#outdated
Counter-Strike 1.6: R-Aimbot (undetected)
10/01/2012 21:16
snorgy#1
10/01/2012 21:26
maTsg#2
Virustotal ?
[Only registered and activated users can see links. Click Here To Register...]
[Only registered and activated users can see links. Click Here To Register...]
10/01/2012 22:15
nc0.#3
Code:
[=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=]
Registry Values Read:
[=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=]
Key: [ HKLM\SOFTWARE\Microsoft\CTF\SystemShared\ ],
Value Name: [ CUAS ], Value: [ 0 ], 1 time
Key: [ HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes ],
Value Name: [ Arial Baltic,186 ], Value: [ Arial,186 ], 1 time
Key: [ HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes ],
Value Name: [ Arial CE,238 ], Value: [ Arial,238 ], 1 time
Key: [ HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes ],
Value Name: [ Arial CYR,204 ], Value: [ Arial,204 ], 1 time
Key: [ HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes ],
Value Name: [ Arial Greek,161 ], Value: [ Arial,161 ], 1 time
Key: [ HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes ],
Value Name: [ Arial TUR,162 ], Value: [ Arial,162 ], 1 time
Key: [ HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes ],
Value Name: [ Courier New Baltic,186 ], Value: [ Courier New,186 ], 1 time
Key: [ HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes ],
Value Name: [ Courier New CE,238 ], Value: [ Courier New,238 ], 1 time
Key: [ HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes ],
Value Name: [ Courier New CYR,204 ], Value: [ Courier New,204 ], 1 time
Key: [ HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes ],
Value Name: [ Courier New Greek,161 ], Value: [ Courier New,161 ], 1 time
Key: [ HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes ],
Value Name: [ Courier New TUR,162 ], Value: [ Courier New,162 ], 1 time
Key: [ HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes ],
Value Name: [ Helv ], Value: [ MS Sans Serif ], 1 time
Key: [ HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes ],
Value Name: [ Helvetica ], Value: [ Arial ], 1 time
Key: [ HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes ],
Value Name: [ MS Shell Dlg ], Value: [ Microsoft Sans Serif ], 1 time
Key: [ HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes ],
Value Name: [ MS Shell Dlg 2 ], Value: [ Tahoma ], 1 time
Key: [ HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes ],
Value Name: [ Times ], Value: [ Times New Roman ], 1 time
Key: [ HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes ],
Value Name: [ Times New Roman Baltic,186 ], Value: [ Times New Roman,186 ], 1 time
Key: [ HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes ],
Value Name: [ Times New Roman CE,238 ], Value: [ Times New Roman,238 ], 1 time
Key: [ HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes ],
Value Name: [ Times New Roman CYR,204 ], Value: [ Times New Roman,204 ], 1 time
Key: [ HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes ],
Value Name: [ Times New Roman Greek,161 ], Value: [ Times New Roman,161 ], 1 time
Key: [ HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes ],
Value Name: [ Times New Roman TUR,162 ], Value: [ Times New Roman,162 ], 1 time
Key: [ HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes ],
Value Name: [ Tms Rmn ], Value: [ MS Serif ], 1 time
Key: [ HKLM\SYSTEM\CurrentControlSet\Control\Session Manager ],
Value Name: [ CriticalSectionTimeout ], Value: [ 2592000 ], 1 time
Key: [ HKLM\SYSTEM\Setup ],
Value Name: [ SystemSetupInProgress ], Value: [ 0 ], 1 time
Key: [ HKLM\Software\Microsoft\.NETFramework ],
Value Name: [ InstallRoot ], Value: [ C:\WINDOWS\Microsoft.NET\Framework\ ], 9 times
Key: [ HKLM\Software\Microsoft\.NETFramework\Policy\\v4.0 ],
Value Name: [ 30319 ], Value: [ 30319-30319 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\GACChangeNotification\Default ],
Value Name: [ Accessibility,2.0.0.0,,b03f5f7f11d50a3a,MSIL ], Value: [ 0x9ae26ea720cfcb01 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\GACChangeNotification\Default ],
Value Name: [ Microsoft.VisualBasic,8.0.0.0,,b03f5f7f11d50a3a,MSIL ], Value: [ 0x421127aa20cfcb01 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\GACChangeNotification\Default ],
Value Name: [ System,2.0.0.0,,b77a5c561934e089,MSIL ], Value: [ 0x8a57dea520cfcb01 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\GACChangeNotification\Default ],
Value Name: [ System.Configuration,2.0.0.0,,b03f5f7f11d50a3a,MSIL ], Value: [ 0x18bb1ba420cfcb01 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\GACChangeNotification\Default ],
Value Name: [ System.Deployment,2.0.0.0,,b03f5f7f11d50a3a,MSIL ], Value: [ 0x9cbf64a520cfcb01 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\GACChangeNotification\Default ],
Value Name: [ System.DirectoryServices,2.0.0.0,,b03f5f7f11d50a3a,MSIL ], Value: [ 0x9c19c7a720cfcb01 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\GACChangeNotification\Default ],
Value Name: [ System.Drawing,2.0.0.0,,b03f5f7f11d50a3a,MSIL ], Value: [ 0x028b82a120cfcb01 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\GACChangeNotification\Default ],
Value Name: [ System.Management,2.0.0.0,,b03f5f7f11d50a3a,MSIL ], Value: [ 0x1ab45fb020cfcb01 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\GACChangeNotification\Default ],
Value Name: [ System.Runtime.Remoting,2.0.0.0,,b77a5c561934e089,MSIL ], Value: [ 0xb4074cae20cfcb01 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\GACChangeNotification\Default ],
Value Name: [ System.Runtime.Serialization.Formatters.Soap,2.0.0.0,,b03f5f7f11d50a3a,MSIL ], Value: [ 0x586ef1ad20cfcb01 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\GACChangeNotification\Default ],
Value Name: [ System.Security,2.0.0.0,,b03f5f7f11d50a3a,MSIL ], Value: [ 0x50fdd5a120cfcb01 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\GACChangeNotification\Default ],
Value Name: [ System.Web,2.0.0.0,,b03f5f7f11d50a3a,x86 ], Value: [ 0x58d936a320cfcb01 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\GACChangeNotification\Default ],
Value Name: [ System.Windows.Forms,2.0.0.0,,b77a5c561934e089,MSIL ], Value: [ 0xa6ff4ea820cfcb01 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\GACChangeNotification\Default ],
Value Name: [ System.Xml,2.0.0.0,,b77a5c561934e089,MSIL ], Value: [ 0xca1b97a220cfcb01 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\GACChangeNotification\Default ],
Value Name: [ mscorlib,2.0.0.0,,b77a5c561934e089,x86 ], Value: [ 0xa8ce1d9f20cfcb01 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32 ],
Value Name: [ LatestIndex ], Value: [ 117 ], 3 times
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\19ab8d57\291a02d0\6 ],
Value Name: [ DisplayName ], Value: [ System.Xml,2.0.0.0,,b77a5c561934e089 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\19ab8d57\291a02d0\6 ],
Value Name: [ LastModTime ], Value: [ 0xca1b97a220cfcb01 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\19ab8d57\291a02d0\6 ],
Value Name: [ SIG ], Value: [ 0xe129b85668d5c94a83901a595a688da0546fb0968a3ad8f39d84fd920ec9 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\19ab8d57\291a02d0\6 ],
Value Name: [ Status ], Value: [ 4098 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\24bf93f6\643db07b\1c ],
Value Name: [ DisplayName ], Value: [ System.Web,2.0.0.0,,b03f5f7f11d50a3a ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\24bf93f6\643db07b\1c ],
Value Name: [ LastModTime ], Value: [ 0x58d936a320cfcb01 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\24bf93f6\643db07b\1c ],
Value Name: [ SIG ], Value: [ 0x257ea63099a54b47b394ae802aab504d19f0e298ec19246fcdb594503704 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\24bf93f6\643db07b\1c ],
Value Name: [ Status ], Value: [ 8194 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\2b1a4e4\6abb48d8\40 ],
Value Name: [ DisplayName ], Value: [ System.Management,2.0.0.0,,b03f5f7f11d50a3a ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\2b1a4e4\6abb48d8\40 ],
Value Name: [ LastModTime ], Value: [ 0x1ab45fb020cfcb01 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\2b1a4e4\6abb48d8\40 ],
Value Name: [ SIG ], Value: [ 0x3e169fe688ba0044a1e06d7325a897046350b207203b659a3f4acb1d6fd4 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\2b1a4e4\6abb48d8\40 ],
Value Name: [ Status ], Value: [ 4098 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\2dd6ac50\3914f670\a ],
Value Name: [ DisplayName ], Value: [ Accessibility,2.0.0.0,,b03f5f7f11d50a3a ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\2dd6ac50\3914f670\a ],
Value Name: [ LastModTime ], Value: [ 0x9ae26ea720cfcb01 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\2dd6ac50\3914f670\a ],
Value Name: [ SIG ], Value: [ 0x0c125ccbcbedd94384951da8e0098afff59f82cfa273bcd55ade98bfad83 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\2dd6ac50\3914f670\a ],
Value Name: [ Status ], Value: [ 4098 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3a6a696d\638045d1\20 ],
Value Name: [ DisplayName ], Value: [ System.DirectoryServices,2.0.0.0,,b03f5f7f11d50a3a ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3a6a696d\638045d1\20 ],
Value Name: [ LastModTime ], Value: [ 0x9c19c7a720cfcb01 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3a6a696d\638045d1\20 ],
Value Name: [ SIG ], Value: [ 0x600e4254def88f47a6dc794867cc25fadc8d2cf561769985a4e7105cde4a ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3a6a696d\638045d1\20 ],
Value Name: [ Status ], Value: [ 4098 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3ced59c5\7f729234\b ],
Value Name: [ DisplayName ], Value: [ System.Deployment,2.0.0.0,,b03f5f7f11d50a3a ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3ced59c5\7f729234\b ],
Value Name: [ LastModTime ], Value: [ 0x9cbf64a520cfcb01 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3ced59c5\7f729234\b ],
Value Name: [ SIG ], Value: [ 0xaa6a30bb5ee45e4395aee8e3e013862cc3e045ee0eeb054e6d82e3b4dc36 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3ced59c5\7f729234\b ],
Value Name: [ Status ], Value: [ 4098 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3f50fe4f\6e9ac653\7 ],
Value Name: [ DisplayName ], Value: [ System,2.0.0.0,,b77a5c561934e089 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3f50fe4f\6e9ac653\7 ],
Value Name: [ LastModTime ], Value: [ 0x8a57dea520cfcb01 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3f50fe4f\6e9ac653\7 ],
Value Name: [ SIG ], Value: [ 0x7739f7fe32588e438bd70fda47be005ca87ed832d6e6b76aa0302a427ffe ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3f50fe4f\6e9ac653\7 ],
Value Name: [ Status ], Value: [ 4098 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\41c04c7e\4426ac2f\c ],
Value Name: [ DisplayName ], Value: [ System.Runtime.Serialization.Formatters.Soap,2.0.0.0,,b03f5f7f11d50a3a ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\41c04c7e\4426ac2f\c ],
Value Name: [ LastModTime ], Value: [ 0x586ef1ad20cfcb01 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\41c04c7e\4426ac2f\c ],
Value Name: [ SIG ], Value: [ 0x84ba240465953246b597c8a014faed3e952c5f993566c233a384370ec6af ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\41c04c7e\4426ac2f\c ],
Value Name: [ Status ], Value: [ 4098 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\424bd4d8\67e63d5c\5 ],
Value Name: [ DisplayName ], Value: [ System.Configuration,2.0.0.0,,b03f5f7f11d50a3a ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\424bd4d8\67e63d5c\5 ],
Value Name: [ LastModTime ], Value: [ 0x18bb1ba420cfcb01 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\424bd4d8\67e63d5c\5 ],
Value Name: [ SIG ], Value: [ 0x13b985b524af744ea7870ebe1b5d5d0658961b3f64a74093492875c9d8f1 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\424bd4d8\67e63d5c\5 ],
Value Name: [ Status ], Value: [ 4098 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\475dce40\2995e574\e ],
Value Name: [ DisplayName ], Value: [ System.Security,2.0.0.0,,b03f5f7f11d50a3a ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\475dce40\2995e574\e ],
Value Name: [ LastModTime ], Value: [ 0x50fdd5a120cfcb01 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\475dce40\2995e574\e ],
Value Name: [ SIG ], Value: [ 0x35ebef571a04574ba2270f0f0ce1e3b70ca85b8f2d6480a1d16ea10f281a ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\475dce40\2995e574\e ],
Value Name: [ Status ], Value: [ 4098 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\4f99a7c9\7949fb97\42 ],
Value Name: [ DisplayName ], Value: [ Microsoft.VisualBasic,8.0.0.0,,b03f5f7f11d50a3a ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\4f99a7c9\7949fb97\42 ],
Value Name: [ LastModTime ], Value: [ 0x421127aa20cfcb01 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\4f99a7c9\7949fb97\42 ],
Value Name: [ SIG ], Value: [ 0x8d608f73d22b3548baf6a7faf89c5f230b86a6a7c448b7f134ef800ede26 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\4f99a7c9\7949fb97\42 ],
Value Name: [ Status ], Value: [ 4098 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\6dc7d4c0\3fcdfaca\9 ],
Value Name: [ DisplayName ], Value: [ System.Drawing,2.0.0.0,,b03f5f7f11d50a3a ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\6dc7d4c0\3fcdfaca\9 ],
Value Name: [ LastModTime ], Value: [ 0x028b82a120cfcb01 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\6dc7d4c0\3fcdfaca\9 ],
Value Name: [ SIG ], Value: [ 0xd13b44b636575b40b535819858133665d8507ae68706294dda848b7a1e72 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\6dc7d4c0\3fcdfaca\9 ],
Value Name: [ Status ], Value: [ 4098 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\7950e2c5\319545b3\8 ],
Value Name: [ DisplayName ], Value: [ mscorlib,2.0.0.0,,b77a5c561934e089 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\7950e2c5\319545b3\8 ],
Value Name: [ LastModTime ], Value: [ 0xa8ce1d9f20cfcb01 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\7950e2c5\319545b3\8 ],
Value Name: [ Modules ], Value: [ sortkey.nlp|sorttbls.nlp|big5.nlp|bopomofo.nlp|ksc.nlp|prc.nlp|prcp.nlp|xjis.nlp|normidna.nlp|normnfc.nlp|normnfd.nlp|normnfkc.nlp|normnfkd.nlp ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\7950e2c5\319545b3\8 ],
Value Name: [ SIG ], Value: [ 0x61498a5bb093b143a337bdf5962ece99bd6c58fc8f03105a020331f4a600 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\7950e2c5\319545b3\8 ],
Value Name: [ Status ], Value: [ 8198 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\c991064\268e923b\10 ],
Value Name: [ DisplayName ], Value: [ System.Windows.Forms,2.0.0.0,,b77a5c561934e089 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\c991064\268e923b\10 ],
Value Name: [ LastModTime ], Value: [ 0xa6ff4ea820cfcb01 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\c991064\268e923b\10 ],
Value Name: [ SIG ], Value: [ 0x44a949e4640e604da04329762516a96e6e1fa3a76770071df15dc4d908f9 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\c991064\268e923b\10 ],
Value Name: [ Status ], Value: [ 4098 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\f6e8397\61a5c1bb\1d ],
Value Name: [ DisplayName ], Value: [ System.Runtime.Remoting,2.0.0.0,,b77a5c561934e089 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\f6e8397\61a5c1bb\1d ],
Value Name: [ LastModTime ], Value: [ 0xb4074cae20cfcb01 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\f6e8397\61a5c1bb\1d ],
Value Name: [ SIG ], Value: [ 0x564f729ebc6f6b4bb3dc6f535b33f8fbd8487686c42a2af9e970a5ba9956 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\f6e8397\61a5c1bb\1d ],
Value Name: [ Status ], Value: [ 4098 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\181938c6\3c74e9a9\8 ],
Value Name: [ ConfigMask ], Value: [ 4361 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\181938c6\3c74e9a9\8 ],
Value Name: [ ConfigString ], Value: [ ZAP--0000-0000 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\181938c6\3c74e9a9\8 ],
Value Name: [ DisplayName ], Value: [ mscorlib,2.0.0.0,,b77a5c561934e089 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\181938c6\3c74e9a9\8 ],
Value Name: [ ILDependencies ], Value: [ 0xc5e25079b3459531080000000200000000000000 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\181938c6\3c74e9a9\8 ],
Value Name: [ MVID ], Value: [ 0x642534209e13d16e93b80a628742d2ee ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\181938c6\3c74e9a9\8 ],
Value Name: [ Status ], Value: [ 0 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\1c22df2f\52628d2e\46 ],
Value Name: [ ConfigMask ], Value: [ 4361 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\1c22df2f\52628d2e\46 ],
Value Name: [ ConfigString ], Value: [ ZAP--0000-0000 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\1c22df2f\52628d2e\46 ],
Value Name: [ DisplayName ], Value: [ Microsoft.VisualBasic,8.0.0.0,,b03f5f7f11d50a3a ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\1c22df2f\52628d2e\46 ],
Value Name: [ ILDependencies ], Value: [ 0x6410990c3b928e26100000000200000000000000c0d4c76dcafacd3f0900 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\1c22df2f\52628d2e\46 ],
Value Name: [ MVID ], Value: [ 0x900525e192ca3d523143207ac11ae5f5 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\1c22df2f\52628d2e\46 ],
Value Name: [ NIDependencies ], Value: [ 0xc6381918a9e9743c0800000002000000000000004f7cbc303282491d0700 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\1c22df2f\52628d2e\46 ],
Value Name: [ Status ], Value: [ 0 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc7c4f\1d498232\7 ],
Value Name: [ ConfigMask ], Value: [ 4361 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc7c4f\1d498232\7 ],
Value Name: [ ConfigString ], Value: [ ZAP--0000-0000 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc7c4f\1d498232\7 ],
Value Name: [ DisplayName ], Value: [ System,2.0.0.0,,b77a5c561934e089 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc7c4f\1d498232\7 ],
Value Name: [ ILDependencies ], Value: [ 0xd8d44b425c3de667050000000200000000000000578dab19d0021a290600 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc7c4f\1d498232\7 ],
Value Name: [ MVID ], Value: [ 0x36dbfcf62e07d819b3de533898868ecf ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc7c4f\1d498232\7 ],
Value Name: [ NIDependencies ], Value: [ 0xc6381918a9e9743c080000000200000000000000 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc7c4f\1d498232\7 ],
Value Name: [ Status ], Value: [ 0 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\3cca06a0\31de29a4\f ],
Value Name: [ ConfigMask ], Value: [ 4361 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\3cca06a0\31de29a4\f ],
Value Name: [ ConfigString ], Value: [ ZAP--0000-0000 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\3cca06a0\31de29a4\f ],
Value Name: [ DisplayName ], Value: [ System.Drawing,2.0.0.0,,b03f5f7f11d50a3a ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\3cca06a0\31de29a4\f ],
Value Name: [ ILDependencies ], Value: [ 0xc0d4c76dcafacd3f090000000200000000000000 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\3cca06a0\31de29a4\f ],
Value Name: [ MVID ], Value: [ 0xc91f68c2920882e02aec00eeabb6b415 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\3cca06a0\31de29a4\f ],
Value Name: [ NIDependencies ], Value: [ 0xc6381918a9e9743c0800000002000000000000004f7cbc303282491d0700 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\3cca06a0\31de29a4\f ],
Value Name: [ Status ], Value: [ 0 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\432ba598\3d75b7fc\1d ],
Value Name: [ ConfigMask ], Value: [ 4361 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\432ba598\3d75b7fc\1d ],
Value Name: [ ConfigString ], Value: [ ZAP--0000-0000 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\432ba598\3d75b7fc\1d ],
Value Name: [ DisplayName ], Value: [ System.Runtime.Remoting,2.0.0.0,,b77a5c561934e089 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\432ba598\3d75b7fc\1d ],
Value Name: [ ILDependencies ], Value: [ 0xf693bf247bb03d641c00000002000000000000007e4cc0412fac26440c00 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\432ba598\3d75b7fc\1d ],
Value Name: [ MVID ], Value: [ 0x3c822251e1a4b15dbbb90c2cf9f75352 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\432ba598\3d75b7fc\1d ],
Value Name: [ NIDependencies ], Value: [ 0xc6381918a9e9743c0800000002000000000000004f7cbc303282491d0700 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\432ba598\3d75b7fc\1d ],
Value Name: [ Status ], Value: [ 0 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\61e7e666\69db6748\e ],
Value Name: [ ConfigMask ], Value: [ 4361 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\61e7e666\69db6748\e ],
Value Name: [ ConfigString ], Value: [ ZAP--0000-0000 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\61e7e666\69db6748\e ],
Value Name: [ DisplayName ], Value: [ System.Windows.Forms,2.0.0.0,,b77a5c561934e089 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\61e7e666\69db6748\e ],
Value Name: [ ILDependencies ], Value: [ 0x40ce5d4774e595290e0000000200000000000000578dab19d0021a290600 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\61e7e666\69db6748\e ],
Value Name: [ MVID ], Value: [ 0x0c70e5d82578be2f6c0dde89182261c5 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\61e7e666\69db6748\e ],
Value Name: [ NIDependencies ], Value: [ 0xc6381918a9e9743c0800000002000000000000004f7cbc303282491d0700 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\61e7e666\69db6748\e ],
Value Name: [ Status ], Value: [ 0 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\index75 ],
Value Name: [ ILUsageMask ], Value: [ 0xffffffffffffffffff01 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\index75 ],
Value Name: [ NIUsageMask ], Value: [ 0xfffffffffffffffff1 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\PublisherPolicy\Default ],
Value Name: [ Latest ], Value: [ 1 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\PublisherPolicy\Default ],
Value Name: [ LegacyPolicyTimeStamp ], Value: [ 0x0000000000000000 ], 1 time
Key: [ HKLM\Software\Microsoft\Fusion\PublisherPolicy\Default ],
Value Name: [ index1 ], Value: [ 0x00 ], 1 time
Key: [ HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mscoree.dll ],
Value Name: [ CheckAppHelp ], Value: [ 1 ], 1 time
Key: [ HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mscorwks.dll ],
Value Name: [ CheckAppHelp ], Value: [ 1 ], 1 time
Key: [ HKLM\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers ],
Value Name: [ TransparentEnabled ], Value: [ 1 ], 1 time
Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Keyboard Layout\Toggle ],
Value Name: [ Language Hotkey ], Value: [ 1 ], 2 times
Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Keyboard Layout\Toggle ],
Value Name: [ Layout Hotkey ], Value: [ 2 ], 2 times
Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\GDIPlus ],
Value Name: [ FontCachePath ], Value: [ C:\Documents and Settings\Administrator\Local Settings\Application Data ], 1 time
Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders ],
Value Name: [ AppData ], Value: [ %USERPROFILE%\Application Data ], 1 time
Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders ],
Value Name: [ Cache ], Value: [ %USERPROFILE%\Local Settings\Temporary Internet Files ], 1 time
Code:
[=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=]
Memory Mapped Files:
[=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=]
File Name: [ C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT ]
File Name: [ C:\R-Aimbot.e.exe ]
File Name: [ C:\WINDOWS\FONTS\MICROSS.TTF ]
File Name: [ C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll ]
File Name: [ C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll ]
File Name: [ C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll ]
File Name: [ C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\MSVCR80.dll ]
File Name: [ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll ]
File Name: [ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5512_x-ww_dfb54e0c\gdiplus.dll ]
File Name: [ C:\WINDOWS\WindowsShell.Manifest ]
File Name: [ C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\sortkey.nlp ]
File Name: [ C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\sorttbls.nlp ]
File Name: [ C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll ]
File Name: [ C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\900525e192ca3d523143207ac11ae5f5\Microsoft.VisualBasic.ni.dll ]
File Name: [ C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\c91f68c2920882e02aec00eeabb6b415\System.Drawing.ni.dll ]
File Name: [ C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\3c822251e1a4b15dbbb90c2cf9f75352\System.Runtime.Remoting.ni.dll ]
File Name: [ C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\0c70e5d82578be2f6c0dde89182261c5\System.Windows.Forms.ni.dll ]
File Name: [ C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\36dbfcf62e07d819b3de533898868ecf\System.ni.dll ]
File Name: [ C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\642534209e13d16e93b80a628742d2ee\mscorlib.ni.dll ]
File Name: [ C:\WINDOWS\system32\MSCTF.dll ]
File Name: [ C:\WINDOWS\system32\comctl32.dll ]
File Name: [ C:\WINDOWS\system32\imm32.dll ]
File Name: [ C:\WINDOWS\system32\l_intl.nls ]
File Name: [ C:\WINDOWS\system32\mscoree.dll ]
File Name: [ C:\WINDOWS\system32\rpcss.dll ]
File Name: [ C:\WINDOWS\system32\shell32.dll ]
File Name: [ C:\WINDOWS\system32\uxtheme.dll ]
10/02/2012 00:05
burncode#4
Ich versteh nicht, warum die Hacks von tobys hier rein gepostet werden?
Man kann einfach auf seine Seite gehen.
Da steht alles geordnet.
Meiner Meinung nach ist das nach Thanks geiern.
Weiß tobys was davon?
Ps: wenn das wirklich von tobys ist, kann da kein Virus drin sein,
AUßER, der Verfasser des Threads hat ein Virus eingebaut.
mfg
Man kann einfach auf seine Seite gehen.
Da steht alles geordnet.
Meiner Meinung nach ist das nach Thanks geiern.
Weiß tobys was davon?
Ps: wenn das wirklich von tobys ist, kann da kein Virus drin sein,
AUßER, der Verfasser des Threads hat ein Virus eingebaut.
mfg
10/19/2012 17:30
Sunnii'#5
Was ist dass denn für eine Aussage? Toby kann genau so gut einen Virus rein hauen, nur denke ich nicht dass er wenn dann sobiso nen anstendigen Crypter hat, wurde wegen toby von VAC gebant, das vergesse ich ihm nie :DQuote:
Ps: wenn wenn das wirklich von tobys ist, kann da kein Virus drin sein,
AUßER, der Verfasser des Threads hat ein Virus eingebaut.
mfg
11/19/2012 20:09
Sunnii'#6
Das postest du wirklich unter jeden Hack oder?Quote:
Zum 3. Mal das gleiche!
10/14/2013 18:40
dragosboy31#7
thx ;)
10/14/2013 19:48
Autrux#8
#closed