Regshot 1.9.0 x64 ANSIComentarios:antesFecha y hora:2015/10/2 12:00:19 , 2

1. Regshot 1.9.0 x64 ANSI
2. Comentarios:antes
3. Fecha y hora:2015/10/2 12:00:19 , 2015/10/2 12:03:31
4. Computador:DESKTOP-RB0BLN8 , DESKTOP-RB0BLN8
5. Usuario:andry , andry
6.  
7. ----------------------------------
8. Claves borradas:1
9. ----------------------------------
10. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:00000000003A0AA6
11.  
12. ----------------------------------
13. Claves añadidas:13
14. ----------------------------------
15. HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Havij_RASAPI32
16. HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Havij_RASMANCS
17. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSavePidlMRU\hiv
18. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hiv
19. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hiv\OpenWithList
20. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs\.hiv
21. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:000000000015091A
22. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:0000000000210784
23. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\WRT:windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel+1
24. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Notifications\Current\Windows.SystemToast.SecurityAndMaintenance\367
25. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Notifications\Current\Windows.SystemToast.SecurityAndMaintenance\368
26. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\110\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}
27. HKU\S-1-5-21-2108185585-841486993-4023594248-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\110\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}
28.  
29. ----------------------------------
30. Valores borrados:23
31. ----------------------------------
32. HKLM\SYSTEM\ControlSet001\Services\BFE\Parameters\Policy\Persistent\Callout\{22001ee0-8e87-4f75-ba58-248f5918a63a}: 01 10 08 00 CC CC CC CC 30 02 00 00 00 00 00 00 00 00 02 00 04 00 00 00 D0 00 00 00 04 00 02 00 40 01 00 00 08 00 02 00 D0 00 00 00 01 10 08 00 CC CC CC CC C0 00 00 00 00 00 00 00 00 00 02 00 E0 1E 00 22 87 8E 75 4F BA 58 24 8F 59 18 A6 3A 04 00 02 00 08 00 02 00 00 00 01 00 0C 00 02 00 00 00 00 00 00 00 00 00 3C 65 89 3B 70 C1 E4 49 B1 CD E0 EE EE E1 9A 3E 22 01 00 00 16 00 00 00 00 00 00 00 16 00 00 00 4E 00 49 00 53 00 20 00 53 00 74 00 72 00 65 00 61 00 6D 00 20 00 56 00 34 00 20 00 43 00 61 00 6C 00 6C 00 6F 00 75 00 74 00 00 00 16 00 00 00 00 00 00 00 16 00 00 00 4E 00 49 00 53 00 20 00 53 00 74 00 72 00 65 00 61 00 6D 00 20 00 56 00 34 00 20 00 43 00 61 00 6C 00 6C 00 6F 00 75 00 74 00 00 00 3F D7 9C 83 07 19 EA 49 9A A5 0E 6B E9 04 80 87 40 01 00 00 01 00 04 8C 28 01 00 00 34 01 00 00 00 00 00 00 14 00 00 00 02 00 14 01 08 00 00 00 00 10 18 00 FF 07 0F 00 01 02 0
33. 0 00 00 00 00 05 20 00 00 00 20 02 00 00 00 10 18 00 FF 07 03 00 01 02 00 00 00 00 00 05 20 00 00 00 2C 02 00 00 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 F1 41 10 B8 36 FC 4D 57 A8 AE 0B 70 25 21 04 42 84 4F 11 31 00 10 28 00 F4 03 02 00 01 06 00 00 00 00 00 05 50 00 00 00 44 3E 41 BB 45 BA A8 7A 6C BD 92 68 F4 AD 64 8F D5 E6 70 E9 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 79 09 78 B5 AF A1 ED D8 54 5E 32 F4 FF 1B C4 5F FD D9 E0 4A 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 0A D8 62 3A D9 C6 0F 18 1B 65 B5 EB D6 6D 2F 8B 78 83 39 5C 00 10 28 00 F4 03 02 00 01 06 00 00 00 00 00 05 50 00 00 00 6E BF 1B BB 45 EF D2 B1 4A 3B 45 DB 50 5B 43 27 04 58 D8 6B 00 10 14 00 50 00 00 00 01 01 00 00 00 00 00 01 00 00 00 00 01 01 00 00 00 00 00 05 13 00 00 00 01 01 00 00 00 00 00 05 13 00 00 00
34. HKLM\SYSTEM\ControlSet001\Services\BFE\Parameters\Policy\Persistent\Callout\{79f2a265-b693-4cc9-b480-cbcd87bd4747}: 01 10 08 00 CC CC CC CC 30 02 00 00 00 00 00 00 00 00 02 00 04 00 00 00 D0 00 00 00 04 00 02 00 40 01 00 00 08 00 02 00 D0 00 00 00 01 10 08 00 CC CC CC CC C0 00 00 00 00 00 00 00 00 00 02 00 65 A2 F2 79 93 B6 C9 4C B4 80 CB CD 87 BD 47 47 04 00 02 00 08 00 02 00 00 00 01 00 0C 00 02 00 00 00 00 00 00 00 00 00 7A 13 C9 47 C4 7E B3 46 B6 E4 48 E9 26 B1 ED A4 23 01 00 00 16 00 00 00 00 00 00 00 16 00 00 00 4E 00 49 00 53 00 20 00 53 00 74 00 72 00 65 00 61 00 6D 00 20 00 56 00 36 00 20 00 43 00 61 00 6C 00 6C 00 6F 00 75 00 74 00 00 00 16 00 00 00 00 00 00 00 16 00 00 00 4E 00 49 00 53 00 20 00 53 00 74 00 72 00 65 00 61 00 6D 00 20 00 56 00 36 00 20 00 43 00 61 00 6C 00 6C 00 6F 00 75 00 74 00 00 00 3F D7 9C 83 07 19 EA 49 9A A5 0E 6B E9 04 80 87 40 01 00 00 01 00 04 8C 28 01 00 00 34 01 00 00 00 00 00 00 14 00 00 00 02 00 14 01 08 00 00 00 00 10 18 00 FF 07 0F 00 01 02 0
35. 0 00 00 00 00 05 20 00 00 00 20 02 00 00 00 10 18 00 FF 07 03 00 01 02 00 00 00 00 00 05 20 00 00 00 2C 02 00 00 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 F1 41 10 B8 36 FC 4D 57 A8 AE 0B 70 25 21 04 42 84 4F 11 31 00 10 28 00 F4 03 02 00 01 06 00 00 00 00 00 05 50 00 00 00 44 3E 41 BB 45 BA A8 7A 6C BD 92 68 F4 AD 64 8F D5 E6 70 E9 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 79 09 78 B5 AF A1 ED D8 54 5E 32 F4 FF 1B C4 5F FD D9 E0 4A 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 0A D8 62 3A D9 C6 0F 18 1B 65 B5 EB D6 6D 2F 8B 78 83 39 5C 00 10 28 00 F4 03 02 00 01 06 00 00 00 00 00 05 50 00 00 00 6E BF 1B BB 45 EF D2 B1 4A 3B 45 DB 50 5B 43 27 04 58 D8 6B 00 10 14 00 50 00 00 00 01 01 00 00 00 00 00 01 00 00 00 00 01 01 00 00 00 00 00 05 13 00 00 00 01 01 00 00 00 00 00 05 13 00 00 00
36. HKLM\SYSTEM\ControlSet001\Services\BFE\Parameters\Policy\Persistent\Callout\{c4b50f21-503e-4d7a-abd4-ed0a823a2453}: 01 10 08 00 CC CC CC CC 68 02 00 00 00 00 00 00 00 00 02 00 04 00 00 00 08 01 00 00 04 00 02 00 40 01 00 00 08 00 02 00 08 01 00 00 01 10 08 00 CC CC CC CC F8 00 00 00 00 00 00 00 00 00 02 00 21 0F B5 C4 3E 50 7A 4D AB D4 ED 0A 82 3A 24 53 04 00 02 00 08 00 02 00 00 00 01 00 0C 00 02 00 00 00 00 00 00 00 00 00 0A 47 80 AF 96 55 13 4C 99 92 53 9E 6F E5 79 67 24 01 00 00 24 00 00 00 00 00 00 00 24 00 00 00 4E 00 49 00 53 00 20 00 41 00 4C 00 45 00 20 00 46 00 6C 00 6F 00 77 00 20 00 45 00 73 00 74 00 61 00 62 00 6C 00 69 00 73 00 68 00 65 00 64 00 20 00 56 00 34 00 20 00 43 00 61 00 6C 00 6C 00 6F 00 75 00 74 00 00 00 24 00 00 00 00 00 00 00 24 00 00 00 4E 00 49 00 53 00 20 00 41 00 4C 00 45 00 20 00 46 00 6C 00 6F 00 77 00 20 00 45 00 73 00 74 00 61 00 62 00 6C 00 69 00 73 00 68 00 65 00 64 00 20 00 56 00 34 00 20 00 43 00 61 00 6C 00 6C 00 6F 00 75 00 74 00 00 00 3F D7 9
37. C 83 07 19 EA 49 9A A5 0E 6B E9 04 80 87 40 01 00 00 01 00 04 8C 28 01 00 00 34 01 00 00 00 00 00 00 14 00 00 00 02 00 14 01 08 00 00 00 00 10 18 00 FF 07 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 10 18 00 FF 07 03 00 01 02 00 00 00 00 00 05 20 00 00 00 2C 02 00 00 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 F1 41 10 B8 36 FC 4D 57 A8 AE 0B 70 25 21 04 42 84 4F 11 31 00 10 28 00 F4 03 02 00 01 06 00 00 00 00 00 05 50 00 00 00 44 3E 41 BB 45 BA A8 7A 6C BD 92 68 F4 AD 64 8F D5 E6 70 E9 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 79 09 78 B5 AF A1 ED D8 54 5E 32 F4 FF 1B C4 5F FD D9 E0 4A 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 0A D8 62 3A D9 C6 0F 18 1B 65 B5 EB D6 6D 2F 8B 78 83 39 5C 00 10 28 00 F4 03 02 00 01 06 00 00 00 00 00 05 50 00 00 00 6E BF 1B BB 45 EF D2 B1 4A 3B 45 DB 50 5B 43 27 04 58 D8 6B 00 10 14 00 50 00 00 00 01 01 00 00 00 00 00 01 00 00 00 00 01 01 00 00 00 00 00 05 13 00 00 00 01 01 00 00 00 00 00 05
38. 13 00 00 00
39. HKLM\SYSTEM\ControlSet001\Services\BFE\Parameters\Policy\Persistent\Callout\{91e902db-2cef-4040-b8e2-02fe4fd49c25}: 01 10 08 00 CC CC CC CC 68 02 00 00 00 00 00 00 00 00 02 00 04 00 00 00 08 01 00 00 04 00 02 00 40 01 00 00 08 00 02 00 08 01 00 00 01 10 08 00 CC CC CC CC F8 00 00 00 00 00 00 00 00 00 02 00 DB 02 E9 91 EF 2C 40 40 B8 E2 02 FE 4F D4 9C 25 04 00 02 00 08 00 02 00 00 00 01 00 0C 00 02 00 00 00 00 00 00 00 00 00 B3 D2 21 70 A4 DF 6E 40 AF EB 6A FA F7 E7 0E FD 25 01 00 00 24 00 00 00 00 00 00 00 24 00 00 00 4E 00 49 00 53 00 20 00 41 00 4C 00 45 00 20 00 46 00 6C 00 6F 00 77 00 20 00 45 00 73 00 74 00 61 00 62 00 6C 00 69 00 73 00 68 00 65 00 64 00 20 00 56 00 36 00 20 00 43 00 61 00 6C 00 6C 00 6F 00 75 00 74 00 00 00 24 00 00 00 00 00 00 00 24 00 00 00 4E 00 49 00 53 00 20 00 41 00 4C 00 45 00 20 00 46 00 6C 00 6F 00 77 00 20 00 45 00 73 00 74 00 61 00 62 00 6C 00 69 00 73 00 68 00 65 00 64 00 20 00 56 00 36 00 20 00 43 00 61 00 6C 00 6C 00 6F 00 75 00 74 00 00 00 3F D7 9
40. C 83 07 19 EA 49 9A A5 0E 6B E9 04 80 87 40 01 00 00 01 00 04 8C 28 01 00 00 34 01 00 00 00 00 00 00 14 00 00 00 02 00 14 01 08 00 00 00 00 10 18 00 FF 07 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 10 18 00 FF 07 03 00 01 02 00 00 00 00 00 05 20 00 00 00 2C 02 00 00 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 F1 41 10 B8 36 FC 4D 57 A8 AE 0B 70 25 21 04 42 84 4F 11 31 00 10 28 00 F4 03 02 00 01 06 00 00 00 00 00 05 50 00 00 00 44 3E 41 BB 45 BA A8 7A 6C BD 92 68 F4 AD 64 8F D5 E6 70 E9 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 79 09 78 B5 AF A1 ED D8 54 5E 32 F4 FF 1B C4 5F FD D9 E0 4A 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 0A D8 62 3A D9 C6 0F 18 1B 65 B5 EB D6 6D 2F 8B 78 83 39 5C 00 10 28 00 F4 03 02 00 01 06 00 00 00 00 00 05 50 00 00 00 6E BF 1B BB 45 EF D2 B1 4A 3B 45 DB 50 5B 43 27 04 58 D8 6B 00 10 14 00 50 00 00 00 01 01 00 00 00 00 00 01 00 00 00 00 01 01 00 00 00 00 00 05 13 00 00 00 01 01 00 00 00 00 00 05
41. 13 00 00 00
42. HKLM\SYSTEM\ControlSet001\Services\BFE\Parameters\Policy\Persistent\Filter\{56b4fdc4-bb4e-4c42-a9d8-f627ee15ac21}: 01 10 08 00 CC CC CC CC A0 02 00 00 00 00 00 00 00 00 02 00 05 00 00 00 40 01 00 00 04 00 02 00 40 01 00 00 08 00 02 00 40 01 00 00 01 10 08 00 CC CC CC CC 30 01 00 00 00 00 00 00 00 00 02 00 00 00 00 00 C4 FD B4 56 4E BB 42 4C A9 D8 F6 27 EE 15 AC 21 04 00 02 00 08 00 02 00 11 00 00 00 0C 00 02 00 00 00 00 00 00 00 00 00 3C 65 89 3B 70 C1 E4 49 B1 CD E0 EE EE E1 9A 3E 46 B3 36 8C 0C 4E 49 40 8B 55 52 95 AC 35 56 7C 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 05 40 00 00 00 40 00 00 E0 1E 00 22 87 8E 75 4F BA 58 24 8F 59 18 A6 3A 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 58 37 01 00 00 00 00 00 04 00 00 00 04 00 00 00 10 00 02 00 15 00 00 00 00 00 00 00 15 00 00 00 4E 00 49 00 53 00 20 00 53 00 74 00 72 00 65 00 61 00 6D 00 20 00 56 00 34 00 20 00 46 00 69 00 6C 00 74 00 65 00 72 00 00 00 00 00 15 00 00 00 00 00 00 00 15 00 00 00 4E 00 49
43. 00 53 00 20 00 53 00 74 00 72 00 65 00 61 00 6D 00 20 00 56 00 34 00 20 00 46 00 69 00 6C 00 74 00 65 00 72 00 00 00 00 00 3F D7 9C 83 07 19 EA 49 9A A5 0E 6B E9 04 80 87 00 00 00 00 00 00 00 00 00 00 00 00 40 01 00 00 01 00 04 8C 28 01 00 00 34 01 00 00 00 00 00 00 14 00 00 00 02 00 14 01 08 00 00 00 00 10 18 00 FF 07 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 10 18 00 FF 07 03 00 01 02 00 00 00 00 00 05 20 00 00 00 2C 02 00 00 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 F1 41 10 B8 36 FC 4D 57 A8 AE 0B 70 25 21 04 42 84 4F 11 31 00 10 28 00 F4 03 02 00 01 06 00 00 00 00 00 05 50 00 00 00 44 3E 41 BB 45 BA A8 7A 6C BD 92 68 F4 AD 64 8F D5 E6 70 E9 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 79 09 78 B5 AF A1 ED D8 54 5E 32 F4 FF 1B C4 5F FD D9 E0 4A 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 0A D8 62 3A D9 C6 0F 18 1B 65 B5 EB D6 6D 2F 8B 78 83 39 5C 00 10 28 00 F4 03 02 00 01 06 00 00 00 00 00 05 50 00 00 00 6E BF 1B BB
44. 45 EF D2 B1 4A 3B 45 DB 50 5B 43 27 04 58 D8 6B 00 10 14 00 50 00 00 00 01 01 00 00 00 00 00 01 00 00 00 00 01 01 00 00 00 00 00 05 13 00 00 00 01 01 00 00 00 00 00 05 13 00 00 00
45. HKLM\SYSTEM\ControlSet001\Services\BFE\Parameters\Policy\Persistent\Filter\{1ba41ed8-151d-4577-9272-317856bc637c}: 01 10 08 00 CC CC CC CC A0 02 00 00 00 00 00 00 00 00 02 00 05 00 00 00 40 01 00 00 04 00 02 00 40 01 00 00 08 00 02 00 40 01 00 00 01 10 08 00 CC CC CC CC 30 01 00 00 00 00 00 00 00 00 02 00 00 00 00 00 D8 1E A4 1B 1D 15 77 45 92 72 31 78 56 BC 63 7C 04 00 02 00 08 00 02 00 11 00 00 00 0C 00 02 00 00 00 00 00 00 00 00 00 7A 13 C9 47 C4 7E B3 46 B6 E4 48 E9 26 B1 ED A4 46 B3 36 8C 0C 4E 49 40 8B 55 52 95 AC 35 56 7C 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 05 40 00 00 00 40 00 00 65 A2 F2 79 93 B6 C9 4C B4 80 CB CD 87 BD 47 47 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 59 37 01 00 00 00 00 00 04 00 00 00 04 00 00 00 10 00 02 00 15 00 00 00 00 00 00 00 15 00 00 00 4E 00 49 00 53 00 20 00 53 00 74 00 72 00 65 00 61 00 6D 00 20 00 56 00 36 00 20 00 46 00 69 00 6C 00 74 00 65 00 72 00 00 00 00 00 15 00 00 00 00 00 00 00 15 00 00 00 4E 00 49
46. 00 53 00 20 00 53 00 74 00 72 00 65 00 61 00 6D 00 20 00 56 00 36 00 20 00 46 00 69 00 6C 00 74 00 65 00 72 00 00 00 00 00 3F D7 9C 83 07 19 EA 49 9A A5 0E 6B E9 04 80 87 00 00 00 00 00 00 00 00 00 00 00 00 40 01 00 00 01 00 04 8C 28 01 00 00 34 01 00 00 00 00 00 00 14 00 00 00 02 00 14 01 08 00 00 00 00 10 18 00 FF 07 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 10 18 00 FF 07 03 00 01 02 00 00 00 00 00 05 20 00 00 00 2C 02 00 00 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 F1 41 10 B8 36 FC 4D 57 A8 AE 0B 70 25 21 04 42 84 4F 11 31 00 10 28 00 F4 03 02 00 01 06 00 00 00 00 00 05 50 00 00 00 44 3E 41 BB 45 BA A8 7A 6C BD 92 68 F4 AD 64 8F D5 E6 70 E9 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 79 09 78 B5 AF A1 ED D8 54 5E 32 F4 FF 1B C4 5F FD D9 E0 4A 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 0A D8 62 3A D9 C6 0F 18 1B 65 B5 EB D6 6D 2F 8B 78 83 39 5C 00 10 28 00 F4 03 02 00 01 06 00 00 00 00 00 05 50 00 00 00 6E BF 1B BB
47. 45 EF D2 B1 4A 3B 45 DB 50 5B 43 27 04 58 D8 6B 00 10 14 00 50 00 00 00 01 01 00 00 00 00 00 01 00 00 00 00 01 01 00 00 00 00 00 05 13 00 00 00 01 01 00 00 00 00 00 05 13 00 00 00
48. HKLM\SYSTEM\ControlSet001\Services\BFE\Parameters\Policy\Persistent\Filter\{9248d57e-f843-4159-807d-3813173e2096}: 01 10 08 00 CC CC CC CC D8 02 00 00 00 00 00 00 00 00 02 00 05 00 00 00 78 01 00 00 04 00 02 00 40 01 00 00 08 00 02 00 78 01 00 00 01 10 08 00 CC CC CC CC 68 01 00 00 00 00 00 00 00 00 02 00 00 00 00 00 7E D5 48 92 43 F8 59 41 80 7D 38 13 17 3E 20 96 04 00 02 00 08 00 02 00 11 00 00 00 0C 00 02 00 00 00 00 00 00 00 00 00 0A 47 80 AF 96 55 13 4C 99 92 53 9E 6F E5 79 67 46 B3 36 8C 0C 4E 49 40 8B 55 52 95 AC 35 56 7C 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 05 40 00 00 00 40 00 00 21 0F B5 C4 3E 50 7A 4D AB D4 ED 0A 82 3A 24 53 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 5A 37 01 00 00 00 00 00 04 00 00 00 04 00 00 00 10 00 02 00 23 00 00 00 00 00 00 00 23 00 00 00 4E 00 49 00 53 00 20 00 41 00 4C 00 45 00 20 00 46 00 6C 00 6F 00 77 00 20 00 45 00 73 00 74 00 61 00 62 00 6C 00 69 00 73 00 68 00 65 00 64 00 20 00 56 00 34 00 20 00 46 00 69
49. 00 6C 00 74 00 65 00 72 00 00 00 00 00 23 00 00 00 00 00 00 00 23 00 00 00 4E 00 49 00 53 00 20 00 41 00 4C 00 45 00 20 00 46 00 6C 00 6F 00 77 00 20 00 45 00 73 00 74 00 61 00 62 00 6C 00 69 00 73 00 68 00 65 00 64 00 20 00 56 00 34 00 20 00 46 00 69 00 6C 00 74 00 65 00 72 00 00 00 00 00 3F D7 9C 83 07 19 EA 49 9A A5 0E 6B E9 04 80 87 00 00 00 00 00 00 00 00 00 00 00 00 40 01 00 00 01 00 04 8C 28 01 00 00 34 01 00 00 00 00 00 00 14 00 00 00 02 00 14 01 08 00 00 00 00 10 18 00 FF 07 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 10 18 00 FF 07 03 00 01 02 00 00 00 00 00 05 20 00 00 00 2C 02 00 00 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 F1 41 10 B8 36 FC 4D 57 A8 AE 0B 70 25 21 04 42 84 4F 11 31 00 10 28 00 F4 03 02 00 01 06 00 00 00 00 00 05 50 00 00 00 44 3E 41 BB 45 BA A8 7A 6C BD 92 68 F4 AD 64 8F D5 E6 70 E9 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 79 09 78 B5 AF A1 ED D8 54 5E 32 F4 FF 1B C4 5F FD D9 E0 4A 00 10 28 00 FF 07 03 00
50. 01 06 00 00 00 00 00 05 50 00 00 00 0A D8 62 3A D9 C6 0F 18 1B 65 B5 EB D6 6D 2F 8B 78 83 39 5C 00 10 28 00 F4 03 02 00 01 06 00 00 00 00 00 05 50 00 00 00 6E BF 1B BB 45 EF D2 B1 4A 3B 45 DB 50 5B 43 27 04 58 D8 6B 00 10 14 00 50 00 00 00 01 01 00 00 00 00 00 01 00 00 00 00 01 01 00 00 00 00 00 05 13 00 00 00 01 01 00 00 00 00 00 05 13 00 00 00
51. HKLM\SYSTEM\ControlSet001\Services\BFE\Parameters\Policy\Persistent\Filter\{4658cd86-525d-44ed-98a5-791a7b8655f1}: 01 10 08 00 CC CC CC CC D8 02 00 00 00 00 00 00 00 00 02 00 05 00 00 00 78 01 00 00 04 00 02 00 40 01 00 00 08 00 02 00 78 01 00 00 01 10 08 00 CC CC CC CC 68 01 00 00 00 00 00 00 00 00 02 00 00 00 00 00 86 CD 58 46 5D 52 ED 44 98 A5 79 1A 7B 86 55 F1 04 00 02 00 08 00 02 00 11 00 00 00 0C 00 02 00 00 00 00 00 00 00 00 00 B3 D2 21 70 A4 DF 6E 40 AF EB 6A FA F7 E7 0E FD 46 B3 36 8C 0C 4E 49 40 8B 55 52 95 AC 35 56 7C 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 05 40 00 00 00 40 00 00 DB 02 E9 91 EF 2C 40 40 B8 E2 02 FE 4F D4 9C 25 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 5B 37 01 00 00 00 00 00 04 00 00 00 04 00 00 00 10 00 02 00 23 00 00 00 00 00 00 00 23 00 00 00 4E 00 49 00 53 00 20 00 41 00 4C 00 45 00 20 00 46 00 6C 00 6F 00 77 00 20 00 45 00 73 00 74 00 61 00 62 00 6C 00 69 00 73 00 68 00 65 00 64 00 20 00 56 00 36 00 20 00 46 00 69
52. 00 6C 00 74 00 65 00 72 00 00 00 00 00 23 00 00 00 00 00 00 00 23 00 00 00 4E 00 49 00 53 00 20 00 41 00 4C 00 45 00 20 00 46 00 6C 00 6F 00 77 00 20 00 45 00 73 00 74 00 61 00 62 00 6C 00 69 00 73 00 68 00 65 00 64 00 20 00 56 00 36 00 20 00 46 00 69 00 6C 00 74 00 65 00 72 00 00 00 00 00 3F D7 9C 83 07 19 EA 49 9A A5 0E 6B E9 04 80 87 00 00 00 00 00 00 00 00 00 00 00 00 40 01 00 00 01 00 04 8C 28 01 00 00 34 01 00 00 00 00 00 00 14 00 00 00 02 00 14 01 08 00 00 00 00 10 18 00 FF 07 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 10 18 00 FF 07 03 00 01 02 00 00 00 00 00 05 20 00 00 00 2C 02 00 00 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 F1 41 10 B8 36 FC 4D 57 A8 AE 0B 70 25 21 04 42 84 4F 11 31 00 10 28 00 F4 03 02 00 01 06 00 00 00 00 00 05 50 00 00 00 44 3E 41 BB 45 BA A8 7A 6C BD 92 68 F4 AD 64 8F D5 E6 70 E9 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 79 09 78 B5 AF A1 ED D8 54 5E 32 F4 FF 1B C4 5F FD D9 E0 4A 00 10 28 00 FF 07 03 00
53. 01 06 00 00 00 00 00 05 50 00 00 00 0A D8 62 3A D9 C6 0F 18 1B 65 B5 EB D6 6D 2F 8B 78 83 39 5C 00 10 28 00 F4 03 02 00 01 06 00 00 00 00 00 05 50 00 00 00 6E BF 1B BB 45 EF D2 B1 4A 3B 45 DB 50 5B 43 27 04 58 D8 6B 00 10 14 00 50 00 00 00 01 01 00 00 00 00 00 01 00 00 00 00 01 01 00 00 00 00 00 05 13 00 00 00 01 01 00 00 00 00 00 05 13 00 00 00
54. HKLM\SYSTEM\ControlSet001\Services\BFE\Parameters\Policy\Persistent\Provider\{839cd73f-1907-49ea-9aa5-0e6be9048087}: 01 10 08 00 CC CC CC CC 18 02 00 00 00 00 00 00 00 00 02 00 00 00 00 00 B8 00 00 00 04 00 02 00 40 01 00 00 08 00 02 00 B8 00 00 00 01 10 08 00 CC CC CC CC A8 00 00 00 00 00 00 00 00 00 02 00 3F D7 9C 83 07 19 EA 49 9A A5 0E 6B E9 04 80 87 04 00 02 00 08 00 02 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 16 00 00 00 00 00 00 00 16 00 00 00 4D 00 69 00 63 00 72 00 6F 00 73 00 6F 00 66 00 74 00 20 00 43 00 6F 00 72 00 70 00 6F 00 72 00 61 00 74 00 69 00 6F 00 6E 00 00 00 1C 00 00 00 00 00 00 00 1C 00 00 00 57 00 69 00 6E 00 64 00 6F 00 77 00 73 00 20 00 44 00 65 00 66 00 65 00 6E 00 64 00 65 00 72 00 20 00 57 00 46 00 50 00 20 00 44 00 72 00 69 00 76 00 65 00 72 00 00 00 40 01 00 00 01 00 04 8C 28 01 00 00 34 01 00 00 00 00 00 00 14 00 00 00 02 00 14 01 08 00 00 00 00 10 18 00 FF 07 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 10 18 00 FF 07 03 00 01 02
55. 00 00 00 00 00 05 20 00 00 00 2C 02 00 00 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 F1 41 10 B8 36 FC 4D 57 A8 AE 0B 70 25 21 04 42 84 4F 11 31 00 10 28 00 F4 03 02 00 01 06 00 00 00 00 00 05 50 00 00 00 44 3E 41 BB 45 BA A8 7A 6C BD 92 68 F4 AD 64 8F D5 E6 70 E9 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 79 09 78 B5 AF A1 ED D8 54 5E 32 F4 FF 1B C4 5F FD D9 E0 4A 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 0A D8 62 3A D9 C6 0F 18 1B 65 B5 EB D6 6D 2F 8B 78 83 39 5C 00 10 28 00 F4 03 02 00 01 06 00 00 00 00 00 05 50 00 00 00 6E BF 1B BB 45 EF D2 B1 4A 3B 45 DB 50 5B 43 27 04 58 D8 6B 00 10 14 00 50 00 00 00 01 01 00 00 00 00 00 01 00 00 00 00 01 01 00 00 00 00 00 05 13 00 00 00 01 01 00 00 00 00 00 05 13 00 00 00
56. HKLM\SYSTEM\ControlSet001\Services\BFE\Parameters\Policy\Persistent\SubLayer\{8c36b346-4e0c-4049-8b55-5295ac35567c}: 01 10 08 00 CC CC CC CC 38 02 00 00 00 00 00 00 00 00 02 00 02 00 00 00 D8 00 00 00 04 00 02 00 40 01 00 00 08 00 02 00 D8 00 00 00 01 10 08 00 CC CC CC CC C8 00 00 00 00 00 00 00 00 00 02 00 46 B3 36 8C 0C 4E 49 40 8B 55 52 95 AC 35 56 7C 04 00 02 00 08 00 02 00 01 00 00 00 0C 00 02 00 00 00 00 00 00 00 00 00 FF FF 00 00 1B 00 00 00 00 00 00 00 1B 00 00 00 4E 00 49 00 53 00 20 00 48 00 69 00 67 00 68 00 20 00 50 00 72 00 69 00 6F 00 72 00 69 00 74 00 79 00 20 00 53 00 75 00 62 00 6C 00 61 00 79 00 65 00 72 00 00 00 00 00 1B 00 00 00 00 00 00 00 1B 00 00 00 4E 00 49 00 53 00 20 00 48 00 69 00 67 00 68 00 20 00 50 00 72 00 69 00 6F 00 72 00 69 00 74 00 79 00 20 00 53 00 75 00 62 00 6C 00 61 00 79 00 65 00 72 00 00 00 00 00 3F D7 9C 83 07 19 EA 49 9A A5 0E 6B E9 04 80 87 40 01 00 00 01 00 04 8C 28 01 00 00 34 01 00 00 00 00 00 00 14 00 00 00 02 00 14 01 08 00 00 00 00 10
57. 18 00 FF 07 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 10 18 00 FF 07 03 00 01 02 00 00 00 00 00 05 20 00 00 00 2C 02 00 00 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 F1 41 10 B8 36 FC 4D 57 A8 AE 0B 70 25 21 04 42 84 4F 11 31 00 10 28 00 F4 03 02 00 01 06 00 00 00 00 00 05 50 00 00 00 44 3E 41 BB 45 BA A8 7A 6C BD 92 68 F4 AD 64 8F D5 E6 70 E9 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 79 09 78 B5 AF A1 ED D8 54 5E 32 F4 FF 1B C4 5F FD D9 E0 4A 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 0A D8 62 3A D9 C6 0F 18 1B 65 B5 EB D6 6D 2F 8B 78 83 39 5C 00 10 28 00 F4 03 02 00 01 06 00 00 00 00 00 05 50 00 00 00 6E BF 1B BB 45 EF D2 B1 4A 3B 45 DB 50 5B 43 27 04 58 D8 6B 00 10 14 00 50 00 00 00 01 01 00 00 00 00 00 01 00 00 00 00 01 01 00 00 00 00 00 05 13 00 00 00 01 01 00 00 00 00 00 05 13 00 00 00
58. HKLM\SYSTEM\CurrentControlSet\Services\BFE\Parameters\Policy\Persistent\Callout\{22001ee0-8e87-4f75-ba58-248f5918a63a}: 01 10 08 00 CC CC CC CC 30 02 00 00 00 00 00 00 00 00 02 00 04 00 00 00 D0 00 00 00 04 00 02 00 40 01 00 00 08 00 02 00 D0 00 00 00 01 10 08 00 CC CC CC CC C0 00 00 00 00 00 00 00 00 00 02 00 E0 1E 00 22 87 8E 75 4F BA 58 24 8F 59 18 A6 3A 04 00 02 00 08 00 02 00 00 00 01 00 0C 00 02 00 00 00 00 00 00 00 00 00 3C 65 89 3B 70 C1 E4 49 B1 CD E0 EE EE E1 9A 3E 22 01 00 00 16 00 00 00 00 00 00 00 16 00 00 00 4E 00 49 00 53 00 20 00 53 00 74 00 72 00 65 00 61 00 6D 00 20 00 56 00 34 00 20 00 43 00 61 00 6C 00 6C 00 6F 00 75 00 74 00 00 00 16 00 00 00 00 00 00 00 16 00 00 00 4E 00 49 00 53 00 20 00 53 00 74 00 72 00 65 00 61 00 6D 00 20 00 56 00 34 00 20 00 43 00 61 00 6C 00 6C 00 6F 00 75 00 74 00 00 00 3F D7 9C 83 07 19 EA 49 9A A5 0E 6B E9 04 80 87 40 01 00 00 01 00 04 8C 28 01 00 00 34 01 00 00 00 00 00 00 14 00 00 00 02 00 14 01 08 00 00 00 00 10 18 00 FF 07 0F 00 01
59. 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 10 18 00 FF 07 03 00 01 02 00 00 00 00 00 05 20 00 00 00 2C 02 00 00 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 F1 41 10 B8 36 FC 4D 57 A8 AE 0B 70 25 21 04 42 84 4F 11 31 00 10 28 00 F4 03 02 00 01 06 00 00 00 00 00 05 50 00 00 00 44 3E 41 BB 45 BA A8 7A 6C BD 92 68 F4 AD 64 8F D5 E6 70 E9 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 79 09 78 B5 AF A1 ED D8 54 5E 32 F4 FF 1B C4 5F FD D9 E0 4A 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 0A D8 62 3A D9 C6 0F 18 1B 65 B5 EB D6 6D 2F 8B 78 83 39 5C 00 10 28 00 F4 03 02 00 01 06 00 00 00 00 00 05 50 00 00 00 6E BF 1B BB 45 EF D2 B1 4A 3B 45 DB 50 5B 43 27 04 58 D8 6B 00 10 14 00 50 00 00 00 01 01 00 00 00 00 00 01 00 00 00 00 01 01 00 00 00 00 00 05 13 00 00 00 01 01 00 00 00 00 00 05 13 00 00 00
60. HKLM\SYSTEM\CurrentControlSet\Services\BFE\Parameters\Policy\Persistent\Callout\{79f2a265-b693-4cc9-b480-cbcd87bd4747}: 01 10 08 00 CC CC CC CC 30 02 00 00 00 00 00 00 00 00 02 00 04 00 00 00 D0 00 00 00 04 00 02 00 40 01 00 00 08 00 02 00 D0 00 00 00 01 10 08 00 CC CC CC CC C0 00 00 00 00 00 00 00 00 00 02 00 65 A2 F2 79 93 B6 C9 4C B4 80 CB CD 87 BD 47 47 04 00 02 00 08 00 02 00 00 00 01 00 0C 00 02 00 00 00 00 00 00 00 00 00 7A 13 C9 47 C4 7E B3 46 B6 E4 48 E9 26 B1 ED A4 23 01 00 00 16 00 00 00 00 00 00 00 16 00 00 00 4E 00 49 00 53 00 20 00 53 00 74 00 72 00 65 00 61 00 6D 00 20 00 56 00 36 00 20 00 43 00 61 00 6C 00 6C 00 6F 00 75 00 74 00 00 00 16 00 00 00 00 00 00 00 16 00 00 00 4E 00 49 00 53 00 20 00 53 00 74 00 72 00 65 00 61 00 6D 00 20 00 56 00 36 00 20 00 43 00 61 00 6C 00 6C 00 6F 00 75 00 74 00 00 00 3F D7 9C 83 07 19 EA 49 9A A5 0E 6B E9 04 80 87 40 01 00 00 01 00 04 8C 28 01 00 00 34 01 00 00 00 00 00 00 14 00 00 00 02 00 14 01 08 00 00 00 00 10 18 00 FF 07 0F 00 01
61. 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 10 18 00 FF 07 03 00 01 02 00 00 00 00 00 05 20 00 00 00 2C 02 00 00 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 F1 41 10 B8 36 FC 4D 57 A8 AE 0B 70 25 21 04 42 84 4F 11 31 00 10 28 00 F4 03 02 00 01 06 00 00 00 00 00 05 50 00 00 00 44 3E 41 BB 45 BA A8 7A 6C BD 92 68 F4 AD 64 8F D5 E6 70 E9 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 79 09 78 B5 AF A1 ED D8 54 5E 32 F4 FF 1B C4 5F FD D9 E0 4A 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 0A D8 62 3A D9 C6 0F 18 1B 65 B5 EB D6 6D 2F 8B 78 83 39 5C 00 10 28 00 F4 03 02 00 01 06 00 00 00 00 00 05 50 00 00 00 6E BF 1B BB 45 EF D2 B1 4A 3B 45 DB 50 5B 43 27 04 58 D8 6B 00 10 14 00 50 00 00 00 01 01 00 00 00 00 00 01 00 00 00 00 01 01 00 00 00 00 00 05 13 00 00 00 01 01 00 00 00 00 00 05 13 00 00 00
62. HKLM\SYSTEM\CurrentControlSet\Services\BFE\Parameters\Policy\Persistent\Callout\{c4b50f21-503e-4d7a-abd4-ed0a823a2453}: 01 10 08 00 CC CC CC CC 68 02 00 00 00 00 00 00 00 00 02 00 04 00 00 00 08 01 00 00 04 00 02 00 40 01 00 00 08 00 02 00 08 01 00 00 01 10 08 00 CC CC CC CC F8 00 00 00 00 00 00 00 00 00 02 00 21 0F B5 C4 3E 50 7A 4D AB D4 ED 0A 82 3A 24 53 04 00 02 00 08 00 02 00 00 00 01 00 0C 00 02 00 00 00 00 00 00 00 00 00 0A 47 80 AF 96 55 13 4C 99 92 53 9E 6F E5 79 67 24 01 00 00 24 00 00 00 00 00 00 00 24 00 00 00 4E 00 49 00 53 00 20 00 41 00 4C 00 45 00 20 00 46 00 6C 00 6F 00 77 00 20 00 45 00 73 00 74 00 61 00 62 00 6C 00 69 00 73 00 68 00 65 00 64 00 20 00 56 00 34 00 20 00 43 00 61 00 6C 00 6C 00 6F 00 75 00 74 00 00 00 24 00 00 00 00 00 00 00 24 00 00 00 4E 00 49 00 53 00 20 00 41 00 4C 00 45 00 20 00 46 00 6C 00 6F 00 77 00 20 00 45 00 73 00 74 00 61 00 62 00 6C 00 69 00 73 00 68 00 65 00 64 00 20 00 56 00 34 00 20 00 43 00 61 00 6C 00 6C 00 6F 00 75 00 74 00 00 00 3F
63. D7 9C 83 07 19 EA 49 9A A5 0E 6B E9 04 80 87 40 01 00 00 01 00 04 8C 28 01 00 00 34 01 00 00 00 00 00 00 14 00 00 00 02 00 14 01 08 00 00 00 00 10 18 00 FF 07 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 10 18 00 FF 07 03 00 01 02 00 00 00 00 00 05 20 00 00 00 2C 02 00 00 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 F1 41 10 B8 36 FC 4D 57 A8 AE 0B 70 25 21 04 42 84 4F 11 31 00 10 28 00 F4 03 02 00 01 06 00 00 00 00 00 05 50 00 00 00 44 3E 41 BB 45 BA A8 7A 6C BD 92 68 F4 AD 64 8F D5 E6 70 E9 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 79 09 78 B5 AF A1 ED D8 54 5E 32 F4 FF 1B C4 5F FD D9 E0 4A 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 0A D8 62 3A D9 C6 0F 18 1B 65 B5 EB D6 6D 2F 8B 78 83 39 5C 00 10 28 00 F4 03 02 00 01 06 00 00 00 00 00 05 50 00 00 00 6E BF 1B BB 45 EF D2 B1 4A 3B 45 DB 50 5B 43 27 04 58 D8 6B 00 10 14 00 50 00 00 00 01 01 00 00 00 00 00 01 00 00 00 00 01 01 00 00 00 00 00 05 13 00 00 00 01 01 00 00 00 00 0
64. 0 05 13 00 00 00
65. HKLM\SYSTEM\CurrentControlSet\Services\BFE\Parameters\Policy\Persistent\Callout\{91e902db-2cef-4040-b8e2-02fe4fd49c25}: 01 10 08 00 CC CC CC CC 68 02 00 00 00 00 00 00 00 00 02 00 04 00 00 00 08 01 00 00 04 00 02 00 40 01 00 00 08 00 02 00 08 01 00 00 01 10 08 00 CC CC CC CC F8 00 00 00 00 00 00 00 00 00 02 00 DB 02 E9 91 EF 2C 40 40 B8 E2 02 FE 4F D4 9C 25 04 00 02 00 08 00 02 00 00 00 01 00 0C 00 02 00 00 00 00 00 00 00 00 00 B3 D2 21 70 A4 DF 6E 40 AF EB 6A FA F7 E7 0E FD 25 01 00 00 24 00 00 00 00 00 00 00 24 00 00 00 4E 00 49 00 53 00 20 00 41 00 4C 00 45 00 20 00 46 00 6C 00 6F 00 77 00 20 00 45 00 73 00 74 00 61 00 62 00 6C 00 69 00 73 00 68 00 65 00 64 00 20 00 56 00 36 00 20 00 43 00 61 00 6C 00 6C 00 6F 00 75 00 74 00 00 00 24 00 00 00 00 00 00 00 24 00 00 00 4E 00 49 00 53 00 20 00 41 00 4C 00 45 00 20 00 46 00 6C 00 6F 00 77 00 20 00 45 00 73 00 74 00 61 00 62 00 6C 00 69 00 73 00 68 00 65 00 64 00 20 00 56 00 36 00 20 00 43 00 61 00 6C 00 6C 00 6F 00 75 00 74 00 00 00 3F
66. D7 9C 83 07 19 EA 49 9A A5 0E 6B E9 04 80 87 40 01 00 00 01 00 04 8C 28 01 00 00 34 01 00 00 00 00 00 00 14 00 00 00 02 00 14 01 08 00 00 00 00 10 18 00 FF 07 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 10 18 00 FF 07 03 00 01 02 00 00 00 00 00 05 20 00 00 00 2C 02 00 00 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 F1 41 10 B8 36 FC 4D 57 A8 AE 0B 70 25 21 04 42 84 4F 11 31 00 10 28 00 F4 03 02 00 01 06 00 00 00 00 00 05 50 00 00 00 44 3E 41 BB 45 BA A8 7A 6C BD 92 68 F4 AD 64 8F D5 E6 70 E9 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 79 09 78 B5 AF A1 ED D8 54 5E 32 F4 FF 1B C4 5F FD D9 E0 4A 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 0A D8 62 3A D9 C6 0F 18 1B 65 B5 EB D6 6D 2F 8B 78 83 39 5C 00 10 28 00 F4 03 02 00 01 06 00 00 00 00 00 05 50 00 00 00 6E BF 1B BB 45 EF D2 B1 4A 3B 45 DB 50 5B 43 27 04 58 D8 6B 00 10 14 00 50 00 00 00 01 01 00 00 00 00 00 01 00 00 00 00 01 01 00 00 00 00 00 05 13 00 00 00 01 01 00 00 00 00 0
67. 0 05 13 00 00 00
68. HKLM\SYSTEM\CurrentControlSet\Services\BFE\Parameters\Policy\Persistent\Filter\{56b4fdc4-bb4e-4c42-a9d8-f627ee15ac21}: 01 10 08 00 CC CC CC CC A0 02 00 00 00 00 00 00 00 00 02 00 05 00 00 00 40 01 00 00 04 00 02 00 40 01 00 00 08 00 02 00 40 01 00 00 01 10 08 00 CC CC CC CC 30 01 00 00 00 00 00 00 00 00 02 00 00 00 00 00 C4 FD B4 56 4E BB 42 4C A9 D8 F6 27 EE 15 AC 21 04 00 02 00 08 00 02 00 11 00 00 00 0C 00 02 00 00 00 00 00 00 00 00 00 3C 65 89 3B 70 C1 E4 49 B1 CD E0 EE EE E1 9A 3E 46 B3 36 8C 0C 4E 49 40 8B 55 52 95 AC 35 56 7C 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 05 40 00 00 00 40 00 00 E0 1E 00 22 87 8E 75 4F BA 58 24 8F 59 18 A6 3A 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 58 37 01 00 00 00 00 00 04 00 00 00 04 00 00 00 10 00 02 00 15 00 00 00 00 00 00 00 15 00 00 00 4E 00 49 00 53 00 20 00 53 00 74 00 72 00 65 00 61 00 6D 00 20 00 56 00 34 00 20 00 46 00 69 00 6C 00 74 00 65 00 72 00 00 00 00 00 15 00 00 00 00 00 00 00 15 00 00 00 4E 0
69. 0 49 00 53 00 20 00 53 00 74 00 72 00 65 00 61 00 6D 00 20 00 56 00 34 00 20 00 46 00 69 00 6C 00 74 00 65 00 72 00 00 00 00 00 3F D7 9C 83 07 19 EA 49 9A A5 0E 6B E9 04 80 87 00 00 00 00 00 00 00 00 00 00 00 00 40 01 00 00 01 00 04 8C 28 01 00 00 34 01 00 00 00 00 00 00 14 00 00 00 02 00 14 01 08 00 00 00 00 10 18 00 FF 07 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 10 18 00 FF 07 03 00 01 02 00 00 00 00 00 05 20 00 00 00 2C 02 00 00 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 F1 41 10 B8 36 FC 4D 57 A8 AE 0B 70 25 21 04 42 84 4F 11 31 00 10 28 00 F4 03 02 00 01 06 00 00 00 00 00 05 50 00 00 00 44 3E 41 BB 45 BA A8 7A 6C BD 92 68 F4 AD 64 8F D5 E6 70 E9 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 79 09 78 B5 AF A1 ED D8 54 5E 32 F4 FF 1B C4 5F FD D9 E0 4A 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 0A D8 62 3A D9 C6 0F 18 1B 65 B5 EB D6 6D 2F 8B 78 83 39 5C 00 10 28 00 F4 03 02 00 01 06 00 00 00 00 00 05 50 00 00 00 6E BF 1B
70. BB 45 EF D2 B1 4A 3B 45 DB 50 5B 43 27 04 58 D8 6B 00 10 14 00 50 00 00 00 01 01 00 00 00 00 00 01 00 00 00 00 01 01 00 00 00 00 00 05 13 00 00 00 01 01 00 00 00 00 00 05 13 00 00 00
71. HKLM\SYSTEM\CurrentControlSet\Services\BFE\Parameters\Policy\Persistent\Filter\{1ba41ed8-151d-4577-9272-317856bc637c}: 01 10 08 00 CC CC CC CC A0 02 00 00 00 00 00 00 00 00 02 00 05 00 00 00 40 01 00 00 04 00 02 00 40 01 00 00 08 00 02 00 40 01 00 00 01 10 08 00 CC CC CC CC 30 01 00 00 00 00 00 00 00 00 02 00 00 00 00 00 D8 1E A4 1B 1D 15 77 45 92 72 31 78 56 BC 63 7C 04 00 02 00 08 00 02 00 11 00 00 00 0C 00 02 00 00 00 00 00 00 00 00 00 7A 13 C9 47 C4 7E B3 46 B6 E4 48 E9 26 B1 ED A4 46 B3 36 8C 0C 4E 49 40 8B 55 52 95 AC 35 56 7C 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 05 40 00 00 00 40 00 00 65 A2 F2 79 93 B6 C9 4C B4 80 CB CD 87 BD 47 47 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 59 37 01 00 00 00 00 00 04 00 00 00 04 00 00 00 10 00 02 00 15 00 00 00 00 00 00 00 15 00 00 00 4E 00 49 00 53 00 20 00 53 00 74 00 72 00 65 00 61 00 6D 00 20 00 56 00 36 00 20 00 46 00 69 00 6C 00 74 00 65 00 72 00 00 00 00 00 15 00 00 00 00 00 00 00 15 00 00 00 4E 0
72. 0 49 00 53 00 20 00 53 00 74 00 72 00 65 00 61 00 6D 00 20 00 56 00 36 00 20 00 46 00 69 00 6C 00 74 00 65 00 72 00 00 00 00 00 3F D7 9C 83 07 19 EA 49 9A A5 0E 6B E9 04 80 87 00 00 00 00 00 00 00 00 00 00 00 00 40 01 00 00 01 00 04 8C 28 01 00 00 34 01 00 00 00 00 00 00 14 00 00 00 02 00 14 01 08 00 00 00 00 10 18 00 FF 07 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 10 18 00 FF 07 03 00 01 02 00 00 00 00 00 05 20 00 00 00 2C 02 00 00 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 F1 41 10 B8 36 FC 4D 57 A8 AE 0B 70 25 21 04 42 84 4F 11 31 00 10 28 00 F4 03 02 00 01 06 00 00 00 00 00 05 50 00 00 00 44 3E 41 BB 45 BA A8 7A 6C BD 92 68 F4 AD 64 8F D5 E6 70 E9 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 79 09 78 B5 AF A1 ED D8 54 5E 32 F4 FF 1B C4 5F FD D9 E0 4A 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 0A D8 62 3A D9 C6 0F 18 1B 65 B5 EB D6 6D 2F 8B 78 83 39 5C 00 10 28 00 F4 03 02 00 01 06 00 00 00 00 00 05 50 00 00 00 6E BF 1B
73. BB 45 EF D2 B1 4A 3B 45 DB 50 5B 43 27 04 58 D8 6B 00 10 14 00 50 00 00 00 01 01 00 00 00 00 00 01 00 00 00 00 01 01 00 00 00 00 00 05 13 00 00 00 01 01 00 00 00 00 00 05 13 00 00 00
74. HKLM\SYSTEM\CurrentControlSet\Services\BFE\Parameters\Policy\Persistent\Filter\{9248d57e-f843-4159-807d-3813173e2096}: 01 10 08 00 CC CC CC CC D8 02 00 00 00 00 00 00 00 00 02 00 05 00 00 00 78 01 00 00 04 00 02 00 40 01 00 00 08 00 02 00 78 01 00 00 01 10 08 00 CC CC CC CC 68 01 00 00 00 00 00 00 00 00 02 00 00 00 00 00 7E D5 48 92 43 F8 59 41 80 7D 38 13 17 3E 20 96 04 00 02 00 08 00 02 00 11 00 00 00 0C 00 02 00 00 00 00 00 00 00 00 00 0A 47 80 AF 96 55 13 4C 99 92 53 9E 6F E5 79 67 46 B3 36 8C 0C 4E 49 40 8B 55 52 95 AC 35 56 7C 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 05 40 00 00 00 40 00 00 21 0F B5 C4 3E 50 7A 4D AB D4 ED 0A 82 3A 24 53 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 5A 37 01 00 00 00 00 00 04 00 00 00 04 00 00 00 10 00 02 00 23 00 00 00 00 00 00 00 23 00 00 00 4E 00 49 00 53 00 20 00 41 00 4C 00 45 00 20 00 46 00 6C 00 6F 00 77 00 20 00 45 00 73 00 74 00 61 00 62 00 6C 00 69 00 73 00 68 00 65 00 64 00 20 00 56 00 34 00 20 00 46 0
75. 0 69 00 6C 00 74 00 65 00 72 00 00 00 00 00 23 00 00 00 00 00 00 00 23 00 00 00 4E 00 49 00 53 00 20 00 41 00 4C 00 45 00 20 00 46 00 6C 00 6F 00 77 00 20 00 45 00 73 00 74 00 61 00 62 00 6C 00 69 00 73 00 68 00 65 00 64 00 20 00 56 00 34 00 20 00 46 00 69 00 6C 00 74 00 65 00 72 00 00 00 00 00 3F D7 9C 83 07 19 EA 49 9A A5 0E 6B E9 04 80 87 00 00 00 00 00 00 00 00 00 00 00 00 40 01 00 00 01 00 04 8C 28 01 00 00 34 01 00 00 00 00 00 00 14 00 00 00 02 00 14 01 08 00 00 00 00 10 18 00 FF 07 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 10 18 00 FF 07 03 00 01 02 00 00 00 00 00 05 20 00 00 00 2C 02 00 00 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 F1 41 10 B8 36 FC 4D 57 A8 AE 0B 70 25 21 04 42 84 4F 11 31 00 10 28 00 F4 03 02 00 01 06 00 00 00 00 00 05 50 00 00 00 44 3E 41 BB 45 BA A8 7A 6C BD 92 68 F4 AD 64 8F D5 E6 70 E9 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 79 09 78 B5 AF A1 ED D8 54 5E 32 F4 FF 1B C4 5F FD D9 E0 4A 00 10 28 00 FF 07 03
76. 00 01 06 00 00 00 00 00 05 50 00 00 00 0A D8 62 3A D9 C6 0F 18 1B 65 B5 EB D6 6D 2F 8B 78 83 39 5C 00 10 28 00 F4 03 02 00 01 06 00 00 00 00 00 05 50 00 00 00 6E BF 1B BB 45 EF D2 B1 4A 3B 45 DB 50 5B 43 27 04 58 D8 6B 00 10 14 00 50 00 00 00 01 01 00 00 00 00 00 01 00 00 00 00 01 01 00 00 00 00 00 05 13 00 00 00 01 01 00 00 00 00 00 05 13 00 00 00
77. HKLM\SYSTEM\CurrentControlSet\Services\BFE\Parameters\Policy\Persistent\Filter\{4658cd86-525d-44ed-98a5-791a7b8655f1}: 01 10 08 00 CC CC CC CC D8 02 00 00 00 00 00 00 00 00 02 00 05 00 00 00 78 01 00 00 04 00 02 00 40 01 00 00 08 00 02 00 78 01 00 00 01 10 08 00 CC CC CC CC 68 01 00 00 00 00 00 00 00 00 02 00 00 00 00 00 86 CD 58 46 5D 52 ED 44 98 A5 79 1A 7B 86 55 F1 04 00 02 00 08 00 02 00 11 00 00 00 0C 00 02 00 00 00 00 00 00 00 00 00 B3 D2 21 70 A4 DF 6E 40 AF EB 6A FA F7 E7 0E FD 46 B3 36 8C 0C 4E 49 40 8B 55 52 95 AC 35 56 7C 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 05 40 00 00 00 40 00 00 DB 02 E9 91 EF 2C 40 40 B8 E2 02 FE 4F D4 9C 25 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 5B 37 01 00 00 00 00 00 04 00 00 00 04 00 00 00 10 00 02 00 23 00 00 00 00 00 00 00 23 00 00 00 4E 00 49 00 53 00 20 00 41 00 4C 00 45 00 20 00 46 00 6C 00 6F 00 77 00 20 00 45 00 73 00 74 00 61 00 62 00 6C 00 69 00 73 00 68 00 65 00 64 00 20 00 56 00 36 00 20 00 46 0
78. 0 69 00 6C 00 74 00 65 00 72 00 00 00 00 00 23 00 00 00 00 00 00 00 23 00 00 00 4E 00 49 00 53 00 20 00 41 00 4C 00 45 00 20 00 46 00 6C 00 6F 00 77 00 20 00 45 00 73 00 74 00 61 00 62 00 6C 00 69 00 73 00 68 00 65 00 64 00 20 00 56 00 36 00 20 00 46 00 69 00 6C 00 74 00 65 00 72 00 00 00 00 00 3F D7 9C 83 07 19 EA 49 9A A5 0E 6B E9 04 80 87 00 00 00 00 00 00 00 00 00 00 00 00 40 01 00 00 01 00 04 8C 28 01 00 00 34 01 00 00 00 00 00 00 14 00 00 00 02 00 14 01 08 00 00 00 00 10 18 00 FF 07 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 10 18 00 FF 07 03 00 01 02 00 00 00 00 00 05 20 00 00 00 2C 02 00 00 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 F1 41 10 B8 36 FC 4D 57 A8 AE 0B 70 25 21 04 42 84 4F 11 31 00 10 28 00 F4 03 02 00 01 06 00 00 00 00 00 05 50 00 00 00 44 3E 41 BB 45 BA A8 7A 6C BD 92 68 F4 AD 64 8F D5 E6 70 E9 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 79 09 78 B5 AF A1 ED D8 54 5E 32 F4 FF 1B C4 5F FD D9 E0 4A 00 10 28 00 FF 07 03
79. 00 01 06 00 00 00 00 00 05 50 00 00 00 0A D8 62 3A D9 C6 0F 18 1B 65 B5 EB D6 6D 2F 8B 78 83 39 5C 00 10 28 00 F4 03 02 00 01 06 00 00 00 00 00 05 50 00 00 00 6E BF 1B BB 45 EF D2 B1 4A 3B 45 DB 50 5B 43 27 04 58 D8 6B 00 10 14 00 50 00 00 00 01 01 00 00 00 00 00 01 00 00 00 00 01 01 00 00 00 00 00 05 13 00 00 00 01 01 00 00 00 00 00 05 13 00 00 00
80. HKLM\SYSTEM\CurrentControlSet\Services\BFE\Parameters\Policy\Persistent\Provider\{839cd73f-1907-49ea-9aa5-0e6be9048087}: 01 10 08 00 CC CC CC CC 18 02 00 00 00 00 00 00 00 00 02 00 00 00 00 00 B8 00 00 00 04 00 02 00 40 01 00 00 08 00 02 00 B8 00 00 00 01 10 08 00 CC CC CC CC A8 00 00 00 00 00 00 00 00 00 02 00 3F D7 9C 83 07 19 EA 49 9A A5 0E 6B E9 04 80 87 04 00 02 00 08 00 02 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 16 00 00 00 00 00 00 00 16 00 00 00 4D 00 69 00 63 00 72 00 6F 00 73 00 6F 00 66 00 74 00 20 00 43 00 6F 00 72 00 70 00 6F 00 72 00 61 00 74 00 69 00 6F 00 6E 00 00 00 1C 00 00 00 00 00 00 00 1C 00 00 00 57 00 69 00 6E 00 64 00 6F 00 77 00 73 00 20 00 44 00 65 00 66 00 65 00 6E 00 64 00 65 00 72 00 20 00 57 00 46 00 50 00 20 00 44 00 72 00 69 00 76 00 65 00 72 00 00 00 40 01 00 00 01 00 04 8C 28 01 00 00 34 01 00 00 00 00 00 00 14 00 00 00 02 00 14 01 08 00 00 00 00 10 18 00 FF 07 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 10 18 00 FF 07 03 00 01
81. 02 00 00 00 00 00 05 20 00 00 00 2C 02 00 00 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 F1 41 10 B8 36 FC 4D 57 A8 AE 0B 70 25 21 04 42 84 4F 11 31 00 10 28 00 F4 03 02 00 01 06 00 00 00 00 00 05 50 00 00 00 44 3E 41 BB 45 BA A8 7A 6C BD 92 68 F4 AD 64 8F D5 E6 70 E9 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 79 09 78 B5 AF A1 ED D8 54 5E 32 F4 FF 1B C4 5F FD D9 E0 4A 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 0A D8 62 3A D9 C6 0F 18 1B 65 B5 EB D6 6D 2F 8B 78 83 39 5C 00 10 28 00 F4 03 02 00 01 06 00 00 00 00 00 05 50 00 00 00 6E BF 1B BB 45 EF D2 B1 4A 3B 45 DB 50 5B 43 27 04 58 D8 6B 00 10 14 00 50 00 00 00 01 01 00 00 00 00 00 01 00 00 00 00 01 01 00 00 00 00 00 05 13 00 00 00 01 01 00 00 00 00 00 05 13 00 00 00
82. HKLM\SYSTEM\CurrentControlSet\Services\BFE\Parameters\Policy\Persistent\SubLayer\{8c36b346-4e0c-4049-8b55-5295ac35567c}: 01 10 08 00 CC CC CC CC 38 02 00 00 00 00 00 00 00 00 02 00 02 00 00 00 D8 00 00 00 04 00 02 00 40 01 00 00 08 00 02 00 D8 00 00 00 01 10 08 00 CC CC CC CC C8 00 00 00 00 00 00 00 00 00 02 00 46 B3 36 8C 0C 4E 49 40 8B 55 52 95 AC 35 56 7C 04 00 02 00 08 00 02 00 01 00 00 00 0C 00 02 00 00 00 00 00 00 00 00 00 FF FF 00 00 1B 00 00 00 00 00 00 00 1B 00 00 00 4E 00 49 00 53 00 20 00 48 00 69 00 67 00 68 00 20 00 50 00 72 00 69 00 6F 00 72 00 69 00 74 00 79 00 20 00 53 00 75 00 62 00 6C 00 61 00 79 00 65 00 72 00 00 00 00 00 1B 00 00 00 00 00 00 00 1B 00 00 00 4E 00 49 00 53 00 20 00 48 00 69 00 67 00 68 00 20 00 50 00 72 00 69 00 6F 00 72 00 69 00 74 00 79 00 20 00 53 00 75 00 62 00 6C 00 61 00 79 00 65 00 72 00 00 00 00 00 3F D7 9C 83 07 19 EA 49 9A A5 0E 6B E9 04 80 87 40 01 00 00 01 00 04 8C 28 01 00 00 34 01 00 00 00 00 00 00 14 00 00 00 02 00 14 01 08 00 00 00 00
83. 10 18 00 FF 07 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 10 18 00 FF 07 03 00 01 02 00 00 00 00 00 05 20 00 00 00 2C 02 00 00 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 F1 41 10 B8 36 FC 4D 57 A8 AE 0B 70 25 21 04 42 84 4F 11 31 00 10 28 00 F4 03 02 00 01 06 00 00 00 00 00 05 50 00 00 00 44 3E 41 BB 45 BA A8 7A 6C BD 92 68 F4 AD 64 8F D5 E6 70 E9 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 79 09 78 B5 AF A1 ED D8 54 5E 32 F4 FF 1B C4 5F FD D9 E0 4A 00 10 28 00 FF 07 03 00 01 06 00 00 00 00 00 05 50 00 00 00 0A D8 62 3A D9 C6 0F 18 1B 65 B5 EB D6 6D 2F 8B 78 83 39 5C 00 10 28 00 F4 03 02 00 01 06 00 00 00 00 00 05 50 00 00 00 6E BF 1B BB 45 EF D2 B1 4A 3B 45 DB 50 5B 43 27 04 58 D8 6B 00 10 14 00 50 00 00 00 01 01 00 00 00 00 00 01 00 00 00 00 01 01 00 00 00 00 00 05 13 00 00 00 01 01 00 00 00 00 00 05 13 00 00 00
84. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\PlmVolatile\TerminationType\windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel: 0x00000005
85. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:00000000003A0AA6\VirtualDesktop: 10 00 00 00 30 30 44 56 54 72 78 2A 0D 94 5A 48 A4 AE 65 BD FA CA 60 33
86. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\TaskManager\Preferences: 0C 00 00 00 60 00 00 00 60 00 00 00 45 00 00 00 51 00 00 00 C0 01 00 00 C5 01 00 00 00 00 01 00 01 00 00 00 45 00 00 00 51 00 00 00 D9 02 00 00 A9 02 00 00 E8 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0B 00 00 00 01 00 00 00 00 00 00 00 B8 E9 6A 97 F7 7F 00 00 00 00 00 00 00 00 00 00 00 00 00 00 EA 00 00 00 1E 00 00 00 89 90 00 00 00 00 00 00 FF 00 00 00 01 01 50 00 00 00 00 00 0C 00 00 00 00 00 00 00 E0 E9 6A 97 F7 7F 00 00 00 00 00 00 00 00 00 00 FF FF FF FF 96 00 00 00 1E 00 00 00 8B 90 00 00 01 00 00 00 00 00 00 00 00 10 10 01 00 00 00 00 03 00 00 00 00 00 00 00 F8 E9 6A 97 F7 7F 00 00 00 00 00 00 00 00 00 00 01 00 00 00 64 00 00 00 1E 00 00 00 8C 90 00 00 02 00 00 00 00 00 00 00 01 02 12 00 00 00 00 00 04 00 00 00 00 00 00 00 10 EA 6A 97 F7 7F 00 00 00 00 00 00 00 00 00 00 FF FF FF FF 96 00 00 00 1E 00 00 00 8D 90 00 00 03 00 00 00 00 00 00 00 00 01 10 01 00 00
87. 00 00 02 00 00 00 00 00 00 00 30 EA 6A 97 F7 7F 00 00 00 00 00 00 00 00 00 00 FF FF FF FF 32 00 00 00 1E 00 00 00 8A 90 00 00 04 00 00 00 00 00 00 00 00 08 20 01 00 00 00 00 05 00 00 00 00 00 00 00 48 EA 6A 97 F7 7F 00 00 00 00 00 00 00 00 00 00 FF FF FF FF C8 00 00 00 1E 00 00 00 8E 90 00 00 05 00 00 00 00 00 00 00 00 01 10 01 00 00 00 00 06 00 00 00 00 00 00 00 70 EA 6A 97 F7 7F 00 00 00 00 00 00 00 00 00 00 FF FF FF FF 04 01 00 00 1E 00 00 00 8F 90 00 00 06 00 00 00 00 00 00 00 00 01 10 01 00 00 00 00 07 00 00 00 00 00 00 00 98 EA 6A 97 F7 7F 00 00 00 00 00 00 00 00 00 00 FF FF FF FF 49 00 00 00 49 00 00 00 90 90 00 00 07 00 00 00 00 00 00 00 00 04 25 00 00 00 00 00 08 00 00 00 00 00 00 00 B8 EA 6A 97 F7 7F 00 00 00 00 00 00 00 00 00 00 FF FF FF FF 49 00 00 00 49 00 00 00 91 90 00 00 08 00 00 00 01 00 00 00 00 04 25 02 00 00 00 00 09 00 00 00 00 00 00 00 D0 EA 6A 97 F7 7F 00 00 00 00 00 00 00 00 00 00 FF FF FF FF 49 00 00 00 49 00 00 00 92 90 00 00 09 00 00 00 00 00 00 00 00 04 25 0
88. 8 00 00 00 00 0A 00 00 00 00 00 00 00 E8 EA 6A 97 F7 7F 00 00 00 00 00 00 00 00 00 00 FF FF FF FF 49 00 00 00 49 00 00 00 93 90 00 00 0A 00 00 00 00 00 00 00 00 04 25 08 00 00 00 00 03 00 00 00 0A 00 00 00 01 00 00 00 00 00 00 00 B8 E9 6A 97 F7 7F 00 00 00 00 00 00 00 00 00 00 00 00 00 00 D7 00 00 00 00 00 00 00 89 90 00 00 00 00 00 00 FF 00 00 00 01 01 50 02 00 00 00 00 04 00 00 00 00 00 00 00 10 EA 6A 97 F7 7F 00 00 00 00 00 00 00 00 00 00 01 00 00 00 96 00 00 00 00 00 00 00 8D 90 00 00 01 00 00 00 00 00 00 00 01 01 10 00 00 00 00 00 03 00 00 00 00 00 00 00 F8 E9 6A 97 F7 7F 00 00 00 00 00 00 00 00 00 00 FF FF FF FF 64 00 00 00 00 00 00 00 8C 90 00 00 02 00 00 00 00 00 00 00 00 02 10 00 00 00 00 00 0B 00 00 00 00 00 00 00 08 EB 6A 97 F7 7F 00 00 00 00 00 00 00 00 00 00 03 00 00 00 64 00 00 00 00 00 00 00 94 90 00 00 03 00 00 00 00 00 00 00 01 02 10 00 00 00 00 00 0C 00 00 00 00 00 00 00 30 EB 6A 97 F7 7F 00 00 00 00 00 00 00 00 00 00 FF FF FF FF 64 00 00 00 00 00 00 00 95 90 00 00 04
89. 00 00 00 00 00 00 00 00 01 10 01 00 00 00 00 0D 00 00 00 00 00 00 00 58 EB 6A 97 F7 7F 00 00 00 00 00 00 00 00 00 00 05 00 00 00 32 00 00 00 00 00 00 00 96 90 00 00 05 00 00 00 00 00 00 00 01 04 20 01 00 00 00 00 0E 00 00 00 00 00 00 00 80 EB 6A 97 F7 7F 00 00 00 00 00 00 00 00 00 00 06 00 00 00 32 00 00 00 00 00 00 00 97 90 00 00 06 00 00 00 00 00 00 00 01 04 20 01 00 00 00 00 0F 00 00 00 00 00 00 00 A0 EB 6A 97 F7 7F 00 00 00 00 00 00 00 00 00 00 07 00 00 00 46 00 00 00 00 00 00 00 98 90 00 00 07 00 00 00 00 00 00 00 01 01 10 01 00 00 00 00 10 00 00 00 00 00 00 00 C0 EB 6A 97 F7 7F 00 00 00 00 00 00 00 00 00 00 FF FF FF FF 64 00 00 00 00 00 00 00 99 90 00 00 08 00 00 00 00 00 00 00 00 01 10 01 00 00 00 00 06 00 00 00 00 00 00 00 70 EA 6A 97 F7 7F 00 00 00 00 00 00 00 00 00 00 09 00 00 00 04 01 00 00 00 00 00 00 8F 90 00 00 09 00 00 00 00 00 00 00 01 01 10 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
90. 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00 00 09 00 00 00 01 00 00 00 00 00 00 00 B8 E9 6A 97 F7 7F 00 00 00 00 00 00 00 00 00 00 00 00 00 00 D7 00 00 00 00 00 00 00 9E 90 00 00 00 00 00 00 FF 00 00 00 01 01 50 02 00 00 00 00 11 00 00 00 00 00 00 00 E8 EB 6A 97 F7 7F 00 00 00 00 00 00 00 00 00 00 FF FF FF FF 2D 00 00 00 00 00 00 00 9B 90 00 00 01 00 00 00 00 00 00 00 00 04 20 01 00 00 00 00 13 00 00 00 00 00 00 00 08 EC 6A 97 F7 7F 00 00 00 00 00 00 00 00 00 00 FF FF FF FF 64 00 00 00 00 00 00 00 9D 90 00 00 02 00 00 00 00 00 00 00 00 01 10 01 00 00 00 00 12 00 00 00 00 00 00 00 30 EC 6A 97 F7 7F 00 00 00 00 00 00 00 00 00 00 FF FF FF FF 64 00 00 00 00 00 00 00 9C 90 00 00 03 00 00 00 00 00 00 00 00 01 10 01 00 00 00 00 03 00 00 00 00 00 00 00 F8 E9 6A 97 F7 7F 00 00 00 00 00 00 00 00 00 00 01 00 00 00 64 00 00 00 00 00 00 00 8C 90 00 00 04 00 00 00 00 00 00 00 01 02 10 00 00 00 00 00 07 00 00 00 00 00 00 00 98 EA 6A 97 F7 7F 00 00 00 00 00 00 00 00 00 00 07 00 00 0
91. 0 49 00 00 00 49 00 00 00 90 90 00 00 05 00 00 00 00 00 00 00 01 04 21 00 00 00 00 00 08 00 00 00 00 00 00 00 B8 EA 6A 97 F7 7F 00 00 00 00 00 00 00 00 00 00 08 00 00 00 49 00 00 00 49 00 00 00 91 90 00 00 06 00 00 00 00 00 00 00 01 04 21 00 00 00 00 00 09 00 00 00 00 00 00 00 D0 EA 6A 97 F7 7F 00 00 00 00 00 00 00 00 00 00 09 00 00 00 49 00 00 00 49 00 00 00 92 90 00 00 07 00 00 00 00 00 00 00 01 04 21 08 00 00 00 00 0A 00 00 00 00 00 00 00 E8 EA 6A 97 F7 7F 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 49 00 00 00 49 00 00 00 93 90 00 00 08 00 00 00 00 00 00 00 01 04 21 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 00 00 00 08 00 00 00 01 00 00 00 00 00 00 00 B8 E9 6A 97 F7 7F 00 00 00
92. 00 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 B0 90 00 00 00 00 00 00 FF 00 00 00 01 01 50 02 00 00 00 00 15 00 00 00 00 00 00 00 50 EC 6A 97 F7 7F 00 00 00 00 00 00 00 00 00 00 FF FF FF FF 6B 00 00 00 00 00 00 00 B1 90 00 00 01 00 00 00 00 00 00 00 00 04 25 00 00 00 00 00 16 00 00 00 00 00 00 00 80 EC 6A 97 F7 7F 00 00 00 00 00 00 00 00 00 00 FF FF FF FF 6B 00 00 00 00 00 00 00 B2 90 00 00 02 00 00 00 00 00 00 00 00 04 25 00 00 00 00 00 18 00 00 00 00 00 00 00 A8 EC 6A 97 F7 7F 00 00 00 00 00 00 00 00 00 00 FF FF FF FF 6B 00 00 00 00 00 00 00 B4 90 00 00 03 00 00 00 00 00 00 00 00 04 25 00 00 00 00 00 17 00 00 00 00 00 00 00 D0 EC 6A 97 F7 7F 00 00 00 00 00 00 00 00 00 00 FF FF FF FF 6B 00 00 00 00 00 00 00 B3 90 00 00 04 00 00 00 00 00 00 00 00 04 25 00 00 00 00 00 19 00 00 00 00 00 00 00 08 ED 6A 97 F7 7F 00 00 00 00 00 00 00 00 00 00 FF FF FF FF A0 00 00 00 00 00 00 00 B5 90 00 00 05 00 00 00 00 00 00 00 00 04 20 01 00 00 00 00 1A 00 00 00 00 00 00 00 38 ED 6A 97 F7 7F
93. 00 00 00 00 00 00 00 00 00 00 FF FF FF FF 7D 00 00 00 00 00 00 00 B6 90 00 00 06 00 00 00 00 00 00 00 00 04 20 01 00 00 00 00 1B 00 00 00 00 00 00 00 68 ED 6A 97 F7 7F 00 00 00 00 00 00 00 00 00 00 FF FF FF FF 7D 00 00 00 00 00 00 00 B7 90 00 00 07 00 00 00 00 00 00 00 00 04 20 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
94. 0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
95. 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 DA 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 5D 10 00 00 10 00 00 00 64 00 00 00 64 00 00 00 32 00 00 00 50 00 00 00 50 00 00 00 32 00 00 00 28 00 00 00 50 00 00 00 3C 00 00 00 50 00 00 00 50 00 00 00 32 00 00 00 50 00 00 00 50 00 00 00 50 00 00 00 50 00 00 00 50 00 00 00 50 00 00 00 28 00 00 00 50 00 00 00 23 00 00 00 23 00 00 00 23 00 00 00 23 00 00 00 50 00 00 00 50 00 00 00 50 00 00 00 32 00 00 00 32 00 00 00 32 00 00 00 78 00 00 00 78 00 00 00 50 00 00 00 3C 00 00 00 50 00 00 00 50 00 00 00 78 00 00 00 32 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 02 00 00 00 03 00
96. 00 00 04 00 00 00 05 00 00 00 06 00 00 00 07 00 00 00 08 00 00 00 09 00 00 00 0A 00 00 00 0B 00 00 00 0C 00 00 00 0D 00 00 00 0E 00 00 00 0F 00 00 00 10 00 00 00 11 00 00 00 12 00 00 00 13 00 00 00 14 00 00 00 15 00 00 00 16 00 00 00 17 00 00 00 18 00 00 00 19 00 00 00 1A 00 00 00 1B 00 00 00 1C 00 00 00 1D 00 00 00 1E 00 00 00 1F 00 00 00 20 00 00 00 21 00 00 00 22 00 00 00 23 00 00 00 24 00 00 00 25 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1F 00 00 00 00 00 00 00 64 00 00 00 32 00 00 00 78 00 00 00 50 00 00 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 02 00 00 0
97. 0 03 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
98.  
99. ----------------------------------
100. Valores añadidos:71
101. ----------------------------------
102. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\VolatileNotifications\41C64E6DA3DC7855: 01 00 04 80 00 00 00 00 00 00 00 00 00 00 00 00 14 00 00 00 02 00 1C 00 01 00 00 00 00 00 14 00 03 00 00 00 01 01 00 00 00 00 00 05 0B 00 00 00 04 00 00 00
103. HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Havij_RASAPI32\EnableFileTracing: 0x00000000
104. HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Havij_RASAPI32\EnableAutoFileTracing: 0x00000000
105. HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Havij_RASAPI32\EnableConsoleTracing: 0x00000000
106. HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Havij_RASAPI32\FileTracingMask: 0xFFFF0000
107. HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Havij_RASAPI32\ConsoleTracingMask: 0xFFFF0000
108. HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Havij_RASAPI32\MaxFileSize: 0x00100000
109. HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Havij_RASAPI32\FileDirectory: "%windir%\tracing"
110. HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Havij_RASMANCS\EnableFileTracing: 0x00000000
111. HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Havij_RASMANCS\EnableAutoFileTracing: 0x00000000
112. HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Havij_RASMANCS\EnableConsoleTracing: 0x00000000
113. HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Havij_RASMANCS\FileTracingMask: 0xFFFF0000
114. HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Havij_RASMANCS\ConsoleTracingMask: 0xFFFF0000
115. HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Havij_RASMANCS\MaxFileSize: 0x00100000
116. HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Havij_RASMANCS\FileDirectory: "%windir%\tracing"
117. HKU\.DEFAULT\Software\Classes\Local Settings\MuiCache\150\63C768CF\@C:\Windows\System32\ieframe.dll,-10046: "Acceso directo a Internet"
118. HKU\.DEFAULT\Software\Classes\Local Settings\MuiCache\150\63C768CF\@C:\WINDOWS\System32\hhctrl.ocx,-452: "Archivo de Ayuda de HTML compilado"
119. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\CIDSizeMRU\10: 52 00 65 00 67 00 73 00 68 00 6F 00 74 00 2D 00 78 00 36 00 34 00 2D 00 41 00 4E 00 53 00 49 00 2E 00 65 00 78 00 65 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
120. 0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 16 02 00 00 D6 00 00 00 3F 03 00 00 01 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 19 02 00 00 D6 00 00 00 C4 04 00 00 B6 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00
121. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedPidlMRU\8: 52 00 65 00 67 00 73 00 68 00 6F 00 74 00 2D 00 78 00 36 00 34 00 2D 00 41 00 4E 00 53 00 49 00 2E 00 65 00 78 00 65 00 00 00 14 00 1F 50 E0 4F D0 20 EA 3A 69 10 A2 D8 08 00 2B 30 30 9D 14 00 2E 80 3A CC BF B4 2C DB 4C 42 B0 29 7F E9 9A 87 C6 41 00 00
122. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSavePidlMRU\rar\9: 14 00 1F 50 E0 4F D0 20 EA 3A 69 10 A2 D8 08 00 2B 30 30 9D 14 00 2E 80 3A CC BF B4 2C DB 4C 42 B0 29 7F E9 9A 87 C6 41 92 00 32 00 00 00 00 00 00 00 00 00 80 00 48 61 76 69 6A 20 50 72 6F 20 31 2E 31 37 20 50 72 6F 20 46 75 6C 6C 2E 72 61 72 00 68 00 09 00 04 00 EF BE 00 00 00 00 00 00 00 00 2E 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 48 00 61 00 76 00 69 00 6A 00 20 00 50 00 72 00 6F 00 20 00 31 00 2E 00 31 00 37 00 20 00 50 00 72 00 6F 00 20 00 46 00 75 00 6C 00 6C 00 2E 00 72 00 61 00 72 00 00 00 2A 00 00 00
123. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSavePidlMRU\hiv\0: 14 00 1F 50 E0 4F D0 20 EA 3A 69 10 A2 D8 08 00 2B 30 30 9D 14 00 2E 80 3A CC BF B4 2C DB 4C 42 B0 29 7F E9 9A 87 C6 41 5C 00 32 00 00 00 00 00 00 00 00 00 80 00 61 6E 74 65 73 2E 68 69 76 00 44 00 09 00 04 00 EF BE 00 00 00 00 00 00 00 00 2E 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 61 00 6E 00 74 00 65 00 73 00 2E 00 68 00 69 00 76 00 00 00 18 00 00 00
124. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSavePidlMRU\hiv\MRUListEx: 00 00 00 00 FF FF FF FF
125. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs\112: 61 00 6E 00 74 00 65 00 73 00 2E 00 68 00 69 00 76 00 00 00 68 00 32 00 00 00 00 00 00 00 00 00 00 00 61 6E 74 65 73 2E 68 69 76 2E 6C 6E 6B 00 4C 00 09 00 04 00 EF BE 00 00 00 00 00 00 00 00 2E 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 61 00 6E 00 74 00 65 00 73 00 2E 00 68 00 69 00 76 00 2E 00 6C 00 6E 00 6B 00 00 00 1C 00 00 00
126. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs\.hiv\0: 61 00 6E 00 74 00 65 00 73 00 2E 00 68 00 69 00 76 00 00 00 68 00 32 00 00 00 00 00 00 00 00 00 00 00 61 6E 74 65 73 2E 68 69 76 2E 6C 6E 6B 00 4C 00 09 00 04 00 EF BE 00 00 00 00 00 00 00 00 2E 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 61 00 6E 00 74 00 65 00 73 00 2E 00 68 00 69 00 76 00 2E 00 6C 00 6E 00 6B 00 00 00 1C 00 00 00
127. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs\.hiv\MRUListEx: 00 00 00 00 FF FF FF FF
128. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\P:\Hfref\naqel\Qrfxgbc\UNPXVAT\Univw Ceb 1.17 Ceb Shyy\Univw.rkr: 00 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF FF FF FF FF 20 1B 90 4B 0A FD D0 01 00 00 00 00
129. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:000000000015091A\VirtualDesktop: 10 00 00 00 30 30 44 56 54 72 78 2A 0D 94 5A 48 A4 AE 65 BD FA CA 60 33
130. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:0000000000210784\VirtualDesktop: 10 00 00 00 30 30 44 56 54 72 78 2A 0D 94 5A 48 A4 AE 65 BD FA CA 60 33
131. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\WRT:windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel+1\ShowInSwitchers: 04 00 00 00 30 30 53 53 01 00 00 00
132. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\WRT:windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel+1\VirtualDesktop: 10 00 00 00 30 30 44 56 54 72 78 2A 0D 94 5A 48 A4 AE 65 BD FA CA 60 33
133. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ImmersiveShell\PersistedApplicationData\Volatile\windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel: 0x00000001
134. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Notifications\Current\Windows.SystemToast.SecurityAndMaintenance\367\ImageFileUri: "file://C:\Users\andry\AppData\Local\Microsoft\Windows\ActionCenterCache\{9924CD3F-3B3C-4E53-A856-CFBF4BB000C4}.png"
135. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Notifications\Current\Windows.SystemToast.SecurityAndMaintenance\368\ImageFileUri: "file://C:\Users\andry\AppData\Local\Microsoft\Windows\ActionCenterCache\{4E718BFE-B75F-4086-8B6C-B9B791E115F8}.png"
136. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store\C:\Users\andry\Desktop\HACKING\Havij Pro 1.17 Pro Full\Havij.exe: 53 41 43 50 01 00 00 00 00 00 00 00 07 00 00 00 28 00 00 00 00 E8 0B 00 00 00 00 00 01 00 00 00 00 00 00 00 00 00 00 0A F1 22 00 00 6A 92 0C E5 B7 BA D0 01 00 00 00 00 00 00 00 00 05 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 01 06 00 00 00 00 02 00 00 00 50 00 00 00 00 00 01 06 00 00 00 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 37 45 00 00 00 00 00 00 01 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 AD CB 00 00 00 00 00 00 01 00 00 00 00 00 00 00
137. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers\C:\Users\andry\Desktop\HACKING\Havij Pro 1.17 Pro Full\Havij.exe: "~ WIN7RTM"
138. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Classes\Local Settings\MuiCache\150\63C768CF\@C:\WINDOWS\system32\actioncentercpl.dll,-1: "Seguridad y mantenimiento"
139. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Classes\Local Settings\MuiCache\150\63C768CF\@C:\WINDOWS\System32\hhctrl.ocx,-452: "Archivo de Ayuda de HTML compilado"
140. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Classes\Local Settings\MuiCache\150\63C768CF\@C:\Windows\System32\ieframe.dll,-10046: "Acceso directo a Internet"
141. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\110\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Rev: 0x00000000
142. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\110\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags: 0x41200011
143. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\110\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Vid: "{137E7700-3573-11CF-AE69-08002B2E1262}"
144. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\110\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode: 0x00000004
145. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\110\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\LogicalViewMode: 0x00000001
146. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\110\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize: 0x00000010
147. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\110\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 30 F1 25 B7 EF 47 1A 10 A5 F1 02 60 8C 9E EB AC 0A 00 00 00 01 00 00 00
148. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\110\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 FD DF DF FD 10 00 00 00 00 00 00 00 00 00 00 00 04 00 00 00 18 00 00 00 30 F1 25 B7 EF 47 1A 10 A5 F1 02 60 8C 9E EB AC 0A 00 00 00 10 01 00 00 30 F1 25 B7 EF 47 1A 10 A5 F1 02 60 8C 9E EB AC 0E 00 00 00 78 00 00 00 30 F1 25 B7 EF 47 1A 10 A5 F1 02 60 8C 9E EB AC 04 00 00 00 78 00 00 00 30 F1 25 B7 EF 47 1A 10 A5 F1 02 60 8C 9E EB AC 0C 00 00 00 50 00 00 00
149. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\110\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView: 0x00000000
150. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\110\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID: "{00000000-0000-0000-0000-000000000000}"
151. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\110\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID: 0x00000000
152. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\110\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection: 0x00000001
153. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\C:\Users\andry\Desktop\HACKING\Havij Pro 1.17 Pro Full\Havij.exe.FriendlyAppName: "Advanced SQL Injection Tool"
154. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\C:\Users\andry\Desktop\HACKING\Havij Pro 1.17 Pro Full\Havij.exe.ApplicationCompany: "ITSecTeam"
155. HKU\S-1-5-21-2108185585-841486993-4023594248-1001_Classes\Local Settings\MuiCache\150\63C768CF\@C:\WINDOWS\system32\actioncentercpl.dll,-1: "Seguridad y mantenimiento"
156. HKU\S-1-5-21-2108185585-841486993-4023594248-1001_Classes\Local Settings\MuiCache\150\63C768CF\@C:\WINDOWS\System32\hhctrl.ocx,-452: "Archivo de Ayuda de HTML compilado"
157. HKU\S-1-5-21-2108185585-841486993-4023594248-1001_Classes\Local Settings\MuiCache\150\63C768CF\@C:\Windows\System32\ieframe.dll,-10046: "Acceso directo a Internet"
158. HKU\S-1-5-21-2108185585-841486993-4023594248-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\110\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Rev: 0x00000000
159. HKU\S-1-5-21-2108185585-841486993-4023594248-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\110\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags: 0x41200011
160. HKU\S-1-5-21-2108185585-841486993-4023594248-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\110\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Vid: "{137E7700-3573-11CF-AE69-08002B2E1262}"
161. HKU\S-1-5-21-2108185585-841486993-4023594248-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\110\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode: 0x00000004
162. HKU\S-1-5-21-2108185585-841486993-4023594248-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\110\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\LogicalViewMode: 0x00000001
163. HKU\S-1-5-21-2108185585-841486993-4023594248-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\110\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize: 0x00000010
164. HKU\S-1-5-21-2108185585-841486993-4023594248-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\110\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 30 F1 25 B7 EF 47 1A 10 A5 F1 02 60 8C 9E EB AC 0A 00 00 00 01 00 00 00
165. HKU\S-1-5-21-2108185585-841486993-4023594248-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\110\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 FD DF DF FD 10 00 00 00 00 00 00 00 00 00 00 00 04 00 00 00 18 00 00 00 30 F1 25 B7 EF 47 1A 10 A5 F1 02 60 8C 9E EB AC 0A 00 00 00 10 01 00 00 30 F1 25 B7 EF 47 1A 10 A5 F1 02 60 8C 9E EB AC 0E 00 00 00 78 00 00 00 30 F1 25 B7 EF 47 1A 10 A5 F1 02 60 8C 9E EB AC 04 00 00 00 78 00 00 00 30 F1 25 B7 EF 47 1A 10 A5 F1 02 60 8C 9E EB AC 0C 00 00 00 50 00 00 00
166. HKU\S-1-5-21-2108185585-841486993-4023594248-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\110\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView: 0x00000000
167. HKU\S-1-5-21-2108185585-841486993-4023594248-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\110\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID: "{00000000-0000-0000-0000-000000000000}"
168. HKU\S-1-5-21-2108185585-841486993-4023594248-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\110\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID: 0x00000000
169. HKU\S-1-5-21-2108185585-841486993-4023594248-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\110\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection: 0x00000001
170. HKU\S-1-5-21-2108185585-841486993-4023594248-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\C:\Users\andry\Desktop\HACKING\Havij Pro 1.17 Pro Full\Havij.exe.FriendlyAppName: "Advanced SQL Injection Tool"
171. HKU\S-1-5-21-2108185585-841486993-4023594248-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\C:\Users\andry\Desktop\HACKING\Havij Pro 1.17 Pro Full\Havij.exe.ApplicationCompany: "ITSecTeam"
172. HKU\S-1-5-18\Software\Classes\Local Settings\MuiCache\150\63C768CF\@C:\Windows\System32\ieframe.dll,-10046: "Acceso directo a Internet"
173. HKU\S-1-5-18\Software\Classes\Local Settings\MuiCache\150\63C768CF\@C:\WINDOWS\System32\hhctrl.ocx,-452: "Archivo de Ayuda de HTML compilado"
174.  
175. ----------------------------------
176. Valores modificados:82
177. ----------------------------------
178. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\IdleTime: 0x02E6BFCD
179. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\IdleTime: 0x00000000
180. HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection\DisableRealtimeMonitoring: 0x00000000
181. HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection\DisableRealtimeMonitoring: 0x00000001
182. HKLM\SOFTWARE\Microsoft\Windows Defender\Reporting\LastRtpHeartbeatReportTime: E4 C2 E9 B2 7D FC D0 01
183. HKLM\SOFTWARE\Microsoft\Windows Defender\Reporting\LastRtpHeartbeatReportTime: 20 F8 30 19 0A FD D0 01
184. HKLM\SOFTWARE\Microsoft\Windows Defender\Reporting\LastRtpTurnedOffTime: 74 EA B9 E5 84 FC D0 01
185. HKLM\SOFTWARE\Microsoft\Windows Defender\Reporting\LastRtpTurnedOffTime: 0B FE 30 19 0A FD D0 01
186. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-2108185585-841486993-4023594248-1001\RefCount: 0x00000019
187. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-2108185585-841486993-4023594248-1001\RefCount: 0x0000001D
188. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{025BB62F-81DA-4AA8-851B-3D10DA045134}\DynamicInfo: 03 00 00 00 B3 6F 70 FC 11 CB D0 01 4D C2 FC A7 85 FC D0 01 00 00 00 00 00 00 00 00 9D A3 04 3B 89 FC D0 01
189. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{025BB62F-81DA-4AA8-851B-3D10DA045134}\DynamicInfo: 03 00 00 00 B3 6F 70 FC 11 CB D0 01 10 FD EC 57 0A FD D0 01 00 00 00 00 00 00 00 00 9D A3 04 3B 89 FC D0 01
190. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A6822E51-D1A7-43C5-B003-439BDBA5A184}\DynamicInfo: 03 00 00 00 C4 37 F2 8E 2F FC D0 01 86 82 FE C2 01 FD D0 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
191. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A6822E51-D1A7-43C5-B003-439BDBA5A184}\DynamicInfo: 03 00 00 00 C4 37 F2 8E 2F FC D0 01 3E 66 A4 24 0A FD D0 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
192. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F8D615B2-5E9B-46F0-B8C6-CCF55821DFC0}\DynamicInfo: 03 00 00 00 ED 52 8C 22 12 CB D0 01 2B BF 43 D4 09 FD D0 01 00 00 00 00 01 00 00 00 B3 9D BC D4 09 FD D0 01
193. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F8D615B2-5E9B-46F0-B8C6-CCF55821DFC0}\DynamicInfo: 03 00 00 00 ED 52 8C 22 12 CB D0 01 DF 30 E1 18 0A FD D0 01 00 00 00 00 01 00 00 00 AB 6D 5F 19 0A FD D0 01
194. HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\NewClientID: 0x000000DF
195. HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\NewClientID: 0x000000E0
196. HKLM\SOFTWARE\Wow6432Node\Google\Update\LastStartedAU: 0x560E6428
197. HKLM\SOFTWARE\Wow6432Node\Google\Update\LastStartedAU: 0x560E7238
198. HKLM\SOFTWARE\Wow6432Node\Google\Update\LastChecked: 0x560E2C19
199. HKLM\SOFTWARE\Wow6432Node\Google\Update\LastChecked: 0x560E725C
200. HKLM\SOFTWARE\Wow6432Node\Google\Update\ClientState\{430FD4D0-B729-4F61-AA34-91526481799D}\LastCheckSuccess: 0x560E2C19
201. HKLM\SOFTWARE\Wow6432Node\Google\Update\ClientState\{430FD4D0-B729-4F61-AA34-91526481799D}\LastCheckSuccess: 0x560E725C
202. HKLM\SOFTWARE\Wow6432Node\Google\Update\ClientState\{4DC8B4CA-1BDA-483e-B5FA-D3C12E15B62D}\ActivePingDayStartSec: 0x560CD9EF
203. HKLM\SOFTWARE\Wow6432Node\Google\Update\ClientState\{4DC8B4CA-1BDA-483e-B5FA-D3C12E15B62D}\ActivePingDayStartSec: 0x560E2B6F
204. HKLM\SOFTWARE\Wow6432Node\Google\Update\ClientState\{4DC8B4CA-1BDA-483e-B5FA-D3C12E15B62D}\DayOfLastActivity: 0x00000C7B
205. HKLM\SOFTWARE\Wow6432Node\Google\Update\ClientState\{4DC8B4CA-1BDA-483e-B5FA-D3C12E15B62D}\DayOfLastActivity: 0x00000C7C
206. HKLM\SOFTWARE\Wow6432Node\Google\Update\ClientState\{4DC8B4CA-1BDA-483e-B5FA-D3C12E15B62D}\LastCheckSuccess: 0x560E2C19
207. HKLM\SOFTWARE\Wow6432Node\Google\Update\ClientState\{4DC8B4CA-1BDA-483e-B5FA-D3C12E15B62D}\LastCheckSuccess: 0x560E725C
208. HKLM\SOFTWARE\Wow6432Node\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\DayOfLastActivity: 0x00000C7B
209. HKLM\SOFTWARE\Wow6432Node\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\DayOfLastActivity: 0x00000C7C
210. HKLM\SOFTWARE\Wow6432Node\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastCheckSuccess: 0x560E2C19
211. HKLM\SOFTWARE\Wow6432Node\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastCheckSuccess: 0x560E725C
212. HKLM\SOFTWARE\Wow6432Node\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\ActivePingDayStartSec: 0x560CD9EF
213. HKLM\SOFTWARE\Wow6432Node\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\ActivePingDayStartSec: 0x560E2B6F
214. HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-2108185585-841486993-4023594248-1001\RefCount: 0x00000019
215. HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-2108185585-841486993-4023594248-1001\RefCount: 0x0000001D
216. HKLM\SYSTEM\ControlSet001\Control\Nsi\{eb004a1c-9b1a-11d4-9123-0050047759bc}\5\c06daa6568e31b4086bb78f64f2fdcb4: 00 00 00 00 FF FF FF FF
217. HKLM\SYSTEM\ControlSet001\Control\Nsi\{eb004a1c-9b1a-11d4-9123-0050047759bc}\5\c06daa6568e31b4086bb78f64f2fdcb4: 01 00 00 00 FF FF FF FF
218. HKLM\SYSTEM\ControlSet001\Control\Session Manager\PendingFileRenameOperations: 5C 3F 3F 5C 43 3A 5C 55 73 65 72 73 5C 61 6E 64 72 79 5C 41 70 70 44 61 74 61 5C 4C 6F 63 61 6C 5C 54 65 6D 70 5C 50 43 57 43 45 43 42 2E 78 6D 6C 00 00 5C 3F 3F 5C 43 3A 5C 55 73 65 72 73 5C 61 6E 64 72 79 5C 41 70 70 44 61 74 61 5C 4C 6F 63 61 6C 5C 54 65 6D 70 5C 50 43 57 43 45 43 42 2E 74 6D 70 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 34 66 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 35 30 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 35 31 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 35 32 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 35 34 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 35 35 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 35 37 2E
219. 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 35 38 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 35 61 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 35 62 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 35 63 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 35 64 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 35 65 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 36 33 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 36 34 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 36 35 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 36 36 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 37 65 2E 72 62 66
220. 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 61 62 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 61 63 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 55 73 65 72 73 5C 61 6E 64 72 79 5C 41 70 70 44 61 74 61 5C 4C 6F 63 61 6C 5C 54 65 6D 70 5C 56 4D 57 46 39 31 46 2E 74 6D 70 00 00 5C 3F 3F 5C 43 3A 5C 55 73 65 72 73 5C 61 6E 64 72 79 5C 41 70 70 44 61 74 61 5C 4C 6F 63 61 6C 5C 54 65 6D 70 5C 5F 69 75 31 34 44 32 4E 2E 74 6D 70 00 00 5C 3F 3F 5C 43 3A 5C 55 73 65 72 73 5C 61 6E 64 72 79 5C 41 70 70 44 61 74 61 5C 4C 6F 63 61 6C 5C 54 65 6D 70 5C 47 4C 42 31 41 32 42 2E 45 58 45 00 00 5C 3F 3F 5C 43 3A 5C 55 73 65 72 73 5C 61 6E 64 72 79 5C 41 70 70 44 61 74 61 5C 4C 6F 63 61 6C 5C 54 65 6D 70 5C 48 59 44 38 39 37 46 2E 74 6D 70 2E 31 34 34 33 37 33 35 34 35 33 5C 48 54 41 5C 33 72 64 70 61 72 74 79 5C 4F 43 53 65 74 75 70 48 6C 70 2E 64 6C 6C 00 00 5C 3F 3F 5C 43 3A 5C 55 73 65 72 73 5C 61 6E 64 72 79 5C 41 70 70 44 61 74 61 5C 4
221. C 6F 63 61 6C 5C 54 65 6D 70 5C 48 59 44 38 39 37 46 2E 74 6D 70 2E 31 34 34 33 37 33 35 34 35 33 5C 48 54 41 5C 33 72 64 70 61 72 74 79 00 00 00
222. HKLM\SYSTEM\ControlSet001\Control\Session Manager\PendingFileRenameOperations: 5C 3F 3F 5C 43 3A 5C 55 73 65 72 73 5C 61 6E 64 72 79 5C 41 70 70 44 61 74 61 5C 4C 6F 63 61 6C 5C 54 65 6D 70 5C 50 43 57 43 45 43 42 2E 78 6D 6C 00 00 5C 3F 3F 5C 43 3A 5C 55 73 65 72 73 5C 61 6E 64 72 79 5C 41 70 70 44 61 74 61 5C 4C 6F 63 61 6C 5C 54 65 6D 70 5C 50 43 57 43 45 43 42 2E 74 6D 70 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 34 66 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 35 30 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 35 31 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 35 32 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 35 34 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 35 35 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 35 37 2E
223. 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 35 38 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 35 61 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 35 62 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 35 63 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 35 64 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 35 65 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 36 33 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 36 34 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 36 35 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 36 36 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 37 65 2E 72 62 66
224. 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 61 62 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 61 63 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 55 73 65 72 73 5C 61 6E 64 72 79 5C 41 70 70 44 61 74 61 5C 4C 6F 63 61 6C 5C 54 65 6D 70 5C 56 4D 57 46 39 31 46 2E 74 6D 70 00 00 5C 3F 3F 5C 43 3A 5C 55 73 65 72 73 5C 61 6E 64 72 79 5C 41 70 70 44 61 74 61 5C 4C 6F 63 61 6C 5C 54 65 6D 70 5C 5F 69 75 31 34 44 32 4E 2E 74 6D 70 00 00 5C 3F 3F 5C 43 3A 5C 55 73 65 72 73 5C 61 6E 64 72 79 5C 41 70 70 44 61 74 61 5C 4C 6F 63 61 6C 5C 54 65 6D 70 5C 47 4C 42 31 41 32 42 2E 45 58 45 00 00 5C 3F 3F 5C 43 3A 5C 55 73 65 72 73 5C 61 6E 64 72 79 5C 41 70 70 44 61 74 61 5C 4C 6F 63 61 6C 5C 54 65 6D 70 5C 48 59 44 38 39 37 46 2E 74 6D 70 2E 31 34 34 33 37 33 35 34 35 33 5C 48 54 41 5C 33 72 64 70 61 72 74 79 5C 4F 43 53 65 74 75 70 48 6C 70 2E 64 6C 6C 00 00 5C 3F 3F 5C 43 3A 5C 55 73 65 72 73 5C 61 6E 64 72 79 5C 41 70 70 44 61 74 61 5C 4
225. C 6F 63 61 6C 5C 54 65 6D 70 5C 48 59 44 38 39 37 46 2E 74 6D 70 2E 31 34 34 33 37 33 35 34 35 33 5C 48 54 41 5C 33 72 64 70 61 72 74 79 00 00 5C 3F 3F 5C 43 3A 5C 55 73 65 72 73 5C 61 6E 64 72 79 5C 41 70 70 44 61 74 61 5C 4C 6F 63 61 6C 5C 54 65 6D 70 5C 50 43 57 34 43 42 33 2E 78 6D 6C 00 00 5C 3F 3F 5C 43 3A 5C 55 73 65 72 73 5C 61 6E 64 72 79 5C 41 70 70 44 61 74 61 5C 4C 6F 63 61 6C 5C 54 65 6D 70 5C 50 43 57 34 43 42 33 2E 74 6D 70 00 00 00
226. HKLM\SYSTEM\ControlSet001\Services\iphlpsvc\Teredo\PreviousState\e4-c1-46-e4-8f-90\AddressCreationTimestamp: 03 6F 1E 0C 03 00 00 00
227. HKLM\SYSTEM\ControlSet001\Services\iphlpsvc\Teredo\PreviousState\e4-c1-46-e4-8f-90\AddressCreationTimestamp: 21 03 1F 0C 03 00 00 00
228. HKLM\SYSTEM\ControlSet001\Services\SharedAccess\Epoch2\Epoch: 0x00000090
229. HKLM\SYSTEM\ControlSet001\Services\SharedAccess\Epoch2\Epoch: 0x00000091
230. HKLM\SYSTEM\ControlSet001\Services\WdNisDrv\Start: 0x00000002
231. HKLM\SYSTEM\ControlSet001\Services\WdNisDrv\Start: 0x00000003
232. HKLM\SYSTEM\CurrentControlSet\Control\Nsi\{eb004a1c-9b1a-11d4-9123-0050047759bc}\5\c06daa6568e31b4086bb78f64f2fdcb4: 00 00 00 00 FF FF FF FF
233. HKLM\SYSTEM\CurrentControlSet\Control\Nsi\{eb004a1c-9b1a-11d4-9123-0050047759bc}\5\c06daa6568e31b4086bb78f64f2fdcb4: 01 00 00 00 FF FF FF FF
234. HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\PendingFileRenameOperations: 5C 3F 3F 5C 43 3A 5C 55 73 65 72 73 5C 61 6E 64 72 79 5C 41 70 70 44 61 74 61 5C 4C 6F 63 61 6C 5C 54 65 6D 70 5C 50 43 57 43 45 43 42 2E 78 6D 6C 00 00 5C 3F 3F 5C 43 3A 5C 55 73 65 72 73 5C 61 6E 64 72 79 5C 41 70 70 44 61 74 61 5C 4C 6F 63 61 6C 5C 54 65 6D 70 5C 50 43 57 43 45 43 42 2E 74 6D 70 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 34 66 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 35 30 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 35 31 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 35 32 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 35 34 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 35 35 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 35 3
235. 7 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 35 38 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 35 61 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 35 62 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 35 63 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 35 64 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 35 65 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 36 33 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 36 34 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 36 35 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 36 36 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 37 65 2E 72 62
236. 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 61 62 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 61 63 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 55 73 65 72 73 5C 61 6E 64 72 79 5C 41 70 70 44 61 74 61 5C 4C 6F 63 61 6C 5C 54 65 6D 70 5C 56 4D 57 46 39 31 46 2E 74 6D 70 00 00 5C 3F 3F 5C 43 3A 5C 55 73 65 72 73 5C 61 6E 64 72 79 5C 41 70 70 44 61 74 61 5C 4C 6F 63 61 6C 5C 54 65 6D 70 5C 5F 69 75 31 34 44 32 4E 2E 74 6D 70 00 00 5C 3F 3F 5C 43 3A 5C 55 73 65 72 73 5C 61 6E 64 72 79 5C 41 70 70 44 61 74 61 5C 4C 6F 63 61 6C 5C 54 65 6D 70 5C 47 4C 42 31 41 32 42 2E 45 58 45 00 00 5C 3F 3F 5C 43 3A 5C 55 73 65 72 73 5C 61 6E 64 72 79 5C 41 70 70 44 61 74 61 5C 4C 6F 63 61 6C 5C 54 65 6D 70 5C 48 59 44 38 39 37 46 2E 74 6D 70 2E 31 34 34 33 37 33 35 34 35 33 5C 48 54 41 5C 33 72 64 70 61 72 74 79 5C 4F 43 53 65 74 75 70 48 6C 70 2E 64 6C 6C 00 00 5C 3F 3F 5C 43 3A 5C 55 73 65 72 73 5C 61 6E 64 72 79 5C 41 70 70 44 61 74 61
237. 5C 4C 6F 63 61 6C 5C 54 65 6D 70 5C 48 59 44 38 39 37 46 2E 74 6D 70 2E 31 34 34 33 37 33 35 34 35 33 5C 48 54 41 5C 33 72 64 70 61 72 74 79 00 00 00
238. HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\PendingFileRenameOperations: 5C 3F 3F 5C 43 3A 5C 55 73 65 72 73 5C 61 6E 64 72 79 5C 41 70 70 44 61 74 61 5C 4C 6F 63 61 6C 5C 54 65 6D 70 5C 50 43 57 43 45 43 42 2E 78 6D 6C 00 00 5C 3F 3F 5C 43 3A 5C 55 73 65 72 73 5C 61 6E 64 72 79 5C 41 70 70 44 61 74 61 5C 4C 6F 63 61 6C 5C 54 65 6D 70 5C 50 43 57 43 45 43 42 2E 74 6D 70 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 34 66 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 35 30 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 35 31 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 35 32 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 35 34 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 35 35 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 35 3
239. 7 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 35 38 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 35 61 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 35 62 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 35 63 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 35 64 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 35 65 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 36 33 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 36 34 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 36 35 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 36 36 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 37 65 2E 72 62
240. 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 61 62 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 43 6F 6E 66 69 67 2E 4D 73 69 5C 39 32 31 65 61 63 2E 72 62 66 00 00 5C 3F 3F 5C 43 3A 5C 55 73 65 72 73 5C 61 6E 64 72 79 5C 41 70 70 44 61 74 61 5C 4C 6F 63 61 6C 5C 54 65 6D 70 5C 56 4D 57 46 39 31 46 2E 74 6D 70 00 00 5C 3F 3F 5C 43 3A 5C 55 73 65 72 73 5C 61 6E 64 72 79 5C 41 70 70 44 61 74 61 5C 4C 6F 63 61 6C 5C 54 65 6D 70 5C 5F 69 75 31 34 44 32 4E 2E 74 6D 70 00 00 5C 3F 3F 5C 43 3A 5C 55 73 65 72 73 5C 61 6E 64 72 79 5C 41 70 70 44 61 74 61 5C 4C 6F 63 61 6C 5C 54 65 6D 70 5C 47 4C 42 31 41 32 42 2E 45 58 45 00 00 5C 3F 3F 5C 43 3A 5C 55 73 65 72 73 5C 61 6E 64 72 79 5C 41 70 70 44 61 74 61 5C 4C 6F 63 61 6C 5C 54 65 6D 70 5C 48 59 44 38 39 37 46 2E 74 6D 70 2E 31 34 34 33 37 33 35 34 35 33 5C 48 54 41 5C 33 72 64 70 61 72 74 79 5C 4F 43 53 65 74 75 70 48 6C 70 2E 64 6C 6C 00 00 5C 3F 3F 5C 43 3A 5C 55 73 65 72 73 5C 61 6E 64 72 79 5C 41 70 70 44 61 74 61
241. 5C 4C 6F 63 61 6C 5C 54 65 6D 70 5C 48 59 44 38 39 37 46 2E 74 6D 70 2E 31 34 34 33 37 33 35 34 35 33 5C 48 54 41 5C 33 72 64 70 61 72 74 79 00 00 5C 3F 3F 5C 43 3A 5C 55 73 65 72 73 5C 61 6E 64 72 79 5C 41 70 70 44 61 74 61 5C 4C 6F 63 61 6C 5C 54 65 6D 70 5C 50 43 57 34 43 42 33 2E 78 6D 6C 00 00 5C 3F 3F 5C 43 3A 5C 55 73 65 72 73 5C 61 6E 64 72 79 5C 41 70 70 44 61 74 61 5C 4C 6F 63 61 6C 5C 54 65 6D 70 5C 50 43 57 34 43 42 33 2E 74 6D 70 00 00 00
242. HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Teredo\PreviousState\e4-c1-46-e4-8f-90\AddressCreationTimestamp: 03 6F 1E 0C 03 00 00 00
243. HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Teredo\PreviousState\e4-c1-46-e4-8f-90\AddressCreationTimestamp: 21 03 1F 0C 03 00 00 00
244. HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch2\Epoch: 0x00000090
245. HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch2\Epoch: 0x00000091
246. HKLM\SYSTEM\CurrentControlSet\Services\WdNisDrv\Start: 0x00000002
247. HKLM\SYSTEM\CurrentControlSet\Services\WdNisDrv\Start: 0x00000003
248. HKU\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast: AA 3E 99 C4 2D FC D0 01
249. HKU\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast: E7 CD EE 18 0A FD D0 01
250. HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\e4-c1-46-e4-8f-90\WpadDecisionTime: 80 CA 8E E1 09 FD D0 01
251. HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\e4-c1-46-e4-8f-90\WpadDecisionTime: C9 8E 11 08 0A FD D0 01
252. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Google\Update\ClientState\{4DC8B4CA-1BDA-483e-B5FA-D3C12E15B62D}\dr: "1"
253. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Google\Update\ClientState\{4DC8B4CA-1BDA-483e-B5FA-D3C12E15B62D}\dr: "0"
254. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}\dr: "1"
255. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}\dr: "0"
256. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\CIDSizeMRU\MRUListEx: 01 00 00 00 09 00 00 00 08 00 00 00 07 00 00 00 06 00 00 00 05 00 00 00 00 00 00 00 04 00 00 00 03 00 00 00 02 00 00 00 FF FF FF FF
257. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\CIDSizeMRU\MRUListEx: 01 00 00 00 0A 00 00 00 09 00 00 00 08 00 00 00 07 00 00 00 06 00 00 00 05 00 00 00 00 00 00 00 04 00 00 00 03 00 00 00 02 00 00 00 FF FF FF FF
258. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedPidlMRU\MRUListEx: 00 00 00 00 07 00 00 00 06 00 00 00 05 00 00 00 04 00 00 00 01 00 00 00 03 00 00 00 02 00 00 00 FF FF FF FF
259. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedPidlMRU\MRUListEx: 00 00 00 00 08 00 00 00 07 00 00 00 06 00 00 00 05 00 00 00 04 00 00 00 01 00 00 00 03 00 00 00 02 00 00 00 FF FF FF FF
260. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSavePidlMRU\*\MRUListEx: 04 00 00 00 05 00 00 00 03 00 00 00 02 00 00 00 00 00 00 00 01 00 00 00 13 00 00 00 12 00 00 00 11 00 00 00 10 00 00 00 0F 00 00 00 0E 00 00 00 0D 00 00 00 0C 00 00 00 0B 00 00 00 0A 00 00 00 09 00 00 00 08 00 00 00 07 00 00 00 06 00 00 00 FF FF FF FF
261. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSavePidlMRU\*\MRUListEx: 07 00 00 00 06 00 00 00 04 00 00 00 05 00 00 00 03 00 00 00 02 00 00 00 00 00 00 00 01 00 00 00 13 00 00 00 12 00 00 00 11 00 00 00 10 00 00 00 0F 00 00 00 0E 00 00 00 0D 00 00 00 0C 00 00 00 0B 00 00 00 0A 00 00 00 09 00 00 00 08 00 00 00 FF FF FF FF
262. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSavePidlMRU\*\6: 14 00 1F 50 E0 4F D0 20 EA 3A 69 10 A2 D8 08 00 2B 30 30 9D 14 00 2E 80 3A CC BF B4 2C DB 4C 42 B0 29 7F E9 9A 87 C6 41 56 00 31 00 00 00 00 00 41 47 86 99 10 00 48 41 43 4B 49 4E 47 00 40 00 09 00 04 00 EF BE 41 47 B7 98 41 47 86 99 2E 00 00 00 E2 7A 02 00 00 00 0D 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 D5 96 70 00 48 00 41 00 43 00 4B 00 49 00 4E 00 47 00 00 00 16 00 92 00 32 00 00 00 00 00 00 00 00 00 80 00 48 61 76 69 6A 20 50 72 6F 20 31 2E 31 37 20 50 72 6F 20 46 75 6C 6C 2E 72 61 72 00 68 00 09 00 04 00 EF BE 00 00 00 00 00 00 00 00 2E 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 48 00 61 00 76 00 69 00 6A 00 20 00 50 00 72 00 6F 00 20 00 31 00 2E 00 31 00 37 00 20 00 50 00 72 00 6F 00 20 00 46 00 75 00 6C 00 6C 00 2E 00 72 00 61 00 72 00 00 00 2A 00 00 00
263. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSavePidlMRU\*\6: 14 00 1F 50 E0 4F D0 20 EA 3A 69 10 A2 D8 08 00 2B 30 30 9D 14 00 2E 80 3A CC BF B4 2C DB 4C 42 B0 29 7F E9 9A 87 C6 41 5C 00 32 00 00 00 00 00 00 00 00 00 80 00 61 6E 74 65 73 2E 68 69 76 00 44 00 09 00 04 00 EF BE 00 00 00 00 00 00 00 00 2E 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 61 00 6E 00 74 00 65 00 73 00 2E 00 68 00 69 00 76 00 00 00 18 00 00 00
264. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSavePidlMRU\*\7: 14 00 1F 50 E0 4F D0 20 EA 3A 69 10 A2 D8 08 00 2B 30 30 9D 14 00 2E 80 3A CC BF B4 2C DB 4C 42 B0 29 7F E9 9A 87 C6 41 56 00 31 00 00 00 00 00 41 47 84 9A 10 00 48 41 43 4B 49 4E 47 00 40 00 09 00 04 00 EF BE 41 47 B7 98 41 47 84 9A 2E 00 00 00 E2 7A 02 00 00 00 0D 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 46 52 54 00 48 00 41 00 43 00 4B 00 49 00 4E 00 47 00 00 00 16 00 7A 00 32 00 00 00 00 00 00 00 00 00 80 00 48 61 76 69 6A 20 31 2E 31 35 20 46 72 65 65 2E 72 61 72 00 58 00 09 00 04 00 EF BE 00 00 00 00 00 00 00 00 2E 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 48 00 61 00 76 00 69 00 6A 00 20 00 31 00 2E 00 31 00 35 00 20 00 46 00 72 00 65 00 65 00 2E 00 72 00 61 00 72 00 00 00 22 00 00 00
265. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSavePidlMRU\*\7: 14 00 1F 50 E0 4F D0 20 EA 3A 69 10 A2 D8 08 00 2B 30 30 9D 14 00 2E 80 3A CC BF B4 2C DB 4C 42 B0 29 7F E9 9A 87 C6 41 92 00 32 00 00 00 00 00 00 00 00 00 80 00 48 61 76 69 6A 20 50 72 6F 20 31 2E 31 37 20 50 72 6F 20 46 75 6C 6C 2E 72 61 72 00 68 00 09 00 04 00 EF BE 00 00 00 00 00 00 00 00 2E 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 48 00 61 00 76 00 69 00 6A 00 20 00 50 00 72 00 6F 00 20 00 31 00 2E 00 31 00 37 00 20 00 50 00 72 00 6F 00 20 00 46 00 75 00 6C 00 6C 00 2E 00 72 00 61 00 72 00 00 00 2A 00 00 00
266. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSavePidlMRU\rar\MRUListEx: 08 00 00 00 07 00 00 00 06 00 00 00 05 00 00 00 04 00 00 00 03 00 00 00 02 00 00 00 01 00 00 00 00 00 00 00 FF FF FF FF
267. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSavePidlMRU\rar\MRUListEx: 09 00 00 00 08 00 00 00 07 00 00 00 06 00 00 00 05 00 00 00 04 00 00 00 03 00 00 00 02 00 00 00 01 00 00 00 00 00 00 00 FF FF FF FF
268. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs\MRUListEx: 6F 00 00 00 6E 00 00 00 00 00 00 00 6D 00 00 00 6C 00 00 00 6B 00 00 00 4F 00 00 00 6A 00 00 00 69 00 00 00 66 00 00 00 4E 00 00 00 4D 00 00 00 68 00 00 00 67 00 00 00 05 00 00 00 45 00 00 00 64 00 00 00 65 00 00 00 63 00 00 00 62 00 00 00 61 00 00 00 0C 00 00 00 60 00 00 00 5F 00 00 00 5C 00 00 00 5E 00 00 00 5D 00 00 00 5B 00 00 00 5A 00 00 00 59 00 00 00 58 00 00 00 57 00 00 00 56 00 00 00 55 00 00 00 54 00 00 00 53 00 00 00 52 00 00 00 51 00 00 00 1C 00 00 00 50 00 00 00 4C 00 00 00 04 00 00 00 47 00 00 00 01 00 00 00 4B 00 00 00 4A 00 00 00 49 00 00 00 48 00 00 00 46 00 00 00 43 00 00 00 44 00 00 00 2C 00 00 00 42 00 00 00 41 00 00 00 40 00 00 00 3F 00 00 00 3E 00 00 00 36 00 00 00 3D 00 00 00 3C 00 00 00 3B 00 00 00 3A 00 00 00 39 00 00 00 38 00 00 00 37 00 00 00 35 00 00 00 34 00 00 00 33 00 00 00 32 00 00 00 30 00 00 00 31 00 00 00 2F 00 00 00 2E 00 00 00
269. 2D 00 00 00 2B 00 00 00 1D 00 00 00 2A 00 00 00 29 00 00 00 28 00 00 00 27 00 00 00 26 00 00 00 25 00 00 00 24 00 00 00 23 00 00 00 22 00 00 00 21 00 00 00 20 00 00 00 12 00 00 00 1F 00 00 00 1E 00 00 00 1B 00 00 00 1A 00 00 00 19 00 00 00 17 00 00 00 18 00 00 00 16 00 00 00 15 00 00 00 14 00 00 00 13 00 00 00 11 00 00 00 10 00 00 00 0F 00 00 00 0E 00 00 00 0D 00 00 00 0B 00 00 00 0A 00 00 00 09 00 00 00 08 00 00 00 07 00 00 00 06 00 00 00 03 00 00 00 02 00 00 00 FF FF FF FF
270. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs\MRUListEx: 5F 00 00 00 53 00 00 00 70 00 00 00 6F 00 00 00 6E 00 00 00 00 00 00 00 6D 00 00 00 6C 00 00 00 6B 00 00 00 4F 00 00 00 6A 00 00 00 69 00 00 00 66 00 00 00 4E 00 00 00 4D 00 00 00 68 00 00 00 67 00 00 00 05 00 00 00 45 00 00 00 64 00 00 00 65 00 00 00 63 00 00 00 62 00 00 00 61 00 00 00 0C 00 00 00 60 00 00 00 5C 00 00 00 5E 00 00 00 5D 00 00 00 5B 00 00 00 5A 00 00 00 59 00 00 00 58 00 00 00 57 00 00 00 56 00 00 00 55 00 00 00 54 00 00 00 52 00 00 00 51 00 00 00 1C 00 00 00 50 00 00 00 4C 00 00 00 04 00 00 00 47 00 00 00 01 00 00 00 4B 00 00 00 4A 00 00 00 49 00 00 00 48 00 00 00 46 00 00 00 43 00 00 00 44 00 00 00 2C 00 00 00 42 00 00 00 41 00 00 00 40 00 00 00 3F 00 00 00 3E 00 00 00 36 00 00 00 3D 00 00 00 3C 00 00 00 3B 00 00 00 3A 00 00 00 39 00 00 00 38 00 00 00 37 00 00 00 35 00 00 00 34 00 00 00 33 00 00 00 32 00 00 00 30 00 00 00 31 00 00 00 2F 00 00 00
271. 2E 00 00 00 2D 00 00 00 2B 00 00 00 1D 00 00 00 2A 00 00 00 29 00 00 00 28 00 00 00 27 00 00 00 26 00 00 00 25 00 00 00 24 00 00 00 23 00 00 00 22 00 00 00 21 00 00 00 20 00 00 00 12 00 00 00 1F 00 00 00 1E 00 00 00 1B 00 00 00 1A 00 00 00 19 00 00 00 17 00 00 00 18 00 00 00 16 00 00 00 15 00 00 00 14 00 00 00 13 00 00 00 11 00 00 00 10 00 00 00 0F 00 00 00 0E 00 00 00 0D 00 00 00 0B 00 00 00 0A 00 00 00 09 00 00 00 08 00 00 00 07 00 00 00 06 00 00 00 03 00 00 00 02 00 00 00 FF FF FF FF
272. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs\0: 49 00 53 00 4F 00 53 00 00 00 5A 00 32 00 00 00 00 00 00 00 00 00 00 00 49 53 4F 53 2E 6C 6E 6B 00 00 42 00 09 00 04 00 EF BE 00 00 00 00 00 00 00 00 2E 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 49 00 53 00 4F 00 53 00 2E 00 6C 00 6E 00 6B 00 00 00 18 00 00 00
273. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs\0: 48 00 41 00 43 00 4B 00 49 00 4E 00 47 00 00 00 6E 00 32 00 00 00 00 00 00 00 00 00 00 00 48 41 43 4B 49 4E 47 20 28 32 29 2E 6C 6E 6B 00 50 00 09 00 04 00 EF BE 00 00 00 00 00 00 00 00 2E 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 48 00 41 00 43 00 4B 00 49 00 4E 00 47 00 20 00 28 00 32 00 29 00 2E 00 6C 00 6E 00 6B 00 00 00 1E 00 00 00
274. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs\.rar\MRUListEx: 08 00 00 00 07 00 00 00 06 00 00 00 05 00 00 00 04 00 00 00 03 00 00 00 02 00 00 00 01 00 00 00 00 00 00 00 FF FF FF FF
275. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs\.rar\MRUListEx: 03 00 00 00 08 00 00 00 07 00 00 00 06 00 00 00 05 00 00 00 04 00 00 00 02 00 00 00 01 00 00 00 00 00 00 00 FF FF FF FF
276. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\HRZR_PGYFRFFVBA: 00 00 00 00 DC 00 00 00 D3 02 00 00 E7 3E 2D 02 0F 00 00 00 14 00 00 00 DB 37 06 00 4D 00 69 00 63 00 72 00 6F 00 73 00 6F 00 66 00 74 00 2E 00 53 00 6B 00 79 00 70 00 65 00 41 00 70 00 70 00 5F 00 6B 00 7A 00 66 00 38 00 71 00 78 00 66 00 33 00 38 00 7A 00 67 00 35 00 63 00 21 00 41 00 70 00 70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
277. 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0E 00 00 00 B8 00 00 00 07 09 B8 00 43 00 68 00 72 00 6F 00 6D 00 65 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
278. 0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
279. 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0E 00 00 00 B8 00 00 00 07 09 B8 00 43 00 68 00 72 00 6F 00 6D 00 65 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
280. 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
281. 0 00 00 00
282. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\HRZR_PGYFRFFVBA: 00 00 00 00 DF 00 00 00 DC 02 00 00 81 A6 2F 02 0F 00 00 00 14 00 00 00 DB 37 06 00 4D 00 69 00 63 00 72 00 6F 00 73 00 6F 00 66 00 74 00 2E 00 53 00 6B 00 79 00 70 00 65 00 41 00 70 00 70 00 5F 00 6B 00 7A 00 66 00 38 00 71 00 78 00 66 00 33 00 38 00 7A 00 67 00 35 00 63 00 21 00 41 00 70 00 70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
283. 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0E 00 00 00 BA 00 00 00 11 9C B8 00 43 00 68 00 72 00 6F 00 6D 00 65 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
284. 0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
285. 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0E 00 00 00 BA 00 00 00 11 9C B8 00 43 00 68 00 72 00 6F 00 6D 00 65 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
286. 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
287. 0 00 00 00
288. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\Zvpebfbsg.Jvaqbjf.Rkcybere: 00 00 00 00 00 00 00 00 69 00 00 00 78 41 12 00 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF FF FF FF FF 00 00 00 00 00 00 00 00 00 00 00 00
289. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\Zvpebfbsg.Jvaqbjf.Rkcybere: 00 00 00 00 00 00 00 00 6D 00 00 00 AD E4 12 00 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF FF FF FF FF 00 00 00 00 00 00 00 00 00 00 00 00
290. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\Puebzr: 00 00 00 00 0E 00 00 00 B8 00 00 00 07 09 B8 00 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF FF FF FF FF 10 29 E0 1C 09 FD D0 01 00 00 00 00
291. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\Puebzr: 00 00 00 00 0E 00 00 00 BA 00 00 00 11 9C B8 00 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF FF FF FF FF 10 29 E0 1C 09 FD D0 01 00 00 00 00
292. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\jvaqbjf.vzzrefvirpbagebycnary_pj5a1u2gklrjl!zvpebfbsg.jvaqbjf.vzzrefvirpbagebycnary: 00 00 00 00 04 00 00 00 19 00 00 00 48 53 08 00 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF FF FF FF FF 20 CE 1F 39 85 FC D0 01 00 00 00 00
293. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\jvaqbjf.vzzrefvirpbagebycnary_pj5a1u2gklrjl!zvpebfbsg.jvaqbjf.vzzrefvirpbagebycnary: 00 00 00 00 04 00 00 00 19 00 00 00 63 66 08 00 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF FF FF FF FF 20 CE 1F 39 85 FC D0 01 00 00 00 00
294. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\Zvpebfbsg.NhgbTrarengrq.{39S3O85O-63SO-0256-8N0N-NNP177410Q28}: 00 00 00 00 00 00 00 00 01 00 00 00 6B 66 00 00 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF FF FF FF FF 00 00 00 00 00 00 00 00 00 00 00 00
295. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\Zvpebfbsg.NhgbTrarengrq.{39S3O85O-63SO-0256-8N0N-NNP177410Q28}: 00 00 00 00 00 00 00 00 02 00 00 00 3D 02 01 00 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF FF FF FF FF 00 00 00 00 00 00 00 00 00 00 00 00
296. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{6Q809377-6NS0-444O-8957-N3773S02200R}\JvaENE\JvaENE.rkr: 00 00 00 00 05 00 00 00 06 00 00 00 BC ED 00 00 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF FF FF FF FF 40 45 C9 F8 8E FC D0 01 00 00 00 00
297. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{6Q809377-6NS0-444O-8957-N3773S02200R}\JvaENE\JvaENE.rkr: 00 00 00 00 05 00 00 00 06 00 00 00 39 EE 00 00 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF FF FF FF FF 40 45 C9 F8 8E FC D0 01 00 00 00 00
298. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{6Q809377-6NS0-444O-8957-N3773S02200R}\Jvaqbjf Qrsraqre\ZFNFPhv.rkr: 00 00 00 00 00 00 00 00 19 00 00 00 6D 8B 03 00 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF FF FF FF FF 00 00 00 00 00 00 00 00 00 00 00 00
299. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{6Q809377-6NS0-444O-8957-N3773S02200R}\Jvaqbjf Qrsraqre\ZFNFPhv.rkr: 00 00 00 00 00 00 00 00 19 00 00 00 31 95 03 00 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF FF FF FF FF 00 00 00 00 00 00 00 00 00 00 00 00
300. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{6Q809377-6NS0-444O-8957-N3773S02200R}\ZvavGbby Cnegvgvba Jvmneq Serr 9.1\CnegvgvbaJvmneq.rkr: 00 00 00 00 00 00 00 00 0B 00 00 00 EB 27 0D 00 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF FF FF FF FF 00 00 00 00 00 00 00 00 00 00 00 00
301. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{6Q809377-6NS0-444O-8957-N3773S02200R}\ZvavGbby Cnegvgvba Jvmneq Serr 9.1\CnegvgvbaJvmneq.rkr: 00 00 00 00 00 00 00 00 0B 00 00 00 3C 2A 0D 00 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF FF FF FF FF 00 00 00 00 00 00 00 00 00 00 00 00
302. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\P:\Hfref\naqel\Qrfxgbc\UNPXVAT\Univw Ceb 1.17 Ceb Shyy\Ybnqre.rkr: 00 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF FF FF FF FF D0 6A F4 28 7E FC D0 01 00 00 00 00
303. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\P:\Hfref\naqel\Qrfxgbc\UNPXVAT\Univw Ceb 1.17 Ceb Shyy\Ybnqre.rkr: 00 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF FF FF FF FF E0 28 F8 2E 0A FD D0 01 00 00 00 00
304. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\gnfxubfgj.rkr: 00 00 00 00 00 00 00 00 00 00 00 00 D8 10 00 00 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF FF FF FF FF 00 00 00 00 00 00 00 00 00 00 00 00
305. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\gnfxubfgj.rkr: 00 00 00 00 00 00 00 00 00 00 00 00 C7 18 00 00 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF FF FF FF FF 00 00 00 00 00 00 00 00 00 00 00 00
306. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\zfqg.rkr: 00 00 00 00 00 00 00 00 02 00 00 00 6D 5B 00 00 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF FF FF FF FF 00 00 00 00 00 00 00 00 00 00 00 00
307. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\zfqg.rkr: 00 00 00 00 00 00 00 00 02 00 00 00 E7 5E 00 00 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF FF FF FF FF 00 00 00 00 00 00 00 00 00 00 00 00
308. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\P:\Hfref\naqel\Qrfxgbc\Ertfubg-1.9.0\Ertfubg-k64-NAFV.rkr: 00 00 00 00 01 00 00 00 01 00 00 00 F5 69 00 00 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF FF FF FF FF 00 86 BB DA 09 FD D0 01 00 00 00 00
309. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\P:\Hfref\naqel\Qrfxgbc\Ertfubg-1.9.0\Ertfubg-k64-NAFV.rkr: 00 00 00 00 01 00 00 00 03 00 00 00 68 D4 00 00 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF FF FF FF FF 00 86 BB DA 09 FD D0 01 00 00 00 00
310. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\iexplore\Count: 0x0000004E
311. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\iexplore\Count: 0x0000004F
312. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\iexplore\Time: DF 07 0A 00 05 00 02 00 0B 00 3B 00 31 00 C6 02
313. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\iexplore\Time: DF 07 0A 00 05 00 02 00 0C 00 01 00 33 00 72 00
314. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Live\Roaming\RegistrarData\LastRenewCollectionsInterest: B0 07 88 F6 FC FC D0 01
315. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Live\Roaming\RegistrarData\LastRenewCollectionsInterest: BB 0F 3B 03 0A FD D0 01
316. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Security and Maintenance\MessageTime: A1 0B 1B E7 84 FC D0 01
317. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Security and Maintenance\MessageTime: FB C8 2A 1A 0A FD D0 01
318. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Security and Maintenance\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.100\CheckSetting: 23 00 41 00 43 00 42 00 6C 00 6F 00 62 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 70 00 65 00 72 00 5D 00
319. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Security and Maintenance\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.100\CheckSetting: 23 00 41 00 43 00 42 00 6C 00 6F 00 62 00 00 00 00 00 00 00 01 00 00 00 A0 00 00 00 00 00 00 00 A6 7E 2A 1A 0A FD D0 01 00 00 00 00 7B 00 45 00 38 00 34 00 33 00 33 00 42 00 37 00 32 00 2D 00 35 00 38 00 34 00 32 00 2D 00 34 00 64 00 34 00 33 00 2D 00 38 00 36 00 34 00 35 00 2D 00 42 00 43 00 32 00 43 00 33 00 35 00 39 00 36 00 30 00 38 00 33 00 37 00 7D 00 2E 00 6E 00 6F 00 74 00 69 00 66 00 69 00 63 00 61 00 74 00 69 00 6F 00 6E 00 2E 00 31 00 30 00 30 00 2E 00 32 00 2D 00 36 00 33 00 31 00 35 00 36 00 31 00 30 00 39 00 00 00 70 00 6C 00 6F 00 72 00 65 00 68 00 00 00 00 7B DC
320. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Security and Maintenance\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.102\CheckSetting: 23 00 41 00 43 00 42 00 6C 00 6F 00 62 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00
321. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Security and Maintenance\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.102\CheckSetting: 23 00 41 00 43 00 42 00 6C 00 6F 00 62 00 00 00 00 00 00 00 01 00 00 00 A0 00 00 00 80 0A 8C 0D FB C8 2A 1A 0A FD D0 01 00 00 00 00 7B 00 45 00 38 00 34 00 33 00 33 00 42 00 37 00 32 00 2D 00 35 00 38 00 34 00 32 00 2D 00 34 00 64 00 34 00 33 00 2D 00 38 00 36 00 34 00 35 00 2D 00 42 00 43 00 32 00 43 00 33 00 35 00 39 00 36 00 30 00 38 00 33 00 37 00 7D 00 2E 00 6E 00 6F 00 74 00 69 00 66 00 69 00 63 00 61 00 74 00 69 00 6F 00 6E 00 2E 00 31 00 30 00 32 00 2E 00 32 00 2D 00 36 00 33 00 31 00 35 00 36 00 31 00 30 00 39 00 00 00 61 00 74 00 61 00 00 00 42 00 00 00 00 00 08 00 00
322. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync\LastLocalChangeTime: AB C8 18 D5 09 FD D0 01
323. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync\LastLocalChangeTime: DB 88 BD 29 0A FD D0 01
324. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync\Namespace\PackageState\Microsoft.Windows.Cortana_cw5n1h2txyewy-0\LastLocalChangeTime: E2 1A F5 55 09 FD D0 01
325. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync\Namespace\PackageState\Microsoft.Windows.Cortana_cw5n1h2txyewy-0\LastLocalChangeTime: DB 88 BD 29 0A FD D0 01
326. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store\C:\Program Files\WinRAR\WinRAR.exe: 53 41 43 50 01 00 00 00 00 00 00 00 07 00 00 00 28 00 00 00 D0 E9 16 00 87 8D 17 00 01 00 00 00 00 00 00 00 00 00 03 06 00 01 00 00 ED A4 DC B1 B3 BA D0 01 00 00 00 00 00 00 00 00 02 00 00 00 28 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 8D DF 01 00 00 00 00 00 16 00 00 00 16 00 00 00
327. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store\C:\Program Files\WinRAR\WinRAR.exe: 53 41 43 50 01 00 00 00 00 00 00 00 07 00 00 00 28 00 00 00 D0 E9 16 00 87 8D 17 00 01 00 00 00 00 00 00 00 00 00 03 06 00 01 00 00 ED A4 DC B1 B3 BA D0 01 00 00 00 00 00 00 00 00 02 00 00 00 28 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 8D DF 01 00 00 00 00 00 17 00 00 00 17 00 00 00
328. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store\C:\Users\andry\Desktop\HACKING\Havij Pro 1.17 Pro Full\Loader.exe: 53 41 43 50 01 00 00 00 00 00 00 00 07 00 00 00 28 00 00 00 BE 5A 00 00 00 00 00 00 01 00 00 00 00 00 00 00 00 00 02 06 71 00 00 00 6A 92 0C E5 B7 BA D0 01 00 00 00 00 00 00 00 00 02 00 00 00 28 00 00 00 00 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3E 00 00 00 00 00 00 00 01 00 00 00 01 00 00 00
329. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store\C:\Users\andry\Desktop\HACKING\Havij Pro 1.17 Pro Full\Loader.exe: 53 41 43 50 01 00 00 00 00 00 00 00 07 00 00 00 28 00 00 00 BE 5A 00 00 00 00 00 00 01 00 00 00 00 00 00 00 00 00 02 06 71 00 00 00 6A 92 0C E5 B7 BA D0 01 00 00 00 00 00 00 00 00 05 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 00 00 00 28 00 00 00 00 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 14 99 00 00 00 00 00 00 02 00 00 00 02 00 00 00
330. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\Microsoft.Windows.Cortana_cw5n1h2txyewy\PSR\LastChange: B9 33 F5 55 09 FD D0 01
331. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\Microsoft.Windows.Cortana_cw5n1h2txyewy\PSR\LastChange: 64 D3 BD 29 0A FD D0 01
332. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx: 12 00 00 00 02 00 00 00 11 00 00 00 00 00 00 00 10 00 00 00 0D 00 00 00 03 00 00 00 0A 00 00 00 04 00 00 00 06 00 00 00 0F 00 00 00 0E 00 00 00 0B 00 00 00 0C 00 00 00 01 00 00 00 09 00 00 00 08 00 00 00 07 00 00 00 05 00 00 00 FF FF FF FF
333. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx: 0D 00 00 00 12 00 00 00 02 00 00 00 01 00 00 00 11 00 00 00 00 00 00 00 10 00 00 00 03 00 00 00 0A 00 00 00 04 00 00 00 06 00 00 00 0F 00 00 00 0E 00 00 00 0B 00 00 00 0C 00 00 00 09 00 00 00 08 00 00 00 07 00 00 00 05 00 00 00 FF FF FF FF
334. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\13\MRUListEx: 07 00 00 00 06 00 00 00 04 00 00 00 03 00 00 00 05 00 00 00 02 00 00 00 01 00 00 00 00 00 00 00 FF FF FF FF
335. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\13\MRUListEx: 01 00 00 00 07 00 00 00 06 00 00 00 04 00 00 00 03 00 00 00 05 00 00 00 02 00 00 00 00 00 00 00 FF FF FF FF
336. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\MinPos1366x768x96(1).x: 0xFFFF8300
337. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\MinPos1366x768x96(1).x: 0xFFFFFFFF
338. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\MinPos1366x768x96(1).y: 0xFFFF8300
339. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\MinPos1366x768x96(1).y: 0xFFFFFFFF
340. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\WinPos1366x768x96(1).left: 0x000000CD
341. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\WinPos1366x768x96(1).left: 0x000000B3
342. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\WinPos1366x768x96(1).top: 0x00000000
343. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\WinPos1366x768x96(1).top: 0x00000020
344. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\WinPos1366x768x96(1).right: 0x00000540
345. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\WinPos1366x768x96(1).right: 0x00000526
346. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\WinPos1366x768x96(1).bottom: 0x00000258
347. HKU\S-1-5-21-2108185585-841486993-4023594248-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\WinPos1366x768x96(1).bottom: 0x00000278
348. HKU\S-1-5-21-2108185585-841486993-4023594248-1001_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\Microsoft.Windows.Cortana_cw5n1h2txyewy\PSR\LastChange: B9 33 F5 55 09 FD D0 01
349. HKU\S-1-5-21-2108185585-841486993-4023594248-1001_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\Microsoft.Windows.Cortana_cw5n1h2txyewy\PSR\LastChange: 64 D3 BD 29 0A FD D0 01
350. HKU\S-1-5-21-2108185585-841486993-4023594248-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx: 12 00 00 00 02 00 00 00 11 00 00 00 00 00 00 00 10 00 00 00 0D 00 00 00 03 00 00 00 0A 00 00 00 04 00 00 00 06 00 00 00 0F 00 00 00 0E 00 00 00 0B 00 00 00 0C 00 00 00 01 00 00 00 09 00 00 00 08 00 00 00 07 00 00 00 05 00 00 00 FF FF FF FF
351. HKU\S-1-5-21-2108185585-841486993-4023594248-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx: 0D 00 00 00 12 00 00 00 02 00 00 00 01 00 00 00 11 00 00 00 00 00 00 00 10 00 00 00 03 00 00 00 0A 00 00 00 04 00 00 00 06 00 00 00 0F 00 00 00 0E 00 00 00 0B 00 00 00 0C 00 00 00 09 00 00 00 08 00 00 00 07 00 00 00 05 00 00 00 FF FF FF FF
352. HKU\S-1-5-21-2108185585-841486993-4023594248-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\13\MRUListEx: 07 00 00 00 06 00 00 00 04 00 00 00 03 00 00 00 05 00 00 00 02 00 00 00 01 00 00 00 00 00 00 00 FF FF FF FF
353. HKU\S-1-5-21-2108185585-841486993-4023594248-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\13\MRUListEx: 01 00 00 00 07 00 00 00 06 00 00 00 04 00 00 00 03 00 00 00 05 00 00 00 02 00 00 00 00 00 00 00 FF FF FF FF
354. HKU\S-1-5-21-2108185585-841486993-4023594248-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\MinPos1366x768x96(1).x: 0xFFFF8300
355. HKU\S-1-5-21-2108185585-841486993-4023594248-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\MinPos1366x768x96(1).x: 0xFFFFFFFF
356. HKU\S-1-5-21-2108185585-841486993-4023594248-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\MinPos1366x768x96(1).y: 0xFFFF8300
357. HKU\S-1-5-21-2108185585-841486993-4023594248-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\MinPos1366x768x96(1).y: 0xFFFFFFFF
358. HKU\S-1-5-21-2108185585-841486993-4023594248-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\WinPos1366x768x96(1).left: 0x000000CD
359. HKU\S-1-5-21-2108185585-841486993-4023594248-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\WinPos1366x768x96(1).left: 0x000000B3
360. HKU\S-1-5-21-2108185585-841486993-4023594248-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\WinPos1366x768x96(1).top: 0x00000000
361. HKU\S-1-5-21-2108185585-841486993-4023594248-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\WinPos1366x768x96(1).top: 0x00000020
362. HKU\S-1-5-21-2108185585-841486993-4023594248-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\WinPos1366x768x96(1).right: 0x00000540
363. HKU\S-1-5-21-2108185585-841486993-4023594248-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\WinPos1366x768x96(1).right: 0x00000526
364. HKU\S-1-5-21-2108185585-841486993-4023594248-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\WinPos1366x768x96(1).bottom: 0x00000258
365. HKU\S-1-5-21-2108185585-841486993-4023594248-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\WinPos1366x768x96(1).bottom: 0x00000278
366.  
367. ----------------------------------
368. Archivos añadidos:7
369. ----------------------------------
370. C:\WINDOWS\Prefetch\CONHOST.EXE-1F3E9D7E.pf
371. C:\WINDOWS\Prefetch\HAVIJ.EXE-0F0AAE1E.pf
372. C:\WINDOWS\Prefetch\LAUNCHTM.EXE-56CAE1A4.pf
373. C:\WINDOWS\Prefetch\LOADER.EXE-EF0DD257.pf
374. C:\WINDOWS\Prefetch\PCWRUN.EXE-B749B1E3.pf
375. C:\WINDOWS\Prefetch\SDIAGNHOST.EXE-8D72177C.pf
376. C:\WINDOWS\Prefetch\TEMPHAVIJ.EXE-BA346A1D.pf
377.  
378. ----------------------------------
379. Atributos de archivo modificados:22
380. ----------------------------------
381. C:\WINDOWS\Prefetch\DLLHOST.EXE-35FBF07A.pf
382. C:\WINDOWS\Prefetch\DLLHOST.EXE-9037274D.pf
383. C:\WINDOWS\Prefetch\DLLHOST.EXE-A853C612.pf
384. C:\WINDOWS\Prefetch\DLLHOST.EXE-F173BDC4.pf
385. C:\WINDOWS\Prefetch\GOOGLEUPDATE.EXE-B95715F5.pf
386. C:\WINDOWS\Prefetch\LOGONUI.EXE-09140401.pf
387. C:\WINDOWS\Prefetch\MSDT.EXE-09841468.pf
388. C:\WINDOWS\Prefetch\SEARCHFILTERHOST.EXE-77482212.pf
389. C:\WINDOWS\Prefetch\SEARCHPROTOCOLHOST.EXE-0CB8CADE.pf
390. C:\WINDOWS\Prefetch\SYSTEMSETTINGS.EXE-6069CEA4.pf
391. C:\WINDOWS\Prefetch\TASKENG.EXE-48D4E289.pf
392. C:\WINDOWS\Prefetch\TASKHOSTW.EXE-3E0B74C8.pf
393. C:\WINDOWS\Prefetch\TASKMGR.EXE-5F5F473D.pf
394. C:\WINDOWS\Prefetch\WINRAR.EXE-94E7D80C.pf
395. C:\WINDOWS\ServiceProfiles\LocalService\NTUSER.DAT.LOG2
396. C:\WINDOWS\ServiceProfiles\NetworkService\AppData\Local\Temp\MpCmdRun.log
397. C:\WINDOWS\ServiceProfiles\NetworkService\NTUSER.DAT.LOG2
398. C:\WINDOWS\System32\config\DEFAULT.LOG2
399. C:\WINDOWS\System32\wbem\Repository\INDEX.BTR
400. C:\WINDOWS\System32\wbem\Repository\MAPPING2.MAP
401. C:\WINDOWS\System32\wbem\Repository\OBJECTS.DATA
402. C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
403.  
404. ----------------------------------
405. Total de cambios:219
406. ----------------------------------