product is very impressive and has done wonders in helping You to clean up the 'junk' on You computer."

There is even a detailed Publisher Profile, which says they were established in 2002.

I think this is something for Jouni to follow up.

tullik

bspeight wrote
I don't think it's an error, I think it's a hack.

It is now all over the web (though not in any of the usual places), and in many places being referred to as Freeware.

I got caught, installed it, and realised there was something wrong, when I found I had 1 folder called jv16PowerTools 2006 (the original one), and another called jv16 Power Tools 2006 (highly dubious!).

I have removed it, but I hope it has not done any damage!

Regards...

Bernard

You may be right. A google search on 1.5.2.351 yields about 86 hits. Many links are very contrived and thus suspicious and the content is riddled with errors.

The page referenced in my previous post appeared to fit a CMPnet style but perhaps it was a hack (i.e., crack). If so, it happened in two phases, starting in the daily features page reported by Tatooine, then moving to the page I found. That page has a link to the Macecraft homepage, but the 1.5.2.349 download comes from "brainlab.serverheaven.net" -- Suspicious ...

It is clear these sites are using the Macecraft name very loosely and I guess without the courtesy of asking for permission ...

tullik

Sorry, we encountered an error while displaying this content. If you're a user, please try again later. If you're an administrator, take a look in your Flarum log files for more information.

bspeight

The game goes on...

SoftLab SoftWare have the same product on ZDNet, same description, but they are calling it "Registry Wizard (exe)". Otherwise it is the same as the item on CNET under the name "jv16 Power Tools 2006".

tullik

A search on "SoftLab SoftWare" and 9.90 shows two other products "Free to try, $9.90 to buy ...".

Such as:

Delphi and C++Builder Decompiler 1.15 (jv has said elsewhere here that Macecraft products use Borland Delphi)

Registry Wizard 2.25

These deadend links off some of the google hits are interesting ... but confusing ... :|

http://softlab.ifastnet.com/

http://softlab.ifastnet.com/decompiler/Screen.gif

http://softlab.ifastnet.com/decompiler/

The IP address for softlab.ifastnet.com is 209.190.85.22 per a DNS lookup.

redseujac

tullik wrote
The IP address for softlab.ifastnet.com is 209.190.85.22 per a DNS lookup.

That belongs to "Byethost Internet" at Holywell, Great Brittain ...

Net Range 209.190.85.0 - 290.190.85.255

Abuse => support@byethost.com

bspeight

What it all comes down to, someone is ripping off Macecraft, with at least two variants of jv16 PowerTools, lodged on dozens of sites scattered over the web, for which they are extracting $9.90 (presumably US), per registered copy.

I consider myself a pretty savvy user, but I was briefly misled into thinking I had a new version of jv16 PowerTools.

I don't know what redress Jouni has, but someone is stealing from him.

tullik

Yes. And Jouni is not the only one harmed -- the buyers and legitimate download sites are too.

If Jouni concurs, I will communicate something like the following to CNET, ZDNet and CMPnet. I'll draw the line there -- there are too many smaller operations impacted for me to handle and it's probably a moving target.

"These three items on your ZDNet site may be (are?!!! ...) fraudulent:

*** System Accelerate Expert Edition (exe)

*** Windows Optimizer Platinum (exe)

*** Registry Wizard (exe)

The product source shows as Softlab Software.

The Softlab Software "Registry Wizard" item also shows on your CNET download.com site as does a Softlab Software item called "jv16 Power Tools 2006 1.5.2.351 1.5.2."

Further, these Softlab Software items are scattered across the web on the sites of other legitimate companies that provide download services.

Why do I say fraudulent? I downloaded some of the items and installed one ("Registry Wizard"). The programs are clearly pirated and cracked versions of Macecraft Software's "jv16 PowerTools 2006."

Please independently investigate the Softlab Software items on the sites you control and take appropriate action.

Incidentally, Softlab Software has a product on your sites (and many others) called "Delphi & C++Builder Decompiler." These tools may be the implementation mechanism for the hacking that has apparently been done. In any case, judging from the other products they have posted, the ownership of the decompiler should be investigated as well.

tullik (a user member of the Macecraft Software Forums)"

So Jouni, should I proceed? Or perhaps you already have something underway ...

jv16

I'm very much shocked. I'm now contacting CNET and every other company these pirates are doing business with. You can also do the same.

jv16

redseujac wrote

That belongs to "Byethost Internet" at Holywell, Great Brittain ...

Net Range 209.190.85.0 - 290.190.85.255

Abuse => support@byethost.com

Their e-mail address didn't work, nor did "abuse@byethost.com", so I contacted them via their forum:

http://www.byet.net/showthread.php?p=21280&posted=1

jv16

It seems these criminals did a very good job in submiting the application in pretty much every single software downloading site they could find.

I will be contacting each of these downloading sites and request them to remove these products:

jv16 Power Tools 2006 1.5.2.351 1.5.2

Windows Optimizer Platinum 1.5.2.349

System Accelerate Expert Edition 1.5.2.349

Registry Wizard 2.25

The website they use to collect the money is:

https://usd.swreg.org/soft_shop/45085/shopscr13.shtml

I have also contacted swreg.org to remove processing credit card payments for these crooks.

jv16

The following websites have now been contacted to remove these illegal programs from their website:

http://www.sharewareplaza.com

http://www.download.com

http://www.download-by.net

http://www.sharewareconnection.com

http://www.programurl.com

http://www.qarchive.org

http://www.softpicks.net

http://www.sharewareisland.com

http://www.safe-install.com

http://www.zicos.com

http://www.softslist.com

http://www.gold-software.com

http://www.sw-files.com

http://www.softizer.com

http://www.handyarchive.com

Their main website seems to be:

http://brainlab.serverheaven.net/

Looks like they are also distributing illegal versions of Registry Mechanic and of Ashampoo. I have a feeling they are going down soon.

tullik

Here's a new one (jv should add to his notification list ...):

http://www.fileboost.net/directory/utilities/system/registry_mechanic/010922/review.html

The crooks have apparently cracked the download site link. If you select "Buy now" during the install process, payment would go to https://usd.swreg.org/soft_shop/45085/shopscr17.shtml

As previously promised, I have notified ZDNet and CNET (through their "Question" process). I'll do CMPnet next if I can find a feedback mechanism.

Besides the cracking, it appears the problem lies with insufficient screening (maybe nonexistent in some cases) by the download service companies. IMHO. I guess I could be wrong. :

tullik

Here is the text I submitted to ZDnet and CNET:

"These three items on your ZDNet site are fraudulent:

*** System Accelerate Expert Edition (exe)

*** Windows Optimizer Platinum (exe)

*** Registry Wizard (exe)

The product source shows as Softlab Software.

The Softlab Software "Registry Wizard" item also shows on your CNET download.com site as does a Softlab Software item called "jv16 Power Tools 2006 1.5.2.351 1.5.2."

Further, these Softlab Software items are scattered across the web on the sites of other legitimate companies that provide download services.

Why do I say fraudulent? I downloaded some of the items and installed one ("Registry Wizard"). The programs are clearly pirated and cracked versions of Macecraft Software's "jv16 PowerTools 2006."

Please escalate this matter and independently investigate the Softlab Software items on the sites you control and take appropriate action.

Incidentally, Softlab Software has a product on your sites (and many others) called "Delphi & C++Builder Decompiler." These tools may be the implementation mechanism for the cracking that has apparently been done. In any case, judging from the other products they have posted, the ownership of the decompiler should be investigated as well.

tullik (a user member of the Macecraft Software Forums)

*** email address ***

Added: More information about the the pirating is at http://www.macecraft.com/phpBB2/viewtopic.php?p=7582#7582 -- apparently these crooks are also using names other than Softlab Software and have stolen other products."

~~Next Page »~~