Some additional
information now that this is turning out to be a success : Simply thank
you on behalf of the entire team (h44t33_Anon on Twitter)
>>>>>>>>>>>>>>>>THIS
IS THE ROOTKIT THAT APPEARS IN VARIOUS FORMS AFTER WE DUMP OUR ROOTKIT
YUMMY I GOT LOVE ON MY TUMMY REALLY GUYS WE REALLY THINK SOMEBODY OUGHT
TO KNOW THIS BEFORE OUR LITTLE FERRET MINDS DISCOVER WHAT IT IS
WIRESHARK JUST GIVES SHIT LIKE>>ENCODED BITS ACCORDING TO
BOOTSTRAP LITTLE-ENDING TRY WIKI THANKS AND OH DONT BOTHER BEING THE
FIRST TO DISCOVER IT REALLY GUYS THANKS UMMM WERE ON TWITTER UNDER
H44T33_Anon
IMPORTANT EDIT ON A DISCOVERY WE MADE
LATER AFTER ALL HACKTO LEARN / IN ADDITION TO THE BELOW ADDED TO THE
REGISTRY WE EXPERIMENTED BY SETTING KEEPALIVETIMEOUT TO ZERO BUT ALSO IN
THE SAME KEY MAKING A NEW ADD NAMELY FOR SERVERINFOTIMEOUT AND ALSO
SETTING IT TO ZERO AFTERALL THE IP ON OUR SECOND HOP IS ALLWAYS A GAME
SERVER and our ISP is allways on the first/ IT IS CLEAR TO US THAT WITH
THIS 'LULZROOTKIT' (IF YOU LIKE BECAUSE OF HOW IT WAS OBTAINED AND
MODIFIED DELETING and then again adding THE KEY LASTTASKRUN ) AND
SUBSTITUTING CRYPTOGRAPHY.RNG FOR SCHEDULINGAGENT AND THEN FOR
CRYPTOGRAPHY/RNG.LASTTASKRUN and schedulingagent.lasttaskrun (!yes this
was all accepted by the registry)(because we dumped the rootkits added
and found the four below eventually of which the second is only of
interest to you------------->>> copy it here in notepad save to
desktop call it whatever you like hell even keep it and add to
registry(the second one between asteriksis
WE MAY HAVE A SURPRISE ; A3rd rootkit again under cryptography/rng (our system did crash once again lol
Windows Registry Editor Version 5.00
the below was originally lasttaskrun
seed in the same registry but it gave us another rootkit which we then
added too the first one was also a rootkit
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SchedulingAgent]
"Seed"=hex:4f,4f,e7,63,83,25,b9,3e,2d,f9,02,0a,75,9f,98,4d,28,35,78,a4,ab,1a,\
9f,5f,1f,4a,1c,2f,67,a7,5e,5d,86,75,5f,b4,27,2d,d2,71,2a,eb,54,60,39,79,0a,\
ab,c7,5a,33,58,e9,6d,95,ca,8d,3e,93,ef,2c,7f,86,09,53,dd,ea,3f,76,b7,03,40,\
72,88,6d,9d,bc,91,31,03
This was the first one :
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\RNG.LastTaskRun]
"Seed"=hex:1d,e1,fe,db,09,ab,f4,6f,34,ca,60,bd,31,4c,0b,a1,40,47,d3,7b,ec,71,\
71,75,8f,80,bb,1c,c7,95,c4,a7,8a,0b,e7,11,dc,0c,37,8e,ba,eb,dd,c9,7e,40,8c,\
fc,83,93,fa,79,6c,f9,26,ec,1f,53,ab,8e,28,7f,f4,0a,f8,25,1a,ae,bc,62,06,bc,\
ee,4f,73,cd,6e,15,e3,80
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
and this dear children the 3rd ;
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\RNG]
"Seed"=hex:03,c7,22,e9,37,56,79,c8,16,c1,7d,bb,cd,ca,bf,f7,c6,aa,a6,aa,86,15,\
c7,46,16,d3,9f,60,b0,bb,57,69,4b,c1,a8,2d,65,a4,c0,47,f8,01,02,1c,f6,2b,ed,\
70,af,0d,12,93,1c,92,21,54,45,ba,56,63,db,7a,a0,80,6d,08,e5,d5,36,24,e9,ad,\
38,ea,1d,ec,69,f5,5f,9e
YES TEAM_h44t33_Anon
INTRODUCES DIRECT LINKING LIBRARY HELL OR SIMPLY DLL HELL AND YES ITS A
ROOTKIT ON THE SECOND HOP AS WE ARE CONNECTED WITH DUTCH TELECOM KPN
THROGH A BIOWARE EA LUCAS SERVER FOR THE OLD REPUBLIC OR SWTOR
Finally to render ourselves immune :
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\SharedAccess\Epoch]
"Epoch"=dword:000539d2
DLL HELL BY TEAM h44t33_Anon
FREE TUTORIALS: CRYPTO-CURRENCIES, CIPHER-MARKETS, DIGITAL VALUE TRANSFER, VAULTING & STORAGE; BITCOIN - the lot! 
