Jump to content
Registrations are Open Now!!!! .To buy our Paid Membership Click Here!!! ×

Multi VPN Checker by APSOFT

Jerry56

By + Jerry56,
in Cracking Tools

 Share

Recommended Posts

  • 3 weeks later...
HailHydra Member

+ HailHydra

Posted
Posted

@amd8,@P3rk0c3t,@lashes,@lomo

2KZer5n.png


 

 
a9yuWm6.png

 

  1. winlogon.exe (PID: 6832 cmdline: "C:\Users\user\Desktop\winlogon.exe" MD5: 8AEA251877CB4F5EE6CF357831F8620C)
  2. cmd.exe (PID: 6332 cmdline: "C:\Windows\System32\cmd.exe" /C schtasks /CREATE /SC ONLOGON /TN Loki /TR C:\Users\user\AppData\Roaming\winlogon.exe /RU SYSTEM /RL HIGHEST /F MD5: F3BDBE3BB6F734E357235F4D5898582D)
  3. conhost.exe (PID: 2528 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
  4. schtasks.exe (PID: 6896 cmdline: schtasks /CREATE /SC ONLOGON /TN Loki /TR C:\Users\user\AppData\Roaming\winlogon.exe /RU SYSTEM /RL HIGHEST /F MD5: 15FF7D8324231381BAD48A052F85DF04)
  5. csc.exe (PID: 4428 cmdline: C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\genzb5nm\genzb5nm.cmdline MD5: 350C52F71BDED7B99668585C15D70EEA)
  6. conhost.exe (PID: 1840 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
  7. cvtres.exe (PID: 6352 cmdline: C:\Windows\Microsoft.NET\Framework\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\user\AppData\Local\Temp\RESBBE.tmp" "c:\ProgramData\CSCAA1ED80841964C04A0A532F2FC31DC6F.TMP" MD5: C09985AE74F0882F208D75DE27770DFA)
  8. cmd.exe (PID: 8664 cmdline: "C:\Windows\System32\cmd.exe" /C vssadmin delete shadows /all /quiet MD5: F3BDBE3BB6F734E357235F4D5898582D)
  9. conhost.exe (PID: 8792 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
  10. vssadmin.exe (PID: 8924 cmdline: vssadmin delete shadows /all /quiet MD5: 7E30B94672107D3381A1D175CF18C147)
  11. cmd.exe (PID: 8820 cmdline: "C:\Windows\System32\cmd.exe" /C wbadmin DELETE SYSTEMSTATEBACKUP MD5: F3BDBE3BB6F734E357235F4D5898582D)
  12. conhost.exe (PID: 3088 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
  13. cmd.exe (PID: 3416 cmdline: "C:\Windows\System32\cmd.exe" /C wmic shadowcopy delete MD5: F3BDBE3BB6F734E357235F4D5898582D)
  14. conhost.exe (PID: 4232 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
  15. WMIC.exe (PID: 4400 cmdline: wmic shadowcopy delete MD5: 79A01FCD1C8166C5642F37D1E0FB7BA8)
  16. cmd.exe (PID: 956 cmdline: "C:\Windows\System32\cmd.exe" /C wbadmin delete catalog -quiet MD5: F3BDBE3BB6F734E357235F4D5898582D)
  17. conhost.exe (PID: 6892 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
  18. cmd.exe (PID: 10368 cmdline: "C:\Windows\System32\cmd.exe" /C bcdedit /set {default} bootstatuspolicy ignoreallfailures MD5: F3BDBE3BB6F734E357235F4D5898582D)
  19. conhost.exe (PID: 10676 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
  20. cmd.exe (PID: 5780 cmdline: "C:\Windows\System32\cmd.exe" /C bcdedit /set {default} recoveryenabled no MD5: F3BDBE3BB6F734E357235F4D5898582D)
  21. conhost.exe (PID: 5572 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
  22. cmd.exe (PID: 9044 cmdline: "C:\Windows\System32\cmd.exe" /C netsh advfirewall set currentprofile state off MD5: F3BDBE3BB6F734E357235F4D5898582D)
  23. conhost.exe (PID: 8996 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
  24. netsh.exe (PID: 4620 cmdline: netsh advfirewall set currentprofile state off MD5: A0AA3322BB46BBFC36AB9DC1DBBBB807)
  25. cmd.exe (PID: 8960 cmdline: "C:\Windows\System32\cmd.exe" /C netsh firewall set opmode mode=disable MD5: F3BDBE3BB6F734E357235F4D5898582D)
  26. conhost.exe (PID: 8924 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
  27. netsh.exe (PID: 3396 cmdline: netsh firewall set opmode mode=disable MD5: A0AA3322BB46BBFC36AB9DC1DBBBB807)
  28. winlogon.exe (PID: 10348 cmdline: C:\Users\user\AppData\Roaming\winlogon.exe MD5: 8AEA251877CB4F5EE6CF357831F8620C)
  29. cmd.exe (PID: 10140 cmdline: "C:\Windows\System32\cmd.exe" /C schtasks /CREATE /SC ONLOGON /TN Loki /TR C:\Windows\system32\config\systemprofile\AppData\Roaming\winlogon.exe /RU SYSTEM /RL HIGHEST /F MD5: F3BDBE3BB6F734E357235F4D5898582D)
  30. conhost.exe (PID: 6900 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
  31. schtasks.exe (PID: 5760 cmdline: schtasks /CREATE /SC ONLOGON /TN Loki /TR C:\Windows\system32\config\systemprofile\AppData\Roaming\winlogon.exe /RU SYSTEM /RL HIGHEST /F MD5: 15FF7D8324231381BAD48A052F85DF04)
  32. cmd.exe (PID: 488 cmdline: "C:\Windows\System32\cmd.exe" /C vssadmin delete shadows /all /quiet MD5: F3BDBE3BB6F734E357235F4D5898582D)
  33. conhost.exe (PID: 5356 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
  34. vssadmin.exe (PID: 3952 cmdline: vssadmin delete shadows /all /quiet MD5: 7E30B94672107D3381A1D175CF18C147)
  35. cmd.exe (PID: 6436 cmdline: "C:\Windows\System32\cmd.exe" /C wbadmin DELETE SYSTEMSTATEBACKUP MD5: F3BDBE3BB6F734E357235F4D5898582D)
  36. conhost.exe (PID: 5688 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
  37. cmd.exe (PID: 5692 cmdline: "C:\Windows\System32\cmd.exe" /C wmic shadowcopy delete MD5: F3BDBE3BB6F734E357235F4D5898582D)
  38. conhost.exe (PID: 5840 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
  39. WMIC.exe (PID: 2352 cmdline: wmic shadowcopy delete MD5: 79A01FCD1C8166C5642F37D1E0FB7BA8)
  40. cmd.exe (PID: 2904 cmdline: "C:\Windows\System32\cmd.exe" /C wbadmin delete catalog -quiet MD5: F3BDBE3BB6F734E357235F4D5898582D)
  41. conhost.exe (PID: 2328 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
  42. cmd.exe (PID: 3348 cmdline: "C:\Windows\System32\cmd.exe" /C bcdedit /set {default} bootstatuspolicy ignoreallfailures MD5: F3BDBE3BB6F734E357235F4D5898582D)
  43. conhost.exe (PID: 5000 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
  44. cmd.exe (PID: 6132 cmdline: "C:\Windows\System32\cmd.exe" /C bcdedit /set {default} recoveryenabled no MD5: F3BDBE3BB6F734E357235F4D5898582D)
  45. conhost.exe (PID: 5792 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
  46. cmd.exe (PID: 6120 cmdline: "C:\Windows\System32\cmd.exe" /C netsh advfirewall set currentprofile state off MD5: F3BDBE3BB6F734E357235F4D5898582D)
  47. conhost.exe (PID: 6924 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
  48. netsh.exe (PID: 7000 cmdline: netsh advfirewall set currentprofile state off MD5: A0AA3322BB46BBFC36AB9DC1DBBBB807)
  49. cmd.exe (PID: 6932 cmdline: "C:\Windows\System32\cmd.exe" /C netsh firewall set opmode mode=disable MD5: F3BDBE3BB6F734E357235F4D5898582D)
  50. conhost.exe (PID: 7104 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
  51. netsh.exe (PID: 3652 cmdline: netsh firewall set opmode mode=disable MD5: A0AA3322BB46BBFC36AB9DC1DBBBB807)
  52. winlogon.exe (PID: 8528 cmdline: "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\winlogon.exe" MD5: 8AEA251877CB4F5EE6CF357831F8620C)
  53. winlogon.exe (PID: 5160 cmdline: "C:\ProgramData\winlogon.exe" MD5: 8AEA251877CB4F5EE6CF357831F8620C)
  54. winlogon.exe (PID: 5572 cmdline: "C:\ProgramData\winlogon.exe" MD5: 8AEA251877CB4F5EE6CF357831F8620C)
  55. cmd.exe (PID: 2252 cmdline: C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wvtymcow.bat" " MD5: 4E2ACF4F8A396486AB4268C94A6A245F)
  56. conhost.exe (PID: 10176 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
  57. reg.exe (PID: 4752 cmdline: REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_DWORD /d 1 /f MD5: E3DACF0B31841FA02064B4457D44B357)
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

Board Life Status


Board startup date: October 30, 2017 06:45:19
×
  • Reputation level: 0
×
  • Create New...