API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Aug 9th, 2010
153
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 8.47 KB | None | 0 0
raw download clone embed print report
  1. ----------------------------------
  2. Keys added:3
  3. ----------------------------------
  4. HKU\S-1-5-21-1229272821-1682526488-839522115-1003\Software\Microsoft\Windows\ShellNoRoam\BagMRU\1\1\6
  5. HKU\S-1-5-21-1229272821-1682526488-839522115-1003\Software\Microsoft\Windows\ShellNoRoam\Bags\18
  6. HKU\S-1-5-21-1229272821-1682526488-839522115-1003\Software\Microsoft\Windows\ShellNoRoam\Bags\18\Shell
  7.  
  8. ----------------------------------
  9. Values added:31
  10. ----------------------------------
  11. HKU\S-1-5-21-1229272821-1682526488-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count\HRZR_EHACNGU:M:\ZvebCbegnoyr\ZvebCbegnoyr.rkr: 02 00 00 00 06 00 00 00 E0 F0 B6 BD 9C 37 CB 01
  12. HKU\S-1-5-21-1229272821-1682526488-839522115-1003\Software\Microsoft\Windows\ShellNoRoam\BagMRU\1\1\6: 4C 00 31 00 00 00 00 00 09 3D 65 43 10 20 4D 69 72 6F 50 6F 72 74 61 62 6C 65 00 00 30 00 03 00 04 00 EF BE 09 3D 4C 43 09 3D 65 43 14 00 00 00 4D 00 69 00 72 00 6F 00 50 00 6F 00 72 00 74 00 61 00 62 00 6C 00 65 00 00 00 1C 00 00 00
  13. HKU\S-1-5-21-1229272821-1682526488-839522115-1003\Software\Microsoft\Windows\ShellNoRoam\BagMRU\1\1\6\NodeSlot: 0x00000012
  14. HKU\S-1-5-21-1229272821-1682526488-839522115-1003\Software\Microsoft\Windows\ShellNoRoam\BagMRU\1\1\6\MRUListEx: FF FF FF FF
  15. HKU\S-1-5-21-1229272821-1682526488-839522115-1003\Software\Microsoft\Windows\ShellNoRoam\Bags\18\Shell\FolderType: "Documents"
  16. HKU\S-1-5-21-1229272821-1682526488-839522115-1003\Software\Microsoft\Windows\ShellNoRoam\Bags\18\Shell\MinPos1280x926(1).x: 0xFFFFFFFF
  17. HKU\S-1-5-21-1229272821-1682526488-839522115-1003\Software\Microsoft\Windows\ShellNoRoam\Bags\18\Shell\MinPos1280x926(1).y: 0xFFFFFFFF
  18. HKU\S-1-5-21-1229272821-1682526488-839522115-1003\Software\Microsoft\Windows\ShellNoRoam\Bags\18\Shell\MaxPos1280x926(1).x: 0xFFFFFFFF
  19. HKU\S-1-5-21-1229272821-1682526488-839522115-1003\Software\Microsoft\Windows\ShellNoRoam\Bags\18\Shell\MaxPos1280x926(1).y: 0xFFFFFFFF
  20. HKU\S-1-5-21-1229272821-1682526488-839522115-1003\Software\Microsoft\Windows\ShellNoRoam\Bags\18\Shell\WinPos1280x926(1).left: 0x000000B7
  21. HKU\S-1-5-21-1229272821-1682526488-839522115-1003\Software\Microsoft\Windows\ShellNoRoam\Bags\18\Shell\WinPos1280x926(1).top: 0x000000E8
  22. HKU\S-1-5-21-1229272821-1682526488-839522115-1003\Software\Microsoft\Windows\ShellNoRoam\Bags\18\Shell\WinPos1280x926(1).right: 0x000003D7
  23. HKU\S-1-5-21-1229272821-1682526488-839522115-1003\Software\Microsoft\Windows\ShellNoRoam\Bags\18\Shell\WinPos1280x926(1).bottom: 0x00000340
  24. HKU\S-1-5-21-1229272821-1682526488-839522115-1003\Software\Microsoft\Windows\ShellNoRoam\Bags\18\Shell\Rev: 0x00000000
  25. HKU\S-1-5-21-1229272821-1682526488-839522115-1003\Software\Microsoft\Windows\ShellNoRoam\Bags\18\Shell\WFlags: 0x00000000
  26. HKU\S-1-5-21-1229272821-1682526488-839522115-1003\Software\Microsoft\Windows\ShellNoRoam\Bags\18\Shell\ShowCmd: 0x00000001
  27. HKU\S-1-5-21-1229272821-1682526488-839522115-1003\Software\Microsoft\Windows\ShellNoRoam\Bags\18\Shell\FFlags: 0x00000001
  28. HKU\S-1-5-21-1229272821-1682526488-839522115-1003\Software\Microsoft\Windows\ShellNoRoam\Bags\18\Shell\HotKey: 0x00000000
  29. HKU\S-1-5-21-1229272821-1682526488-839522115-1003\Software\Microsoft\Windows\ShellNoRoam\Bags\18\Shell\Buttons: 0xFFFFFFFF
  30. HKU\S-1-5-21-1229272821-1682526488-839522115-1003\Software\Microsoft\Windows\ShellNoRoam\Bags\18\Shell\Links: 0x00000000
  31. HKU\S-1-5-21-1229272821-1682526488-839522115-1003\Software\Microsoft\Windows\ShellNoRoam\Bags\18\Shell\Address: 0xFFFFFFFF
  32. HKU\S-1-5-21-1229272821-1682526488-839522115-1003\Software\Microsoft\Windows\ShellNoRoam\Bags\18\Shell\Vid: "{65F125E5-7BE1-4810-BA9D-D271C8432CE3}"
  33. HKU\S-1-5-21-1229272821-1682526488-839522115-1003\Software\Microsoft\Windows\ShellNoRoam\Bags\18\Shell\Mode: 0x00000006
  34. HKU\S-1-5-21-1229272821-1682526488-839522115-1003\Software\Microsoft\Windows\ShellNoRoam\Bags\18\Shell\ScrollPos1280x926(1).x: 0x00000000
  35. HKU\S-1-5-21-1229272821-1682526488-839522115-1003\Software\Microsoft\Windows\ShellNoRoam\Bags\18\Shell\ScrollPos1280x926(1).y: 0x00000000
  36. HKU\S-1-5-21-1229272821-1682526488-839522115-1003\Software\Microsoft\Windows\ShellNoRoam\Bags\18\Shell\Sort: 0x00000000
  37. HKU\S-1-5-21-1229272821-1682526488-839522115-1003\Software\Microsoft\Windows\ShellNoRoam\Bags\18\Shell\SortDir: 0x00000001
  38. HKU\S-1-5-21-1229272821-1682526488-839522115-1003\Software\Microsoft\Windows\ShellNoRoam\Bags\18\Shell\Col: 0xFFFFFFFF
  39. HKU\S-1-5-21-1229272821-1682526488-839522115-1003\Software\Microsoft\Windows\ShellNoRoam\Bags\18\Shell\ColInfo: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 FD DF DF FD 0F 00 06 00 28 00 10 00 34 00 48 00 00 00 00 00 01 00 00 00 02 00 00 00 03 00 00 00 04 00 00 00 05 00 00 00 B4 00 60 00 78 00 78 00 B4 00 B4 00 00 00 00 00 01 00 00 00 02 00 00 00 03 00 00 00 FF FF FF FF 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  40. HKU\S-1-5-21-1229272821-1682526488-839522115-1003\Software\Microsoft\Windows\ShellNoRoam\MUICache\Z:\MiroPortable\MiroPortable.exe: "PortableApps.com Launcher"
  41. HKU\S-1-5-21-1229272821-1682526488-839522115-1003\Software\Microsoft\Windows\ShellNoRoam\MUICache\Z:\MiroPortable\App\Miro\Miro.exe: "Miro"
  42.  
  43. ----------------------------------
  44. Values modified:9
  45. ----------------------------------
  46. HKLM\SOFTWARE\Microsoft\Cryptography\RNG\Seed: C8 79 AF 30 52 92 53 3A 9A 8D 00 D4 2F DF DF FB 5E B1 05 E7 07 00 91 F3 0E CE 89 7F DC AA A9 3D 60 3F 7B 77 58 A7 C6 CB 7A B0 5B 54 DC 8A D6 2A 22 45 8E E2 B0 36 F3 0C 71 63 9A CD D4 1F 9F 96 A8 12 08 CF 2C D8 BE 95 45 87 E2 47 87 C6 5F 00
  47. HKLM\SOFTWARE\Microsoft\Cryptography\RNG\Seed: EF FC EA DB E1 FC EE 6F 32 7A B7 C7 20 C1 A9 EE EA C8 17 20 F7 7B B4 13 09 15 65 E8 35 3E 26 8D 01 D8 08 F8 30 36 0C 9C 08 32 19 8B B4 AC 65 98 F8 6D 66 D4 E3 3C 1D 75 0C 03 B7 25 42 DC 09 01 71 59 2D FF DA C2 AA 73 9A 9E 82 C9 9A E8 CE 71
  48. HKLM\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name: "IEXPLORE.EXE"
  49. HKLM\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name: "Miro.exe"
  50. HKLM\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\ID: 0x49B3AD2E
  51. HKLM\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\ID: 0x4917DF95
  52. HKU\S-1-5-21-1229272821-1682526488-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\My Video: ""
  53. HKU\S-1-5-21-1229272821-1682526488-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\My Video: "C:\Documents and Settings\Tester\My Documents\My Videos"
  54. HKU\S-1-5-21-1229272821-1682526488-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count\HRZR_HVGBBYONE: 02 00 00 00 0E 00 00 00 E0 DC C2 84 9C 37 CB 01
  55. HKU\S-1-5-21-1229272821-1682526488-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count\HRZR_HVGBBYONE: 02 00 00 00 0F 00 00 00 00 88 74 16 9D 37 CB 01
  56. HKU\S-1-5-21-1229272821-1682526488-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count\HRZR_HVGBBYONE:0k1,130: 02 00 00 00 0E 00 00 00 E0 DC C2 84 9C 37 CB 01
  57. HKU\S-1-5-21-1229272821-1682526488-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count\HRZR_HVGBBYONE:0k1,130: 02 00 00 00 0F 00 00 00 00 88 74 16 9D 37 CB 01
  58. HKU\S-1-5-21-1229272821-1682526488-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count\HRZR_EHACNGU: 02 00 00 00 15 00 00 00 40 EF 5D 86 9C 37 CB 01
  59. HKU\S-1-5-21-1229272821-1682526488-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count\HRZR_EHACNGU: 02 00 00 00 16 00 00 00 E0 F0 B6 BD 9C 37 CB 01
  60. HKU\S-1-5-21-1229272821-1682526488-839522115-1003\Software\Microsoft\Windows\ShellNoRoam\BagMRU\NodeSlots: 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02
  61. HKU\S-1-5-21-1229272821-1682526488-839522115-1003\Software\Microsoft\Windows\ShellNoRoam\BagMRU\NodeSlots: 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02 02
  62. HKU\S-1-5-21-1229272821-1682526488-839522115-1003\Software\Microsoft\Windows\ShellNoRoam\BagMRU\1\1\MRUListEx: 05 00 00 00 02 00 00 00 04 00 00 00 00 00 00 00 03 00 00 00 01 00 00 00 FF FF FF FF
  63. HKU\S-1-5-21-1229272821-1682526488-839522115-1003\Software\Microsoft\Windows\ShellNoRoam\BagMRU\1\1\MRUListEx: 06 00 00 00 05 00 00 00 02 00 00 00 04 00 00 00 00 00 00 00 03 00 00 00 01 00 00 00 FF FF FF FF
  64.  
  65. ----------------------------------
  66. Total changes:43
  67. ----------------------------------
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!