Regshot 1.8.3-beta1V5
Comments:
Datetime:2012/8/17 18:25:41  ,  2012/8/17 18:31:19
Computer:UHA-68F2DDBE516 , UHA-68F2DDBE516
Username:Administrador , Administrador

----------------------------------
Keys added:6
----------------------------------
HKU\S-1-5-21-73586283-616249376-1177238915-500\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\hiv
HKU\S-1-5-21-73586283-616249376-1177238915-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hiv
HKU\S-1-5-21-73586283-616249376-1177238915-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hiv\OpenWithList
HKU\S-1-5-21-73586283-616249376-1177238915-500\Software\AppDataLow
HKU\S-1-5-21-73586283-616249376-1177238915-500\Software\AppDataLow\bqpfgusamnpnyobrjau
HKU\S-1-5-21-73586283-616249376-1177238915-500\Software\AppDataLow\bqpfgusamnpnyobrjau\{E525B997-4A1A-425a-84B7-5D98AF7F902A}

----------------------------------
Values deleted:2
----------------------------------
HKLM\SYSTEM\ControlSet001\Services\kmixer\Enum\0: "SW\{b7eafdc0-a680-11d0-96d8-00aa0051e51d}\{9B365890-165F-11D0-A195-0020AFD156E4}"
HKLM\SYSTEM\CurrentControlSet\Services\kmixer\Enum\0: "SW\{b7eafdc0-a680-11d0-96d8-00aa0051e51d}\{9B365890-165F-11D0-A195-0020AFD156E4}"

----------------------------------
Values added:10
----------------------------------
HKU\S-1-5-21-73586283-616249376-1177238915-500\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedMRU\g: 72 00 65 00 67 00 73 00 68 00 6F 00 74 00 2E 00 65 00 78 00 65 00 00 00 43 00 3A 00 5C 00 44 00 6F 00 63 00 75 00 6D 00 65 00 6E 00 74 00 73 00 20 00 61 00 6E 00 64 00 20 00 53 00 65 00 74 00 74 00 69 00 6E 00 67 00 73 00 5C 00 41 00 64 00 6D 00 69 00 6E 00 69 00 73 00 74 00 72 00 61 00 64 00 6F 00 72 00 5C 00 45 00 73 00 63 00 72 00 69 00 74 00 6F 00 72 00 69 00 6F 00 00 00
HKU\S-1-5-21-73586283-616249376-1177238915-500\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\*\f: "C:\Documents and Settings\Administrador\Escritorio\ONE.hiv"
HKU\S-1-5-21-73586283-616249376-1177238915-500\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\hiv\a: "C:\Documents and Settings\Administrador\Escritorio\ONE.hiv"
HKU\S-1-5-21-73586283-616249376-1177238915-500\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\hiv\MRUList: "a"
HKU\S-1-5-21-73586283-616249376-1177238915-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hiv\OpenWithList\a: "regshot.exe"
HKU\S-1-5-21-73586283-616249376-1177238915-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hiv\OpenWithList\MRUList: "a"
HKU\S-1-5-21-73586283-616249376-1177238915-500\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count\HRZR_EHACNGU:P:\qbphzragbf\Fnzcyrf\Chfuobg\Snprobbx\VZT_22362473515562104-VZT-jjj.snprobbx.pbz.rkr: 01 00 00 00 06 00 00 00 00 18 78 F1 A5 7C CD 01
HKU\S-1-5-21-73586283-616249376-1177238915-500\Software\Microsoft\Windows\CurrentVersion\Run\maxtvhm: "C:\Documents and Settings\Administrador\Configuración local\Datos de programa\kojkeq.exe"
HKU\S-1-5-21-73586283-616249376-1177238915-500\Software\Microsoft\Windows\ShellNoRoam\MUICache\C:\documentos\Samples\Pushbot\Facebook\IMG_22362473515562104-IMG-www.facebook.com.exe: "IMG_22362473515562104-IMG-www.facebook.com"
HKU\S-1-5-21-73586283-616249376-1177238915-500\Software\AppDataLow\bqpfgusamnpnyobrjau\{E525B997-4A1A-425a-84B7-5D98AF7F902A}\stcsscmt: "C:\documentos\Samples\Pushbot\Facebook\IMG_22362473515562104-IMG-www.facebook.com.exe"

----------------------------------
Values modified:9
----------------------------------
HKLM\SOFTWARE\Microsoft\Cryptography\RNG\Seed: D4 8E 15 1F 2A 5C B7 E9 B1 CE 74 0A 1A 78 08 C1 B0 45 1C BF 62 88 E0 6E 20 20 06 68 74 8F 5E 9E E3 A6 E3 F9 D5 C3 B2 89 48 51 8A B7 DF 44 C4 4C AA 1C 7A ED 94 98 71 CC 6A 39 52 52 08 EB AB 9A 64 B6 1F F1 46 BA 8C 44 03 5B 65 62 39 E6 E0 D7
HKLM\SOFTWARE\Microsoft\Cryptography\RNG\Seed: 78 7F A9 2D 31 7B 28 CC C8 89 40 CC AA 28 5E 51 F4 12 47 E5 A9 51 E1 BA 81 55 D8 27 F4 EA 45 35 00 E0 73 35 84 D9 0E C1 95 F5 3E B0 C5 8A 81 EA 63 7E C4 D2 10 26 D0 90 B3 50 CB A5 D0 6E 82 FB 6B 87 E4 7F B0 7C B7 48 0D CD 70 DE FC 99 A6 FE
HKLM\SYSTEM\ControlSet001\Services\kmixer\Enum\Count: 0x00000001
HKLM\SYSTEM\ControlSet001\Services\kmixer\Enum\Count: 0x00000000
HKLM\SYSTEM\ControlSet001\Services\kmixer\Enum\NextInstance: 0x00000001
HKLM\SYSTEM\ControlSet001\Services\kmixer\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\kmixer\Enum\Count: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\kmixer\Enum\Count: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\kmixer\Enum\NextInstance: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\kmixer\Enum\NextInstance: 0x00000000
HKU\S-1-5-21-73586283-616249376-1177238915-500\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedMRU\MRUList: "fedcba"
HKU\S-1-5-21-73586283-616249376-1177238915-500\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedMRU\MRUList: "gfedcba"
HKU\S-1-5-21-73586283-616249376-1177238915-500\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\*\MRUList: "cedba"
HKU\S-1-5-21-73586283-616249376-1177238915-500\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\*\MRUList: "fcedba"
HKU\S-1-5-21-73586283-616249376-1177238915-500\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count\HRZR_EHACNGU: 01 00 00 00 4E 00 00 00 A0 29 75 AC A5 7C CD 01
HKU\S-1-5-21-73586283-616249376-1177238915-500\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count\HRZR_EHACNGU: 01 00 00 00 4F 00 00 00 00 18 78 F1 A5 7C CD 01
HKU\S-1-5-21-73586283-616249376-1177238915-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings: 46 00 00 00 08 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 30 18 DF CA 34 5A CD 01 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 02 00 00 00 C0 A8 C8 83 00 00 00 00 00 00 00 00 96 C9 23 AA 30 B2 59 16 00 00 00 00 02 00 00 00 00 00 00 00 44 01 00 00 18 04 00 00 03 00 00 00 1B 9A 07 00 1B 9A 07 00 00 00 00 00 48 00 00 00 50 00 00 00 48 02 00 00 00 00 00 00 01 00 02 00 10 00 00 00 02 00 01 00 06 00 00 00 EF 9B 07 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 00 00 00 1B 9A 07 00
HKU\S-1-5-21-73586283-616249376-1177238915-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings: 46 00 00 00 09 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 30 18 DF CA 34 5A CD 01 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 02 00 00 00 C0 A8 C8 83 00 00 00 00 00 00 00 00 96 C9 23 AA 30 B2 59 16 00 00 00 00 02 00 00 00 00 00 00 00 44 01 00 00 18 04 00 00 03 00 00 00 1B 9A 07 00 1B 9A 07 00 00 00 00 00 48 00 00 00 50 00 00 00 48 02 00 00 00 00 00 00 01 00 02 00 10 00 00 00 02 00 01 00 06 00 00 00 EF 9B 07 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 00 00 00 1B 9A 07 00

----------------------------------
Total changes:27
----------------------------------