Windows Defender Registry Keys Installed Windows Defender Changes...
=============================================================================================

Key added: "\*\shellex\ContextMenuHandlers\EPP"
Key added: "\AppID\{2781761E-28E2-4109-99FE-B9D127C57AFE}"
Key added: "\AppID\{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}"
Key added: "\AppID\{FDA74D11-C4A6-4577-9F73-D7CA8586E10D}"
Value "DisplayName" added in "HKEY_CLASSES_ROOT\AppUserModelId\Microsoft.Windows.Defender"
Value "CustomActivator" added in "HKEY_CLASSES_ROOT\AppUserModelId\Windows.Defender"
Value "DisplayName" added in "HKEY_CLASSES_ROOT\AppUserModelId\Windows.Defender"
Value "IconBackgroundColor" added in "HKEY_CLASSES_ROOT\AppUserModelId\Windows.Defender"
Value "IconUri" added in "HKEY_CLASSES_ROOT\AppUserModelId\Windows.Defender"
Value "(Default)" added in "HKEY_CLASSES_ROOT\CLSID\{2781761E-28E0-4109-99FE-B9D127C57AFE}"
Key added: "\CLSID\{2781761E-28E0-4109-99FE-B9D127C57AFE}\InprocServer32"
Key added: "\Directory\shellex\ContextMenuHandlers\EPP"
Key added: "\Drive\shellex\ContextMenuHandlers\EPP"
Key deleted: "\Local Settings\MrtCache\C:%5CWindows%5CSystemApps%5CMicrosoft.Windows.SecHealthUI_cw5n1h2txyewy%5Cresources.pri"
Key deleted: "\Local Settings\MrtCache\C:%5CWindows%5CSystemResources%5CWindows.UI.Shell%5CWindows.UI.Shell.pri"
Value "@%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8201" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\AgentService.exe,-102" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\AJRouter.dll,-2" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\Alg.exe,-112" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\appidsvc.dll,-100" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\AppReadiness.dll,-1000" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\AppVClient.exe,-102" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\assignedaccessmanagersvc.dll,-100" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\AxInstSV.dll,-103" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\certprop.dll,-11" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\certprop.dll,-13" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\defragsvc.dll,-101" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\DevQueryBroker.dll,-100" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\DiagSvc.dll,-100" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\dmwappushsvc.dll,-200" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\dosvc.dll,-100" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\dot3svc.dll,-1102" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\dssvc.dll,-10003" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\eapsvc.dll,-1" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\efssvc.dll,-100" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\embeddedmodesvc.dll,-201" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\fdPHost.dll,-100" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\fdrespub.dll,-100" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\fhsvc.dll,-101" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\flightsettings.dll,-103" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\fxsresm.dll,-118" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\hvhostsvc.dll,-100" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\icsvc.dll,-101" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\icsvc.dll,-201" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\icsvc.dll,-301" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\icsvc.dll,-401" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\icsvc.dll,-801" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\icsvc.dll,-901" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\icsvcext.dll,-501" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\icsvcext.dll,-601" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\ikeext.dll,-501" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\InstallService.dll,-200" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\ipnathlp.dll,-106" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%Systemroot%\system32\ipxlatcfg.dll,-500" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\irmon.dll,-2000" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\iscsidsc.dll,-5000" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\LanguageOverlayServer.dll,-100" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\lltdres.dll,-1" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\lmhsvc.dll,-101" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\Locator.exe,-2" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\lpasvc.dll,-1000" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\moshost.dll,-100" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%Systemroot%\system32\mprdim.dll,-200" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\msimsg.dll,-27" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\NaturalAuth.dll,-100" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\ncasvc.dll,-3009" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\NcdAutoSetup.dll,-100" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\netlogon.dll,-102" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\netman.dll,-109" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\NgcCtnrSvc.dll,-1" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\ngcsvc.dll,-100" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\p2psvc.dll,-8006" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\pcasvc.dll,-1" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\peerdistsvc.dll,-9000" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\PhoneserviceRes.dll,-10000" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\pla.dll,-500" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\pnrpauto.dll,-8002" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\pnrpsvc.dll,-8000" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\pnrpsvc.dll,-8004" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\polstore.dll,-5010" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\pushtoinstall.dll,-200" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\qmgr.dll,-1000" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\qwave.dll,-1" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%Systemroot%\system32\rasauto.dll,-200" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\RDXService.dll,-256" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\RMapi.dll,-1001" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\SCardSvr.dll,-1" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\ScDeviceEnum.dll,-100" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\sdrsvc.dll,-107" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\seclogon.dll,-7001" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\SecurityHealthAgent.dll,-12001" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\SensorDataService.exe,-101" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\sensorservice.dll,-1000" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\sensrsvc.dll,-1000" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\SgrmBroker.exe,-100" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\SharedRealitySvc.dll,-100" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\smphost.dll,-102" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\SmsRouterSvc.dll,-10001" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\snmptrap.exe,-3" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\spectrum.exe,-101" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\ssdpsrv.dll,-100" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\StorSvc.dll,-100" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\svsvc.dll,-101" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\swprv.dll,-103" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\tapisrv.dll,-10100" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\termsrv.dll,-268" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\tetheringservice.dll,-4097" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\TieringEngineService.exe,-702" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\umpnpmgr.dll,-100" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\umrdp.dll,-1000" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\upnphost.dll,-213" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\usocore.dll,-101" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\vac.dll,-200" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\vaultsvc.dll,-1003" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\vds.exe,-100" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\vssvc.exe,-102" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\w32time.dll,-200" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\WalletService.dll,-1000" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%Systemroot%\system32\wbem\wmiapsrv.exe,-110" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\wbengine.exe,-104" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\wbiosrvc.dll,-100" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\wcncsvc.dll,-3" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\wdi.dll,-500" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\webclnt.dll,-100" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\wecsvc.dll,-200" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\wephostsvc.dll,-100" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\wercplsupport.dll,-101" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\wersvc.dll,-100" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\wfdsconmgrsvc.dll,-9000" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\wiarpc.dll,-2" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\wiaservc.dll,-9" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\Windows.Internal.Management.dll,-100" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\workfolderssvc.dll,-102" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\WpcRefreshTask.dll,-100" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\wscsvc.dll,-200" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%Systemroot%\system32\wsmsvc.dll,-101" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\wwansvc.dll,-257" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\xbgmsvc.exe,-100" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\XblAuthManager.dll,-100" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\XblGameSave.dll,-100" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\xboxgipsvc.dll,-100" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\XboxNetApiSvc.dll,-100" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\sysWow64\perfhost.exe,-2" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@appmgmts.dll,-3250" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@C:\Program Files\Common Files\system\wab32res.dll,-10100" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@C:\Windows\system32\actioncentercpl.dll,-1" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@C:\Windows\System32\fsquirt.exe,-2343" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@C:\Windows\system32\FXSRESM.dll,-120" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@C:\Windows\System32\ieframe.dll,-12385" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll,-1" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@comres.dll,-2797" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@comres.dll,-2946" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@comres.dll,-947" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@EnterpriseAppMgmtSvc.dll,-1" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@regsvc.dll,-1" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@sendmail.dll,-21" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@sendmail.dll,-4" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@WaaSMedicSvc.dll,-100" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "@zipfldr.dll,-10148" deleted in "HKEY_CLASSES_ROOT\Local Settings\MuiCache\1\52C64B7E"
Value "CIStatusTimestamp" changed in "HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus"
Value "{5066387A-E6CC-4C2E-9BF7-DD8DE2971A06}" deleted in "HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\Active"
Value "{D96DDA86-9159-478C-9B15-E113B5BF3B7F}" added in "HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\Active"
Value "NextCheckForUpdateHighDateTime" changed in "HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\UrlBlock"
Value "NextCheckForUpdateLowDateTime" changed in "HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\UrlBlock"
Value "Total" changed in "HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.cortana_cw5n1h2txyewy\Internet Explorer\DOMStorage\bing.com"
Value "(Default)" changed in "HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.cortana_cw5n1h2txyewy\Internet Explorer\DOMStorage\Total"
Value "(Default)" changed in "HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.cortana_cw5n1h2txyewy\Internet Explorer\DOMStorage\www.bing.com"
Key added: "\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\AllUsers\{64B59009-226E-4FBB-AFFB-D7B6695B3842}"
Key added: "\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\AllUsers\{BBDB5823-CC85-4CCC-94A7-B22B06A5BF63}"
Key deleted: "\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\AllUsers\{D0D6F3A8-225E-404D-9FC9-A91973931AF5}"
Key deleted: "\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\AllUsers\{D84FB9EC-01C1-420F-82C6-2FD65371AC2B}"
Key added: "\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1621887801-967696625-3000357664-1001\{223916C1-B8AE-449E-95A0-7160BE436D43}"
Key deleted: "\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1621887801-967696625-3000357664-1001\{66A62278-A77A-4B3D-9B44-D5E577DC2C0F}"
Key deleted: "\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1621887801-967696625-3000357664-1001\{81644187-A79A-45BD-8460-3B5D060E5AC4}"
Key added: "\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1621887801-967696625-3000357664-1001\{B463DE77-5188-4252-8142-C1942DC52379}"
Key added: "\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\ShellRefresh"
Key deleted: "\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe\PersistedTitleBarData"
Value "WasEverActivated" deleted in "HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy"
Key deleted: "\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\PersistedTitleBarData"
Value "IconStreams" changed in "HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\TrayNotify"
Value "2" deleted in "HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\BagMRU"
Value "MRUListEx" changed in "HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\BagMRU"
Value "NodeSlots" changed in "HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\BagMRU"
Value "NodeSlot" deleted in "HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\0"
Key deleted: "\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\2"
Key deleted: "\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}"
Key deleted: "\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}"
Key deleted: "\Local Settings\Software\Microsoft\Windows\Shell\Bags\6"
Key deleted: "\Local Settings\Software\Microsoft\Windows\Shell\Bags\7"
Key deleted: "\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders"
Value "C:\Windows\System32\cmd.exe.ApplicationCompany" deleted in "HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\MuiCache"
Value "C:\Windows\System32\cmd.exe.FriendlyAppName" deleted in "HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\MuiCache"
Value "C:\Windows\System32\fsquirt.exe.ApplicationCompany" deleted in "HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\MuiCache"
Value "C:\Windows\System32\fsquirt.exe.FriendlyAppName" deleted in "HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\MuiCache"
Value "C:\Windows\System32\WScript.exe.ApplicationCompany" deleted in "HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\MuiCache"
Value "C:\Windows\System32\WScript.exe.FriendlyAppName" deleted in "HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\MuiCache"
Key added: "\TypeLib\{8C389764-F036-48F2-9AE2-88C260DCF43B}"
Value "EditFlags" added in "HKEY_CLASSES_ROOT\windowsdefender"
Key added: "\windowsdefender\DefaultIcon"
Key added: "\windowsdefender\shell"
Key added: "\WOW6432Node\AppID\{2781761E-28E2-4109-99FE-B9D127C57AFE}"
Key added: "\WOW6432Node\AppID\{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}"
Key added: "\WOW6432Node\AppID\{FDA74D11-C4A6-4577-9F73-D7CA8586E10D}"
Value "(Default)" added in "HKEY_CLASSES_ROOT\WOW6432Node\CLSID\{2781761E-28E0-4109-99FE-B9D127C57AFE}"
Key added: "\WOW6432Node\CLSID\{2781761E-28E0-4109-99FE-B9D127C57AFE}\InprocServer32"
Key added: "\WOW6432Node\TypeLib\{8C389764-F036-48F2-9AE2-88C260DCF43B}"
Key deleted: "\Software\Classes\Local Settings\MrtCache\C:%5CWindows%5CSystemApps%5CMicrosoft.Windows.SecHealthUI_cw5n1h2txyewy%5Cresources.pri"
Key deleted: "\Software\Classes\Local Settings\MrtCache\C:%5CWindows%5CSystemResources%5CWindows.UI.Shell%5CWindows.UI.Shell.pri"
Value "@%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8201" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\AgentService.exe,-102" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\AJRouter.dll,-2" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\Alg.exe,-112" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\appidsvc.dll,-100" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\AppReadiness.dll,-1000" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\AppVClient.exe,-102" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\assignedaccessmanagersvc.dll,-100" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\AxInstSV.dll,-103" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\certprop.dll,-11" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\certprop.dll,-13" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\defragsvc.dll,-101" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\DevQueryBroker.dll,-100" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\DiagSvc.dll,-100" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\dmwappushsvc.dll,-200" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\dosvc.dll,-100" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\dot3svc.dll,-1102" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\dssvc.dll,-10003" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\eapsvc.dll,-1" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\efssvc.dll,-100" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\embeddedmodesvc.dll,-201" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\fdPHost.dll,-100" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\fdrespub.dll,-100" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\fhsvc.dll,-101" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\flightsettings.dll,-103" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\fxsresm.dll,-118" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\hvhostsvc.dll,-100" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\icsvc.dll,-101" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\icsvc.dll,-201" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\icsvc.dll,-301" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\icsvc.dll,-401" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\icsvc.dll,-801" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\icsvc.dll,-901" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\icsvcext.dll,-501" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\icsvcext.dll,-601" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\ikeext.dll,-501" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\InstallService.dll,-200" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\ipnathlp.dll,-106" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%Systemroot%\system32\ipxlatcfg.dll,-500" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\irmon.dll,-2000" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\iscsidsc.dll,-5000" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\LanguageOverlayServer.dll,-100" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\lltdres.dll,-1" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\lmhsvc.dll,-101" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\Locator.exe,-2" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\lpasvc.dll,-1000" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\moshost.dll,-100" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%Systemroot%\system32\mprdim.dll,-200" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\msimsg.dll,-27" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\NaturalAuth.dll,-100" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\ncasvc.dll,-3009" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\NcdAutoSetup.dll,-100" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\netlogon.dll,-102" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\netman.dll,-109" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\NgcCtnrSvc.dll,-1" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\ngcsvc.dll,-100" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\p2psvc.dll,-8006" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\pcasvc.dll,-1" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\peerdistsvc.dll,-9000" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\PhoneserviceRes.dll,-10000" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\pla.dll,-500" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\pnrpauto.dll,-8002" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\pnrpsvc.dll,-8000" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\pnrpsvc.dll,-8004" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\polstore.dll,-5010" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\pushtoinstall.dll,-200" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\qmgr.dll,-1000" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\qwave.dll,-1" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%Systemroot%\system32\rasauto.dll,-200" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\RDXService.dll,-256" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\RMapi.dll,-1001" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\SCardSvr.dll,-1" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\ScDeviceEnum.dll,-100" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\sdrsvc.dll,-107" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\seclogon.dll,-7001" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\SecurityHealthAgent.dll,-12001" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\SensorDataService.exe,-101" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\sensorservice.dll,-1000" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\sensrsvc.dll,-1000" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\SgrmBroker.exe,-100" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\SharedRealitySvc.dll,-100" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\smphost.dll,-102" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\SmsRouterSvc.dll,-10001" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\snmptrap.exe,-3" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\spectrum.exe,-101" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\ssdpsrv.dll,-100" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\StorSvc.dll,-100" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\svsvc.dll,-101" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\swprv.dll,-103" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\tapisrv.dll,-10100" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\termsrv.dll,-268" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\tetheringservice.dll,-4097" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\TieringEngineService.exe,-702" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\umpnpmgr.dll,-100" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\umrdp.dll,-1000" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\upnphost.dll,-213" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\usocore.dll,-101" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\vac.dll,-200" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\vaultsvc.dll,-1003" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\vds.exe,-100" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\vssvc.exe,-102" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\w32time.dll,-200" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\WalletService.dll,-1000" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%Systemroot%\system32\wbem\wmiapsrv.exe,-110" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\wbengine.exe,-104" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\wbiosrvc.dll,-100" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\wcncsvc.dll,-3" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\wdi.dll,-500" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\webclnt.dll,-100" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\wecsvc.dll,-200" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\wephostsvc.dll,-100" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\wercplsupport.dll,-101" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\wersvc.dll,-100" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\wfdsconmgrsvc.dll,-9000" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\wiarpc.dll,-2" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\system32\wiaservc.dll,-9" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\Windows.Internal.Management.dll,-100" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\workfolderssvc.dll,-102" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\WpcRefreshTask.dll,-100" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\wscsvc.dll,-200" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%Systemroot%\system32\wsmsvc.dll,-101" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%SystemRoot%\System32\wwansvc.dll,-257" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\xbgmsvc.exe,-100" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\XblAuthManager.dll,-100" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\XblGameSave.dll,-100" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\xboxgipsvc.dll,-100" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\system32\XboxNetApiSvc.dll,-100" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@%systemroot%\sysWow64\perfhost.exe,-2" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@appmgmts.dll,-3250" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@C:\Program Files\Common Files\system\wab32res.dll,-10100" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@C:\Windows\system32\actioncentercpl.dll,-1" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@C:\Windows\System32\fsquirt.exe,-2343" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@C:\Windows\system32\FXSRESM.dll,-120" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@C:\Windows\System32\ieframe.dll,-12385" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll,-1" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@comres.dll,-2797" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@comres.dll,-2946" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@comres.dll,-947" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@EnterpriseAppMgmtSvc.dll,-1" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@regsvc.dll,-1" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@sendmail.dll,-21" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@sendmail.dll,-4" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@WaaSMedicSvc.dll,-100" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "@zipfldr.dll,-10148" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\1\52C64B7E"
Value "CIStatusTimestamp" changed in "HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus"
Value "{5066387A-E6CC-4C2E-9BF7-DD8DE2971A06}" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\Active"
Value "{D96DDA86-9159-478C-9B15-E113B5BF3B7F}" added in "HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\Active"
Value "NextCheckForUpdateHighDateTime" changed in "HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\UrlBlock"
Value "NextCheckForUpdateLowDateTime" changed in "HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\UrlBlock"
Value "Total" changed in "HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.cortana_cw5n1h2txyewy\Internet Explorer\DOMStorage\bing.com"
Value "(Default)" changed in "HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.cortana_cw5n1h2txyewy\Internet Explorer\DOMStorage\Total"
Value "(Default)" changed in "HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.cortana_cw5n1h2txyewy\Internet Explorer\DOMStorage\www.bing.com"
Key added: "\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\ShellRefresh"
Key deleted: "\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe\PersistedTitleBarData"
Value "WasEverActivated" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy"
Key deleted: "\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\PersistedTitleBarData"
Value "IconStreams" changed in "HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\TrayNotify"
Value "2" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU"
Value "MRUListEx" changed in "HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU"
Value "NodeSlots" changed in "HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU"
Value "NodeSlot" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\0"
Key deleted: "\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\2"
Key deleted: "\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}"
Key deleted: "\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}"
Key deleted: "\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6"
Key deleted: "\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7"
Key deleted: "\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders"
Value "C:\Windows\System32\cmd.exe.ApplicationCompany" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache"
Value "C:\Windows\System32\cmd.exe.FriendlyAppName" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache"
Value "C:\Windows\System32\fsquirt.exe.ApplicationCompany" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache"
Value "C:\Windows\System32\fsquirt.exe.FriendlyAppName" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache"
Value "C:\Windows\System32\WScript.exe.ApplicationCompany" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache"
Value "C:\Windows\System32\WScript.exe.FriendlyAppName" deleted in "HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache"
Key deleted: "\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\3122c58c_0"
Key deleted: "\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\d4b1840d_0"
Key deleted: "\Software\Microsoft\Messaging"
Key deleted: "\Software\Microsoft\Phone\ShellUI\WindowSizing\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy!SecHealthUI"
Key added: "\Software\Microsoft\Unified Store\HighWaterMarks\C:_Users_test_AppData_Local_Comms_UnistoreDB_store.vol"
Value "083CBCD9-650D-135B-B778-98E8339EDCC8" changed in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ActivityDataModel\ReaderRevisionInfo"
Value "VBSFile_.vbs" deleted in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts"
Key deleted: "\Software\Microsoft\Windows\CurrentVersion\ApplicationFrame\Positions\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy!SecHealthUI"
Key deleted: "\Software\Microsoft\Windows\CurrentVersion\ApplicationFrame\WindowSizing\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy!SecHealthUI"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\1527c705-839a-4832-9118-54d4Bd6a0c89_cw5n1h2txyewy"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\c5e2524a-ea46-4f67-841f-6a9465d9d515_cw5n1h2txyewy"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\E2A4F912-2574-4A75-9BB0-0D023378592B_cw5n1h2txyewy"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\F46D4000-FD22-4DB4-AC8E-4E1DDDE828FE_cw5n1h2txyewy"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\InputApp_cw5n1h2txyewy"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.AccountsControl_cw5n1h2txyewy"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.Advertising.Xaml_8wekyb3d8bbwe"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.AsyncTextService_8wekyb3d8bbwe"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.BingWeather_8wekyb3d8bbwe"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.BioEnrollment_cw5n1h2txyewy"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.CredDialogHost_cw5n1h2txyewy"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.DesktopAppInstaller_8wekyb3d8bbwe"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.ECApp_8wekyb3d8bbwe"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.GetHelp_8wekyb3d8bbwe"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.Getstarted_8wekyb3d8bbwe"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.Messaging_8wekyb3d8bbwe"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.Microsoft3DViewer_8wekyb3d8bbwe"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.MicrosoftEdgeDevToolsClient_8wekyb3d8bbwe"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.MSPaint_8wekyb3d8bbwe"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.Office.OneNote_8wekyb3d8bbwe"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.OneConnect_8wekyb3d8bbwe"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.People_8wekyb3d8bbwe"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.PPIProjection_cw5n1h2txyewy"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.Print3D_8wekyb3d8bbwe"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.Services.Store.Engagement_8wekyb3d8bbwe"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.SkypeApp_kzf8qxf38zg5c"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.StorePurchaseApp_8wekyb3d8bbwe"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.Wallet_8wekyb3d8bbwe"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.WebMediaExtensions_8wekyb3d8bbwe"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.Win32WebViewHost_cw5n1h2txyewy"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.Windows.Apprep.ChxApp_cw5n1h2txyewy"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.Windows.AssignedAccessLockApp_cw5n1h2txyewy"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.Windows.CapturePicker_cw5n1h2txyewy"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.Windows.HolographicFirstRun_cw5n1h2txyewy"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.Windows.OOBENetworkCaptivePortal_cw5n1h2txyewy"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.Windows.OOBENetworkConnectionFlow_cw5n1h2txyewy"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.Windows.ParentalControls_cw5n1h2txyewy"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.Windows.PeopleExperienceHost_cw5n1h2txyewy"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.WindowsAlarms_8wekyb3d8bbwe"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.WindowsCalculator_8wekyb3d8bbwe"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\microsoft.windowscommunicationsapps_8wekyb3d8bbwe"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.WindowsFeedbackHub_8wekyb3d8bbwe"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.WindowsMaps_8wekyb3d8bbwe"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.WindowsSoundRecorder_8wekyb3d8bbwe"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.Xbox.TCUI_8wekyb3d8bbwe"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.XboxApp_8wekyb3d8bbwe"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.XboxGameCallableUI_cw5n1h2txyewy"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.XboxGameOverlay_8wekyb3d8bbwe"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.XboxGamingOverlay_8wekyb3d8bbwe"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.XboxSpeechToTextOverlay_8wekyb3d8bbwe"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.ZuneMusic_8wekyb3d8bbwe"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.ZuneVideo_8wekyb3d8bbwe"
Key added: "\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Windows.CBSPreview_cw5n1h2txyewy"
Key deleted: "\Software\Microsoft\Windows\CurrentVersion\CloudStore\Store\Cache\DefaultAccount\$$windows.data.calling.callfavorites"
Key deleted: "\Software\Microsoft\Windows\CurrentVersion\CloudStore\Store\Cache\DefaultAccount\$$windows.data.calling.callhistory"
Key deleted: "\Software\Microsoft\Windows\CurrentVersion\CloudStore\Store\Cache\DefaultAccount\$$windows.data.messaging.settings"
Value "Data" changed in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\CloudStore\Store\Cache\DefaultAccount\$de${21dd9508-77ab-4ad6-a3ea-639f1a40c744}$$windows.data.unifiedtile.localstarttilepropertiesmap\Current"
Value "Data" changed in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\CloudStore\Store\Cache\DefaultAccount\$de${21dd9508-77ab-4ad6-a3ea-639f1a40c744}$$windows.data.unifiedtile.localstartvolatiletilepropertiesmap\Current"
Value "AccelerateCacheRefreshLastDetected" changed in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager\Subscriptions\280810"
Value "LastAccessed" changed in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager\Subscriptions\280810"
Value "AccelerateCacheRefreshLastDetected" changed in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager\Subscriptions\280811"
Value "LastAccessed" changed in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager\Subscriptions\280811"
Value "LastAccessed" changed in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager\Subscriptions\314559"
Value "LastAccessed" changed in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager\Subscriptions\338388"
Value "LastAccessed" changed in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager\Subscriptions\346481"
Value "link" deleted in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer"
Value "SlowContextMenuEntries" changed in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer"
Value "0" changed in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedPidlMRULegacy"
Value "1" deleted in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSavePidlMRU\*"
Value "2" deleted in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSavePidlMRU\*"
Value "MRUListEx" changed in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSavePidlMRU\*"
Value "1" deleted in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSavePidlMRU\dsf"
Value "MRUListEx" changed in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSavePidlMRU\dsf"
Key deleted: "\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSavePidlMRU\rdf"
Key deleted: "\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rdf"
Key deleted: "\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vbs"
Key deleted: "\Software\Microsoft\Windows\CurrentVersion\Explorer\OperationStatusManager"
Value "2" deleted in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs"
Value "3" deleted in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs"
Value "MRUListEx" changed in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs"
Value "1" deleted in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs\.dsf"
Value "MRUListEx" changed in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs\.dsf"
Key deleted: "\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs\.rdf"
Key deleted: "\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU"
Key added: "\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:000000000001038A"
Key added: "\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:00000000000103CC"
Key added: "\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:0000000000020178"
Key added: "\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:00000000000202A2"
Key added: "\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:0000000000020326"
Key added: "\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:0000000000020384"
Key added: "\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:00000000000203A0"
Key deleted: "\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:00000000000203DA"
Key deleted: "\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:0000000000020416"
Key added: "\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:00000000000301B2"
Key added: "\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:00000000000301F4"
Key added: "\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:00000000000302A2"
Key deleted: "\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:000000000003031C"
Key deleted: "\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:00000000000303C0"
Key added: "\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:00000000000303E0"
Key added: "\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:000000000003040E"
Key deleted: "\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:0000000000040066"
Key deleted: "\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:000000000004017C"
Key added: "\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:00000000000401C6"
Key added: "\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:00000000000402A2"
Key deleted: "\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:00000000000402A4"
Key added: "\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:000000000004036C"
Key added: "\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:0000000000040380"
Key added: "\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:000000000004039C"
Key added: "\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:00000000000403AC"
Key deleted: "\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:000000000005005E"
Key deleted: "\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:0000000000050176"
Key added: "\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:00000000000502A2"
Key added: "\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:000000000005036C"
Key added: "\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:00000000000602A2"
Key deleted: "\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:0000000000070034"
Key added: "\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:00000000000702A2"
Key added: "\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:0000000000070380"
Key added: "\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:000000000007040E"
Key added: "\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:000000000007042E"
Key added: "\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:00000000000802A2"
Key added: "\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:00000000000D038E"
Key added: "\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:00000000000E0322"
Key deleted: "\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved"
Key deleted: "\Software\Microsoft\Windows\CurrentVersion\Explorer\TypedPaths"
Value "HRZR_PGYFRFFVBA" changed in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count"
Value "P:\Hfref\grfg\NccQngn\Ybpny\Grzc\ve_rkg_grzc_0\nhgbeha.rkr" deleted in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count"
Value "P:\Hfref\grfg\NccQngn\Ybpny\Grzc\ve_rkg_grzc_1\nhgbeha.rkr" deleted in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count"
Value "P:\Hfref\grfg\Qrfxgbc\Ertfubg2\Jva_Gbbyxvg.rkr" deleted in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count"
Value "Zvpebfbsg.Jvaqbjf.FrpUrnyguHV_pj5a1u2gklrjl!FrpUrnyguHV" deleted in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count"
Value "Zvpebfbsg.Jvaqbjf.FuryyRkcrevraprUbfg_pj5a1u2gklrjl!Ncc" changed in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count"
Value "Zvpebfbsg.Jvaqbjf.Pbegnan_pj5a1u2gklrjl!PbegnanHV" changed in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count"
Value "Zvpebfbsg.Jvaqbjf.Rkcybere" changed in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count"
Value "Zvpebfbsg.NhgbTrarengrq.{923QQ477-5846-686O-N659-0SPPQ73851N8}" deleted in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count"
Value "{7P5N40RS-N0SO-4OSP-874N-P0S2R0O9SN8R}\FclZr Gbbyf\FclZrGbbyf.rkr" changed in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count"
Value "{Q65231O0-O2S1-4857-N4PR-N8R7P6RN7Q27}\pzq.rkr" deleted in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count"
Value "HRZR_PGYFRFFVBA" changed in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count"
Value "{9R3995NO-1S9P-4S13-O827-48O24O6P7174}\GnfxOne\Svyr Rkcybere.yax" changed in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count"
Key deleted: "\Software\Microsoft\Windows\CurrentVersion\RunOnce"
Value "InstalledWin32AppsRevision" changed in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Search"
Value "LatestConstraintIndexFolder" changed in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Search\Microsoft.Windows.Cortana_cw5n1h2txyewy\AppsConstraintIndex"
Value "MessageTime" deleted in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Security and Maintenance"
Value "CheckSetting" changed in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Security and Maintenance\Checks\{C8E6F269-B90A-4053-A3BE-499AFCEC98C4}.check.0"
Value "CheckSetting" deleted in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Security and Maintenance\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.100"
Value "CheckSetting" changed in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Security and Maintenance\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.102"
Value "{40DD6E20-7C17-11CE-A804-00AA003CA9F6} {000214FC-0000-0000-C000-000000000046} 0xFFFF" deleted in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached"
Value "{888DCA60-FC0A-11CF-8F0F-00C04FD7D062} {00000122-0000-0000-C000-000000000046} 0xFFFF" deleted in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached"
Value "{9343812E-1C37-4A49-A12E-4B2D810D956B} {000214E6-0000-0000-C000-000000000046} 0xFFFF" deleted in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached"
Value "{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE} {00000122-0000-0000-C000-000000000046} 0xFFFF" deleted in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached"
Value "{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE} {00000122-0000-0000-C000-000000000046} 0xFFFF" deleted in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached"
Value "{A38B883C-1682-497E-97B0-0A3A9E801682} {886D8EEB-8CF2-4446-8D02-CDBA1DBDCF99} 0xFFFF" deleted in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached"
Value "{BD472F60-27FA-11CF-B8B4-444553540000} {000214E4-0000-0000-C000-000000000046} 0xFFFF" deleted in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached"
Value "{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} {000214E4-0000-0000-C000-000000000046} 0xFFFF" deleted in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached"
Value "{E2BF9676-5F8F-435C-97EB-11607A5BEDF7} {000214E4-0000-0000-C000-000000000046} 0xFFFF" deleted in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached"
Value "{E2BF9676-5F8F-435C-97EB-11607A5BEDF7} {A08CE4D0-FA25-44AB-B57C-C7B1C323E0B9} 0xFFFF" deleted in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached"
Value "{ECF03A32-103D-11D2-854D-006008059367} {00000122-0000-0000-C000-000000000046} 0xFFFF" deleted in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached"
Key deleted: "\Software\Microsoft\Windows\CurrentVersion\TaskManager"
Value "IconLayouts" changed in "HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Bags\1\Desktop"
Value "Sort" changed in "HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Bags\1\Desktop"
Value "NotShownTime" changed in "HKEY_CURRENT_USER\Software\Microsoft\Windows\Winlogon\PasswordExpiryNotification"
Value "C:\Program Files (x86)\SpyMe Tools\SpyMeTools.exe" deleted in "HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store"
Value "C:\Users\test\Desktop\Regshot2\Win_Toolkit.exe" deleted in "HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store"
Value "D:\Regshot2\spymetools_installer (1).exe" changed in "HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store"
Value "Microsoft.Windows.Apprep.ChxApp_cw5n1h2txyewy!App" added in "HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\HostActivityManager\Volatile"
Value "DP" changed in "HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon"
Value "PUUActive" changed in "HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon"
Key deleted: "\Software\Microsoft\Windows Script Host"
Key added: "\BCD00000000"
Value "00000000" changed in "HKEY_LOCAL_MACHINE\HARDWARE\ACPI\RSDT\ACRSYS\ACRPRDCT\00000000"
Value "Configuration Data" changed in "HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\MultifunctionAdapter\1"
Value ".Raw" changed in "HKEY_LOCAL_MACHINE\HARDWARE\RESOURCEMAP\Hardware Abstraction Layer\ACPI x64 platform"
Value ".Translated" changed in "HKEY_LOCAL_MACHINE\HARDWARE\RESOURCEMAP\Hardware Abstraction Layer\ACPI x64 platform"
Key added: "\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\EPP"
Key added: "\SOFTWARE\Classes\AppID\{2781761E-28E2-4109-99FE-B9D127C57AFE}"
Key added: "\SOFTWARE\Classes\AppID\{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}"
Key added: "\SOFTWARE\Classes\AppID\{FDA74D11-C4A6-4577-9F73-D7CA8586E10D}"
Value "DisplayName" added in "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppUserModelId\Microsoft.Windows.Defender"
Value "CustomActivator" added in "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppUserModelId\Windows.Defender"
Value "DisplayName" added in "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppUserModelId\Windows.Defender"
Value "IconBackgroundColor" added in "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppUserModelId\Windows.Defender"
Value "IconUri" added in "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppUserModelId\Windows.Defender"
Value "(Default)" added in "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2781761E-28E0-4109-99FE-B9D127C57AFE}"
Key added: "\SOFTWARE\Classes\CLSID\{2781761E-28E0-4109-99FE-B9D127C57AFE}\InprocServer32"
Key added: "\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\EPP"
Key added: "\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\EPP"
Key added: "\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\AllUsers\{64B59009-226E-4FBB-AFFB-D7B6695B3842}"
Key added: "\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\AllUsers\{BBDB5823-CC85-4CCC-94A7-B22B06A5BF63}"
Key deleted: "\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\AllUsers\{D0D6F3A8-225E-404D-9FC9-A91973931AF5}"
Key deleted: "\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\AllUsers\{D84FB9EC-01C1-420F-82C6-2FD65371AC2B}"
Key added: "\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1621887801-967696625-3000357664-1001\{223916C1-B8AE-449E-95A0-7160BE436D43}"
Key deleted: "\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1621887801-967696625-3000357664-1001\{66A62278-A77A-4B3D-9B44-D5E577DC2C0F}"
Key deleted: "\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1621887801-967696625-3000357664-1001\{81644187-A79A-45BD-8460-3B5D060E5AC4}"
Key added: "\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1621887801-967696625-3000357664-1001\{B463DE77-5188-4252-8142-C1942DC52379}"
Key added: "\SOFTWARE\Classes\TypeLib\{8C389764-F036-48F2-9AE2-88C260DCF43B}"
Key added: "\SOFTWARE\Classes\WindowsDefender"
Key added: "\SOFTWARE\Classes\WOW6432Node\AppID\{2781761E-28E2-4109-99FE-B9D127C57AFE}"
Key added: "\SOFTWARE\Classes\WOW6432Node\AppID\{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}"
Key added: "\SOFTWARE\Classes\WOW6432Node\AppID\{FDA74D11-C4A6-4577-9F73-D7CA8586E10D}"
Value "(Default)" added in "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{2781761E-28E0-4109-99FE-B9D127C57AFE}"
Key added: "\SOFTWARE\Classes\WOW6432Node\CLSID\{2781761E-28E0-4109-99FE-B9D127C57AFE}\InprocServer32"
Key added: "\SOFTWARE\Classes\WOW6432Node\TypeLib\{8C389764-F036-48F2-9AE2-88C260DCF43B}"
Key added: "\SOFTWARE\Microsoft\Cellular\Sms\Router"
Key added: "\SOFTWARE\Microsoft\Fax"
Key added: "\SOFTWARE\Microsoft\MSDTC\Setup"
Key added: "\SOFTWARE\Microsoft\Phone"
Key added: "\SOFTWARE\Microsoft\Semgr\Private"
Key added: "\SOFTWARE\Microsoft\Terminal Server Client\TrustedGateways"
Key added: "\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\DataStore\S-1-5-21-1621887801-967696625-3000357664-1000"
Key deleted: "\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\ServiceInstances\599b9761-4b69-4145-bb95-a6adf3976225"
Key added: "\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\ServiceInstances\88eb0b6e-ecfd-498f-9ded-3580686f3141"
Value "EndTimeHi" changed in "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\State\Machine\Extension-List\{00000000-0000-0000-0000-000000000000}"
Value "EndTimeLo" changed in "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\State\Machine\Extension-List\{00000000-0000-0000-0000-000000000000}"
Value "StartTimeHi" changed in "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\State\Machine\Extension-List\{00000000-0000-0000-0000-000000000000}"
Value "StartTimeLo" changed in "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\State\Machine\Extension-List\{00000000-0000-0000-0000-000000000000}"
Value "EndTimeHi" changed in "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\State\S-1-5-21-1621887801-967696625-3000357664-1001\Extension-List\{00000000-0000-0000-0000-000000000000}"
Value "EndTimeLo" changed in "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\State\S-1-5-21-1621887801-967696625-3000357664-1001\Extension-List\{00000000-0000-0000-0000-000000000000}"
Value "StartTimeHi" changed in "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\State\S-1-5-21-1621887801-967696625-3000357664-1001\Extension-List\{00000000-0000-0000-0000-000000000000}"
Value "StartTimeLo" changed in "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\State\S-1-5-21-1621887801-967696625-3000357664-1001\Extension-List\{00000000-0000-0000-0000-000000000000}"
Key added: "\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Attachments"
Key added: "\SOFTWARE\Microsoft\Windows\CurrentVersion\PushNotifications\Applications\Windows.Defender"
Key added: "\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\PnpLockdownFiles"
Key added: "\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\PnpResources"
Key added: "\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\CertMapping"
Key added: "\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Listener"
Key added: "\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin"
Key added: "\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Service"
Key added: "\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MsMpEng.exe"
Key added: "\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList"
Key added: "\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\Aliases"
Key added: "\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter"
Key added: "\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache"
Key added: "\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SRUM\Extensions"
Key added: "\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SRUM\Parameters"
Key added: "\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SRUM\Telemetry"
Value "ElapsedRunTime" changed in "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex"
Value "NewClientID" changed in "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex"
Value "LastCrawlId" changed in "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\StartPages\0"
Value "LastCrawlSuccesses" changed in "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\StartPages\0"
Value "LastCrawlExcluded" changed in "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\StartPages\1"
Value "LastCrawlSuccesses" changed in "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\StartPages\1"
Key added: "\SOFTWARE\Microsoft\Windows Search\Tracing"
Value "{05CD261D-D653-4019-AEDE-6E58A6F0E8E9}" changed in "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Search\UsnNotifier\Windows\Catalogs\SystemIndex"
Key deleted: "\SOFTWARE\Microsoft\Windows Search\WindowsRuntime"
Key added: "\SOFTWARE\Microsoft\WindowsRuntime"
Key added: "\SOFTWARE\Microsoft\WSDAPI\Reporting"
Key deleted: "\SOFTWARE\Microsoft\ODBC"
Key added: "\SOFTWARE\ODBC"
Key added: "\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy"
Key deleted: "\SOFTWARE\SYSTEM"
Key deleted: "\(X  €     .DEFAULT   Console    
Control Panel  	 
Accessibility   Blind Access
 On
   0   HighContrast Flags
   1"