SecondWrite DeepView - f34d7021989b1e9ccf9551d3d850f6105c337f7c9d5674d20a449a89f6cf6548

100

Malicious

This predictive confidence of maliciousness for this sample is 100%.

f34d7021989b1e9ccf9551d3d850f6105c337f7c9d5674d20a449a89f6cf6548

828.0 kB

Size

2020-07-29 01:57:04

First seen 8 days ago

Windows PE32 Executable

Classification

Full Detail

Ransomware

Low

Trojan

High

Virus

Low

Banker

Low

Bot

High

Rat

Low

Adware

Low

Infostealer

Medium

Worm

Low

Spyware

Low

Indicators

Expand All

DeepView™ Indicators

Forced Code Execution

Automatic Sequence Detection

Program Level Indicators

Anti-Analysis

Attempts to repeatedly call a single API many times in order to delay analysis time

Anti-Sandbox

Checks whether any human activity is being performed by constantly checking whether the foreground window changed

A process attempted to delay the analysis task.

Anti-Vm

Checks amount of memory in system, this can be used to detect virtual machines that have a low amount of memory available

PID	API	Arguments
2336	GlobalMemoryStatusEx	N/A

Checks adapter addresses which can be used to detect virtual network interfaces

PID	API	Arguments
2336	GetAdaptersAddresses	flags: 0 family: 0
2336	GetAdaptersAddresses	flags: 0 family: 0

Av-Tools

This sample is detected by clamav as: Win.Packer.Trickbot-6683856-3

One or more AV tool detects this sample as malicious: Trojan:Win32/TrickBot.I

Browser

Attempts to modify proxy settings

Generic

This executable is signed

This executable has a PDB path

One or more potentially interesting buffers were extracted, these generally contain injected code, configuration data, etc.

Expresses interest in specific running processes

Hooking

Installs an hook procedure to monitor for mouse events

PID	API	Arguments
2672	SetWindowsHookExW	thread_identifier: 2676 callback_function: 0x766a3e83 hook_identifier: 7 module_address: 0x00000000

Http

Performs some HTTP requests

HTTP traffic contains suspicious features which may be indicative of malware related traffic

Infostealer

Sniffs keystrokes

Martians

Internet Explorer creates one or more martian processes

Network

Performs some DNS requests

Connects to IP address(es) that are no longer responding to requests (legitimate services will remain up-and-running usually)

Attempts to connect to dead IP:Port(s)

Network activity contains more than one unique useragent.

Packer

Allocates read-write-execute memory (usually to unpack itself)

PID	API	Arguments
2336	NtAllocateVirtualMemory	process_identifier: 2336 region_size: 1900544 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 base_address: 0x0e910000 allocation_type: 8192 process_handle: 0xffffffff
2336	NtAllocateVirtualMemory	process_identifier: 2336 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 base_address: 0x0eaa0000 allocation_type: 4096 process_handle: 0xffffffff

Persistence

Creates an Alternate Data Stream (ADS)

Installs itself for autorun at Windows startup

Pos

Creates known Dexter registry keys and/or mutexes

Program-Level-Features

More than %50 of the external calls do not go through the import address table

Recon

Collects information to fingerprint the system (MachineGuid, DigitalProductId, SystemBiosDate)

Static

Anomalous binary characteristics

Executable reports it was created by Microsoft Corporation

Strings possibly contain hardcoded URLs

Unusual version info supplied for binary

Yara

Yara Pattern Name	Description
Str_Win32_Wininet_Library	Match Windows Inet API library declaration
spyeye	SpyEye X.Y memory
IsPE32	No Description Available
HasOverlay	Overlay Check
HasDigitalSignature	DigitalSignature Check
HasDebugData	DebugData Check
HasRichSignature	Rich Signature Check
anti_dbg	Checks if being debugged
disable_dep	Bypass DEP
escalate_priv	Escalade priviledges
screenshot	Take screenshot
win_registry	Affect system registries
win_token	Affect system token
win_files_operation	Affect private profile
Advapi_Hash_API	Looks for advapi API functions

Static Analysis

Version Infos

LegalCopyright:: \xc2\xa9 Microsoft Corporation. All rights reserved.
InternalName:: setup.exe
FileVersion:: 11.0.60315.1 built by: Q11REL
CompanyName:
ProductName:
ProductVersion:: 11.0.60315.1
FileDescription:: Setup
OriginalFilename:: setup.exe
Translation:: 0x0409 0x04b0

Sections

Name	Virtual Address	Virtual Size	Size of Raw Data	Entropy
.text	0x00001000	0x00050938	0x00050a00	6.37310729568
.data	0x00052000	0x00004564	0x00002000	3.7782392076
.idata	0x00057000	0x00001528	0x00001600	5.4112995152
.rsrc	0x00059000	0x0000a3a8	0x0000a400	3.97025169423
.reloc	0x00064000	0x00006604	0x00006800	4.33795978342

Resources

Name	Offset	Size	Language	Sub-language	File type
RT_ICON	0x0005f530	0x00000468	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_ICON	0x0005f530	0x00000468	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_ICON	0x0005f530	0x00000468	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_ICON	0x0005f530	0x00000468	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_ICON	0x0005f530	0x00000468	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_ICON	0x0005f530	0x00000468	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_ICON	0x0005f530	0x00000468	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_ICON	0x0005f530	0x00000468	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_ICON	0x0005f530	0x00000468	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_ICON	0x0005f530	0x00000468	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_ICON	0x0005f530	0x00000468	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_ICON	0x0005f530	0x00000468	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_DIALOG	0x0005fbdc	0x000001a4	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_DIALOG	0x0005fbdc	0x000001a4	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_DIALOG	0x0005fbdc	0x000001a4	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_GROUP_ICON	0x0005fddc	0x0000005a	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_GROUP_ICON	0x0005fddc	0x0000005a	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_VERSION	0x0005fe38	0x000002dc	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_MANIFEST	0x00060114	0x0000044a	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
None	0x000605ac	0x0000003c	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x000605ac	0x0000003c	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x000605ac	0x0000003c	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x000605e8	0x000001b2	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x0006318c	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x00063194	0x00000004	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x000631a4	0x00000202	LANG_NEUTRAL	SUBLANG_NEUTRAL	None
None	0x000631a4	0x00000202	LANG_NEUTRAL	SUBLANG_NEUTRAL	None

Imports

Library KERNEL32.dll:

BeginUpdateResourceA
BeginUpdateResourceW
CloseHandle
CompareStringW
CopyFileW
CreateDirectoryW
CreateEventW
CreateFileA
CreateFileW
CreateThread
CreateToolhelp32Snapshot
DeleteCriticalSection
DeleteFileA
DeleteFileW
EndUpdateResourceW
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
ExpandEnvironmentStringsW
FindClose
FindFirstFileW
FindNextFileW
FindResourceA
FindResourceW
FlushFileBuffers
FormatMessageW
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetCPInfo
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatW
GetDiskFreeSpaceExW
GetEnvironmentStringsW
GetEnvironmentVariableA
GetEnvironmentVariableW
GetExitCodeProcess
GetFileAttributesW
GetFileType
GetLastError
GetLocaleInfoW
GetModuleFileNameW
GetModuleHandleExW
GetModuleHandleW
GetNativeSystemInfo
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemDirectoryW
GetSystemInfo
GetSystemTimeAsFileTime
GetTempFileNameW
GetTempPathW
GetTickCount
GetTimeFormatW
GetUserDefaultLCID
GetVersion
GetVersionExW
GetWindowsDirectoryW
GlobalAlloc
GlobalFree
HeapAlloc
HeapFree
HeapReAlloc
HeapSetInformation
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
LCMapStringW
LeaveCriticalSection
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LoadResource
LocalFree
LockResource
lstrlenA
lstrlenW
MulDiv
MultiByteToWideChar
OpenProcess
OutputDebugStringW
Process32FirstW
Process32NextW
QueryPerformanceCounter
RaiseException
ReadConsoleW
ReadFile
RtlUnwind
SetEndOfFile
SetEvent
SetFilePointer
SetFilePointerEx
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
SizeofResource
Sleep
SwitchToThread
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UpdateResourceA
UpdateResourceW
WaitForSingleObject
WideCharToMultiByte
WriteConsoleW
WriteFile

Library GDI32.dll:

CreateCompatibleDC
CreateFontIndirectW
DeleteDC
DeleteObject
EnumFontFamiliesExW
GetDeviceCaps
GetObjectW
GetStockObject
GetTextExtentPoint32W
GetTextMetricsW
SelectObject

Library ole32.dll:

CoInitialize
CoUninitialize

Library Secur32.dll:

GetComputerObjectNameW

Library SHELL32.dll:

ShellExecuteA
ShellExecuteExW
ShellExecuteW
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation

Library USER32.dll:

CreateDialogIndirectParamW
CreateDialogParamW
DestroyWindow
DispatchMessageW
DrawTextW
EnableWindow
ExitWindowsEx
GetClientRect
GetDC
GetDialogBaseUnits
GetDlgItem
GetFocus
GetSystemMetrics
GetWindowRect
IsDialogMessageW
LoadCursorW
LoadIconW
LoadImageW
MessageBoxA
MessageBoxW
MoveWindow
MsgWaitForMultipleObjects
PeekMessageW
ReleaseDC
ScreenToClient
SendDlgItemMessageW
SendMessageA
SendMessageW
SetClassLongW
SetCursor
SetDlgItemTextW
SetFocus
SetForegroundWindow
SetWindowTextW
ShowScrollBar
ShowWindow
SystemParametersInfoW
TranslateMessage

Library CRYPT32.dll:

CertFreeCertificateChain
CertGetCertificateChain
CertVerifyCertificateChainPolicy

Library WININET.dll:

InternetCombineUrlW
InternetCrackUrlW

Library msi.dll:

None
None
None
None

Exports

Ordinal	Address	Name
1	0x41c9b1	_DecodePointerInternal@4
2	0x41c9cc	_EncodePointerInternal@4

Strings

!This program cannot be run in DOS mode.
`.data
.idata
@.rsrc
@.reloc
invalid string position
string too long
InstallSolution
LaunchApplication
CertCompareCertificate
CertFreeCertificateContext
vector<T> too long
CLRCreateInstance
GetRequestedRuntimeInfo
LoadLibraryShim
CreateAssemblyCache
CreateAssemblyNameObject
MsiQueryProductStateW
MsiQueryFeatureStateW
invalid map/set<T> iterator
list<T> too long
bad locale name
generic
unknown error
iostream
iostream stream error
ios_base::badbit set
ios_base::failbit set
ios_base::eofbit set
bad cast
deque<T> too long
map/set<T> too long
raB3GA
EncodePointer
DecodePointer
URLDownloadToFileW
URLDownloadToCacheFileW
IsUserAnAdmin
CheckTokenMembership
GetNativeSystemInfo
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
SHGetFolderPathW
WinVerifyTrust
WTHelperProvDataFromStateData
WTHelperGetProvSignerFromChain
WTHelperGetProvCertFromChain
CertDuplicateCertificateContext
SetProcessDEPPolicy
system
ADVAPI32.dll
bad allocation
Unknown exception
CorExitProcess
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
InitializeCriticalSectionEx
CreateSemaphoreExW
SetThreadStackGuarantee
CreateThreadpoolTimer
SetThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer
CreateThreadpoolWait
SetThreadpoolWait
CloseThreadpoolWait
FlushProcessWriteBuffers
FreeLibraryWhenCallbackReturns
GetCurrentProcessorNumber
GetLogicalProcessorInformation
CreateSymbolicLinkW
SetDefaultDllDirectories
EnumSystemLocalesEx
CompareStringEx
GetDateFormatEx
GetLocaleInfoEx
GetTimeFormatEx
GetUserDefaultLocaleName
IsValidLocaleName
LCMapStringEx
GetCurrentPackageId
Sunday
Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
January
February
August
September
October
November
December
MM/dd/yy
dddd, MMMM dd, yyyy
HH:mm:ss
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
bad exception
(null)
`h````
xpxxxx
!"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~
MessageBoxW
GetActiveWindow
GetLastActivePopup
GetUserObjectInformationW
GetProcessWindowStation
__based(
__cdecl
__pascal
__stdcall
__thiscall
__fastcall
__clrcall
__eabi
__ptr64
__restrict
__unaligned
restrict(
delete
operator
`vftable'
`vbtable'
`vcall'
`typeof'
`local static guard'
`string'
`vbase destructor'
`vector deleting destructor'
`default constructor closure'
`scalar deleting destructor'
`vector constructor iterator'
`vector destructor iterator'
`vector vbase constructor iterator'
`virtual displacement map'
`eh vector constructor iterator'
`eh vector destructor iterator'
`eh vector vbase constructor iterator'
`copy constructor closure'
`udt returning'
`local vftable'
`local vftable constructor closure'
new[]
delete[]
`omni callsig'
`placement delete closure'
`placement delete[] closure'
`managed vector constructor iterator'
`managed vector destructor iterator'
`eh vector copy constructor iterator'
`eh vector vbase copy constructor iterator'
`dynamic initializer for '
`dynamic atexit destructor for '
`vector copy constructor iterator'
`vector vbase copy constructor iterator'
`managed vector copy constructor iterator'
`local static thread guard'
Type Descriptor'
Base Class Descriptor at (
Base Class Array'
Class Hierarchy Descriptor'
Complete Object Locator'
`h`hhh
xppwpp
1#SNAN
1#QNAN
permission denied
file exists
no such device
filename too long
device or resource busy
io error
directory not empty
invalid argument
no space on device
no such file or directory
function not supported
no lock available
not enough memory
resource unavailable try again
cross device link
operation canceled
too many files open
permission_denied
address_in_use
address_not_available
address_family_not_supported
connection_already_in_progress
bad_file_descriptor
connection_aborted
connection_refused
connection_reset
destination_address_required
bad_address
host_unreachable
operation_in_progress
interrupted
invalid_argument
already_connected
too_many_files_open
message_size
filename_too_long
network_down
network_reset
network_unreachable
no_buffer_space
no_protocol_option
not_connected
not_a_socket
operation_not_supported
protocol_not_supported
wrong_protocol_type
timed_out
operation_would_block
address family not supported
address in use
address not available
already connected
argument list too long
argument out of domain
bad address
bad file descriptor
bad message
broken pipe
connection aborted
connection already in progress
connection refused
connection reset
destination address required
executable format error
file too large
host unreachable
identifier removed
illegal byte sequence
inappropriate io control operation
invalid seek
is a directory
message size
network down
network reset
network unreachable
no buffer space
no child process
no link
no message available
no message
no protocol option
no stream resources
no such device or address
no such process
not a directory
not a socket
not a stream
not connected
not supported
operation in progress
operation not permitted
operation not supported
operation would block
owner dead
protocol error
protocol not supported
read only file system
resource deadlock would occur
result out of range
state not recoverable
stream timeout
text file busy
timed out
too many files open in system
too many links
too many symbolic link levels
value too large
wrong protocol type
0123456789abcdefghijklmnopqrstuvwxyz
0123456789abcdefghijklmnopqrstuvwxyz
0123456789abcdefABCDEF
VSD_FORCE_ANSI
0123456789abcdef
Aacute
Agrave
Atilde
Ccedil
Eacute
Egrave
Iacute
Igrave
Ntilde
Oacute
Ograve
Oslash
Otilde
Uacute
Ugrave
Yacute
aacute
agrave
atilde
ccedil
eacute
egrave
iacute
igrave
ntilde
oacute
ograve
oslash
otilde
uacute
ugrave
yacute
%%%02x
COMCTL32.dll
VERSION.dll
UUUUUUT
TUUUUU*
PUUUUUU
@??
JJVVVVdd
UTF-16LE
UNICODE
_hypot
_nextafter
SunMonTueWedThuFriSat
JanFebMarAprMayJunJulAugSepOctNovDec
CreateFile2
setup.pdb
VL!VdPh
FLPh|&@
VL!VdPh
9Wlu%h
u#hH(@
QPh8*@
u-j,[j
VHt/Ht%Ht
wtVh8-@
wxVhh-@
YPhp/@
?WhP0@
;0u)9E
ItxIt6I
YYHt9Ht.Ht
YYHt+Ht
YYHt.Ht
YPhp/@
6PVhH5@
6PVh04@
RQVPhx7@
~,9~$t
tG9uCj
tC97u?j4
tC97u?j
tO9uKjD
tG9uCj
tZ9uVj
PWh,8@
PWh48@
;0u)9E
s#9>w+>
s?9>w;+>j
Pj4XPh
u7h(<@
YPh =@
YPh0=@
GdPh >@
G`PSWh2
PVh$?@
SPhX?@
;0u)9E
t=Ht3Ht)Ht
tBh4>@
v?h(D@
tphXD@
;0u)9E
;0u)9E
s79>w3+>S
F$Ph`F@
t+Ht!Ht
u,h8F@
YPh0I@
YPhLI@
QPhhI@
PQQQQQQ
YPh@:@
HtZHtCHt,H
SSShhJ@
YY90tJj
YY90tJj
QPh8[@
Ht-Ht#Ht
t[h`\@
YPh`\@
YPht\@
j/[j\^h
PQQQQQQh
t0Hu)j
sh,e@
SVWjA_jZ+
uBjAYjZ+
QQSVWd
uHjAXf;
PPPPPPPP
SVjA[jZ^+
jAZjZ^+
9E v_PW
9u(vAVS
~pjCXf
j@j _W
QQSVWh
j"_f9y
VWh(<@
thpx@
t6hH!E
Genuu_
ineIuV
nteluM3
tyPVj@W
_tcPVj@
u#j,Xf;
>Cu/f9F
HtHu4j
xy;54UE
~';_t|%3
PP9E u
,SVWj0X
Wj0XPV
htHjlY;
HHtXHHt
nt'joY;
YYjgXf9
>0t<Nj0X
URPQQh
<0|o<9
G Pj*S
G$Pj+S
G(Pj,S
G,Pj-S
G0Pj.S
G4Pj/S
G8PjDS
G<PjES
G@PjFS
GDPjGS
GHPjHS
GLPjIS
GPPjJS
GTPjKS
GXPjLS
G\PjMS
G`PjNS
GdPjOS
GhPj8S
GlPj9S
GpPj:S
GtPj;S
GxPj<S
G|Pj=S
Yu2Vj@h
jA[jZZ+
;t$,v-
UQPXY]Y[
t VV9u
HHtVHHt
+tHHt
+t"HHt
HAO8t
RVSQSWV
tHHt*Ht#
Ht+Ht$Ht
HtHHt
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
AllocateAndInitializeSid
FreeSid
CryptAcquireContextW
CryptReleaseContext
CryptGetHashParam
CryptCreateHash
CryptHashData
CryptDestroyHash
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW
RegCreateKeyExW
RegEnumValueW
RegQueryInfoKeyW
RegSetValueExW
RegCreateKeyExA
RegEnumValueA
RegOpenKeyExA
RegQueryInfoKeyA
RegQueryValueExA
RegSetValueExA
setup.exe
_DecodePointerInternal@4
_EncodePointerInternal@4
.?AVError@@
.?AVruntime_error@std@@
.?AVexception@std@@
.?AVfailure@ios_base@std@@
.?AVsystem_error@std@@
.?AVbad_cast@std@@
.?AVbad_alloc@std@@
.?AVtype_info@@
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
.?AVbad_exception@std@@
.?AVlogic_error@std@@
.?AVlength_error@std@@
.?AVout_of_range@std@@
.?AVerror_category@std@@
.?AV_Generic_error_category@std@@
.?AV_Iostream_error_category@std@@
.?AV_System_error_category@std@@
.?AV_Facet_base@std@@
.?AV_Locimp@locale@std@@
.?AVfacet@locale@std@@
Copyright (c) 1992-2004 by P.J. Plauger, licensed by Dinkumware, Ltd. ALL RIGHTS RESERVED.
.?AVcodecvt_base@std@@
.?AUctype_base@std@@
.?AV?$ctype@D@std@@
.?AV?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@
.?AV?$numpunct@D@std@@
.?AV?$codecvt@DDH@std@@
.?AV?$codecvt@GDH@std@@
.?AV?$ctype@G@std@@
.?AV_com_error@@
WriteFile
CloseHandle
GetLastError
WaitForSingleObject
FreeLibrary
GetProcAddress
FindClose
FindFirstFileW
FindNextFileW
InterlockedExchange
InterlockedCompareExchange
SwitchToThread
LoadLibraryW
GetExitCodeProcess
GetTickCount
MulDiv
lstrlenW
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateThread
DeleteCriticalSection
CreateFileW
GetDiskFreeSpaceExW
SetFilePointer
HeapSetInformation
GetCurrentProcessId
OpenProcess
GetNativeSystemInfo
EndUpdateResourceW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
SetEvent
CreateEventW
LoadResource
LockResource
SizeofResource
FindResourceW
GetEnvironmentVariableW
ExpandEnvironmentStringsW
CreateDirectoryW
DeleteFileW
GetFileAttributesW
GetTempFileNameW
ReadFile
GetTempPathW
GetCurrentProcess
GetSystemInfo
GetSystemDirectoryW
GetWindowsDirectoryW
GetVersionExW
GetModuleFileNameW
GlobalAlloc
GlobalFree
LocalFree
FormatMessageW
CopyFileW
GetDateFormatW
GetTimeFormatW
CompareStringW
WideCharToMultiByte
GetVersion
GetModuleHandleW
KERNEL32.dll
CreateCompatibleDC
DeleteDC
GetDeviceCaps
GetTextExtentPoint32W
SelectObject
GetTextMetricsW
GetObjectW
CreateFontIndirectW
DeleteObject
EnumFontFamiliesExW
GetStockObject
GDI32.dll
CoUninitialize
CoInitialize
ole32.dll
GetComputerObjectNameW
Secur32.dll
ShellExecuteExW
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteW
ShellExecuteA
SHELL32.dll
GetDialogBaseUnits
GetSystemMetrics
DrawTextW
ReleaseDC
MessageBoxW
ExitWindowsEx
TranslateMessage
DispatchMessageW
PeekMessageW
SendMessageA
SendMessageW
DestroyWindow
ShowWindow
MoveWindow
CreateDialogParamW
CreateDialogIndirectParamW
GetDlgItem
SetDlgItemTextW
SendDlgItemMessageW
SetFocus
GetFocus
MsgWaitForMultipleObjects
EnableWindow
SetForegroundWindow
ShowScrollBar
SetWindowTextW
GetClientRect
GetWindowRect
SetCursor
ScreenToClient
SetClassLongW
LoadCursorW
LoadIconW
LoadImageW
IsDialogMessageW
SystemParametersInfoW
MessageBoxA
USER32.dll
CertGetCertificateChain
CertFreeCertificateChain
CertVerifyCertificateChainPolicy
CRYPT32.dll
InternetCrackUrlW
InternetCombineUrlW
WININET.dll
msi.dll
RaiseException
LoadLibraryExA
GetCommandLineW
RtlUnwind
InterlockedDecrement
GetCPInfo
HeapFree
SetLastError
InterlockedIncrement
GetCurrentThreadId
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
GetStdHandle
GetProcessHeap
GetFileType
InitializeCriticalSectionAndSpinCount
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
HeapAlloc
IsProcessorFeaturePresent
IsDebuggerPresent
IsValidCodePage
GetACP
GetOEMCP
HeapSize
GetStringTypeW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
LoadLibraryExW
OutputDebugStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
LCMapStringW
HeapReAlloc
SetStdHandle
WriteConsoleW
ReadConsoleW
GetEnvironmentVariableA
BeginUpdateResourceW
UpdateResourceW
CreateFileA
DeleteFileA
lstrlenA
FindResourceA
BeginUpdateResourceA
UpdateResourceA
SetEndOfFile
wwwwww
wwwwwww
wwwwwwww
wwwwwwwx
wwwwwww
wwwwwwww
wwwwwwww
wwwwwww
wwwwwx
wwwwwww
wwwwwww
wwwwwww
wwwwwwx
wwwwww
wwwwwww
wwwwww
wwwwwwwwww
wwwwwwwwww
wwwwwwwwww
wwwwwww
wwwwwww
wwwwww
<?xml version="1.0" encoding="utf-8" ?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity
version="1.0.0.0"
processorArchitecture="X86"
name="Setup"
type="win32"
<description>Installer</description>
<dependency>
<dependentAssembly>
<assemblyIdentity name="Microsoft.Windows.Common-Controls" version="6.0.0.0" processorArchitecture="X86" publicKeyToken="6595b64144ccf1df" language="*" type="win32"/>
</dependentAssembly>
</dependency>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
<security>
<requestedPrivileges>
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
<compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1">
<application>
<supportedOS Id="{e2011457-1546-43c5-a5fe-008deee3d3f0}"/>
<supportedOS Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}"/>
</application>
</compatibility>
</assembly>PAh
PAPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGX
0 0$0(0,00040@0D0H0L0P0T0`0d0h0
8 8$8(8,80848
1 1$1L1P1t1x1
3<3@3h3l3
9(9,909<9@9D9H9L9P9T9X9\9`9d9h9l9p9t9x9|9
9D:H:L:P:T:X:\:`:d:h:l:p:t:x:|:
; ;$;(;,;0;4;8;<;@;D;H;h>l>p>t>x>|>
8<<<@<D<
5,?4?<?D?L?T?\?d?l?t?|?
d3h3l3p3
7 7$7(7,7074787<7@7D7h8l8p8t8x8|8
2(242@2L2X2d2p2|2
3$303<3H3T3`3l3x3
4 4,484D4P4\4h4t4
4P<\<h<t<
=(=4=@=L=X=T?\?d?l?t?|?
0$0,040<0D0L0T0\0d0l0t0|0
1$1,141<1D1L1T1\1d1l1t1|1
2$2,242<2D2L2T2\2d2l2t2|2
3$3,343<3D3L3T3\3d3l3t3|3
4$4,444<4D4L4T4\4d4l4t4|4
5$5,545<5D5L5T5\5d5l5t5|5
6$6,646<6D6L6T6\6d6l6p6x6
7 7(70787@7H7P7X7`7h7p7x7
8 8(80888@8H8P8X8`8h8p8x8
9 9(90989@9H9P9X9`9h9p9x9
: :(:0:8:@:H:P:X:`:h:p:x:
; ;(;0;8;@;H;P;X;`;h;p;x;
< <(<0<8<@<H<P<X<`<h<p<x<
= =(=0=8=@=H=P=X=`=h=p=x=
0 0$0(0,0004080<0@0D0H0L0P0T0X0\0`0d0h0l0p0t0x0|0
1 1$1(1,1014181<1@1D1
8 8$8(8,8084888<8@8D8H8L8\8d8l8t8|8
9$9,949<9D9L9T9\9d9l9t9|9
:$:,:4:<:D:L:T:\:d:l:t:|:
;$;,;4;<;D;L;T;\;d;l;t;|;
<$<,<4<<<D<L<T<\<d<l<t<|<
7 7$7(7,7074787<7@7D7H7L7P7T7X7`7d7h7l7p7t7x7|7
6,60686P6`6d6t6x6
7 7$7(707H7X7\7l7p7t7x7
848D8H8X8\8d8|8
9(9,9<9@9D9H9P9h9x9|9
:,:0:4:H:L:P:T:\:t:
;(;,;0;4;<;T;d;h;x;|;
< <$<(<,<4<L<\<`<p<t<x<|<
5}5A6^6{6
6 7D7e7z7
8%848>8n8
9#9L9W9]9l9
;:<?<K<Y<p<v<
<M=f=l=
>!?2?n?
2Y3"4E4
6+7P7]7l7
8#8=8^8}8
9F:L:{:
;(;F;v;
=Q=Z=d=
? ?,?J?P?
1/242@2
61686?6K6u6{6
98;Z;_;k;
>6><>E>J>P>f>w>
2 2&282G2U2[2x2
2N3p3v3|3
45&5-545;5B5o5
5@6F6b6g6s6
7>7C7O7j7p7
9-:<:B:R:W:c:
;k<S=]=>
5+5D5Y5q5
;L<T<Z<>=c=s=y=
> >,>?>G>
(0.0]0d0s0y0
6"6b6}6
888Q8\8g8r8}8
0,1B1u1
13282D2u2
2:3I3b3n3
3"4-484
9;9V9]9~9
:#:B:]:d:
;&;K;p;
<7=@=\=b=q=z=
0&2_2Q3
3'444F4k4
5%5Y5f5x5
666N6W6
6$717C7y7
8!9L9f9m9
;"<1<>=J=e=
0I0y0
1)1I1f1~1
4%5G5N5
6$7.7~758L8
89h9Z<
2K3Q3v3
5!5f5n5Q6W6
2(2>2[2
8M8|899r9z9
90;=;Z<+=J=i=
>(>F>R>p>|>
1D2^2p2|2
424j5r5
5!6'6\6
6'797G7
7)8S8f8
5E6[6Y7_7
8z9V:d;
5!5(5/565=5D5W5,6k6
;e<t<^=r=)>
2=2D2J2T2g2
253O3i3n3.4
<!<'<C<H<O<V<]<d<k<r<y<
0T0p0v0
1(1C1I1
2"2N2T2_2r2N3T3g3o3
;3<8<c<h<
>">'>@>`>e>
? ?2?I?f?l?w?
4?5M5r5
6/666=6D6
9%9R9w9
3N4;5H5V5
7C7W7]7/8
87;e;y;
2E2K2f3
8d9j9p:*;
131i1x1
464P4U5
5'5,5O6!747W7p7
99N9q9
1!1Y1z1
2B2]2p2
4434J4l4
4 545@5[5g5
6 7M7a7q7
8 868I8
:3:9:G:
;?;`;{;
;.<=<T<[<w<
>*?1?h?
1!2;2U2
2?3^3l3
8)8A8N8q8
;9;V;[;c;n;
;8<N<y<
0&1/1=1e1
1J2X2_2o2
9:5:X:
;*;1;D;R;
=$=/=:=E=z=
>4>H>T>^>s>
1M2m2x2
43484D4V4[4c4q4
5&565@5O5T5`5q5x5~5
:3;G;U;o;
0B0n0T1
:\:a:m:
;'<=<K<U<r<
24293R3Y3d3i3z3
6G6P6o6
8$8O8a8l8q8
949U9`9f9x9
>%>,>0>4>8><>@>D>H>
?0?7?<?@?D?e?
.04080<0@0
;!<G<e<l<p<t<x<|<
<J=U=p=w=|=
> >$>n>t>x>|>
1'1l1s1{1
9A:H:j:q:
4&545u5}5N6
7$757C7N7V7c7m7
;M<c<m<w<
=<=^=t=
=7>F>N>]>z>
2!3'3P3k3
5Y5a5t5
7 7+7N7S7_7d7
9$9.9\9o9
9':<:B:z:
;3;Q;t;z;
> ?*?s?
010=0L0U0b0
011@1F1V1^1d1s1}1
2!292J2P2V2]2f2k2q2y2~2
3$3)3/373<3B3J3O3U3]3b3h3p3u3z3
4 4&4.43494A4F4L4T4Y4_4g4l4r4z4
6$6;6Y6
737J7Y7
8)838E8O8q8|8
9-:8:>:
<!=3=l=
=">)>0>7>R>^>h>u>
2)2@2Z2u2~2
243j3}3
4&5:5j5s5}5
<!<,<7<?<
<9=Y=p=
334:4M4
5 505@5P5Y5
<#>->8>
9*9F9b9h9
=0o0~0
6L6U6}6
8)8\8k8r8
3u4C7I7O7/8Q9f9
1!4%4)4-4145494=4
657:7y7~7
:!:':/:8:?:G:P:b:z:
;U;a;l<
=,=>=P=b=t=
1G1Y1k1}1
1!303y3
031I1U1[1v1{1
757V7b7~7
8-8=8k8
8.9>9W9y9
:+:=:b:i:
><>P>o>|>
415I5y5
;3;9;X;^;
<)?-?1?5?9?=?A?E?
3Z4`4n4}4
?*?V?i?o?y?
3,3L4r4b5s5
8<8G8\8b8
;*;1;6;H;O;T;f;m;r;
<!<&<8<?<D<V<]<b<k<x<
7"787U7
8:8J8\8|8
=!>`>|>
4#404?4D4O4T4_4
9+:5:?:I:S:]:g:q:{:
5C5s5&607R7]7
101F1\1d1
9-959E9V9m9r9x9
:I<]=k=
3>4E4{4
1$2?2d2
5/5R5x5
9*9E9z9
9$:G:t:
?)?R?m?
4(5C5f5
7M7W7c7o7{7
8$8,888@8I8O8U8\8g8k8q8|8
9<9P9X9d9
:$:,:4:<:H:h:p:x:
;,;L;T;\;d;l;t;|;
<(<0<8<@<H<P<X<`<h<t<
=$=,=4=@=d=
>0>8>D>h>
? ?(?0?8?@?L?l?t?|?
0 0,0L0X0x0
101<1\1h1
2 2@2H2P2\2|2
3$3,343<3D3L3T3\3d3l3t3|3
4,484X4`4h4p4x4
5@5L5T5l5x5
646H6P6l6t6
7$7,7D7L7T7`7
8,888X8`8l8
9<9D9L9X9x9
:$:,:4:<:H:h:p:x:
;8;D;d;l;t;
<4<@<`<l<
=(=P=t=
><>`>l>t>
? ?4?<?D?L?P?X?l?t?|?
0<0H0P0p0
1$1,181X1`1h1p1|1
2$202P2X2`2h2t2
3(343<3T3\3d3l3t3
484\4h4p4
5 5(5D5d5l5t5|5
6$6,686\6|6
7$7,787X7`7h7p7|7
8$8,848<8D8L8T8\8d8l8t8|8
989\9h9p9
: :(:H:l:x:
;$;,;4;<;D;L;T;\;d;l;t;|;
< <,<L<T<\<d<l<t<|<
=<=D=L=T=\=d=l=t=|=
> >(>0>8>@>H>P>X>`>h>t>|>
?$?,?4?<?D?L?T?\?d?t?|?
0$0,040<0D0L0T0d0t0|0
1(141T1`1
2 2(20282@2H2T2x2
3$3,343<3H3l3
4<4D4X4`4p4
5 5(50585@5H5P5X5`5h5p5x5
606L6T6`6
787D7d7p7
8$8,888X8d8
9 909@9L9l9t9|9
:,:8:X:d:
;(;P;t;
<0<P<p<|<
=8=X=x=
>(>H>h>
? ?@?H?L?h?p?t?
$0(00080@0D0L0`0
1 1@1`1|1
2$2(202D2L2T2\2`2d2l2
3(3H3T3t3|3
4,444<4H4h4p4|4
5(5H5h5
0 0$0(0H0d0h0
101P1X1
40;4;8;<;@;D;H;L;P;T;X;\;`;d;h;l;p;t;x;|;
< <$<(<,<0<4<8<<<@<D<H<L<P<T<X<\<`<d<h<l<p<t<x<|<
=(=,=0=4=X=`=
303P3p3
5X7\7`7d7h7l7p7t7x7|7
8(8,888<8H8L8X8\8h8l8x8|8
9(9,989<9H9L9X9\9h9l9x9|9
:(:,:8:<:H:L:X:\:h:l:x:|:
;(;,;8;<;H;L;X;\;h;l;x;|;
<$<,<4<<<D<L<T<\<d<l<t<|<
= >$>(>,>0>4>8><>@>D>H>L>P>T>X>\>`>d>h>l>p>x>
VeriSign, Inc.10
VeriSign Trust Network1;09
2Terms of use at https://www.verisign.com/rpa (c)101.0,
%VeriSign Class 3 Code Signing 2010 CA0
131018000000Z
141117235959Z0
Uttar Pradesh1
Meerut1&0$
T S Solutions Private Limited1>0<
5Digital ID Class 3 - Microsoft Software Validation v21&0$
T S Solutions Private Limited0
/http://csc3-2010-crl.verisign.com/CSC3-2010.crl0D
https://www.verisign.com/rpa0
http://ocsp.verisign.com0;
/http://csc3-2010-aia.verisign.com/CSC3-2010.cer0
VeriSign, Inc.10
VeriSign Trust Network1:08
1(c) 2006 VeriSign, Inc. - For authorized use only1E0C
<VeriSign Class 3 Public Primary Certification Authority - G50
100208000000Z
200207235959Z0
VeriSign, Inc.10
VeriSign Trust Network1;09
2Terms of use at https://www.verisign.com/rpa (c)101.0,
%VeriSign Class 3 Code Signing 2010 CA0
https://www.verisign.com/cps0*
https://www.verisign.com/rpa0
[0Y0W0U
image/gif0!00
#http://logo.verisign.com/vslogo.gif04
#http://crl.verisign.com/pca3-g5.crl04
http://ocsp.verisign.com0
VeriSignMPKI-2-80
VeriSign, Inc.10
VeriSign Trust Network1;09
2Terms of use at https://www.verisign.com/rpa (c)101.0,
%VeriSign Class 3 Code Signing 2010 CA
!This program cannot be run in DOS mode.
P`.data
.rdata
0@.bss
.idata
:55a`5
R$0eWB
ggQSg=
oK]RJ}
r??>z@\
t<4CO]
JB]*O
$gva;u
)GoPIv
zvXlQ@Y
Q=?'P4
+^7m=D
(%3jBT
7|(7Vn
l0)hNP
VcF.WCVa
Gl0MP)
z#D%x]
xKA2nqYDj
.q]AglV
L.6$ee
'@&<A3
3hO7nP
YP^xvx
/oUT<U,
%,Uu/>x
eHMmp0
Fam`IG)
2E<Ypt4
(j] BO
{OwuY.@
f23O~YL
M9IOCNA
~a`tu2
uGVS0F
Dp!SL
*]$`q]
H>/e]RG
HyU~EP
H:u`vL
=ps#z2f
?_=$Kb;
[?4XoC
={H$!~
-0cKt}J
A^)EHF
zP>(LV
/^]Br?
$c`=WH
)4jz1|
XI|=?C
Zp1>]Z
?`-O+-
pgw=4
{A{|9Ba
.'oF.&9
QVYKhrf]
LC<MLQ
nJdu(&
qo2H!I
T]/P;%L
i6r)Qn
|>izE+6
I"szLE
SK%@g#
V9sBb+
i^AqM&
+6GZ i
v`y\b\
|xh;cNf
q4h/
ig\=d*7
[,<Mb|
vOe9KZ
H6 IOS
wY39L~o
C\"`rS
P8YDB9
c^aF\qf
f9CoN^`
T.;wg]
uE%z2e
?f3(oN
(E>}@D
)CT4-n
c,yIc{
pjBT((
LNr~ry
Wdoc}Hl
,3JW"q
4w,c6
E[s{nx
pjN,`R
|[Y@HDB
vJvyyk
rXVdI1z
6l,TBG
"]a t2-B
vEg{K:
;](QLo
p8P*"\
(aE6;_
-GWML4A
A-h{=q
si }M*
Jd.J"=
g3G~-
e+!K+
:@%J[~n
kinEa(
-Of.CH
APyYn*d
VA`g[nmS~+
)bfU,G
qV]%O
6}cdim
`MsBbU
xq8tkfi
GPRhRWI[
4\0d^k
0l&w]
RDz7DlZ
I`E,83
1f}j)BVr
1,,T'uW~"~
5kFf#p
^cJ|b
rm$KZ!
*9sJ~I
\kNAN@
j,8td^R2
l|-YT
77+=,$/
^4Uf^3f9
y[.Dfn
!=~Es"
m$;}yyP
:kfBLI0
:i~[*'
o(5K#&
@RV0K
%57nI6u
nZQL4ak
0!z/CG<
'$lA.J
S439,Up:
aIEu|M)@
}EiD[j
2J|/V9
J;C:WeF
*0?cr,~
Q.ihzm
4Em?>5c
z|dPmrl
_Y#i?n
+\6Ap`
R>HgC
qm!r?7
=2X;]Q
M9zp1B
=QuyF{
g3b'yA
2!+!Em
E\vVOt
Y)uauB)
\x3OG
T&SyVU
gGw|I4cs
]iyV/9
}S.w0m
6D:>R?
S9~({z:R
TBfa?3
0\99!]
vqx?^X
D/Z>YgZ
YvSx:{
/z6$
=k0v%):
DoM`N`
AcS\Ro0
[o'.(~u
pa/FA8
3 ;(D5
W2.{I[
;9pU@/
rbp|u>
{h%bi_
$GsC]
zt]q+0
j`8I8?w
rDkY.;
z;J=k-_
66"Y4{sL
rH'j@1
^hlh4."^
E'CG%Y
y`9m3e
&VBn+U;
Ag"Xhb
!h0 KO
1d0;L]
Nzm,v"
6Ti#*
!\)'6Eg0
Bvwkrs
6}Hrc;]
jos?>^
t}:,W&
V-C+,
_Gf7lI
Apmm2
G"#u8G
^<AMfz
@s\Tnv
C :OBH1
`>oT=0
zENvpU
k#KY.L
cu:8{X
H?8F_q
V]3I_0
POt#pk9
zw9Yq^
(.x3>o/
9KjY=[*
F,UA!I
j2ZJ(jq:Q
Sc<_$}O'
Xv[yh^A
o"*vDz
%f}jfd*
4bTU/N
]1j4v=
,$5TVe
zqWY+hx
gSJy0[
C.EhA$
?(mZZ,
yFvEA6w}
x%WL,n
NYH3Yw
YMy[o1
W<w5(x
9Swt$
`fke@EYt
.OuB2M
E9N=c`-
#$MX@yU
S*m)1fpDg
f,ZGb,5
uY/X&s
);3Y$-1T
rSZU?.
G\:Y[uT
2_@9IWwq
O\:}jn
[UpONh
5LN>N
`M*B,$
3Hxqux
>-1q@}~
zHPM;_
he5rsL!
%DnM~X
-brI;!
fE*1s8,
jW%ep
MWrxZ0W]8
Vo6!8X
bM9~8z
E4CVm=
apeaqZ
XCScplt.
_5]s~K
Z7fd88F
s5ZPo-r[l
)/8`GP
0:eHc#
N}eeG!S
am]=bi
JqbHD5]u
T`7rhwV>
~b:~At
}D_qdW4\
mcYb)X
!yx]dU
5ABn;pS
oNql
K&94kR
ADK\)^
>6M:S
U=.vbyLT
xjhk_C
uMngvj8
=CY4WB
1',o%"
qO%zrS
dv=g6r1
mKd[E|
kvJ^`q&
rScP<"
2"l78
3Ta>B:
M5beZG
\7"IxH]$W!
P0-{]>IA
Fs_dPF
_g8IU_K
p}D8id
`DEp65
S<SB+$!
^m\?eePW
;Ng33Y
(HAhRO;
?uB7u0V;b
w}{P]~
_ F8-G
i>RA&bt!
n{hjx>
C}Y<@ U
(*Mk!y
OF5/1v
w-\Cw>
1}i*[r5
eB/D2!H>
/TgA4ye
ui5%A"
c9xpQ@
Bq,457,Ri
gz`[[(
0<\@A/
;eQ>k&
7QVbCt
_^Hbg5
J-zDtaV
go|T!\P
J@!_Ha
?0@EXG
||JE<`
NKT!eQf
(8Lr[q
s$-u,
Y{ohl0
royK]-
O30z J
Y~.*IL
M9?5|f
Fv@ o
7x$BD{xE.F
ou{GiC
0rC^s"R
\x^CrJ0
,~${&o
)%sv9{Y
ZYp-V}
&,LMqtX
FwAg1L^
l:9sxU
[y.bm6
-^KQpPJ
VpzHcI
|[Nhtr
TQehz}
$JKG2\5
J0"OPl
axh\D#
\n"-Uz+
tRJ)b*
M%@?'M
n=c@X\c
a[z7bl1/`
+J^\nl
g[+F.
Rv!RH<
,X'aag
` cfr8#
i\JPd,
8u%<26
\a;%6b
Y!]M"{
pF!HmiY
-XP\WOg
/_FBZ8Qr+
&_IQhlWR
r6>%w
YfuNyPN
/"_,?=A co
rcs"QR
1uERvI
EdwQ!T
2'GmIG
W<RbIb
XO!8i)^
|B_QCBx
,]Q8e#
ta"W .
W$4bYF
dz?}&>m
F,;n)2]E)
o}'cp`
jEW6T@
DnST7P
R/A-SH
%,#:1Z
4Z#[:/
sd@0ad
yJ\0u*}
GHZj2?r$
eXKEn!D
~?Y;~j
76 LTK
qt(mZ3
NZxbct`
KW2JB=
9sYh4:
#JyL</
7P'5hPo
==Hbm)Ej
;F6A)^(
A~b@99
1.HKe
Juy67EDqHJ*()Rf
Unknown error
_matherr(): %s in %s(%g, %g) (retval=%g)
Argument domain error (DOMAIN)
Argument singularity (SIGN)
Overflow range error (OVERFLOW)
The result is too small to be represented (UNDERFLOW)
Total loss of significance (TLOSS)
Partial loss of significance (PLOSS)
Mingw-w64 runtime failure:
Address %p has no image-section
VirtualQuery failed for %d bytes at address %p
VirtualProtect failed with code 0x%x
Unknown pseudo relocation protocol version %d.
Unknown pseudo relocation bit size %d.
GCC: (GNU) 4.9.2
GCC: (GNU) 4.9.2
GCC: (tdm64-1) 4.9.2
GCC: (GNU) 4.9.2
GCC: (GNU) 4.9.2
GCC: (GNU) 4.9.2
GCC: (GNU) 4.9.2
GCC: (GNU) 4.9.2
GCC: (GNU) 4.9.2
GCC: (GNU) 4.9.2
GCC: (GNU) 4.9.2
GCC: (GNU) 4.9.2
GCC: (GNU) 4.9.2
GCC: (GNU) 4.9.2
GCC: (GNU) 4.9.2
GCC: (GNU) 4.9.2
GCC: (GNU) 4.9.2
GCC: (GNU) 4.9.2
GCC: (GNU) 4.9.2
GCC: (GNU) 4.9.2
GCC: (GNU) 4.9.2
GCC: (GNU) 4.9.2
GCC: (GNU) 4.9.2
GCC: (tdm64-1) 4.9.2
GCC: (GNU) 4.9.2
GCC: (GNU) 4.9.2
GCC: (GNU) 4.9.2
CryptAcquireContextA
CryptDestroyKey
CryptEncrypt
CryptImportKey
CryptReleaseContext
DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
SetUnhandledExceptionFilter
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualProtect
VirtualQuery
__dllonexit
__getmainargs
__initenv
__lconv_init
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_cexit
_fmode
_initterm
_onexit
_unlock
calloc
fprintf
fwrite
malloc
memcpy
signal
strlen
strncmp
vfprintf
ADVAPI32.dll
KERNEL32.dll
msvcrt.dll
GNU C 4.9.2 -m32 -mtune=generic -march=x86-64 -g -O2 -std=gnu99
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/crt/crtexe.c
size_t
unsigned int
uintptr_t
wchar_t
short unsigned int
long int
long long int
sizetype
long unsigned int
unsigned char
_EXCEPTION_RECORD
ExceptionCode
ExceptionFlags
ExceptionAddress
NumberParameters
ExceptionInformation
_CONTEXT
ContextFlags
FloatSave
EFlags
ExtendedRegisters
WINBOOL
LPBYTE
signed char
short int
long long unsigned int
LONG_PTR
ULONG_PTR
HANDLE
ULONGLONG
EXCEPTION_ROUTINE
PEXCEPTION_ROUTINE
_FLOATING_SAVE_AREA
ControlWord
StatusWord
TagWord
ErrorOffset
ErrorSelector
DataOffset
DataSelector
RegisterArea
Cr0NpxState
FLOATING_SAVE_AREA
CONTEXT
PCONTEXT
EXCEPTION_RECORD
PEXCEPTION_RECORD
_EXCEPTION_POINTERS
ContextRecord
_EXCEPTION_REGISTRATION_RECORD
Handler
handler
FiberData
Version
_NT_TIB
ExceptionList
StackBase
StackLimit
SubSystemTib
ArbitraryUserPointer
NT_TIB
PNT_TIB
_IMAGE_DOS_HEADER
e_magic
e_cblp
e_crlc
e_cparhdr
e_minalloc
e_maxalloc
e_csum
e_lfarlc
e_ovno
e_oemid
e_oeminfo
e_res2
e_lfanew
IMAGE_DOS_HEADER
PIMAGE_DOS_HEADER
_IMAGE_FILE_HEADER
Machine
NumberOfSections
TimeDateStamp
PointerToSymbolTable
NumberOfSymbols
SizeOfOptionalHeader
Characteristics
IMAGE_FILE_HEADER
_IMAGE_DATA_DIRECTORY
VirtualAddress
IMAGE_DATA_DIRECTORY
_IMAGE_OPTIONAL_HEADER
BaseOfData
IMAGE_OPTIONAL_HEADER32
PIMAGE_OPTIONAL_HEADER32
_IMAGE_OPTIONAL_HEADER64
PIMAGE_OPTIONAL_HEADER64
_IMAGE_NT_HEADERS
Signature
FileHeader
OptionalHeader
PIMAGE_NT_HEADERS32
PIMAGE_NT_HEADERS
PIMAGE_TLS_CALLBACK
HINSTANCE__
unused
HINSTANCE
PTOP_LEVEL_EXCEPTION_FILTER
LPTOP_LEVEL_EXCEPTION_FILTER
_STARTUPINFOA
lpReserved
lpDesktop
lpTitle
dwXSize
dwYSize
dwXCountChars
dwYCountChars
dwFillAttribute
dwFlags
wShowWindow
cbReserved2
lpReserved2
hStdInput
hStdOutput
hStdError
STARTUPINFOA
STARTUPINFO
double
long double
_invalid_parameter_handler
tagCOINITBASE
COINITBASE_MULTITHREADED
VARENUM
VT_EMPTY
VT_NULL
VT_DATE
VT_BSTR
VT_DISPATCH
VT_ERROR
VT_BOOL
VT_VARIANT
VT_UNKNOWN
VT_DECIMAL
VT_UI1
VT_UI2
VT_UI4
VT_UI8
VT_INT
VT_UINT
VT_VOID
VT_HRESULT
VT_PTR
VT_SAFEARRAY
VT_CARRAY
VT_USERDEFINED
VT_LPSTR
VT_LPWSTR
VT_RECORD
VT_INT_PTR
VT_UINT_PTR
VT_FILETIME
VT_BLOB
VT_STREAM
VT_STORAGE
VT_STREAMED_OBJECT
VT_STORED_OBJECT
VT_BLOB_OBJECT
VT_CLSID
VT_VERSIONED_STREAM
VT_BSTR_BLOB
VT_VECTOR
VT_ARRAY
VT_BYREF
VT_RESERVED
VT_ILLEGAL
VT_ILLEGALMASKED
VT_TYPEMASK
newmode
_startupinfo
__uninitialized
__initializing
__initialized
_exception
retval
_TCHAR
__readfsdword
!Offset
_InterlockedExchange
!Target
!Value
_InterlockedCompareExchange
!ExChange
&NtCurrentTeb
'InterlockedCompareExchange
)Exchange
'InterlockedExchange
)Target
)Value
*duplicate_ppstrings
,__mingw_invalidParameterHandler
-expression
-function
-pReserved
.check_managed_app
"pDOSHeader
"pPEHeader
"pNTHeader32
"pNTHeader64
/pre_c_init
,pre_cpp_init
/__tmainCRTStartup
9lpszCommandLine
:StartupInfo
9inDoubleQuote
9lock_free
9fiberid
9nested
GWinMainCRTStartup
GmainCRTStartup
:argret
:mainret
:managedapp
:has_cctor
:startinfo
J__globallocalestatus
J_imp___fmode
J_dowildcard
J_newmode
J_imp____initenv
J_imp___acmdln
J__native_startup_state
J__native_startup_lock
KJ_image_base__
J_imp___commode
J_fmode
J__xi_a
J__xi_z
J__xc_a
J__xc_z
J__dyn_tls_init_callback
J__onexitbegin
J__onexitend
Jmingw_app_type
M__mingw_winmain_hInstance
M__mingw_winmain_lpCmdLine
M__mingw_winmain_nShowCmd
J__mingw_oldexcpt_handler
Mmingw_pcinit
Mmingw_pcppinit
J_MINGW_INSTALL_DEBUG_MATHERR
Nmingw_initltsdrot_force
Nmingw_initltsdyn_force
Nmingw_initltssuo_force
Nmingw_initcharmax
O__set_app_type
P_encode_pointer
Q_setargv
O__mingw_setusermatherr
P__getmainargs
Pstrlen
Rmalloc
Smemcpy
T_pei386_runtime_relocator
\P_set_invalid_parameter_handler
T_fpreset
)T__main
LPmain
T_cexit
7O_amsg_exit
O_initterm
T__security_init_cookie
GNU C 4.9.2 -m32 -mtune=generic -march=x86-64 -g -O2 -std=gnu99
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/crt/tlssup.c
unsigned int
uintptr_t
short unsigned int
long int
long long int
sizetype
long unsigned int
unsigned char
WINBOOL
LPVOID
signed char
short int
long long unsigned int
ULONG_PTR
HANDLE
PIMAGE_TLS_CALLBACK
_IMAGE_TLS_DIRECTORY32
StartAddressOfRawData
EndAddressOfRawData
AddressOfIndex
AddressOfCallBacks
SizeOfZeroFill
Characteristics
IMAGE_TLS_DIRECTORY32
IMAGE_TLS_DIRECTORY
__dyn_tls_init
__dyn_tls_dtor
__dyn_tls_init@12
__tlregdtor
__xd_a
__xd_z
_tls_index
_tls_start
_tls_end
__xl_a
__xl_z
_tls_used
_CRT_MT
__dyn_tls_init_callback
__xl_c
__xl_d
mingw_initltsdrot_force
mingw_initltsdyn_force
mingw_initltssuo_force
__mingw_TLScallback
GNU C 4.9.2 -m32 -mtune=generic -march=x86-64 -g -O2 -std=gnu99
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/crt/charmax.c
unsigned int
short unsigned int
long int
long long int
sizetype
long unsigned int
unsigned char
signed char
short int
long long unsigned int
double
long double
tagCOINITBASE
COINITBASE_MULTITHREADED
VARENUM
VT_EMPTY
VT_NULL
VT_DATE
VT_BSTR
VT_DISPATCH
VT_ERROR
VT_BOOL
VT_VARIANT
VT_UNKNOWN
VT_DECIMAL
VT_UI1
VT_UI2
VT_UI4
VT_UI8
VT_INT
VT_UINT
VT_VOID
VT_HRESULT
VT_PTR
VT_SAFEARRAY
VT_CARRAY
VT_USERDEFINED
VT_LPSTR
VT_LPWSTR
VT_RECORD
VT_INT_PTR
VT_UINT_PTR
VT_FILETIME
VT_BLOB
VT_STREAM
VT_STORAGE
VT_STREAMED_OBJECT
VT_STORED_OBJECT
VT_BLOB_OBJECT
VT_CLSID
VT_VERSIONED_STREAM
VT_BSTR_BLOB
VT_VECTOR
VT_ARRAY
VT_BYREF
VT_RESERVED
VT_ILLEGAL
VT_ILLEGALMASKED
VT_TYPEMASK
my_lconv_init
mingw_initcharmax
_charmax
__mingw_pinit
GNU C 4.9.2 -m32 -mtune=generic -march=x86-64 -g -O2 -std=gnu99
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/crt/mingw_helpers.c
unsigned int
short unsigned int
long int
long long int
sizetype
long unsigned int
unsigned char
signed char
short int
long long unsigned int
double
long double
tagCOINITBASE
COINITBASE_MULTITHREADED
VARENUM
VT_EMPTY
VT_NULL
VT_DATE
VT_BSTR
VT_DISPATCH
VT_ERROR
VT_BOOL
VT_VARIANT
VT_UNKNOWN
VT_DECIMAL
VT_UI1
VT_UI2
VT_UI4
VT_UI8
VT_INT
VT_UINT
VT_VOID
VT_HRESULT
VT_PTR
VT_SAFEARRAY
VT_CARRAY
VT_USERDEFINED
VT_LPSTR
VT_LPWSTR
VT_RECORD
VT_INT_PTR
VT_UINT_PTR
VT_FILETIME
VT_BLOB
VT_STREAM
VT_STORAGE
VT_STREAMED_OBJECT
VT_STORED_OBJECT
VT_BLOB_OBJECT
VT_CLSID
VT_VERSIONED_STREAM
VT_BSTR_BLOB
VT_VECTOR
VT_ARRAY
VT_BYREF
VT_RESERVED
VT_ILLEGAL
VT_ILLEGALMASKED
VT_TYPEMASK
_decode_pointer
codedptr
_encode_pointer
mingw_app_type
GNU C 4.9.2 -m32 -mtune=generic -march=x86-64 -g -O2 -std=gnu99
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/crt/xtxtmode.c
_fmode
GNU C 4.9.2 -m32 -mtune=generic -march=x86-64 -g -O2 -std=gnu99
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/crt/atonexit.c
unsigned int
short unsigned int
long int
long long int
sizetype
long unsigned int
unsigned char
signed char
short int
long long unsigned int
_onexit_t
double
long double
tagCOINITBASE
COINITBASE_MULTITHREADED
VARENUM
VT_EMPTY
VT_NULL
VT_DATE
VT_BSTR
VT_DISPATCH
VT_ERROR
VT_BOOL
VT_VARIANT
VT_UNKNOWN
VT_DECIMAL
VT_UI1
VT_UI2
VT_UI4
VT_UI8
VT_INT
VT_UINT
VT_VOID
VT_HRESULT
VT_PTR
VT_SAFEARRAY
VT_CARRAY
VT_USERDEFINED
VT_LPSTR
VT_LPWSTR
VT_RECORD
VT_INT_PTR
VT_UINT_PTR
VT_FILETIME
VT_BLOB
VT_STREAM
VT_STORAGE
VT_STREAMED_OBJECT
VT_STORED_OBJECT
VT_BLOB_OBJECT
VT_CLSID
VT_VERSIONED_STREAM
VT_BSTR_BLOB
VT_VECTOR
VT_ARRAY
VT_BYREF
VT_RESERVED
VT_ILLEGAL
VT_ILLEGALMASKED
VT_TYPEMASK
mingw_onexit
onexitbegin
onexitend
retval
atexit
__onexitbegin
__onexitend
_imp___onexit
_decode_pointer
__dllonexit
_encode_pointer
_unlock
GNU C 4.9.2 -m32 -mtune=generic -march=x86-64 -g -O2 -std=gnu99
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/crt/_newmode.c
_newmode
GNU C 4.9.2 -m32 -mtune=generic -march=x86-64 -g -O2 -std=gnu99
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/crt/wildcard.c
_dowildcard
GNU C 4.9.2 -m32 -mtune=generic -march=x86-64 -g -O2 -std=gnu99
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/crt/natstart.c
unsigned int
short unsigned int
long int
long long int
sizetype
long unsigned int
unsigned char
signed char
short int
long long unsigned int
double
long double
tagCOINITBASE
COINITBASE_MULTITHREADED
VARENUM
VT_EMPTY
VT_NULL
VT_DATE
VT_BSTR
VT_DISPATCH
VT_ERROR
VT_BOOL
VT_VARIANT
VT_UNKNOWN
VT_DECIMAL
VT_UI1
VT_UI2
VT_UI4
VT_UI8
VT_INT
VT_UINT
VT_VOID
VT_HRESULT
VT_PTR
VT_SAFEARRAY
VT_CARRAY
VT_USERDEFINED
VT_LPSTR
VT_LPWSTR
VT_RECORD
VT_INT_PTR
VT_UINT_PTR
VT_FILETIME
VT_BLOB
VT_STREAM
VT_STORAGE
VT_STREAMED_OBJECT
VT_STORED_OBJECT
VT_BLOB_OBJECT
VT_CLSID
VT_VERSIONED_STREAM
VT_BSTR_BLOB
VT_VECTOR
VT_ARRAY
VT_BYREF
VT_RESERVED
VT_ILLEGAL
VT_ILLEGALMASKED
VT_TYPEMASK
__uninitialized
__initializing
__initialized
__native_startup_state
__native_startup_lock
__native_dllmain_reason
__native_vcclrit_reason
GNU C 4.9.2 -m32 -mtune=generic -march=x86-64 -g -O2 -std=gnu99
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/crt/crt_handler.c
unsigned int
short unsigned int
long int
long long int
sizetype
long unsigned int
unsigned char
_EXCEPTION_RECORD
ExceptionCode
ExceptionFlags
ExceptionAddress
NumberParameters
ExceptionInformation
_CONTEXT
ContextFlags
FloatSave
EFlags
ExtendedRegisters
signed char
short int
long long unsigned int
ULONG_PTR
_FLOATING_SAVE_AREA
ControlWord
StatusWord
TagWord
ErrorOffset
ErrorSelector
DataOffset
DataSelector
RegisterArea
Cr0NpxState
FLOATING_SAVE_AREA
CONTEXT
PCONTEXT
EXCEPTION_RECORD
PEXCEPTION_RECORD
_EXCEPTION_POINTERS
ContextRecord
EXCEPTION_POINTERS
PTOP_LEVEL_EXCEPTION_FILTER
LPTOP_LEVEL_EXCEPTION_FILTER
double
long double
tagCOINITBASE
COINITBASE_MULTITHREADED
VARENUM
VT_EMPTY
VT_NULL
VT_DATE
VT_BSTR
VT_DISPATCH
VT_ERROR
VT_BOOL
VT_VARIANT
VT_UNKNOWN
VT_DECIMAL
VT_UI1
VT_UI2
VT_UI4
VT_UI8
VT_INT
VT_UINT
VT_VOID
VT_HRESULT
VT_PTR
VT_SAFEARRAY
VT_CARRAY
VT_USERDEFINED
VT_LPSTR
VT_LPWSTR
VT_RECORD
VT_INT_PTR
VT_UINT_PTR
VT_FILETIME
VT_BLOB
VT_STREAM
VT_STORAGE
VT_STREAMED_OBJECT
VT_STORED_OBJECT
VT_BLOB_OBJECT
VT_CLSID
VT_VERSIONED_STREAM
VT_BSTR_BLOB
VT_VECTOR
VT_ARRAY
VT_BYREF
VT_RESERVED
VT_ILLEGAL
VT_ILLEGALMASKED
VT_TYPEMASK
__p_sig_fn_t
_gnu_exception_handler
_gnu_exception_handler@4
exception_data
old_handler
action
reset_fpu
__mingw_oldexcpt_handler
signal
_fpreset
GNU C 4.9.2 -m32 -mtune=generic -march=x86-64 -g -O2 -std=gnu99
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/crt/cinitexe.c
unsigned int
short unsigned int
long int
long long int
sizetype
long unsigned int
unsigned char
__xi_a
__xi_z
__xc_a
__xc_z
GNU C 4.9.2 -m32 -mtune=generic -march=x86-64 -g -O2 -std=gnu99
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/crt/dllargv.c
unsigned int
short unsigned int
long int
long long int
sizetype
long unsigned int
unsigned char
signed char
short int
long long unsigned int
double
long double
_setargv
GNU C 4.9.2 -m32 -mtune=generic -march=x86-64 -g -O2 -std=gnu99
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/crt/merr.c
unsigned int
short unsigned int
long int
long long int
sizetype
long unsigned int
unsigned char
signed char
short int
long long unsigned int
double
long double
tagCOINITBASE
COINITBASE_MULTITHREADED
VARENUM
VT_EMPTY
VT_NULL
VT_DATE
VT_BSTR
VT_DISPATCH
VT_ERROR
VT_BOOL
VT_VARIANT
VT_UNKNOWN
VT_DECIMAL
VT_UI1
VT_UI2
VT_UI4
VT_UI8
VT_INT
VT_UINT
VT_VOID
VT_HRESULT
VT_PTR
VT_SAFEARRAY
VT_CARRAY
VT_USERDEFINED
VT_LPSTR
VT_LPWSTR
VT_RECORD
VT_INT_PTR
VT_UINT_PTR
VT_FILETIME
VT_BLOB
VT_STREAM
VT_STORAGE
VT_STREAMED_OBJECT
VT_STORED_OBJECT
VT_BLOB_OBJECT
VT_CLSID
VT_VERSIONED_STREAM
VT_BSTR_BLOB
VT_VECTOR
VT_ARRAY
VT_BYREF
VT_RESERVED
VT_ILLEGAL
VT_ILLEGALMASKED
VT_TYPEMASK
_iobuf
_charbuf
_bufsiz
_tmpfname
_exception
retval
fUserMathErr
__mingw_raise_matherr
__mingw_setusermatherr
_matherr
pexcept
stUserMathErr
_imp___iob
__setusermatherr
fprintf
GNU C 4.9.2 -m32 -mtune=generic -march=x86-64 -g -O2 -std=gnu99
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/crt/pseudo-reloc.c
__gnuc_va_list
__builtin_va_list
va_list
size_t
unsigned int
ptrdiff_t
short unsigned int
long int
long long int
sizetype
long unsigned int
unsigned char
LPBYTE
LPVOID
signed char
short int
long long unsigned int
ULONG_PTR
SIZE_T
_MEMORY_BASIC_INFORMATION
BaseAddress
AllocationBase
AllocationProtect
RegionSize
Protect
MEMORY_BASIC_INFORMATION
PhysicalAddress
VirtualSize
_IMAGE_SECTION_HEADER
VirtualAddress
SizeOfRawData
PointerToRawData
PointerToRelocations
PointerToLinenumbers
NumberOfRelocations
NumberOfLinenumbers
Characteristics
PIMAGE_SECTION_HEADER
double
long double
tagCOINITBASE
COINITBASE_MULTITHREADED
VARENUM
VT_EMPTY
VT_NULL
VT_DATE
VT_BSTR
VT_DISPATCH
VT_ERROR
VT_BOOL
VT_VARIANT
VT_UNKNOWN
VT_DECIMAL
VT_UI1
VT_UI2
VT_UI4
VT_UI8
VT_INT
VT_UINT
VT_VOID
VT_HRESULT
VT_PTR
VT_SAFEARRAY
VT_CARRAY
VT_USERDEFINED
VT_LPSTR
VT_LPWSTR
VT_RECORD
VT_INT_PTR
VT_UINT_PTR
VT_FILETIME
VT_BLOB
VT_STREAM
VT_STORAGE
VT_STREAMED_OBJECT
VT_STORED_OBJECT
VT_BLOB_OBJECT
VT_CLSID
VT_VERSIONED_STREAM
VT_BSTR_BLOB
VT_VECTOR
VT_ARRAY
VT_BYREF
VT_RESERVED
VT_ILLEGAL
VT_ILLEGALMASKED
VT_TYPEMASK
_iobuf
_charbuf
_bufsiz
_tmpfname
addend
target
runtime_pseudo_reloc_item_v1
target
runtime_pseudo_reloc_item_v2
magic1
magic2
version
runtime_pseudo_reloc_v2
old_protect
sec_start
__write_memory
do_pseudo_reloc
addr_imp
reldata
reloc_target
v2_hdr
newval
__report_error
#mark_section_writable
(restore_modified_sections
)oldprot
*_pei386_runtime_relocator
+was_init
,mSecs
the_secs
maxSections
7_imp___iob
7__RUNTIME_PSEUDO_RELOC_LIST__
7__RUNTIME_PSEUDO_RELOC_LIST_END__
7_image_base__
8__builtin_fwrite
fwrite
:vfprintf
;abort
<__mingw_GetSectionForAddress
=_GetPEImageBase
=__mingw_GetSectionCount
GNU C 4.9.2 -m32 -mtune=generic -march=x86-64 -g -O2 -std=gnu99
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/crt/CRT_fp10.c
_fpreset
GNU C 4.9.2 -m32 -mtune=generic -march=x86-64 -g -O2 -std=gnu99
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/crt/gccmain.c
unsigned int
ptrdiff_t
short unsigned int
long int
long long int
sizetype
long unsigned int
unsigned char
signed char
short int
long long unsigned int
double
long double
tagCOINITBASE
COINITBASE_MULTITHREADED
VARENUM
VT_EMPTY
VT_NULL
VT_DATE
VT_BSTR
VT_DISPATCH
VT_ERROR
VT_BOOL
VT_VARIANT
VT_UNKNOWN
VT_DECIMAL
VT_UI1
VT_UI2
VT_UI4
VT_UI8
VT_INT
VT_UINT
VT_VOID
VT_HRESULT
VT_PTR
VT_SAFEARRAY
VT_CARRAY
VT_USERDEFINED
VT_LPSTR
VT_LPWSTR
VT_RECORD
VT_INT_PTR
VT_UINT_PTR
VT_FILETIME
VT_BLOB
VT_STREAM
VT_STORAGE
VT_STREAMED_OBJECT
VT_STORED_OBJECT
VT_BLOB_OBJECT
VT_CLSID
VT_VERSIONED_STREAM
VT_BSTR_BLOB
VT_VECTOR
VT_ARRAY
VT_BYREF
VT_RESERVED
VT_ILLEGAL
VT_ILLEGALMASKED
VT_TYPEMASK
func_ptr
__do_global_dtors
__do_global_ctors
__main
initialized
__CTOR_LIST__
__DTOR_LIST__
atexit
GNU C 4.9.2 -m32 -mtune=generic -march=x86-64 -g -O2 -std=gnu99
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/crt/gs_support.c
unsigned int
short unsigned int
long int
long long int
sizetype
long unsigned int
unsigned char
double
long double
_EXCEPTION_RECORD
ExceptionCode
ExceptionFlags
ExceptionAddress
NumberParameters
ExceptionInformation
_CONTEXT
ContextFlags
FloatSave
EFlags
ExtendedRegisters
signed char
short int
long long unsigned int
UINT_PTR
ULONG_PTR
LONGLONG
LowPart
LowPart
_LARGE_INTEGER
QuadPart
LARGE_INTEGER
_FLOATING_SAVE_AREA
ControlWord
StatusWord
TagWord
ErrorOffset
ErrorSelector
DataOffset
DataSelector
RegisterArea
Cr0NpxState
FLOATING_SAVE_AREA
CONTEXT
PCONTEXT
EXCEPTION_RECORD
PEXCEPTION_RECORD
_EXCEPTION_POINTERS
ContextRecord
EXCEPTION_POINTERS
_FILETIME
dwLowDateTime
dwHighDateTime
FILETIME
NTSTATUS
ft_scalar
ft_struct
__security_init_cookie
cookie
systime
perfctr
__report_gsfailure
StackCookie
cookie
GS_ExceptionRecord
GS_ContextRecord
GS_ExceptionPointers
__security_cookie
__security_cookie_complement
!abort
GNU C 4.9.2 -m32 -mtune=generic -march=x86-64 -g -O2 -std=gnu99
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/crt/tlsmcrt.c
_CRT_MT
GNU C 4.9.2 -m32 -mtune=generic -march=x86-64 -g -O2 -std=gnu99
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/crt/tlsthrd.c
size_t
unsigned int
short unsigned int
long int
long long int
sizetype
long unsigned int
unsigned char
WINBOOL
LPVOID
signed char
short int
long long unsigned int
ULONG_PTR
HANDLE
_LIST_ENTRY
LIST_ENTRY
_RTL_CRITICAL_SECTION_DEBUG
CreatorBackTraceIndex
CriticalSection
ProcessLocksList
EntryCount
ContentionCount
CreatorBackTraceIndexHigh
SpareWORD
_RTL_CRITICAL_SECTION
DebugInfo
LockCount
RecursionCount
OwningThread
LockSemaphore
SpinCount
PRTL_CRITICAL_SECTION_DEBUG
RTL_CRITICAL_SECTION
CRITICAL_SECTION
double
long double
__mingwthr_key_t
__mingwthr_key
__mingwthr_run_key_dtors
___w64_mingwthr_add_key_dtor
new_key
___w64_mingwthr_remove_key_dtor
prev_key
cur_key
__mingw_TLScallback
hDllHandle
reason
reserved
__mingwthr_cs
__mingwthr_cs_init
key_dtor_list
calloc
GNU C 4.9.2 -m32 -mtune=generic -march=x86-64 -g -O2 -std=gnu99
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/crt/pseudo-reloc-list.c
__RUNTIME_PSEUDO_RELOC_LIST_END__
__RUNTIME_PSEUDO_RELOC_LIST__
GNU C 4.9.2 -m32 -mtune=generic -march=x86-64 -g -O2 -std=gnu99
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/crt/pesect.c
size_t
unsigned int
short unsigned int
long int
long long int
sizetype
long unsigned int
unsigned char
WINBOOL
LPVOID
signed char
short int
long long unsigned int
ULONG_PTR
DWORD_PTR
_IMAGE_DOS_HEADER
e_magic
e_cblp
e_crlc
e_cparhdr
e_minalloc
e_maxalloc
e_csum
e_lfarlc
e_ovno
e_oemid
e_oeminfo
e_res2
e_lfanew
IMAGE_DOS_HEADER
PIMAGE_DOS_HEADER
_IMAGE_FILE_HEADER
Machine
NumberOfSections
PointerToSymbolTable
NumberOfSymbols
SizeOfOptionalHeader
IMAGE_FILE_HEADER
_IMAGE_DATA_DIRECTORY
IMAGE_DATA_DIRECTORY
_IMAGE_OPTIONAL_HEADER
MajorLinkerVersion
MinorLinkerVersion
SizeOfCode
SizeOfInitializedData
SizeOfUninitializedData
AddressOfEntryPoint
BaseOfCode
BaseOfData
ImageBase
SectionAlignment
FileAlignment
MajorOperatingSystemVersion
MinorOperatingSystemVersion
MajorImageVersion
MinorImageVersion
MajorSubsystemVersion
MinorSubsystemVersion
Win32VersionValue
SizeOfImage
SizeOfHeaders
CheckSum
Subsystem
DllCharacteristics
SizeOfStackReserve
SizeOfStackCommit
SizeOfHeapReserve
SizeOfHeapCommit
LoaderFlags
NumberOfRvaAndSizes
DataDirectory
IMAGE_OPTIONAL_HEADER32
PIMAGE_OPTIONAL_HEADER32
PIMAGE_OPTIONAL_HEADER
_IMAGE_NT_HEADERS
Signature
FileHeader
OptionalHeader
PIMAGE_NT_HEADERS32
PIMAGE_NT_HEADERS
PhysicalAddress
VirtualSize
_IMAGE_SECTION_HEADER
SizeOfRawData
PointerToRawData
PointerToRelocations
PointerToLinenumbers
NumberOfRelocations
NumberOfLinenumbers
PIMAGE_SECTION_HEADER
OriginalFirstThunk
_IMAGE_IMPORT_DESCRIPTOR
ForwarderChain
FirstThunk
IMAGE_IMPORT_DESCRIPTOR
PIMAGE_IMPORT_DESCRIPTOR
double
long double
_ValidateImageBase
pDOSHeader
pOptHeader
_FindPESection
_FindPESectionByName
__mingw_GetSectionForAddress
__mingw_GetSectionCount
_FindPESectionExec
_GetPEImageBase
_IsNonwritableInCurrentImage
pTarget
&rvaTarget
__mingw_enum_import_library_names
&importDesc
&importsStartRVA
)_image_base__
*strlen
,strncmp
../../../../../../src/gcc-4.9.2/libgcc/config/i386/cygwin.S
C:\crossdev\gccmaster\build-tdm64\gcc\x86_64-w64-mingw32\32\libgcc
GNU AS 2.24.51
GNU C 4.9.2 -m32 -mtune=generic -march=x86-64 -g -O2 -O2 -O2 -fbuilding-libgcc -fno-stack-protector
../../../../../../src/gcc-4.9.2/libgcc/libgcc2.c
C:\crossdev\gccmaster\build-tdm64\gcc\x86_64-w64-mingw32\32\libgcc
unsigned int
short unsigned int
long int
long long int
sizetype
long unsigned int
unsigned char
double
long double
short int
ix86_tune_indices
X86_TUNE_SCHEDULE
X86_TUNE_PARTIAL_REG_DEPENDENCY
X86_TUNE_SSE_PARTIAL_REG_DEPENDENCY
X86_TUNE_SSE_SPLIT_REGS
X86_TUNE_PARTIAL_FLAG_REG_STALL
X86_TUNE_MOVX
X86_TUNE_MEMORY_MISMATCH_STALL
X86_TUNE_FUSE_CMP_AND_BRANCH_32
X86_TUNE_FUSE_CMP_AND_BRANCH_64
X86_TUNE_FUSE_CMP_AND_BRANCH_SOFLAGS
X86_TUNE_FUSE_ALU_AND_BRANCH
X86_TUNE_REASSOC_INT_TO_PARALLEL
X86_TUNE_REASSOC_FP_TO_PARALLEL
X86_TUNE_ACCUMULATE_OUTGOING_ARGS
X86_TUNE_PROLOGUE_USING_MOVE
X86_TUNE_EPILOGUE_USING_MOVE
X86_TUNE_USE_LEAVE
X86_TUNE_PUSH_MEMORY
X86_TUNE_SINGLE_PUSH
X86_TUNE_DOUBLE_PUSH
X86_TUNE_SINGLE_POP
X86_TUNE_DOUBLE_POP
X86_TUNE_PAD_SHORT_FUNCTION
X86_TUNE_PAD_RETURNS
X86_TUNE_FOUR_JUMP_LIMIT
X86_TUNE_SOFTWARE_PREFETCHING_BENEFICIAL
X86_TUNE_LCP_STALL
X86_TUNE_READ_MODIFY
X86_TUNE_USE_INCDEC
X86_TUNE_INTEGER_DFMODE_MOVES
X86_TUNE_OPT_AGU
X86_TUNE_AVOID_LEA_FOR_ADDR
X86_TUNE_SLOW_IMUL_IMM32_MEM
X86_TUNE_SLOW_IMUL_IMM8
X86_TUNE_AVOID_MEM_OPND_FOR_CMOVE
X86_TUNE_SINGLE_STRINGOP
X86_TUNE_MISALIGNED_MOVE_STRING_PRO_EPILOGUES
X86_TUNE_USE_SAHF
X86_TUNE_USE_CLTD
X86_TUNE_USE_BT
X86_TUNE_USE_HIMODE_FIOP
X86_TUNE_USE_SIMODE_FIOP
X86_TUNE_USE_FFREEP
X86_TUNE_EXT_80387_CONSTANTS
X86_TUNE_VECTORIZE_DOUBLE
X86_TUNE_GENERAL_REGS_SSE_SPILL
X86_TUNE_SSE_UNALIGNED_LOAD_OPTIMAL
X86_TUNE_SSE_UNALIGNED_STORE_OPTIMAL
X86_TUNE_SSE_PACKED_SINGLE_INSN_OPTIMAL
X86_TUNE_SSE_TYPELESS_STORES
X86_TUNE_SSE_LOAD0_BY_PXOR
X86_TUNE_INTER_UNIT_MOVES_TO_VEC
X86_TUNE_INTER_UNIT_MOVES_FROM_VEC
X86_TUNE_INTER_UNIT_CONVERSIONS
X86_TUNE_SPLIT_MEM_OPND_FOR_FP_CONVERTS
X86_TUNE_USE_VECTOR_FP_CONVERTS
X86_TUNE_USE_VECTOR_CONVERTS
X86_TUNE_AVX256_UNALIGNED_LOAD_OPTIMAL
X86_TUNE_AVX256_UNALIGNED_STORE_OPTIMAL
X86_TUNE_AVX128_OPTIMAL
X86_TUNE_DOUBLE_WITH_ADD
X86_TUNE_ALWAYS_FANCY_MATH_387
X86_TUNE_UNROLL_STRLEN
X86_TUNE_SHIFT1
X86_TUNE_ZERO_EXTEND_WITH_AND
X86_TUNE_PROMOTE_HIMODE_IMUL
X86_TUNE_FAST_PREFIX
X86_TUNE_READ_MODIFY_WRITE
X86_TUNE_MOVE_M1_VIA_OR
X86_TUNE_NOT_UNPAIRABLE
X86_TUNE_PARTIAL_REG_STALL
X86_TUNE_PROMOTE_QIMODE
X86_TUNE_PROMOTE_HI_REGS
X86_TUNE_HIMODE_MATH
X86_TUNE_SPLIT_LONG_MOVES
X86_TUNE_USE_XCHGB
X86_TUNE_USE_MOV0
X86_TUNE_NOT_VECTORMODE
X86_TUNE_AVOID_VECTOR_DECODE
X86_TUNE_AVOID_FALSE_DEP_FOR_BMI
X86_TUNE_BRANCH_PREDICTION_HINTS
X86_TUNE_QIMODE_MATH
X86_TUNE_PROMOTE_QI_REGS
X86_TUNE_ADJUST_UNROLL
X86_TUNE_LAST
ix86_arch_indices
X86_ARCH_CMOV
X86_ARCH_CMPXCHG
X86_ARCH_CMPXCHG8B
X86_ARCH_XADD
X86_ARCH_BSWAP
X86_ARCH_LAST
signed char
long long unsigned int
complex float
complex double
complex long double
__float128
__unknown__
func_ptr
__CTOR_LIST__
__DTOR_LIST__
GNU C 4.9.2 -m32 -mtune=generic -march=x86-64 -g -O2 -std=gnu99
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/misc/mingw_matherr.c
_MINGW_INSTALL_DEBUG_MATHERR
GNU C 4.9.2 -m32 -mtune=generic -march=x86-64 -g -O2 -std=gnu99
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/misc/invalid_parameter_handler.c
unsigned int
uintptr_t
wchar_t
short unsigned int
long int
long long int
sizetype
long unsigned int
unsigned char
signed char
short int
long long unsigned int
LONG_PTR
double
long double
tagCOINITBASE
COINITBASE_MULTITHREADED
VARENUM
VT_EMPTY
VT_NULL
VT_DATE
VT_BSTR
VT_DISPATCH
VT_ERROR
VT_BOOL
VT_VARIANT
VT_UNKNOWN
VT_DECIMAL
VT_UI1
VT_UI2
VT_UI4
VT_UI8
VT_INT
VT_UINT
VT_VOID
VT_HRESULT
VT_PTR
VT_SAFEARRAY
VT_CARRAY
VT_USERDEFINED
VT_LPSTR
VT_LPWSTR
VT_RECORD
VT_INT_PTR
VT_UINT_PTR
VT_FILETIME
VT_BLOB
VT_STREAM
VT_STORAGE
VT_STREAMED_OBJECT
VT_STORED_OBJECT
VT_BLOB_OBJECT
VT_CLSID
VT_VERSIONED_STREAM
VT_BSTR_BLOB
VT_VECTOR
VT_ARRAY
VT_BYREF
VT_RESERVED
VT_ILLEGAL
VT_ILLEGALMASKED
VT_TYPEMASK
_InterlockedExchange
Target
InterlockedExchange
Target
mingw_get_invalid_parameter_handler
mingw_set_invalid_parameter_handler
new_handler
handler
_imp___set_invalid_parameter_handler
_imp___get_invalid_parameter_handler
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/crt
C:/crossdev/gccmaster/host-toolchain-tdm64/x86_64-w64-mingw32/include/psdk_inc
C:/crossdev/gccmaster/host-toolchain-tdm64/x86_64-w64-mingw32/include
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/include
crtexe.c
intrin-impl.h
crtdefs.h
winnt.h
minwindef.h
basetsd.h
errhandlingapi.h
processthreadsapi.h
stdlib.h
combaseapi.h
wtypes.h
internal.h
math.h
tchar.h
interlockedapi.h
ctype.h
string.h
process.h
$pN8$*@4
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/crt
C:/crossdev/gccmaster/host-toolchain-tdm64/x86_64-w64-mingw32/include
tlssup.c
crtdefs.h
minwindef.h
basetsd.h
winnt.h
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/crt
C:/crossdev/gccmaster/host-toolchain-tdm64/x86_64-w64-mingw32/include
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/include
charmax.c
combaseapi.h
wtypes.h
internal.h
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/crt
C:/crossdev/gccmaster/host-toolchain-tdm64/x86_64-w64-mingw32/include
mingw_helpers.c
combaseapi.h
wtypes.h
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/crt
xtxtmode.c
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/crt
C:/crossdev/gccmaster/host-toolchain-tdm64/x86_64-w64-mingw32/include
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/include
atonexit.c
combaseapi.h
wtypes.h
stdlib.h
internal.h
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/crt
_newmode.c
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/crt
wildcard.c
C:/crossdev/gccmaster/host-toolchain-tdm64/x86_64-w64-mingw32/include
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/crt
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/include
combaseapi.h
wtypes.h
natstart.c
internal.h
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/crt
C:/crossdev/gccmaster/host-toolchain-tdm64/x86_64-w64-mingw32/include
crt_handler.c
winnt.h
minwindef.h
basetsd.h
errhandlingapi.h
combaseapi.h
wtypes.h
signal.h
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/crt
cinitexe.c
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/crt
dllargv.c
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/crt
C:/crossdev/gccmaster/host-toolchain-tdm64/x86_64-w64-mingw32/include
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/include
merr.c
combaseapi.h
wtypes.h
internal.h
math.h
stdio.h
,LLLKGKMGN
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/crt
C:/crossdev/gccmaster/host-toolchain-tdm64/x86_64-w64-mingw32/include
pseudo-reloc.c
vadefs.h
crtdefs.h
minwindef.h
basetsd.h
winnt.h
combaseapi.h
wtypes.h
stdio.h
<built-in>
stdlib.h
uW=ZLd
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/crt
CRT_fp10.c
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/crt
C:/crossdev/gccmaster/host-toolchain-tdm64/x86_64-w64-mingw32/include
gccmain.c
combaseapi.h
wtypes.h
crtdefs.h
stdlib.h
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/crt
C:/crossdev/gccmaster/host-toolchain-tdm64/x86_64-w64-mingw32/include
gs_support.c
winnt.h
minwindef.h
basetsd.h
stdlib.h
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/crt
tlsmcrt.c
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/crt
C:/crossdev/gccmaster/host-toolchain-tdm64/x86_64-w64-mingw32/include
tlsthrd.c
crtdefs.h
minwindef.h
basetsd.h
winnt.h
minwinbase.h
stdlib.h
=-/1Mq/vhV?hq?g->
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/crt
pseudo-reloc-list.c
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/crt
C:/crossdev/gccmaster/host-toolchain-tdm64/x86_64-w64-mingw32/include
pesect.c
crtdefs.h
minwindef.h
basetsd.h
winnt.h
string.h
uqdR/lR
../../../../../../src/gcc-4.9.2/libgcc/config/i386
cygwin.S
""YK0g=YY0/>""
../../../../../../src/gcc-4.9.2/libgcc/../gcc/config/i386
../../../../../../src/gcc-4.9.2/libgcc
i386.h
libgcc2.c
gbl-ctors.h
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/misc
mingw_matherr.c
C:/crossdev/src/mingw-w64-v3-git/mingw-w64-crt/misc
C:/crossdev/gccmaster/host-toolchain-tdm64/x86_64-w64-mingw32/include/psdk_inc
C:/crossdev/gccmaster/host-toolchain-tdm64/x86_64-w64-mingw32/include
invalid_parameter_handler.c
intrin-impl.h
crtdefs.h
basetsd.h
winnt.h
combaseapi.h
wtypes.h
interlockedapi.h
Destination
Subsystem
CheckSum
SizeOfImage
BaseOfCode
SectionAlignment
MinorSubsystemVersion
DataDirectory
SizeOfStackCommit
ImageBase
SizeOfCode
MajorLinkerVersion
Comperand
SizeOfHeapReserve
SizeOfInitializedData
SizeOfStackReserve
SizeOfHeapCommit
MinorLinkerVersion
__enative_startup_state
SizeOfUninitializedData
AddressOfEntryPoint
MajorSubsystemVersion
SizeOfHeaders
MajorOperatingSystemVersion
FileAlignment
NumberOfRvaAndSizes
ExceptionRecord
DllCharacteristics
MinorImageVersion
MinorOperatingSystemVersion
LoaderFlags
Win32VersionValue
MajorImageVersion
hDllHandle
lpreserved
dwReason
__enative_startup_state
ExceptionRecord
sSecInfo
ExceptionRecord
HighPart
pSection
TimeDateStamp
pNTHeader
Characteristics
pImageBase
VirtualAddress
iSection
crtexe.c
_argret
_mainret
crtbegin.c
Main.cpp
.rdata
tlssup.c
___xd_a
___xd_z
.CRT$XLD$
.CRT$XLC
.rdata
.CRT$XDZ0
.CRT$XDA,
.CRT$XLZ(
.CRT$XLA
.tls$ZZZ
.tls$AAA
charmax.c
.CRT$XIC
mingw_helpers.c
xtxtmode.c
atonexit.c
_atexit
_newmode.c
wildcard.c
natstart.c
crt_handler.c
cinitexe.c
.CRT$XCZ
.CRT$XCA
.CRT$XIZ
.CRT$XIA
dllargv.c
merr.c
.rdata
pseudo-reloc.c
.rdata
CRT_fp10.c
_fpresetp
gccmain.c
_p.60020
___main
gs_support.c
.rdata
tlsmcrt.c
tlsthrd.c
pesect.c
libgcc2.c
mingw_matherr.c
.idata$7
.idata$5
.idata$4
.idata$6
.idata$7
.idata$5
.idata$4
.idata$6j
.idata$7
.idata$5
.idata$4
.idata$6(
.idata$7
.idata$5
.idata$4
.idata$6D
.idata$7
.idata$5
.idata$4
.idata$6
_handler$
.idata$7
.idata$5
.idata$4
.idata$6
.idata$7
.idata$5
.idata$4
.idata$6
.idata$7
.idata$5
.idata$4
.idata$6
.idata$7
.idata$5
.idata$4
.idata$6
.idata$7
.idata$5
.idata$4
.idata$6t
.idata$7
.idata$5
.idata$4
.idata$6
.idata$7
.idata$5
.idata$4
.idata$6
.idata$7
.idata$5
.idata$4
.idata$6
.idata$7
.idata$5
.idata$4
.idata$6
.idata$7
.idata$5
.idata$4
.idata$6
.idata$7
.idata$5
.idata$4
.idata$6
.idata$7
.idata$5
.idata$4
.idata$6
.idata$7
.idata$5
.idata$4
.idata$6
.idata$7
.idata$5
.idata$4
.idata$6V
.idata$7
.idata$5
.idata$4
.idata$6
.idata$7
.idata$5
.idata$4
.idata$6
.idata$7(
.idata$5
.idata$4$
.idata$6.
.idata$7
.idata$5
.idata$4
.idata$6
.idata$7
.idata$5
.idata$4
.idata$6
.idata$7
.idata$5
.idata$4
.idata$6
.idata$7$
.idata$5
.idata$4
.idata$6$
fthunk
.idata$2(
.idata$4
.idata$5
.idata$4(
.idata$5
.idata$7,
fthunk
.idata$2
.idata$4P
.idata$5,
.idata$4d
.idata$5@
.idata$7P
fthunk
.idata$2
.idata$4h
.idata$5D
.idata$4
.idata$5
.idata$7
crtend.c
.idata$7
.idata$5
.idata$4
.idata$64
.idata$7<
.idata$5,
.idata$4P
.idata$6
.idata$7H
.idata$58
.idata$4\
.idata$6B
.idata$7D
.idata$54
.idata$4X
.idata$62
.idata$7@
.idata$50
.idata$4T
.idata$6
.idata$7L
.idata$5<
.idata$4`
.idata$6T
.idata$7
.idata$5x
.idata$4
.idata$6
.idata$7
.idata$5t
.idata$4
.idata$6t
.idata$7x
.idata$5\
.idata$4
.idata$6
.idata$7
.idata$5
.idata$4
.idata$6
.idata$7
.idata$5
.idata$4
.idata$6
.idata$7
.idata$5
.idata$4
.idata$6
.idata$7t
.idata$5X
.idata$4|
.idata$6
.idata$7|
.idata$5`
.idata$4
.idata$6
.idata$7l
.idata$5P
.idata$4t
.idata$6
.idata$7p
.idata$5T
.idata$4x
.idata$6
.idata$7
.idata$5d
.idata$4
.idata$6
.idata$7
.idata$5p
.idata$4
.idata$6Z
.idata$7
.idata$5
.idata$4
.idata$6
.idata$7h
.idata$5L
.idata$4p
.idata$6
.idata$7
.idata$5|
.idata$4
.idata$6
.idata$7d
.idata$5H
.idata$4l
.idata$6
.idata$7
.idata$5
.idata$4
.idata$6
.idata$7
.idata$5l
.idata$4
.idata$6B
.idata$7`
.idata$5D
.idata$4h
.idata$6j
.idata$7
.idata$5h
.idata$4
.idata$6&
__cexit
___xi_a
___xl_c
___xl_z
__unlock
__dll__
_fwrite
___xc_a
_memcpy
___xl_a
___xl_d
__CRT_MT
_fprintf
_calloc
__fmode
__lock
___xc_z
__end__
_rawData@
_signal
_malloc
_abort
___xi_z
_strncmp
_strlen
_Sleep@4
.debug_aranges
.debug_info
.debug_abbrev
.debug_line
.debug_frame
.debug_str
.debug_loc
.debug_ranges
___mingw_invalidParameterHandler
_pre_c_init
_managedapp
_pre_cpp_init
_startinfo
___tmainCRTStartup
_has_cctor
_WinMainCRTStartup
_mainCRTStartup
.CRT$XCAA
.CRT$XIAA
.debug_info
.debug_abbrev
.debug_loc
.debug_aranges
.debug_ranges
.debug_line
.debug_str
.rdata$zzz
.debug_frame
__Z9getNtHdrsPh
__Z8peLoaderPh
__ZL27PrivateKeyWithExponentOfOne
__ZL24SimpleBlobRC4KeyTemplate
__Z11EncryptDataPhiS_Pm
___dyn_tls_dtor@12
___dyn_tls_init@12
___tlregdtor
_my_lconv_init
__decode_pointer
__encode_pointer
_mingw_onexit
__gnu_exception_handler@4
__setargv
___mingw_raise_matherr
_stUserMathErr
___mingw_setusermatherr
__matherr
_CSWTCH.5
___report_error
_mark_section_writable
_maxSections
_the_secs
__pei386_runtime_relocator
_was_init.60804
__fpreset
___do_global_dtors
___do_global_ctors
_initialized
___security_init_cookie
.data$__security_cookie
.data$__security_cookie_complement
___report_gsfailure
_GS_ExceptionRecord
_GS_ContextRecord
_GS_ExceptionPointers
___mingwthr_run_key_dtors.part.0
___mingwthr_cs
_key_dtor_list
____w64_mingwthr_add_key_dtor
___mingwthr_cs_init
____w64_mingwthr_remove_key_dtor
___mingw_TLScallback
pseudo-reloc-list.c
__ValidateImageBase.part.0
__ValidateImageBase
__FindPESection
__FindPESectionByName
___mingw_GetSectionForAddress
___mingw_GetSectionCount
__FindPESectionExec
__GetPEImageBase
__IsNonwritableInCurrentImage
___mingw_enum_import_library_names
_mingw_get_invalid_parameter_handler
__get_invalid_parameter_handler
_mingw_set_invalid_parameter_handler
__set_invalid_parameter_handler
invalid_parameter_handler.c
_VirtualProtect@16
___RUNTIME_PSEUDO_RELOC_LIST__
_QueryPerformanceCounter@4
__data_start__
___DTOR_LIST__
__imp__VirtualProtect@16
__imp___acmdln
___setusermatherr
_UnhandledExceptionFilter@4
__imp___onexit
__imp__GetLastError@0
_SetUnhandledExceptionFilter@4
__imp__VirtualQuery@12
___tls_start__
___native_startup_lock
__lib32_libadvapi32_a_iname
__imp__TlsGetValue@4
__imp__InitializeCriticalSection@4
_DeleteCriticalSection@4
__rt_psrelocs_start
__imp__abort
__dll_characteristics__
__size_of_stack_commit__
__imp__CryptDestroyKey@4
__imp___fmode
__size_of_stack_reserve__
__major_subsystem_version__
___crt_xl_start__
__newmode
___crt_xi_start__
__imp___amsg_exit
___crt_xi_end__
_VirtualAlloc@16
_GetLastError@0
__imp__QueryPerformanceCounter@4
_VirtualQuery@12
_mingw_initltsdrot_force
__imp___iob
__dowildcard
__imp__strncmp
_CryptReleaseContext@8
__bss_start__
_CryptEncrypt@28
___RUNTIME_PSEUDO_RELOC_LIST_END__
__size_of_heap_commit__
___onexitend
__imp__GetCurrentProcess@0
_mingw_pcinit
___crt_xp_start__
__MINGW_INSTALL_DEBUG_MATHERR
_CryptDestroyKey@4
___crt_xp_end__
__imp__signal
__minor_os_version__
_GetTickCount@0
__image_base__
__imp__exit
__section_alignment__
__imp__GetStartupInfoA@4
__IAT_end__
__imp____lconv_init
__RUNTIME_PSEUDO_RELOC_LIST__
__tls_start
___native_startup_state
__data_end__
___getmainargs
__CTOR_LIST__
___onexitbegin
___set_app_type
_CryptAcquireContextA@20
__charmax
___mingw_winmain_lpCmdLine
__bss_end__
___security_cookie_complement
___crt_xc_end__
__tls_index
__imp__GetTickCount@0
___crt_xc_start__
__lib32_libkernel32_a_iname
___CTOR_LIST__
__imp__GetCurrentProcessId@0
_mingw_app_type
__initterm
__imp__TerminateProcess@8
__rt_psrelocs_size
_GetStartupInfoA@4
_GetCurrentProcessId@0
__imp____dllonexit
__imp__CryptAcquireContextA@20
__imp__memcpy
__file_alignment__
__imp___unlock
__head_lib32_libmsvcrt_a
__imp__LeaveCriticalSection@4
__imp__malloc
__imp__CryptReleaseContext@8
___mingw_pinit
__major_os_version__
__lib32_libmsvcrt_a_iname
__IAT_start__
__tls_end
__imp__CryptEncrypt@28
__imp____initenv
__imp___get_invalid_parameter_handler
___dllonexit
__imp___lock
__DTOR_LIST__
__imp__fprintf
_TerminateProcess@8
_EnterCriticalSection@4
__imp___initterm
_GetCurrentThreadId@0
__size_of_heap_reserve__
___crt_xt_start__
___ImageBase
__subsystem__
__imp__strlen
___mingw_oldexcpt_handler
__imp__calloc
___native_vcclrit_reason
__imp__GetSystemTimeAsFileTime@4
___lconv_init
__amsg_exit
__imp____getmainargs
___mingw_winmain_nShowCmd
___native_dllmain_reason
___tls_end__
_GetSystemTimeAsFileTime@4
_mingw_pcppinit
_GetCurrentProcess@0
_mingw_initltssuo_force
_InitializeCriticalSection@4
__imp__free
__imp__SetUnhandledExceptionFilter@4
__imp___set_invalid_parameter_handler
__major_image_version__
__loader_flags__
__imp__UnhandledExceptionFilter@4
__head_lib32_libkernel32_a
__imp__CryptImportKey@24
___chkstk_ms
__rt_psrelocs_end
__imp___cexit
__minor_subsystem_version__
__minor_image_version__
__imp__Sleep@4
__imp__vfprintf
__imp____set_app_type
___mingw_winmain_hInstance
_mingw_initltsdyn_force
__imp__GetCurrentThreadId@0
_TlsGetValue@4
__imp__DeleteCriticalSection@4
___security_cookie
_LeaveCriticalSection@4
__head_lib32_libadvapi32_a
__RUNTIME_PSEUDO_RELOC_LIST_END__
_CryptImportKey@24
___dyn_tls_init_callback
_mingw_initcharmax
__imp____setusermatherr
__tls_used
___crt_xt_end__
__imp__VirtualAlloc@16
_vfprintf
__imp__EnterCriticalSection@4
__imp__fwrite
Error: %s
RequiresElevation
msiexec.exe
-I "%s" %s
.application
Application appears to be a VSTO manifest
CommonFilesFolder
Microsoft Shared\VSTO
vstoee.dll
Installing VSTO solution via vstoee
InstallSolution failed with HRESULT '%d'
Application appears to be a WPF Browser Application
Application appears to be an application manifest
dfshim.dll
Launching application manifest via dfshim
LaunchApplication failed with HRESULT '%d'
iexplore.exe
Unable to find local path for '%s' at '%s'
crypt32.dll
Unable to load Crypto dll '%s'
Unable to find functions '%s' and '%s' in '%s'
Wintrust not found on machine
Will attempt to elevate process.
Running command '%s' with arguments '%s'
ShellExecuteEx failed with error code %d
Amscoree.dll
v4.0.0
Looking up path for special folder '%s'
Unable to find special folder
Running check with folder '%s' and file '%s'
Unable to find directory '%s'
Error constructing path: The pathname principles exceed _MAX_PATH.
Attempting to find file '%s'
File version is '%s'
Could not determine file version
Could not find file '%s' in folder '%s'
%s\*.*
Reading default value of registry key '%s'
Reading value '%s' of registry key '%s'
Read string value '%s'
Read integer value %d
Unable to read registry value
Property
Property not specified for Install Check.
No Name value specified for Assembly Check '%s'
PublicKeyToken
No PublicKeyToken value specified for Assembly Check '%s'.
Version
No Version value specified for Assembly Check '%s'.
Culture
neutral
ProcessorArchitecture
fusion.dll
Could not Create AssemblyName
Could not get AssemblyCache
Unable to find assembly in GAC
AssemblyCheck: Error creating assembly name object
AssemblyCheck: Error setting assembly name: %d
AssemblyCheck: error setting major version number: %d
AssemblyCheck: error setting minor version number: %d
AssemblyCheck: error setting build number: %d
AssemblyCheck: error setting revision number: %d
AssemblyCheck: error setting public key token: %d
AssemblyCheck: error setting culture: %d
AssemblyCheck: Error setting culture: %d
AssemblyCheck: Error getting display name: %d
, processorArchitecture=
Attempting to find '%s' in the Global Assembly Cache
AssemblyCheck: Error creating assembly cache: %d
AssemblyCheck: Error querying assembly info: %d
Assembly found at '%s'
Did not recognize PEKIND '%s'. Using 'none' instead
FileName
No FileName value specified for File Check '%s'.
SearchPath
SpecialFolder
SearchDepth
No Key value specified for Registry Check '%s'.
No Key value specified for Registry File Check '%s'.
Registry return value is not a string
Product
Feature
msi.dll
Could not load msi.dll
No ProductCode specified in MsiProductCheck
Could not find MsiQueryProductState function
Running MsiProductCheck with ProductCode '%s'
MsiQueryProductState returned '%d'
Could not find MsiQueryFeatureState function
Running MsiFeatureCheck with ProductCode '%s' and FeatureCode '%s'
MsiQueryFeatureState returned '%d'
PackageFile
No PackageFile specified for External Check '%s'.
Arguments
Running external check with command '%s' and parameters '%s'
Running external check, and writing to log file '%s'
Process exited with code %d
rNo PackageFile specified for package '%s'.
EstimatedInstalledBytes
EstimatedTempBytes
EstimatedInstallSeconds
InstallConditions
ExitCodes
-I "%s" -q %s
Installing using command '%s' and parameters '%s'
Installing with log file '%s'
Unable to run create process. GetLastError returned: %d
Unable to get process exitcode.
BypassIf
FailIf
Running checks for command '%s'
Bypass
Result of checks for command '%s' is '%s'
Result of checks for command '%s' is 'Install'
AValueEqualTo
AValueLessThan
AValueGreaterThan
AVersionEqualTo
AVersionLessThan
AVersionGreaterThan
Can not convert type to a version
Invalid comparison type
Unrecognized comparison type
Comparison
AValueNotEqualTo
AValueLessThanOrEqualTo
AValueGreaterThanEqualTo
AVersionNotEqualTo
AVersionLessThanOrEqualTo
AVersionGreaterThanOrEqualTo
AValueExists
AValueNotExists
Could not determine Condition Type '%s' for Package '%s'.
Could not determine Property of '%s' Condition for Package '%s'.
Compare
No Compare value specified in '%s' Condition for Package '%s'.
ValueGreaterThanOrEqualTo
Could not determine Compare operator '%s' for Package '%s'.
Schedule
ByPassIf
Skipping %s because Property '%s' was not defined
Result of running operator '%s' on property '%s': %s
Result of running operator '%s' on property '%s' and value '%s': %s
Could not open configuration file.
Reached the end of the file.
%s="%s"
Begin %s
End %s
ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz
msctls_trackbar32
kernel32.dll
ExitCode
DefaultExitCode
Result
No Result value found specified for Exit Code.
FailReboot
Success
SuccessReboot
Could not determine Result '%s' for Exit Code.
FormatMessageFromSystem
TargetPath
UrlName
PublicKey
HomeSite
Aurlmon.dll
WSoftware\Microsoft\VisualStudio\Setup
DownloadManager
http://
Downloading "%s" instead of "%s"
URLDownloadToCacheFile failed with HRESULT '%d'
File '%s' not found. Skipping file copy.
File '%s' already copied. Skipping file copy.
Copying from '%s' to '%s'
(%s) Downloading '%s' from '%s' to '%s'
Download completed at %s
%s {string}
%s {boolean}
%s {version}
%d {int}
{empty}
VersionMsi
ApplicationName
Package
Installed
Package '%s' has not been installed
Package '%s' has been installed
Writing Reboot Information to '%s'
Unknown
%d.%d.%d
Version9x
VersionNT
NTProductType
AdminUser
InstallMode
SpecificSite
SameSite
The following properties have been set:
Property: [%s] =
No Install Needed
Install Needed
Installing
Install Succeeded
Install Failed
Launch condition Failed
, Reboot needed
, Reboot deferred
BuildList
BeforePackage
AfterPackage
Always
PackageCode
LicenseAgreement
InstallChecks
PackageFiles
CopyAllPackageFiles
IfNotHomeSite
Schedules
Commands
Command
Running checks for package '%s', phase
Setting value '
' for property '%s'
Not setting value for property '%s'
The following properties have been set for package '%s':
'%s' RunCheck result:
FileCheck
RegistryCheck
RegistryFileCheck
MsiProductCheck
ExternalCheck
AssemblyCheck
Could not determine Check type '%s' for Package '%s'.
Reboot
BError loading library "%s"
vsbootstrapper
SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
BASEURL
COMPONENTSURL
SUPPORTURL
HOMESITE
SETUPCFG
An error occurred attempting to extract setup configuration file.
SETUPRES
FILEKEY
FILEDATA
Unable to set RunOnce key. RegCreateKey failed with error code '%d'
Unable to set RunOnce key. RegSetValue failed with error code '%d'
WindowsVolume
EULA for components '%s' was declined.
EULA for components '%s' was accepted.
Installation of components '%s' was declined.
Installation of components '%s' was accepted.
Downloading failed with HRESULT=%d
Unable to create system snapshot
Unable to access process information
Unable to find current process
Unable to access process information (2nd time)
Unable to find parent process
Unable to open parent process
Unable to get exit code for parent process (first time)
Unable to get exit code for parent process
Timed out waiting for parent process to finish.
Timed out waiting to open destination file for writing - ERROR_SHARING_VIOLATION
Unknown error trying to open destination file for writing
Failed to wait for parent process to end before creating new setup.exe.This is not a fatal error - however, setup.exe may not be able to be recopied. Error message is: %s
componentsurl
homesite
afterreboot
-dest="
Status of package '%s' after install is 'InstallNeeded'
Status of package '%s' after install is 'Installing'
Status of package '%s' after install is 'InstallSucceeded'
Status of package '%s' after install is 'InstallUnknown'
Status of package '%s' after install is 'InstallFailed'
Status of package '%s' after install is 'LaunchConditionFailed'
Status of package '%s' after install is 'Fail'
Intel64
riched20.dll
install.log
Resuming after a reboot. Original Application location: '%s'
There is a reboot pending
Application
afterreboot.cfg
The following error occurred initializing the bootstrapper: "%s"
A prerequisite failed for Package "%s"
Package failed with message "%s"
Copying files to temporary directory "%s"
Downloading files to "%s"
-afterreboot="%s" %s
User has cancelled install
Application targets %s platform, installed on %s
Download of Application file failed with result %d
Launching Application.
BFonts
BaseFont
BoldFont
FontName
CharSet
Height
Weight
eula.rtf
HKEY_CLASSES_ROOT
HKEY_CURRENT_USER
HKEY_LOCAL_MACHINE
HKEY_USERS
%d.%d.%d.%d
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer
InstallerLocation
Service Pack 6
shell32.dll
advapi32.dll
SeShutdownPrivilege
%s%s%s
shfolder.dll
AppDataFolder
APPDATA
CommonAppDataFolder
CommonProgramFilesFolder
LocalAppDataFolder
ProgramFilesFolder
ProgramFiles
StartupFolder
SystemFolder
WindowsFolder
windir
Verifying file integrity of %s
No hash or public key info found.
Verifying file hash
Microsoft Enhanced RSA and AES Cryptographic Provider
Microsoft Enhanced RSA and AES Cryptographic Provider (Prototype)
wintrust.dll
Wintrust not found on machine.
Could not get procedures out of Wintrust.
WinVerifyTrust returned %d
Wintrust not on machine
File not signed
File trusted
Subject form unknown
File not trusted
tIsInCorpnetHook
microsoft.com
KERNEL32.DLL
- not enough space for arguments
- not enough space for environment
- abort() has been called
- not enough space for thread data
- unexpected multithread lock error
- unexpected heap error
- unable to open console device
- not enough space for _onexit/atexit table
- pure virtual function call
- not enough space for stdio initialization
- not enough space for lowio initialization
- unable to initialize heap
- CRT not initialized
- Attempt to initialize the CRT more than once.
This indicates a bug in your application.
- not enough space for locale information
- Attempt to use MSIL code from this assembly during native code initialization
This indicates a bug in your application. It is most likely the result of calling an MSIL-compiled (/clr) function from a native constructor or from DllMain.
- inconsistent onexit begin-end variables
DOMAIN error
SING error
TLOSS error
runtime error
@R6002
- floating point support not loaded
Runtime Error!
Program:
<program name unknown>
Microsoft Visual C++ Runtime Library
@ja-JP
Sunday
Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
January
February
August
September
October
November
December
MM/dd/yy
dddd, MMMM dd, yyyy
HH:mm:ss
CLC_ALL
LC_COLLATE
LC_CTYPE
LC_MONETARY
LC_NUMERIC
LC_TIME
(null)
((((( H
h(((( H
H
USER32.DLL
american
american english
american-english
australian
belgian
canadian
chinese
chinese-hongkong
chinese-simplified
chinese-singapore
chinese-traditional
dutch-belgian
english-american
english-aus
english-belize
english-can
english-caribbean
english-ire
english-jamaica
english-nz
english-south africa
english-trinidad y tobago
english-uk
english-us
english-usa
french-belgian
french-canadian
french-luxembourg
french-swiss
german-austrian
german-lichtenstein
german-luxembourg
german-swiss
irish-english
italian-swiss
norwegian
norwegian-bokmal
norwegian-nynorsk
portuguese-brazilian
spanish-argentina
spanish-bolivia
spanish-chile
spanish-colombia
spanish-costa rica
spanish-dominican republic
spanish-ecuador
spanish-el salvador
spanish-guatemala
spanish-honduras
spanish-mexican
spanish-modern
spanish-nicaragua
spanish-panama
spanish-paraguay
spanish-peru
spanish-puerto rico
spanish-uruguay
spanish-venezuela
swedish-finland
america
britain
england
great britain
holland
hong-kong
new-zealand
pr china
pr-china
puerto-rico
slovak
south africa
south korea
south-africa
south-korea
trinidad & tobago
united-kingdom
united-states
zh-CHS
az-AZ-Latn
uz-UZ-Latn
kok-IN
syr-SY
div-MV
quz-BO
sr-SP-Latn
az-AZ-Cyrl
uz-UZ-Cyrl
quz-EC
sr-SP-Cyrl
quz-PE
smj-NO
bs-BA-Latn
smj-SE
sr-BA-Latn
sma-NO
sr-BA-Cyrl
sma-SE
sms-FI
smn-FI
zh-CHT
az-az-cyrl
az-az-latn
bs-ba-latn
div-mv
kok-in
quz-bo
quz-ec
quz-pe
sma-no
sma-se
smj-no
smj-se
smn-fi
sms-fi
sr-ba-cyrl
sr-ba-latn
sr-sp-cyrl
sr-sp-latn
syr-sy
uz-uz-cyrl
uz-uz-latn
zh-chs
zh-cht
CONOUT$
0123456789abcdef
Aacute
Agrave
Atilde
Ccedil
HEacute
Egrave
Iacute
Igrave
Ntilde
Oacute
Ograve
Oslash
Otilde
Uacute
Ugrave
Yacute
aacute
agrave
atilde
ccedil
eacute
egrave
iacute
igrave
ntilde
oacute
ograve
oslash
otilde
uacute
ugrave
yacute
UTF-16LE
UNICODE
DCLC\CpC
BASEURL
HOMESITE
SUPPORTURL
SETUPCFG
CULTURE
CODEPAGE
SETUPRES(
Dialog
MS Shell Dlg
MS Shell Dlg
RichEdit20W
MS Shell Dlg
msctls_progress32
VS_VERSION_INFO
StringFileInfo
040904b0
CompanyName
FileDescription
FileVersion
11.0.60315.1 built by: Q11REL
InternalName
setup.exe
LegalCopyright
Microsoft Corporation. All rights reserved.
OriginalFilename
setup.exe
ProductName
ProductVersion
11.0.60315.1
VarFileInfo
Translation
http://downloadcbm.tsspltd.com/
http://www.cbmcalculator.com/
Begin Application
Name="CBMCalculator"
RequiresElevation="false"
Begin Files
Begin File
Name="CBMCalculator.application"
UrlName="CBMCalculator.application"
End File
End Files
End Application
&Cancel
C&ontinue
C&lose
&Details >>
&Details <<
Choose 'Yes' to reboot now or 'No' to manually reboot later.
The computer must be rebooted before system update can be completed.
Copying required files...
Downloading required files...
%1 Setup
Installing %1...
An error occurred while installing system components for %1. Setup cannot continue until all system components have been successfully installed.
An error occurred while installing system components for %1. Setup cannot continue until all system components have been successfully installed. A reboot is required because system components have been updated.
Usage:\r\n -? or -h or -help : Show this dialog.\r\n -url or -componentsurl : Show the stored url and componentsurl for this setup.\r\n -url=<location> : Sets the url source to the specified location.\r\n -componentsurl=<location> : Sets the componentsurl to the specified location.\r\n -homesite=<true or false> : When set to true, downloads the components from their vendors' web site, overriding the componentsurl.\r\n\r\n All remaining command line arguments will be passed to the application install.
url=%1\r\ncomponentsurl=%2
(none)
This operation requires Windows 2000 or greater.
Component %1 has failed to install.
Component %1 has failed to install with the following error message:\r\n"%2"
See the setup log file located at '%1' for more information.
This will stop the installation. Are you sure you want to cancel?
Setup will stop after the install of the current component has completed. Any components that have been installed prior to canceling will not be uninstalled. Are you sure you want to cancel?
Downloading file %1!d! of %2!d!...
Setup was canceled by the user. A reboot is required because system components have been updated.
Setup must reboot before proceeding.
Prerequisite check for system component %1 failed.
Unable to satisfy all prerequisites for %1. Setup cannot continue until all system components have been successfully installed.
Setup is initializing components...
Setup canceled.
Downloading application files...
Component %1 requires a reboot before setup can continue.
The following components were successfully installed:
The following components were successfully installed but a reboot is required:
The following components were not installed:
The following components will install after reboot:
The following components failed to install:
Components
An error occurred attempting to install %1.
url=%1\r\ncomponentsurl=%2\r\nComponents will be downloaded from vendor web sites.
&Retry
Click here for support.
Date: %1
Prerequisite check for system component %1 failed with the following error message:\r\n"%2"
Details
Setup requires %1!d! MB of space on your hard drive, but only %2!d! MB are currently available. Click OK to continue installation or Cancel to stop the installation.
%1 Click OK to retry the download, or Cancel to exit setup.
For the following components:
Please read the following license agreement. Press the page down key to see the rest of the agreement.
View EULA for printing
Do you accept the terms of the pending License Agreement?
If you choose Don't Accept, install will close. To install you must accept this agreement.
&Accept
&Don't Accept
The following components will be installed on your machine:
No license agreement was provided for this component.
Do you wish to install these components?
If you choose Cancel, setup will exit.
&Install
&Cancel
%1 Setup
An error occurred while downloading a required component for %1. Setup cannot continue until all components have downloaded and installed successfully.
An error occurred trying to download '%1'.
Downloading returned HRESULT = %1!x!
The following package files could not be found:\r\n%1
Not enough memory is available to complete this operation.
Could not copy file '%1' to '%2'.
Could not copy file '%1' to '%2'.
Unable to locate file '%1' for package '%2'.
Setup has detected that the file '%1' has either changed since it was initially published or may be corrupt.
An error occurred while initializing.\r\n\r\nSetup will now exit.
An error occurred while downloading a required file. You may retry downloading the file or cancel setup.
Unable to locate file '%1' required for setup.
Setup for application '%1' requires Internet Explorer 3.0 or greater.
Setup cannot continue because another installation requires a reboot. Would you like to reboot now?
Setup cannot continue because another installation requires a reboot. Please contact your administrator.
Unable to locate application file '%1'.
You have selected to not accept the EULA.\r\nInstall will now exit.
You have selected to not install.\r\nInstall will now exit.
Cannot write EULA to disk for viewing.
Setup has detected that the publisher of file '%1' cannot be verified.
Setup has detected that the file '%1' has changed since it was initially published.
An error occurred downloading the following resource:
The following error occurred attempting to install '%1':\r\n"%2"
Unable to install the application from '%1' because there is no network connectivity. Try to install again later.
Unable to modify '%1'. The file may be read-only or locked.
This product is designed for %1 platform but is being installed on %2. Obtain the correct setup from the manufacturer.
Begin Fonts
Begin Font
Name="BaseFont"
FontName="MS Shell Dlg"
CharSet="0"
Height="-11"
Weight="0"
End Font
Begin Font
Name="BoldFont"
FontName="MS Shell Dlg"
CharSet="0"
Height="-11"
Weight="700"
End Font
End Fonts
VS_VERSION_INFO
StringFileInfo
040904E4
CompanyName
FileVersion
1.0.0.0
FileDescription
Sort Version Windows 6.0
InternalName
LegalCopyright
LegalTrademarks
OriginalFilename
ProductName
ProductVersion
1.0.0.0
VarFileInfo
Translation

Network

DNS Requests

Domain	IP Address	Destination Location
downloadcbm.tsspltd.com	52.4.96.36	US
www.bing.com	13.107.21.200	US
go.microsoft.com	23.10.88.237	US
www.bing.com	204.79.197.200	US
dns.msftncsi.com	131.107.255.255	US

HTTP Requests

http://downloadcbm.tsspltd.com/CBMCalculator.application

GET /CBMCalculator.application HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Host: downloadcbm.tsspltd.com
Connection: Keep-Alive

http://www.bing.com/favicon.ico

GET /favicon.ico HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Host: www.bing.com
Connection: Keep-Alive

http://downloadcbm.tsspltd.com/CBMCalculator.application

GET /CBMCalculator.application HTTP/1.1
Accept: */*
Accept-Language: en-us
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Range: bytes=3173-
Unless-Modified-Since: Wed, 05 Sep 2018 06:35:52 GMT
If-Range: "019dbb0e244d41:0"
Host: downloadcbm.tsspltd.com
Connection: Keep-Alive

http://downloadcbm.tsspltd.com/CBMCalculator.application

GET /CBMCalculator.application HTTP/1.1
Accept: */*
Accept-Language: en-us
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
If-Modified-Since: Wed, 05 Sep 2018 06:35:52 GMT
If-None-Match: "019dbb0e244d41:0"
Host: downloadcbm.tsspltd.com
Connection: Keep-Alive

http://downloadcbm.tsspltd.com/CBMCalculator.application

GET /CBMCalculator.application HTTP/1.1
Accept: */*
Accept-Language: en-us
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
If-Modified-Since: Wed, 05 Sep 2018 06:35:52 GMT
If-None-Match: "019dbb0e244d41:0"
Host: downloadcbm.tsspltd.com
Connection: Keep-Alive

http://downloadcbm.tsspltd.com/CBMCalculator.application

GET /CBMCalculator.application HTTP/1.1
Accept: */*
Accept-Language: en-us
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Range: bytes=3219-
Unless-Modified-Since: Wed, 05 Sep 2018 06:35:52 GMT
If-Range: "019dbb0e244d41:0"
Host: downloadcbm.tsspltd.com
Connection: Keep-Alive

http://downloadcbm.tsspltd.com/CBMCalculator.application

GET /CBMCalculator.application HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Host: downloadcbm.tsspltd.com
Connection: Keep-Alive

http://downloadcbm.tsspltd.com/CBMCalculator.application

GET /CBMCalculator.application HTTP/1.1
Host: downloadcbm.tsspltd.com
Accept-Encoding: gzip
Connection: Keep-Alive

http://downloadcbm.tsspltd.com/Application%20Files/CBMCalculator_2_0_0_52/CBMCalculator.exe.manifest

GET /Application%20Files/CBMCalculator_2_0_0_52/CBMCalculator.exe.manifest HTTP/1.1
Host: downloadcbm.tsspltd.com
Accept-Encoding: gzip

Hosts Involved

IP Address	Country of Origin
52.4.96.36	US
216.58.206.14	US
204.79.197.200	US

Geolocation

Destination Country

US:: 100%

File

Type: PE32 executable (GUI) Intel 80386, for MS Windows
CRC32: 89D9CD3E
MD5: 58c1ee90b749ccc5899e796745897d87
SHA1: 3c55272247905598c0c363e88a3dca7597376dea
SHA256: f34d7021989b1e9ccf9551d3d850f6105c337f7c9d5674d20a449a89f6cf6548
SHA512: a623d529e05a7031b5fca7b734342ba11db3ffb27f3b347fc4378c1889de717b6584520025e2e02927674f55d9d8bc9cdef2a10dc255f6497e0a48867be30856
Ssdeep: 12288:dDtPJKQ7v5yamCmwjaBn0MeM2j6AyznUQtECWcGDe1ld:dD1vbmCmdBteMo7u5XWcGS1v
PEiD: None matched

Screenshots

Behavior Summary

File-Read

C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
C:\Program Files (x86)\desktop.ini
C:\Users\Public\Desktop\Adobe Reader 9.lnk
C:\Users\Public\Desktop\desktop.ini
C:\Users\Public\desktop.ini
C:\Users\Virtual\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
C:\Users\Virtual\AppData\Local\Microsoft\Feeds\FeedsStore.feedsdb-ms
C:\Users\Virtual\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~\Suggested Sites~.feed-ms
C:\Users\Virtual\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~\Web Slice Gallery~.feed-ms
C:\Users\Virtual\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{69A53482-D179-11EA-83F6-00163E2C0414}.dat
C:\Users\Virtual\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{69A53483-D179-11EA-83F6-00163E2C0414}.dat
C:\Users\Virtual\AppData\Local\Microsoft\Internet Explorer\frameiconcache.dat
C:\Users\Virtual\AppData\Local\Microsoft\Windows\History\desktop.ini
C:\Users\Virtual\AppData\Local\Temp\~DFA02218BBDEFDE0B4.TMP
C:\Users\Virtual\AppData\Local\Temp\~DFA540400BBEBA31C0.TMP
C:\Users\Virtual\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
C:\Users\Virtual\AppData\Roaming\Microsoft\Windows\Cookies\virtual@bing[1].txt
C:\Users\Virtual\AppData\Roaming\Microsoft\Windows\Cookies\virtual@www.bing[1].txt
C:\Users\Virtual\Contacts\desktop.ini
C:\Users\Virtual\Desktop\TeXnicCenter.lnk
C:\Users\Virtual\Desktop\cNUGTJQqkB.docm
C:\Users\Virtual\Desktop\desktop.ini
C:\Users\Virtual\Documents\desktop.ini
C:\Users\Virtual\Downloads\desktop.ini
C:\Users\Virtual\Favorites\Links\Suggested Sites.url
C:\Users\Virtual\Favorites\Links\Web Slice Gallery.url
C:\Users\Virtual\Favorites\Links\desktop.ini
C:\Users\Virtual\Favorites\desktop.ini
C:\Users\Virtual\Links\desktop.ini
C:\Users\Virtual\Music\desktop.ini
C:\Users\Virtual\Pictures\desktop.ini
C:\Users\Virtual\Saved Games\desktop.ini
C:\Users\Virtual\Searches\desktop.ini
C:\Users\Virtual\Videos\desktop.ini
C:\Users\desktop.ini
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Config\machine.config
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe.Config
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe.config
C:\Windows\Microsoft.NET\Framework\v4.0.30319\dfsvc.exe.config
C:\Windows\SysWOW64\ieframe.dll
C:\Windows\SysWOW64\stdole2.tlb
C:\Windows\System32\ieframe.dll
C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Core\5034a88e58f966dd7d69fe9b9875832c\System.Core.ni.dll.aux
C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Deployment\603039a47d404d563c9590798e568a2d\System.Deployment.ni.dll.aux
C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\1751687825177cb487c1080d7e37401f\System.Drawing.ni.dll.aux
C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\a359814ff0333ca2c4ab29f30f55dd20\System.Windows.Forms.ni.dll.aux
C:\Windows\assembly\NativeImages_v4.0.30319_64\System\5f665a4076cb8d9479ca406e7827fb9f\System.ni.dll.aux
C:\Windows\assembly\NativeImages_v4.0.30319_64\dfsvc\b08872ac74f55eb0e8d97e71765a9922\dfsvc.ni.exe.aux
C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\fa8eef6f6cb67c660d71e15c5cad71b5\mscorlib.ni.dll.aux
\\?\PIPE\samr

File-Written

C:\Users\Virtual\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
C:\Users\Virtual\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{69A53482-D179-11EA-83F6-00163E2C0414}.dat
C:\Users\Virtual\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{69A53483-D179-11EA-83F6-00163E2C0414}.dat
C:\Users\Virtual\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MFBIWXTR\navcancl[1]
C:\Users\Virtual\AppData\Local\Temp\VSD3C7.tmp\install.log
C:\Users\Virtual\AppData\Local\Temp\~DFA02218BBDEFDE0B4.TMP
C:\Users\Virtual\AppData\Local\Temp\~DFA540400BBEBA31C0.TMP
\\?\PIPE\samr

File-Deleted

C:\Users\Virtual\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
C:\Users\Virtual\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{69A53482-D179-11EA-83F6-00163E2C0414}.dat
C:\Users\Virtual\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{69A53483-D179-11EA-83F6-00163E2C0414}.dat
C:\Users\Virtual\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4ASBD70A\navcancl[1]
C:\Users\Virtual\AppData\Local\Temp\VSD3C7.tmp

File-Opened

C:\
C:\Program Files (x86)
C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
C:\Program Files (x86)\Internet Explorer
C:\Program Files (x86)\Internet Explorer\
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
C:\Program Files (x86)\Java\jre6\bin\ssv.dll
C:\Program Files (x86)\Microsoft Office\Office12\REFBAR.ICO
C:\Program Files (x86)\desktop.ini
C:\Program Files\
C:\Program Files\Common Files\
C:\Program Files\Common Files\Microsoft Shared\
C:\Program Files\Common Files\Microsoft Shared\OFFICE12\
C:\Program Files\Common Files\Microsoft Shared\OFFICE12\msoshext.dll
C:\ProgramData\Microsoft\Windows\WER\ReportArchive
C:\Users
C:\Users\
C:\Users\Public
C:\Users\Public\Desktop\Adobe Reader 9.lnk
C:\Users\Public\Desktop\desktop.ini
C:\Users\Public\desktop.ini
C:\Users\Virtual
C:\Users\Virtual\
C:\Users\Virtual\AppData
C:\Users\Virtual\AppData\
C:\Users\Virtual\AppData\Local
C:\Users\Virtual\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
C:\Users\Virtual\AppData\Local\
C:\Users\Virtual\AppData\Local\Microsoft
C:\Users\Virtual\AppData\Local\Microsoft\Feeds Cache\index.dat
C:\Users\Virtual\AppData\Local\Microsoft\Feeds\FeedsStore.feedsdb-ms
C:\Users\Virtual\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~\Suggested Sites~.feed-ms
C:\Users\Virtual\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~\Web Slice Gallery~.feed-ms
C:\Users\Virtual\AppData\Local\Microsoft\Internet Explorer\frameiconcache.dat
C:\Users\Virtual\AppData\Local\Microsoft\Windows
C:\Users\Virtual\AppData\Local\Microsoft\Windows\Caches\cversions.1.db
C:\Users\Virtual\AppData\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000032.db
C:\Users\Virtual\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012020072920200730\index.dat
C:\Users\Virtual\AppData\Local\Microsoft\Windows\History\Low
C:\Users\Virtual\AppData\Local\Microsoft\Windows\History\desktop.ini
C:\Users\Virtual\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PGMMBIAK\CBMCalculator[1].application
C:\Users\Virtual\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low
C:\Users\Virtual\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized
C:\Users\Virtual\AppData\Local\Microsoft\Windows\WER\ERC
C:\Users\Virtual\AppData\Local\Microsoft\Windows\WER\ReportArchive
C:\Users\Virtual\AppData\Local\Temp\Low
C:\Users\Virtual\AppData\Roaming
C:\Users\Virtual\AppData\Roaming\Microsoft
C:\Users\Virtual\AppData\Roaming\Microsoft\Internet Explorer
C:\Users\Virtual\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch
C:\Users\Virtual\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
C:\Users\Virtual\AppData\Roaming\Microsoft\Windows\Cookies\Low
C:\Users\Virtual\AppData\Roaming\Microsoft\Windows\Cookies\virtual@bing[1].txt
C:\Users\Virtual\AppData\Roaming\Microsoft\Windows\Cookies\virtual@www.bing[1].txt
C:\Users\Virtual\AppData\Roaming\Microsoft\Windows\IECompatCache\Low
C:\Users\Virtual\AppData\Roaming\Microsoft\Windows\IETldCache\Low
C:\Users\Virtual\AppData\Roaming\Microsoft\Windows\PrivacIE\Low
C:\Users\Virtual\Contacts\desktop.ini
C:\Users\Virtual\Desktop
C:\Users\Virtual\Desktop\TeXnicCenter.lnk
C:\Users\Virtual\Desktop\cNUGTJQqkB.docm
C:\Users\Virtual\Desktop\desktop.ini
C:\Users\Virtual\Documents\desktop.ini
C:\Users\Virtual\Downloads\desktop.ini
C:\Users\Virtual\Favorites
C:\Users\Virtual\Favorites\Links
C:\Users\Virtual\Favorites\Links\Suggested Sites.url
C:\Users\Virtual\Favorites\Links\Web Slice Gallery.url
C:\Users\Virtual\Favorites\Links\desktop.ini
C:\Users\Virtual\Favorites\desktop.ini
C:\Users\Virtual\Links\desktop.ini
C:\Users\Virtual\Music\desktop.ini
C:\Users\Virtual\Pictures\desktop.ini
C:\Users\Virtual\Saved Games\desktop.ini
C:\Users\Virtual\Searches\desktop.ini
C:\Users\Virtual\Videos\desktop.ini
C:\Users\desktop.ini
C:\Windows\AppPatch\AppPatch64\sysmain.sdb
C:\Windows\Globalization\Sorting\sortdefault.nls
C:\Windows\Microsoft.NET\Framework64\
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Config\machine.config
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SortDefault.nlp
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe.Config
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe.config
C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\dfsvc.exe.config
C:\Windows\SysWOW64\ieframe.dll
C:\Windows\SysWOW64\stdole2.tlb
C:\Windows\System32\ieframe.dll
C:\Windows\System32\oleaccrc.dll
C:\Windows\System32\rsaenh.dll
C:\Windows\System32\shell32.dll
C:\Windows\System32\tzres.dll
C:\Windows\System32\url.dll
C:\Windows\WindowsShell.Manifest
C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Core\
C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Core\5034a88e58f966dd7d69fe9b9875832c\System.Core.ni.dll.aux
C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Deployment\
C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Deployment\603039a47d404d563c9590798e568a2d\System.Deployment.ni.dll.aux
C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\
C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\1751687825177cb487c1080d7e37401f\System.Drawing.ni.dll.aux
C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\
C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\a359814ff0333ca2c4ab29f30f55dd20\System.Windows.Forms.ni.dll.aux
C:\Windows\assembly\NativeImages_v4.0.30319_64\System\
C:\Windows\assembly\NativeImages_v4.0.30319_64\System\5f665a4076cb8d9479ca406e7827fb9f\System.ni.dll.aux
C:\Windows\assembly\NativeImages_v4.0.30319_64\dfsvc\
C:\Windows\assembly\NativeImages_v4.0.30319_64\dfsvc\b08872ac74f55eb0e8d97e71765a9922\dfsvc.ni.exe.aux
C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\
C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\fa8eef6f6cb67c660d71e15c5cad71b5\mscorlib.ni.dll.aux
C:\Windows\assembly\pubpol41.dat
\\?\PIPE\samr

Network-Connects IP

127.0.0.1
204.79.197.200
52.4.96.36

Network-Resolves URL

Virtual-PC
downloadcbm.tsspltd.com
go.microsoft.com
wpad
www.bing.com

Network-Connects Host

downloadcbm.tsspltd.com

Directory-Created

C:\Users\Virtual\AppData\Local\Microsoft\Feeds
C:\Users\Virtual\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
C:\Users\Virtual\AppData\Local\Microsoft\Windows\Caches
C:\Users\Virtual\AppData\Local\Microsoft\Windows\WER\ERC
C:\Users\Virtual\AppData\Local\Temp\VSD3C7.tmp\
C:\Users\Virtual\AppData\Roaming\Microsoft\Windows\IECompatCache
C:\Users\Virtual\AppData\Roaming\Microsoft\Windows\IETldCache
C:\Users\Virtual\AppData\Roaming\Microsoft\Windows\PrivacIE
C:\Users\Virtual\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations

Directory-Enumerated

C:\Program Files (x86)\Common Files\Adobe
C:\Program Files (x86)\Common Files\Adobe\Acrobat
C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Java
C:\Program Files (x86)\Java\jre6
C:\Program Files (x86)\Java\jre6\bin
C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
C:\Program Files (x86)\Java\jre6\bin\ssv.dll
C:\ProgramData\Microsoft\Network\Connections\Pbk\*.pbk
C:\ProgramData\Microsoft\Network\Connections\Pbk\rasphone.pbk
C:\Users\Virtual\AppData\Roaming\Microsoft\Network\Connections\Pbk\*.pbk
C:\Users\Virtual\AppData\Roaming\Microsoft\Network\Connections\Pbk\rasphone.pbk
C:\Windows
C:\Windows\Microsoft.NET\Framework64\*
C:\Windows\Microsoft.NET\Framework\*
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
C:\Windows\SysWOW64
C:\Windows\SysWOW64\urlmon.dll
C:\Windows\System32\ras\*.pbk
C:\Windows\winsxs
C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcr80.dll

Registry Key-Opened

HKEY_CLASSES_ROOT\.ade
HKEY_CLASSES_ROOT\.adp
HKEY_CLASSES_ROOT\.app
HKEY_CLASSES_ROOT\.application
HKEY_CLASSES_ROOT\.asp
HKEY_CLASSES_ROOT\.bas
HKEY_CLASSES_ROOT\.bat
HKEY_CLASSES_ROOT\.cer
HKEY_CLASSES_ROOT\.chm
HKEY_CLASSES_ROOT\.cmd
HKEY_CLASSES_ROOT\.com
HKEY_CLASSES_ROOT\.cpl
HKEY_CLASSES_ROOT\.crt
HKEY_CLASSES_ROOT\.csh
HKEY_CLASSES_ROOT\.exe
HKEY_CLASSES_ROOT\.exe\OpenWithProgids
HKEY_CLASSES_ROOT\.fxp
HKEY_CLASSES_ROOT\.gadget
HKEY_CLASSES_ROOT\.grp
HKEY_CLASSES_ROOT\.hlp
HKEY_CLASSES_ROOT\.hta
HKEY_CLASSES_ROOT\.htm
HKEY_CLASSES_ROOT\.html
HKEY_CLASSES_ROOT\.inf
HKEY_CLASSES_ROOT\.ins
HKEY_CLASSES_ROOT\.isp
HKEY_CLASSES_ROOT\.its
HKEY_CLASSES_ROOT\.js
HKEY_CLASSES_ROOT\.jse
HKEY_CLASSES_ROOT\.ksh
HKEY_CLASSES_ROOT\.lnk
HKEY_CLASSES_ROOT\.mad
HKEY_CLASSES_ROOT\.maf
HKEY_CLASSES_ROOT\.mag
HKEY_CLASSES_ROOT\.mam
HKEY_CLASSES_ROOT\.maq
HKEY_CLASSES_ROOT\.mar
HKEY_CLASSES_ROOT\.mas
HKEY_CLASSES_ROOT\.mat
HKEY_CLASSES_ROOT\.mau
HKEY_CLASSES_ROOT\.mav
HKEY_CLASSES_ROOT\.maw
HKEY_CLASSES_ROOT\.mcf
HKEY_CLASSES_ROOT\.mda
HKEY_CLASSES_ROOT\.mdb
HKEY_CLASSES_ROOT\.mde
HKEY_CLASSES_ROOT\.mdt
HKEY_CLASSES_ROOT\.mdw
HKEY_CLASSES_ROOT\.mdz
HKEY_CLASSES_ROOT\.mht
HKEY_CLASSES_ROOT\.mhtml
HKEY_CLASSES_ROOT\.msc
HKEY_CLASSES_ROOT\.msh
HKEY_CLASSES_ROOT\.mshxml
HKEY_CLASSES_ROOT\.msi
HKEY_CLASSES_ROOT\.msp
HKEY_CLASSES_ROOT\.mst
HKEY_CLASSES_ROOT\.ops
HKEY_CLASSES_ROOT\.pcd
HKEY_CLASSES_ROOT\.pif
HKEY_CLASSES_ROOT\.pl
HKEY_CLASSES_ROOT\.prf
HKEY_CLASSES_ROOT\.prg
HKEY_CLASSES_ROOT\.pst
HKEY_CLASSES_ROOT\.reg
HKEY_CLASSES_ROOT\.scf
HKEY_CLASSES_ROOT\.scr
HKEY_CLASSES_ROOT\.sct
HKEY_CLASSES_ROOT\.shb
HKEY_CLASSES_ROOT\.shs
HKEY_CLASSES_ROOT\.shtm
HKEY_CLASSES_ROOT\.shtml
HKEY_CLASSES_ROOT\.tmp
HKEY_CLASSES_ROOT\.url
HKEY_CLASSES_ROOT\.url\OpenWithProgids
HKEY_CLASSES_ROOT\.vb
HKEY_CLASSES_ROOT\.vbe
HKEY_CLASSES_ROOT\.vbs
HKEY_CLASSES_ROOT\.vsmacros
HKEY_CLASSES_ROOT\.vss
HKEY_CLASSES_ROOT\.vst
HKEY_CLASSES_ROOT\.vsw
HKEY_CLASSES_ROOT\.ws
HKEY_CLASSES_ROOT\.wsc
HKEY_CLASSES_ROOT\.wsf
HKEY_CLASSES_ROOT\.wsh
HKEY_CLASSES_ROOT\.xml
HKEY_CLASSES_ROOT\.xsl
HKEY_CLASSES_ROOT\AllFilesystemObjects
HKEY_CLASSES_ROOT\Application.Manifest
HKEY_CLASSES_ROOT\AutoProxyTypes
HKEY_CLASSES_ROOT\CLSID\{031E4825-7B94-4DC3-B131-E946B44C8DD5}\ShellFolder
HKEY_CLASSES_ROOT\CLSID\{04731B67-D933-450A-90E6-4ACD2E9408FE}\ShellFolder
HKEY_CLASSES_ROOT\CLSID\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\InprocServer32
HKEY_CLASSES_ROOT\CLSID\{11016101-E366-4D22-BC06-4ADA335C892B}\ShellFolder
HKEY_CLASSES_ROOT\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\InProcServer32
HKEY_CLASSES_ROOT\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder
HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}
HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder
HKEY_CLASSES_ROOT\CLSID\{26EE0668-A00A-44D7-9371-BEB064C98683}\ShellFolder
HKEY_CLASSES_ROOT\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\ShellFolder
HKEY_CLASSES_ROOT\CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}\ShellFolder
HKEY_CLASSES_ROOT\CLSID\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\ShellFolder
HKEY_CLASSES_ROOT\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder
HKEY_CLASSES_ROOT\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\ShellFolder
HKEY_CLASSES_ROOT\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\InProcServer32
HKEY_CLASSES_ROOT\CLSID\{7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4}\InProcServer32
HKEY_CLASSES_ROOT\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InProcServer32
HKEY_CLASSES_ROOT\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder
HKEY_CLASSES_ROOT\CLSID\{89D83576-6BD1-4C86-9454-BEB04E94C819}\ShellFolder
HKEY_CLASSES_ROOT\CLSID\{9343812E-1C37-4A49-A12E-4B2D810D956B}\ShellFolder
HKEY_CLASSES_ROOT\CLSID\{98AF66E4-AA41-4226-B80F-0B1A8F34EEB4}
HKEY_CLASSES_ROOT\CLSID\{98af66e4-aa41-4226-b80f-0b1a8f34eeb4}
HKEY_CLASSES_ROOT\CLSID\{B4FB3F98-C1EA-428D-A78A-D1F5659CBA93}\ShellFolder
HKEY_CLASSES_ROOT\CLSID\{BD7A2E7B-21CB-41B2-A086-B309680C6B7E}\ShellFolder
HKEY_CLASSES_ROOT\CLSID\{DAF95313-E44D-46AF-BE1B-CBACEA2C3065}\ShellFolder
HKEY_CLASSES_ROOT\CLSID\{DBC80044-A445-435B-BC74-9C25C1C588A9}\InProcServer32
HKEY_CLASSES_ROOT\CLSID\{E345F35F-9397-435C-8F95-4E922C26259E}\ShellFolder
HKEY_CLASSES_ROOT\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder
HKEY_CLASSES_ROOT\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\ShellFolder
HKEY_CLASSES_ROOT\CLSID\{FBF23B40-E3F0-101B-8488-00AA003E56F8}
HKEY_CLASSES_ROOT\CLSID\{FBF23B40-E3F0-101B-8488-00AA003E56F8}\Implemented Categories\{00021490-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\CLSID\{FBF23B40-E3F0-101B-8488-00AA003E56F8}\InProcServer32
HKEY_CLASSES_ROOT\CLSID\{FF393560-C2A7-11CF-BFF4-444553540000}
HKEY_CLASSES_ROOT\CLSID\{FF393560-C2A7-11CF-BFF4-444553540000}\InProcServer32
HKEY_CLASSES_ROOT\CLSID\{FF393560-C2A7-11CF-BFF4-444553540000}\ShellFolder
HKEY_CLASSES_ROOT\Directory
HKEY_CLASSES_ROOT\Drive\shellex\FolderExtensions
HKEY_CLASSES_ROOT\Drive\shellex\FolderExtensions\{fbeb8a05-beee-4442-804e-409d6c4515e9}
HKEY_CLASSES_ROOT\ExplorerCLSIDFlags\{FBF23B40-E3F0-101B-8488-00AA003E56F8}
HKEY_CLASSES_ROOT\Folder
HKEY_CLASSES_ROOT\IE.AssocFile.URL
HKEY_CLASSES_ROOT\MIME\Database\Content Type\application/x-ms-application
HKEY_CLASSES_ROOT\MIME\Database\Content Type\image/x-icon
HKEY_CLASSES_ROOT\PROTOCOLS\Name-Space Handler\
HKEY_CLASSES_ROOT\PROTOCOLS\Name-Space Handler\*\
HKEY_CLASSES_ROOT\PROTOCOLS\Name-Space Handler\about\
HKEY_CLASSES_ROOT\PROTOCOLS\Name-Space Handler\http\
HKEY_CLASSES_ROOT\PROTOCOLS\Name-Space Handler\res\
HKEY_CLASSES_ROOT\SystemFileAssociations\.exe
HKEY_CLASSES_ROOT\SystemFileAssociations\.url
HKEY_CLASSES_ROOT\exefile
HKEY_CURRENT_USER\Application.Manifest\Clsid
HKEY_CURRENT_USER\CLSID\{00020420-0000-0000-C000-000000000046}
HKEY_CURRENT_USER\CLSID\{00020424-0000-0000-C000-000000000046}
HKEY_CURRENT_USER\CLSID\{0002DF01-0000-0000-C000-000000000046}
HKEY_CURRENT_USER\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
HKEY_CURRENT_USER\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
HKEY_CURRENT_USER\CLSID\{7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4}
HKEY_CURRENT_USER\CLSID\{98AF66E4-AA41-4226-B80F-0B1A8F34EEB4}
HKEY_CURRENT_USER\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}
HKEY_CURRENT_USER\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}
HKEY_CURRENT_USER\CLSID\{D5E8041D-920F-45E9-B8FB-B1DEB82C6E5E}
HKEY_CURRENT_USER\CLSID\{DBC80044-A445-435B-BC74-9C25C1C588A9}
HKEY_CURRENT_USER\Control Panel\Desktop
HKEY_CURRENT_USER\Control Panel\International\Calendars\TwoDigitYearMax
HKEY_CURRENT_USER\Interface\{00000134-0000-0000-C000-000000000046}
HKEY_CURRENT_USER\Interface\{00020400-0000-0000-C000-000000000046}
HKEY_CURRENT_USER\Interface\{04C18CCF-1F57-4CBD-88CC-3900F5195CE3}
HKEY_CURRENT_USER\Interface\{1AC7516E-E6BB-4A69-B63F-E841904DC5A6}
HKEY_CURRENT_USER\Interface\{26656EAA-54EB-4E6F-8F85-4F0EF901A406}
HKEY_CURRENT_USER\Interface\{2A1C9EB2-DF62-4154-B800-63278FCB8037}
HKEY_CURRENT_USER\Interface\{48A98A1F-5CDD-47EE-9286-DB04A3EB7CE1}
HKEY_CURRENT_USER\Interface\{55272A00-42CB-11CE-8135-00AA004BB851}
HKEY_CURRENT_USER\Interface\{6D5140C1-7436-11CE-8034-00AA006009FA}
HKEY_CURRENT_USER\Interface\{7673B35E-907A-449D-A49F-E5CE47F0B0B2}
HKEY_CURRENT_USER\Interface\{8A40A45D-055C-4B62-ABD7-6D613E2CEAEC}
HKEY_CURRENT_USER\Interface\{9EC704BA-E1D4-45C5-9B59-BFAE07D9F04E}
HKEY_CURRENT_USER\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF50}
HKEY_CURRENT_USER\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF52}
HKEY_CURRENT_USER\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF55}
HKEY_CURRENT_USER\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF58}
HKEY_CURRENT_USER\Interface\{B40C43F1-F039-44D2-AEB7-87F5AF8ABC3D}
HKEY_CURRENT_USER\Interface\{B5702E61-E75C-4B64-82A1-6CB4F832FCCF}
HKEY_CURRENT_USER\Interface\{B722BCCB-4E68-101B-A2BC-00AA00404770}
HKEY_CURRENT_USER\Interface\{BCD1DE7E-2DB1-418B-B047-4A74E101F8C1}
HKEY_CURRENT_USER\Interface\{D30C1661-CDAF-11D0-8A3E-00C04FC9E26E}
HKEY_CURRENT_USER\Interface\{D30C1661-CDAF-11D0-8A3E-00C04FC9E26E}\Forward
HKEY_CURRENT_USER\Interface\{D30C1661-CDAF-11D0-8A3E-00C04FC9E26E}\ProxyStubClsid32
HKEY_CURRENT_USER\Interface\{D30C1661-CDAF-11D0-8A3E-00C04FC9E26E}\TypeLib
HKEY_CURRENT_USER\Interface\{D358F4E1-0465-4965-9DD5-CAE303D2C345}
HKEY_CURRENT_USER\Interface\{F704B7E0-4760-46FF-BBDB-7439E0A2A814}
HKEY_CURRENT_USER\SOFTWARE\Classes\PROTOCOLS\Filter\application/x-ms-application
HKEY_CURRENT_USER\SOFTWARE\Classes\PROTOCOLS\Filter\text/html
HKEY_CURRENT_USER\SOFTWARE\Classes\PROTOCOLS\Handler\about
HKEY_CURRENT_USER\SOFTWARE\Classes\PROTOCOLS\Handler\res
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\Location Awareness
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{92780B25-18CC-41C8-B9BE-3C9C571A8263}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{DBC80044-A445-435B-BC74-9C25C1C588A9}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{92780B25-18CC-41C8-B9BE-3C9C571A8263}\iexplore
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Passport\LowDAMap
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\IEAK
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\UrlMon Settings
HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings
HKEY_CURRENT_USER\Software
HKEY_CURRENT_USER\Software\AppDataLow
HKEY_CURRENT_USER\Software\Classes\.application
HKEY_CURRENT_USER\Software\Microsoft\.NETFramework
HKEY_CURRENT_USER\Software\Microsoft\Feeds
HKEY_CURRENT_USER\Software\Microsoft\Fusion
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\BrowserEmulation
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\BrowserEmulation\ClearableListData
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\CaretBrowsing
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\CommandBar
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Control Panel
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\{92780B25-18CC-41C8-B9BE-3C9C571A8263}
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Feeds
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IEDevTools
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IETld
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IETld\LowMic
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IntelliForms
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\3
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\0
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\1
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\2
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksExplorer
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\CommandBar
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Extensions\CmdMapping
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\WindowsSearch
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PageSetup
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PhishingFilter
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Privacy
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Recovery\AdminActive
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SQM
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Safety\PrivacIE
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Security
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Security\Adv AddrBar Spoof Detection
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Setup
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Styles
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Suggested Sites
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TabbedBrowsing
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbars\Restrictions
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Zoom
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{01979c6a-42fa-414c-b8aa-eee2c8202018}.check.100
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{01979c6a-42fa-414c-b8aa-eee2c8202018}.check.101
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{11CD958A-C507-4EF3-B3F2-5FD9DFBD2C78}.check.101
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{852FB1F8-5CC6-4567-9C0E-7C330F8807C2}.check.100
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{852FB1F8-5CC6-4567-9C0E-7C330F8807C2}.check.101
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{945a8954-c147-4acd-923f-40c45405a658}.check.42
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{A5268B8E-7DB5-465b-BAB7-BDCDA39A394A}.check.100
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{C8E6F269-B90A-4053-A3BE-499AFCEC98C4}.check.0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{DAB69A6A-4D2A-4D44-94BF-E0091898C881}.check.100
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.100
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.101
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.102
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.103
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.104
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.106
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{01979c6a-42fa-414c-b8aa-eee2c8202018}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{11CD958A-C507-4EF3-B3F2-5FD9DFBD2C78}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{945a8954-c147-4acd-923f-40c45405a658}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{A5268B8E-7DB5-465b-BAB7-BDCDA39A394A}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{DAB69A6A-4D2A-4D44-94BF-E0091898C881}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\App Paths\iexplore.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\(Default)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{031E4825-7B94-4DC3-B131-E946B44C8DD5}\ShellFolder
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{04731B67-D933-450A-90E6-4ACD2E9408FE}\ShellFolder
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{11016101-E366-4D22-BC06-4ADA335C892B}\ShellFolder
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{26EE0668-A00A-44D7-9371-BEB064C98683}\ShellFolder
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\ShellFolder
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}\ShellFolder
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\ShellFolder
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\ShellFolder
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{89D83576-6BD1-4C86-9454-BEB04E94C819}\ShellFolder
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{9343812E-1C37-4A49-A12E-4B2D810D956B}\ShellFolder
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{B4FB3F98-C1EA-428D-A78A-D1F5659CBA93}\ShellFolder
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{BD7A2E7B-21CB-41B2-A086-B309680C6B7E}\ShellFolder
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{DAF95313-E44D-46AF-BE1B-CBACEA2C3065}\ShellFolder
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{E345F35F-9397-435C-8F95-4E922C26259E}\ShellFolder
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\ShellFolder
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\DelegateFolders
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.application
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\(Default)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\OpenWithProgids
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\UserChoice
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\(Default)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\(Default)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht\(Default)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht\UserChoice
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mhtml
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mhtml\(Default)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mhtml\UserChoice
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.url
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.url\(Default)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.url\OpenWithProgids
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.url\UserChoice
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\LowRegistry
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Favorites
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Favorites\Links
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Favorites\Links\(Default)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{94956483-9236-11e5-a874-806e6f6e6963}\
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{94956484-9236-11e5-a874-806e6f6e6963}\
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\Desktop\NameSpace
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\Desktop\NameSpace\DelegateFolders
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\Desktop\NameSpace\NameCustomizations
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\KnownFolders
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\TravelLog
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\LowCache
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Pre Platform
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Secure Mime Handlers
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Url History
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-ae-97-44
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-cf-f0-3d
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{74306E05-02D8-40D6-B925-AFF78A888B42}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{74306E05-02D8-40D6-B925-AFF78A888B42}\52-54-00-ae-97-44
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{74306E05-02D8-40D6-B925-AFF78A888B42}\52-54-00-cf-f0-3d
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults\
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Ext
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\NonEnum
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Associations\MIMEAssociations\application/x-ms-application\UserChoice
HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Associations\MIMEAssociations\message/rfc822\UserChoice
HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Associations\MIMEAssociations\text/html\UserChoice
HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\Application.Manifest
HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\Directory
HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\ftp
HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\ftp\UserChoice
HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\http
HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\http\UserChoice
HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\https
HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\https\UserChoice
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\ERC
HKEY_CURRENT_USER\Software\Microsoft\windows\CurrentVersion\Internet Settings
HKEY_CURRENT_USER\Software\Microsoft\windows\CurrentVersion\Internet Settings\Connections
HKEY_CURRENT_USER\Software\Microsoft\windows\CurrentVersion\Internet Settings\Wpad
HKEY_CURRENT_USER\Software\Microsoft\windows\CurrentVersion\Internet Settings\Zones
HKEY_CURRENT_USER\Software\Policies
HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Feeds
HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions
HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main
HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl
HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Restrictions
HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Url History
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Explorer
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Windows Error Reporting
HKEY_CURRENT_USER\TypeLib
HKEY_CURRENT_USER\TypeLib\{EAB22AC0-30C1-11CF-A7EB-0000C05BAE0B}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.URL\ShellEx\{00021500-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\BrowseInPlace
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\Clsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\DocObject
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\ShellEx\IconHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Application.Manifest\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Application.Manifest\CurVer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\iexplore.exe\TaskbarExceptionsIcons
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AutoProxyTypes\Application/x-internet-signup
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AutoProxyTypes\Application/x-ns-proxy-autoconfig
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00020420-0000-0000-C000-000000000046}\Progid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00020424-0000-0000-C000-000000000046}\Progid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\Progid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\Progid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D5E8041D-920F-45E9-B8FB-B1DEB82C6E5E}\Progid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\BrowseInPlace
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\Clsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\CurVer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\DocObject
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\ShellEx\IconHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\BrowseInPlace
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\Clsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\DocObject
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\ShellEx\IconHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.URL\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.URL\BrowseInPlace
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.URL\Clsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.URL\CurVer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.URL\DocObject
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.URL\ShellEx\IconHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.URL\ShellEx\{00021500-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\application/x-ms-application
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\text/html
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\about
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\res
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.exe\BrowseInPlace
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.exe\Clsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.exe\DocObject
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.exe\ShellEx\IconHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{00020430-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{00020430-0000-0000-C000-000000000046}\2.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{00020430-0000-0000-C000-000000000046}\2.0\0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{00020430-0000-0000-C000-000000000046}\2.0\0\win32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5F226421-415D-408D-9A09-0DCD94E25B48}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5F226421-415D-408D-9A09-0DCD94E25B48}\1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5F226421-415D-408D-9A09-0DCD94E25B48}\1.0\0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5F226421-415D-408D-9A09-0DCD94E25B48}\1.0\0\win32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{EAB22AC0-30C1-11CF-A7EB-0000C05BAE0B}\1.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{EAB22AC0-30C1-11CF-A7EB-0000C05BAE0B}\1.1\0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{EAB22AC0-30C1-11CF-A7EB-0000C05BAE0B}\1.1\0\win32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00020420-0000-0000-C000-000000000046}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00020420-0000-0000-C000-000000000046}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00020420-0000-0000-C000-000000000046}\Progid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00020420-0000-0000-C000-000000000046}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00020424-0000-0000-C000-000000000046}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00020424-0000-0000-C000-000000000046}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00020424-0000-0000-C000-000000000046}\Progid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00020424-0000-0000-C000-000000000046}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0002DF01-0000-0000-C000-000000000046}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0002DF01-0000-0000-C000-000000000046}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0002DF01-0000-0000-C000-000000000046}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0002DF01-0000-0000-C000-000000000046}\Progid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0002DF01-0000-0000-C000-000000000046}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{06EEE834-461C-42C2-8DCF-1502B527B1F9}\Instance\PropertySetStorage\{000214A0-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{06EEE834-461C-42C2-8DCF-1502B527B1F9}\Instance\PropertySetStorage\{000214A0-0000-0000-C000-000000000046}\2
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{06EEE834-461C-42C2-8DCF-1502B527B1F9}\Instance\PropertySetStorage\{000214A0-0000-0000-C000-000000000046}\3
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{06EEE834-461C-42C2-8DCF-1502B527B1F9}\Instance\PropertySetStorage\{5CBF2787-48CF-4208-B90E-EE5E5D420294}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{06EEE834-461C-42C2-8DCF-1502B527B1F9}\Instance\PropertySetStorage\{5CBF2787-48CF-4208-B90E-EE5E5D420294}\2
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{98AF66E4-AA41-4226-B80F-0B1A8F34EEB4}\AutoConvertTo
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{98AF66E4-AA41-4226-B80F-0B1A8F34EEB4}\ProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{98af66e4-aa41-4226-b80f-0b1a8f34eeb4}\DocObject
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{98af66e4-aa41-4226-b80f-0b1a8f34eeb4}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{98af66e4-aa41-4226-b80f-0b1a8f34eeb4}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{98af66e4-aa41-4226-b80f-0b1a8f34eeb4}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{98af66e4-aa41-4226-b80f-0b1a8f34eeb4}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{98af66e4-aa41-4226-b80f-0b1a8f34eeb4}\Progid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{98af66e4-aa41-4226-b80f-0b1a8f34eeb4}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\Progid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\Progid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D5E8041D-920F-45E9-B8FB-B1DEB82C6E5E}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D5E8041D-920F-45E9-B8FB-B1DEB82C6E5E}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D5E8041D-920F-45E9-B8FB-B1DEB82C6E5E}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D5E8041D-920F-45E9-B8FB-B1DEB82C6E5E}\Progid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D5E8041D-920F-45E9-B8FB-B1DEB82C6E5E}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DBC80044-A445-435B-BC74-9C25C1C588A9}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{00000134-0000-0000-C000-000000000046}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{00020400-0000-0000-C000-000000000046}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{04C18CCF-1F57-4CBD-88CC-3900F5195CE3}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1AC7516E-E6BB-4A69-B63F-E841904DC5A6}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{26656EAA-54EB-4E6F-8F85-4F0EF901A406}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2A1C9EB2-DF62-4154-B800-63278FCB8037}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{48A98A1F-5CDD-47EE-9286-DB04A3EB7CE1}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{55272A00-42CB-11CE-8135-00AA004BB851}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6D5140C1-7436-11CE-8034-00AA006009FA}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{7673B35E-907A-449D-A49F-E5CE47F0B0B2}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{8A40A45D-055C-4B62-ABD7-6D613E2CEAEC}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{9EC704BA-E1D4-45C5-9B59-BFAE07D9F04E}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF50}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF52}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF55}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF58}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{B40C43F1-F039-44D2-AEB7-87F5AF8ABC3D}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{B5702E61-E75C-4B64-82A1-6CB4F832FCCF}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{B722BCCB-4E68-101B-A2BC-00AA00404770}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{BCD1DE7E-2DB1-418B-B047-4A74E101F8C1}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{D30C1661-CDAF-11D0-8A3E-00C04FC9E26E}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{D358F4E1-0465-4965-9DD5-CAE303D2C345}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{F704B7E0-4760-46FF-BBDB-7439E0A2A814}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\BrowseInPlace
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\Clsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\CurVer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\DocObject
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\Progid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\ShellEx\IconHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\DropTarget
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\ddeexec
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\Policy\APTCA
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\Policy\Servicing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\Policy\Standards
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\Policy\standards\v4.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\Policy\v4.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319\SKUs\client
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\COM3
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\Compatibility\f34d7021989b1e9ccf9551d3d850f6105c337f7c9d5674d20a449a89f6cf6548.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\Compatibility\iexplore.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\KnownClasses
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.4.0.Accessibility__b03f5f7f11d50a3a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.4.0.System.Configuration__b03f5f7f11d50a3a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.4.0.System.Core__b77a5c561934e089
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.4.0.System.Deployment__b03f5f7f11d50a3a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.4.0.System.Drawing__b03f5f7f11d50a3a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.4.0.System.Numerics__b77a5c561934e089
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.4.0.System.Runtime.Serialization.Formatters.Soap__b03f5f7f11d50a3a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.4.0.System.Security__b03f5f7f11d50a3a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.4.0.System.Windows.Forms__b77a5c561934e089
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.4.0.System.Xml__b77a5c561934e089
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.4.0.System__b77a5c561934e089
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\v4.0_policy.4.0.Accessibility__b03f5f7f11d50a3a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\v4.0_policy.4.0.System.Configuration__b03f5f7f11d50a3a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\v4.0_policy.4.0.System.Core__b77a5c561934e089
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\v4.0_policy.4.0.System.Deployment__b03f5f7f11d50a3a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\v4.0_policy.4.0.System.Drawing__b03f5f7f11d50a3a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\v4.0_policy.4.0.System.Numerics__b77a5c561934e089
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\v4.0_policy.4.0.System.Runtime.Serialization.Formatters.Soap__b03f5f7f11d50a3a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\v4.0_policy.4.0.System.Security__b03f5f7f11d50a3a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\v4.0_policy.4.0.System.Windows.Forms__b77a5c561934e089
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\v4.0_policy.4.0.System.Xml__b77a5c561934e089
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\v4.0_policy.4.0.System__b77a5c561934e089
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Capabilities
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{DBC80044-A445-435B-BC74-9C25C1C588A9}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v4\Full
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{92780B25-18CC-41C8-B9BE-3C9C571A8263}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{DBC80044-A445-435B-BC74-9C25C1C588A9}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\IEAK
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Applications\f34d7021989b1e9ccf9551d3d850f6105c337f7c9d5674d20a449a89f6cf6548.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Applications\iexplore.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{871C5380-42A0-1069-A2EA-08002B30309D}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{FBF23B40-E3F0-101B-8488-00AA003E56F8}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{FF393560-C2A7-11CF-BFF4-444553540000}
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Feeds
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Url History
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
HKEY_LOCAL_MACHINE\SOFTWARE\RegisteredApplications
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\Policy\
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\Policy\v4.0
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\BrowserEmulation
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Capabilities\FileAssociations
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Capabilities\MIMEAssociations
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Capabilities\URLAssociations
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\CommandBar
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Control Panel
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{92780B25-18CC-41C8-B9BE-3C9C571A8263}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{92780B25-18CC-41C8-B9BE-3C9C571A8263}\Lang0409
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Feeds
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\IEDevTools
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\International\Scripts
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\LinksBar
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ADDITIONAL_IE8_MEMORY_CLEANUP
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ADDON_MANAGEMENT
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ALLOW_REVERSE_SOLIDUS_IN_USERINFO_KB932562
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_CONSULT_MIME_KILLBIT_KB905915
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_DOCUMENT_COMPATIBLE_MODE
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ENABLESAFESEARCHPATH_KB963027
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_IEDDE_REGISTER_PROTOCOL
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_IGNORE_POLICIES_ZONEMAP_IF_ESC_ENABLED_KB918915
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_INITIALIZE_URLACTION_SHELLEXECUTE_TO_ALLOW_KB936610
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_IPERSISTMONIKER_LOAD_REDIRECTED_URL_KB976425
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_LOAD_SHDOCLC_RESOURCES
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MANAGE_SCRIPT_CIRCULAR_REFS
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MIME_HANDLING
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MIME_SNIFFING
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_READ_ZONE_STRINGS_FROM_REGISTRY
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_RELEASE_CALLBACK_ON_STOP_BINDING
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SAFE_BINDTOOBJECT
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SHOW_FAILED_CONNECT_CONTENT_KB942615
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_UNC_SAVEDFILECHECK
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_URLFILE_CACHEFLUSH_KB936881
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_USE_IETLDLIST_FOR_DOMAIN_DETERMINATION
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_XSSFILTER
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ZONES_CHECK_ZONEMAP_POLICY_KB941001
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ZONES_DEFAULT_DRIVE_INTRANET_KB941000
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\Feature_Enable_Compat_Logging
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Migration
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\New Windows
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Safety\PrivacIE
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Security\Adv AddrBar Spoof Detection
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Security\Floppy Access
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Settings
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\TabbedBrowsing
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbars\Restrictions
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Version Vector
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Zoom
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Pre Platform
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Url History
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Pre Platform
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\UA Tokens
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Desktop\NameSpace\{031E4825-7B94-4dc3-B131-E946B44C8DD5}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Desktop\NameSpace\{04731B67-D933-450a-90E6-4ACD2E9408FE}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Desktop\NameSpace\{11016101-E366-4D22-BC06-4ADA335C892B}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Desktop\NameSpace\{26EE0668-A00A-44D7-9371-BEB064C98683}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Desktop\NameSpace\{4336a54d-038b-4685-ab02-99bb52d3fb8b}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Desktop\NameSpace\{450D8FBA-AD25-11D0-98A8-0800361B1103}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Desktop\NameSpace\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Desktop\NameSpace\{59031a47-3f72-44a7-89c5-5595fe6b30ee}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Desktop\NameSpace\{645FF040-5081-101B-9F08-00AA002F954E}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Desktop\NameSpace\{89D83576-6BD1-4c86-9454-BEB04E94C819}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Desktop\NameSpace\{9343812e-1c37-4a49-a12e-4b2d810d956b}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Desktop\NameSpace\{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Desktop\NameSpace\{BD7A2E7B-21CB-41b2-A086-B309680C6B7E}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Desktop\NameSpace\{ED228FDF-9EA8-4870-83b1-96b02CFE0D52}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Desktop\NameSpace\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Desktop\NameSpace\{daf95313-e44d-46af-be1b-cbacea2c3065}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Desktop\NameSpace\{e345f35f-9397-435c-8f95-4e922c26259e}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A520A1A4-1780-4FF6-BD18-167343C5AF16}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A520A1A4-1780-4FF6-BD18-167343C5AF16}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\PropertyBag
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Nls\CodePage
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BFE
HKEY_LOCAL_MACHINE\Software
HKEY_LOCAL_MACHINE\Software\Classes\.application
HKEY_LOCAL_MACHINE\Software\Microsoft\.NETFramework
HKEY_LOCAL_MACHINE\Software\Microsoft\.NETFramework\NGen\Policy\v4.0
HKEY_LOCAL_MACHINE\Software\Microsoft\.NETFramework\Policy\
HKEY_LOCAL_MACHINE\Software\Microsoft\.NETFramework\v4.0.30319\SKUs\
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{0000897b-83df-4b96-be07-0fb58b01c4a4}\LanguageProfile\0x00000000\{0001bea3-ed56-483d-a2e2-aeae25577436}
HKEY_LOCAL_MACHINE\Software\Microsoft\DirectUI
HKEY_LOCAL_MACHINE\Software\Microsoft\Feeds
HKEY_LOCAL_MACHINE\Software\Microsoft\Fusion
HKEY_LOCAL_MACHINE\Software\Microsoft\Fusion\PublisherPolicy\Default
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\BrowserEmulation
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Capabilities\FileAssociations
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Capabilities\MIMEAssociations
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Capabilities\UrlAssociations
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\CaretBrowsing
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\CommandBar
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\{92780B25-18CC-41C8-B9BE-3C9C571A8263}
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\LinksBar
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\LinksExplorer
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\MediaTypeClass
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Migration
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\New Windows
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Privacy
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SQM
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Safety\PrivacIE
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\TabbedBrowsing
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
HKEY_LOCAL_MACHINE\Software\Microsoft\Ole
HKEY_LOCAL_MACHINE\Software\Microsoft\OleAut
HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc
HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc\Extensions
HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc\SecurityService
HKEY_LOCAL_MACHINE\Software\Microsoft\SQMClient\Windows
HKEY_LOCAL_MACHINE\Software\Microsoft\StrongName
HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing
HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\RASAPI32
HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\RASMANCS
HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iexplore_RASAPI32
HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iexplore_RASMANCS
HKEY_LOCAL_MACHINE\Software\Microsoft\VisualStudio\8.0\Performance
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\FontSubstitutes
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dfsvc.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iexplore.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3131157199-1995805048-2727015567-1000
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Search
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\iexplore.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{031E4825-7B94-4DC3-B131-E946B44C8DD5}\ShellFolder
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{04731B67-D933-450A-90E6-4ACD2E9408FE}\ShellFolder
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{11016101-E366-4D22-BC06-4ADA335C892B}\ShellFolder
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{26EE0668-A00A-44D7-9371-BEB064C98683}\ShellFolder
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\ShellFolder
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}\ShellFolder
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\ShellFolder
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\ShellFolder
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{89D83576-6BD1-4C86-9454-BEB04E94C819}\ShellFolder
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{9343812E-1C37-4A49-A12E-4B2D810D956B}\ShellFolder
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{B4FB3F98-C1EA-428D-A78A-D1F5659CBA93}\ShellFolder
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{BD7A2E7B-21CB-41B2-A086-B309680C6B7E}\ShellFolder
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{DAF95313-E44D-46AF-BE1B-CBACEA2C3065}\ShellFolder
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{E345F35F-9397-435C-8F95-4E922C26259E}\ShellFolder
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\ShellFolder
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\DelegateFolders
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\KindMap
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\TravelLog
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Accepted Documents
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Secure Mime Handlers
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Associations
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Ext
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\NonEnum
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Ratings
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\PropertySystem
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\PropertySystem\PropertyHandlers\.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Setup
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellCompatibility\ProgIDs\exefile
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Shell\RegisteredApplications\UrlAssociations\Application.Manifest\OpenWithProgids
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Shell\RegisteredApplications\UrlAssociations\Directory\OpenWithProgids
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Windows Error Reporting
HKEY_LOCAL_MACHINE\Software\Policies
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\SQMClient\Windows
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\System\DNSClient
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\Rpc
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Explorer
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Windows Error Reporting
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\LSA\AccessProviders
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\DnsCache\Parameters
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LDAP
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\WinSock2\Parameters
HKEY_LOCAL_MACHINE\System\Setup
\Policy\Standards

Registry Key-Deleted

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\0\Expiration
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\1\Expiration
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\AddToFavoritesInitialSelection
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\AddToFeedsInitialSelection
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{69A53482-D179-11EA-83F6-00163E2C0414}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\AutoConfigURL
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyOverride
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass

Registry Key-Read

HKEY_CURRENT_USER\.htm\(Default)
HKEY_CURRENT_USER\.htm\Content Type
HKEY_CURRENT_USER\.html\(Default)
HKEY_CURRENT_USER\.shtml\(Default)
HKEY_CURRENT_USER\Control Panel\Desktop\MuiCached\MachinePreferredUILanguages
HKEY_CURRENT_USER\Control Panel\Desktop\PreferredUILanguages
HKEY_CURRENT_USER\Control Panel\Desktop\SmoothScroll
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\netshell.dll,-1200
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\prnfldr.dll,-8036
HKEY_CURRENT_USER\Software\Microsoft\Feeds\SyncStatus
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\BrowserEmulation\AllSitesCompatibilityMode
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\BrowserEmulation\IntranetCompatibilityMode
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\BrowserEmulation\MSCompatibilityMode
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\BrowserEmulation\TLDUpdates
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\BrowserEmulation\UnattendLoaded
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IETld\IETldDllVersionHigh
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IETld\IETldDllVersionLow
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IETld\IETldVersionHigh
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IETld\IETldVersionLow
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IETld\StaleIETldCache
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\AcceptLanguage
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\AutoDetect
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Default_CodePage
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\3\IEFixedFontName
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\3\IEFontSize
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\3\IEFontSizePrivate
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\3\IEPropFontName
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\Default_IEFontSizePrivate
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\DefaultItemWidth
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\Enabled
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\0\DisplayMask
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\0\DisplayName
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\0\ErrorState
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\0\Expiration
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\0\FeedUrl
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\0\Handler
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\0\Path
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\1\DisplayMask
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\1\DisplayName
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\1\ErrorState
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\1\Expiration
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\1\FeedUrl
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\1\Handler
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\1\Path
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\LinksFolderMigrate
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\MarketingLinksMigrate
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\TestHandler
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Extensions\CmdMapping\{92780B25-18CC-41C8-B9BE-3C9C571A8263}
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\AdminTabProcs
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\AlwaysShowMenus
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Anchor Underline
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\CSS_Compat
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Check_Associations
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Cleanup HTCs
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\DOMStorage
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Disable Script Debugger
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\DisableScriptDebuggerIE
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Display Inline Images
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Display Inline Videos
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Enable AutoImageResize
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Enable Browser Extensions
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\EnablePreBinding
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Expand Alt Text
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Force Offscreen Composition
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FrameMerging
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FrameShutdownDelay
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FrameTabWindow
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FullScreen
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\HangResistance
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\IE8RunOnceCompletionTime
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\IE8RunOnceLastShown
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\IE8RunOncePerInstallCompleted
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Move System Caret
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\NoProtectedModeBanner
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Page_Transitions
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Play_Animations
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Play_Background_Sounds
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Print_Background
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Q300829
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\SearchControlWidth
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\SearchMigrated
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\SearchMigratedDefaultName
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\SearchMigratedDefaultURL
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\SearchMigratedInstalled
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Secondary Start Pages
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\SessionMerging
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Show image placeholders
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\SmoothScroll
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\StatusBarWeb
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\TabProcGrowth
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\TabShutdownDelay
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Use FormSuggest
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Use Stylesheets
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\UseClearType
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\UseHR
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\UseIE7AutoComplete
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\UseThemes
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Use_DlgBox_Colors
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Window Title
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Window_Min_Height
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Window_Min_Width
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Window_Placement
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\WindowsSearch\ConfiguredScopes
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\WindowsSearch\EnabledScopes
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\WindowsSearch\UpgradeTime
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\WindowsSearch\User Favorites Path
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\XDomainRequest
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\XMLHTTP
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel\(Default)
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel\Contexts
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel\Flags
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\AllowHTTPS
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\BlockControls
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\BlockUserInit
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\DetourDialogs
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\PopupMgr
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\UseHooks
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\UseTimerMethod
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\No3DBorder
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PageSetup\Print_Background
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PhishingFilter\EnabledV8
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\RtfConverterFlags
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SQM\ServerFreezeOnUpload
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\DefaultScope
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\ShowSearchSuggestionsGlobal
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\Codepage
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\Deleted
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\DisplayName
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\FaviconPath
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\FaviconURL
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\FaviconURLFallback
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\PreviewURL
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\PreviewURLFallback
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ShowSearchSuggestions
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\SortIndex
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\SuggestionsURL
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\SuggestionsURLFallback
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\SuggestionsURL_JSON
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\SuggestionsURL_JSONFallback
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\URL
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\provider
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Security\DisableFixSecuritySettings
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Security\DisableSecuritySettingsCheck
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Always Use My Colors
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Always Use My Font Face
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Always Use My Font Size
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Anchor Color
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Anchor Color Hover
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Anchor Color Visited
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Disable Visited Hyperlinks
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\MiscFlags
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Use Anchor Hover Color
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Setup\HaveCreatedQuickLaunchItems
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SmartDithering
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Suggested Sites\Enabled
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Suggested Sites\MigrationTime
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Suggested Sites\ObjectsCreated
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Suggested Sites\SlicePath
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Locked
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\MenuUserExpanded
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\ITBar7Height
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\ITBar7Layout
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\ITBar7Position
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\ITBarLayout
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Zoom\ResetTextSizeOnStartup
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Zoom\ResetTextSizeOnZoom
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Zoom\ResetZoomOnStartup2
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Zoom\ZoomDisabled
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Zoom\ZoomFactor
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\AcRedir
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\DragDelay
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\DragScrollDelay
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\DragScrollInset
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\DragScrollInterval
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{01979c6a-42fa-414c-b8aa-eee2c8202018}.check.100\CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{01979c6a-42fa-414c-b8aa-eee2c8202018}.check.101\CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{11CD958A-C507-4EF3-B3F2-5FD9DFBD2C78}.check.101\CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{852FB1F8-5CC6-4567-9C0E-7C330F8807C2}.check.100\CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{852FB1F8-5CC6-4567-9C0E-7C330F8807C2}.check.101\CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{945a8954-c147-4acd-923f-40c45405a658}.check.42\CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{A5268B8E-7DB5-465b-BAB7-BDCDA39A394A}.check.100\CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{C8E6F269-B90A-4053-A3BE-499AFCEC98C4}.check.0\CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{DAB69A6A-4D2A-4D44-94BF-E0091898C881}.check.100\CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.100\CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.101\CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.102\CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.103\CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.104\CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.106\CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{01979c6a-42fa-414c-b8aa-eee2c8202018}\LastKnownState
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{11CD958A-C507-4EF3-B3F2-5FD9DFBD2C78}\LastKnownState
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{945a8954-c147-4acd-923f-40c45405a658}\LastKnownState
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{A5268B8E-7DB5-465b-BAB7-BDCDA39A394A}\LastKnownState
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{DAB69A6A-4D2A-4D44-94BF-E0091898C881}\LastKnownState
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\AutoCheckSelect
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\CascadeFolderBands
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\DontPrettyPath
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\EnableBalloonTips
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Filter
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Hidden
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\HideFileExt
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\HideIcons
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\IconsOnly
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ListviewAlphaSelect
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ListviewShadow
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\MapNetDrvBtn
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\NoNetCrawling
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\SeparateProcess
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowCompColor
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowInfoTip
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowSuperHidden
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowTypeOverlay
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\WebView
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\(Default)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\Attributes
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice\Progid
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice\Progid
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht\UserChoice\Progid
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mhtml\UserChoice\Progid
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.url\UserChoice\Progid
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Favorites\Links\Order
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{94956483-9236-11e5-a874-806e6f6e6963}\Data
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{94956483-9236-11e5-a874-806e6f6e6963}\Generation
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{94956484-9236-11e5-a874-806e6f6e6963}\Data
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{94956484-9236-11e5-a874-806e6f6e6963}\Generation
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Cache
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\AppData
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Desktop
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\{A520A1A4-1780-4FF6-BD18-167343C5AF16}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\Zvpebfbsg.VagreargRkcybere.Qrsnhyg
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\Flags
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\VerCache
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\Flags
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\VerCache
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DBC80044-A445-435B-BC74-9C25C1C588A9}\Flags
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DBC80044-A445-435B-BC74-9C25C1C588A9}\VerCache
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore\Count
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore\LoadTime
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore\Count
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore\LoadTime
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{92780B25-18CC-41C8-B9BE-3C9C571A8263}\iexplore\Count
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore\Count
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore\LoadTime
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\(Default)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Compatible
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Platform
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Version
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\AutoConfigCustomUA
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\AutoProxyDetectType
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ConnectTimeOut
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DisableCachingOfSSLPages
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\IsTextPlainHonored
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0\CurrentLevel
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0\Flags
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0\Icon
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ReceiveTimeOut
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\SendTimeOut
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\SpecialFoldersCacheSize
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\UrlEncoding
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\WpadExpirationDays
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\WpadLastNetwork
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{74306E05-02D8-40D6-B925-AFF78A888B42}\WpadDecision
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{74306E05-02D8-40D6-B925-AFF78A888B42}\WpadDecisionReason
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{74306E05-02D8-40D6-B925-AFF78A888B42}\WpadDecisionTime
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1806
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\Flags
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\1000
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\2500
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\CurrentLevel
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\Flags
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\Icon
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1000
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\2500
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\CurrentLevel
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\Flags
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\Icon
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1001
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1004
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1201
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1800
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1803
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1804
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1806
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1809
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1A10
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2001
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2004
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2100
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2106
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2700
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\CurrentLevel
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\Flags
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\Icon
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1001
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1004
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1200
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1201
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1405
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1800
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1803
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1804
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1806
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\2500
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\CurrentLevel
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\Flags
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\Icon
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\SecuritySafe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Allow Programmatic Cut_Copy_Paste
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached\{7007ACC7-3202-11D1-AAD2-00805FC1270E} {000214E6-0000-0000-C000-000000000046} 0xFFFF
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached\{871C5380-42A0-1069-A2EA-08002B30309D} {000214E6-0000-0000-C000-000000000046} 0xFFFF
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached\{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} {0000013A-0000-0000-C000-000000000046} 0xFFFF
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached\{FBF23B40-E3F0-101B-8488-00AA003E56F8} {00021500-0000-0000-C000-000000000046} 0xFFFF
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached\{FF393560-C2A7-11CF-BFF4-444553540000} {000214E6-0000-0000-C000-000000000046} 0xFFFF
HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Associations\MIMEAssociations\message/rfc822\UserChoice\Progid
HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Associations\MIMEAssociations\text/html\UserChoice\Progid
HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\ftp\UserChoice\Progid
HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\http\UserChoice\Progid
HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\https\UserChoice\Progid
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\Disabled
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\LastQueuePesterTime
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\QueuePesterInterval
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\DisableCachingOfSSLPages
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnableUTF8
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\SpecialFoldersCacheSize
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\UrlEncoding
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.JSE\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.URL\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.URL\Content Type
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.URL\PerceivedType
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.URL\ShellEx\{00021500-0000-0000-C000-000000000046}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.VBE\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.WSF\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.WSH\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.ade\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.adp\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.application\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.asp\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.bas\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.bat\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.cer\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.chm\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.cmd\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.com\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.cpl\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.crt\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.docm\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.docm\PerceivedType
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.exe\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.exe\Content Type
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.gadget\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.grp\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.hlp\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.hta\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.inf\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.js\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.lnk\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.lnk\ShellEx\{00021500-0000-0000-C000-000000000046}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.mad\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.maf\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.mag\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.mam\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.maq\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.mar\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.mas\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.mat\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.mau\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.mav\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.maw\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.mda\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.mdb\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.mde\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.mdt\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.mdw\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.mht\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.mhtml\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.msc\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.msi\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.msp\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.pif\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.pl\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.prf\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.pst\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.reg\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.scf\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.scr\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.sct\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.shtm\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.vbs\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.vss\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.vst\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.wsc\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.xml\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.xsl\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\BrowseInPlace
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\DocObject
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\IsShortcut
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\NeverShowExt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Application.Manifest\BrowserFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Application.Manifest\CLSID\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Application.Manifest\EditFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AutoProxyTypes\Application/x-internet-signup\Default
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AutoProxyTypes\Application/x-internet-signup\DllFile
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AutoProxyTypes\Application/x-internet-signup\FileExtensions
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AutoProxyTypes\Application/x-internet-signup\Flags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AutoProxyTypes\Application/x-ns-proxy-autoconfig\Default
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AutoProxyTypes\Application/x-ns-proxy-autoconfig\DllFile
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AutoProxyTypes\Application/x-ns-proxy-autoconfig\FileExtensions
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AutoProxyTypes\Application/x-ns-proxy-autoconfig\Flags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00021401-0000-0000-C000-000000000046}\DisableProcessIsolation
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00021401-0000-0000-C000-000000000046}\EnableShareDenyNone
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00021401-0000-0000-C000-000000000046}\NoOplock
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00021401-0000-0000-C000-000000000046}\UseInProcHandlerCache
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00021401-0000-0000-C000-000000000046}\UseOutOfProcHandlerCache
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\System.HideOnDesktop
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\System.NamespaceCLSID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\{28636AA6-953D-11D2-B5D6-00C04FD918D0} 34
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\{28636AA6-953D-11D2-B5D6-00C04FD918D0} 6
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21EC2020-3AEA-1069-A2DD-08002B30309D}\SortOrderIndex
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2227A280-3AEA-1069-A2DE-08002B30309D}\LocalizedString
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2227A280-3AEA-1069-A2DE-08002B30309D}\System.ItemNameDisplay
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2227A280-3AEA-1069-A2DE-08002B30309D}\{B725F130-47EF-101A-A5F1-02608C9EEBAC} 10
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{35786D3C-B075-49B9-88DD-029876E11C01}\SortOrderIndex
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{66742402-F9B9-11D1-A202-0000F81FEDEE}\DisableProcessIsolation
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{66742402-F9B9-11D1-A202-0000F81FEDEE}\NoOplock
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{66742402-F9B9-11D1-A202-0000F81FEDEE}\UseInProcHandlerCache
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{66742402-F9B9-11D1-A202-0000F81FEDEE}\UseOutOfProcHandlerCache
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7007ACC7-3202-11D1-AAD2-00805FC1270E}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7007ACC7-3202-11D1-AAD2-00805FC1270E}\InProcServer32\LoadWithoutCOM
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7007ACC7-3202-11D1-AAD2-00805FC1270E}\LocalizedString
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7007ACC7-3202-11D1-AAD2-00805FC1270E}\ShellFolder\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7007ACC7-3202-11D1-AAD2-00805FC1270E}\ShellFolder\CallForAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7007ACC7-3202-11D1-AAD2-00805FC1270E}\ShellFolder\HasNavigationEnum
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7007ACC7-3202-11D1-AAD2-00805FC1270E}\ShellFolder\HideFolderVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7007ACC7-3202-11D1-AAD2-00805FC1270E}\ShellFolder\HideInWebView
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7007ACC7-3202-11D1-AAD2-00805FC1270E}\ShellFolder\HideOnDesktopPerUser
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7007ACC7-3202-11D1-AAD2-00805FC1270E}\ShellFolder\MapNetDriveVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7007ACC7-3202-11D1-AAD2-00805FC1270E}\ShellFolder\NoFileFolderJunction
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7007ACC7-3202-11D1-AAD2-00805FC1270E}\ShellFolder\PinToNameSpaceTree
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7007ACC7-3202-11D1-AAD2-00805FC1270E}\ShellFolder\QueryForInfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7007ACC7-3202-11D1-AAD2-00805FC1270E}\ShellFolder\QueryForOverlay
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7007ACC7-3202-11D1-AAD2-00805FC1270E}\ShellFolder\RestrictedAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7007ACC7-3202-11D1-AAD2-00805FC1270E}\ShellFolder\UseDropHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7007ACC7-3202-11D1-AAD2-00805FC1270E}\ShellFolder\WantsAliasedNotifications
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7007ACC7-3202-11D1-AAD2-00805FC1270E}\ShellFolder\WantsFORDISPLAY
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7007ACC7-3202-11D1-AAD2-00805FC1270E}\ShellFolder\WantsFORPARSING
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7007ACC7-3202-11D1-AAD2-00805FC1270E}\ShellFolder\WantsParseDisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7007ACC7-3202-11D1-AAD2-00805FC1270E}\ShellFolder\WantsUniversalDelegate
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7007ACC7-3202-11D1-AAD2-00805FC1270E}\SortOrderIndex
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7007ACC7-3202-11D1-AAD2-00805FC1270E}\System.ItemNameDisplay
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7007ACC7-3202-11D1-AAD2-00805FC1270E}\{B725F130-47EF-101A-A5F1-02608C9EEBAC} 10
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{993BE281-6695-4BA5-8A2A-7AACBFAAB69E}\EnableShareDenyNone
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{993BE281-6695-4BA5-8A2A-7AACBFAAB69E}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{993BE281-6695-4BA5-8A2A-7AACBFAAB69E}\InprocServer32\LoadWithoutCOM
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9C73F5E5-7AE7-4E32-A8E8-8D23B85255BF}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9C73F5E5-7AE7-4E32-A8E8-8D23B85255BF}\InProcServer32\LoadWithoutCOM
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9C73F5E5-7AE7-4E32-A8E8-8D23B85255BF}\SortOrderIndex
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InProcServer32\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InProcServer32\ThreadingModel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FF393560-C2A7-11CF-BFF4-444553540000}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FF393560-C2A7-11CF-BFF4-444553540000}\InProcServer32\LoadWithoutCOM
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\AlwaysShowExt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\BrowseInPlace
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\DocObject
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\IsShortcut
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\NeverShowExt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\FolderExtensions\{fbeb8a05-beee-4442-804e-409d6c4515e9}\DriveMask
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ExplorerCLSIDFlags\{FBF23B40-E3F0-101B-8488-00AA003E56F8}\NoOplock
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\BrowseInPlace
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\DocObject
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\IsShortcut
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\NeverShowExt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.URL\AlwaysShowExt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.URL\BrowseInPlace
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.URL\CLSID\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.URL\DocObject
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.URL\IsShortcut
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.URL\NeverShowExt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.URL\ShellEx\IconHandler\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{00000134-0000-0000-C000-000000000046}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{85CB6900-4D95-11CF-960C-0080C7F4EE85}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{85CB6900-4D95-11CF-960C-0080C7F4EE85}\TypeLib\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{85CB6900-4D95-11CF-960C-0080C7F4EE85}\TypeLib\Version
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B722BCCB-4E68-101B-A2BC-00AA00404770}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/x-ms-application\CLSID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/x-ms-application\Extension
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\image/x-icon\Extension
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\about\CLSID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\res\CLSID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.docm\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.exe\AlwaysShowExt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.exe\BrowseInPlace
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.exe\DocObject
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.exe\IsShortcut
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.exe\NeverShowExt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{00020430-0000-0000-C000-000000000046}\2.0\0\win32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5F226421-415D-408D-9A09-0DCD94E25B48}\1.0\0\win32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{EAB22AC0-30C1-11CF-A7EB-0000C05BAE0B}\1.1\0\win32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{EAB22AC0-30C1-11CF-A7EB-0000C05BAE0B}\1.1\0\win64\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Word.DocumentMacroEnabled.12\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Word.DocumentMacroEnabled.12\CLSID\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Word.DocumentMacroEnabled.12\FriendlyTypeName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Word.DocumentMacroEnabled.12\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Word.DocumentMacroEnabled.12\IsShortcut
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00020420-0000-0000-C000-000000000046}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32\ThreadingModel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00020424-0000-0000-C000-000000000046}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32\ThreadingModel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0002DF01-0000-0000-C000-000000000046}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0002DF01-0000-0000-C000-000000000046}\ProgID\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{031E4825-7B94-4DC3-B131-E946B44C8DD5}\ShellFolder\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{031E4825-7B94-4DC3-B131-E946B44C8DD5}\ShellFolder\CallForAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{031E4825-7B94-4DC3-B131-E946B44C8DD5}\ShellFolder\HasNavigationEnum
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{031E4825-7B94-4DC3-B131-E946B44C8DD5}\ShellFolder\HideFolderVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{031E4825-7B94-4DC3-B131-E946B44C8DD5}\ShellFolder\HideInWebView
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{031E4825-7B94-4DC3-B131-E946B44C8DD5}\ShellFolder\HideOnDesktopPerUser
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{031E4825-7B94-4DC3-B131-E946B44C8DD5}\ShellFolder\MapNetDriveVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{031E4825-7B94-4DC3-B131-E946B44C8DD5}\ShellFolder\NoFileFolderJunction
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{031E4825-7B94-4DC3-B131-E946B44C8DD5}\ShellFolder\PinToNameSpaceTree
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{031E4825-7B94-4DC3-B131-E946B44C8DD5}\ShellFolder\QueryForInfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{031E4825-7B94-4DC3-B131-E946B44C8DD5}\ShellFolder\QueryForOverlay
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{031E4825-7B94-4DC3-B131-E946B44C8DD5}\ShellFolder\RestrictedAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{031E4825-7B94-4DC3-B131-E946B44C8DD5}\ShellFolder\UseDropHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{031E4825-7B94-4DC3-B131-E946B44C8DD5}\ShellFolder\WantsAliasedNotifications
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{031E4825-7B94-4DC3-B131-E946B44C8DD5}\ShellFolder\WantsFORDISPLAY
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{031E4825-7B94-4DC3-B131-E946B44C8DD5}\ShellFolder\WantsFORPARSING
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{031E4825-7B94-4DC3-B131-E946B44C8DD5}\ShellFolder\WantsParseDisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{031E4825-7B94-4DC3-B131-E946B44C8DD5}\ShellFolder\WantsUniversalDelegate
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{04731B67-D933-450A-90E6-4ACD2E9408FE}\ShellFolder\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{04731B67-D933-450A-90E6-4ACD2E9408FE}\ShellFolder\CallForAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{04731B67-D933-450A-90E6-4ACD2E9408FE}\ShellFolder\HasNavigationEnum
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{04731B67-D933-450A-90E6-4ACD2E9408FE}\ShellFolder\HideFolderVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{04731B67-D933-450A-90E6-4ACD2E9408FE}\ShellFolder\HideInWebView
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{04731B67-D933-450A-90E6-4ACD2E9408FE}\ShellFolder\HideOnDesktopPerUser
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{04731B67-D933-450A-90E6-4ACD2E9408FE}\ShellFolder\MapNetDriveVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{04731B67-D933-450A-90E6-4ACD2E9408FE}\ShellFolder\NoFileFolderJunction
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{04731B67-D933-450A-90E6-4ACD2E9408FE}\ShellFolder\PinToNameSpaceTree
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{04731B67-D933-450A-90E6-4ACD2E9408FE}\ShellFolder\QueryForInfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{04731B67-D933-450A-90E6-4ACD2E9408FE}\ShellFolder\QueryForOverlay
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{04731B67-D933-450A-90E6-4ACD2E9408FE}\ShellFolder\RestrictedAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{04731B67-D933-450A-90E6-4ACD2E9408FE}\ShellFolder\UseDropHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{04731B67-D933-450A-90E6-4ACD2E9408FE}\ShellFolder\WantsAliasedNotifications
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{04731B67-D933-450A-90E6-4ACD2E9408FE}\ShellFolder\WantsFORDISPLAY
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{04731B67-D933-450A-90E6-4ACD2E9408FE}\ShellFolder\WantsFORPARSING
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{04731B67-D933-450A-90E6-4ACD2E9408FE}\ShellFolder\WantsParseDisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{04731B67-D933-450A-90E6-4ACD2E9408FE}\ShellFolder\WantsUniversalDelegate
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{06EEE834-461C-42C2-8DCF-1502B527B1F9}\Instance\PropertySetStorage\{000214A0-0000-0000-C000-000000000046}\2\Key
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{06EEE834-461C-42C2-8DCF-1502B527B1F9}\Instance\PropertySetStorage\{000214A0-0000-0000-C000-000000000046}\2\Section
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{06EEE834-461C-42C2-8DCF-1502B527B1F9}\Instance\PropertySetStorage\{000214A0-0000-0000-C000-000000000046}\2\VarType
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{06EEE834-461C-42C2-8DCF-1502B527B1F9}\Instance\PropertySetStorage\{000214A0-0000-0000-C000-000000000046}\Section
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{06EEE834-461C-42C2-8DCF-1502B527B1F9}\Instance\PropertySetStorage\{5CBF2787-48CF-4208-B90E-EE5E5D420294}\2\Key
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{06EEE834-461C-42C2-8DCF-1502B527B1F9}\Instance\PropertySetStorage\{5CBF2787-48CF-4208-B90E-EE5E5D420294}\2\Section
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{06EEE834-461C-42C2-8DCF-1502B527B1F9}\Instance\PropertySetStorage\{5CBF2787-48CF-4208-B90E-EE5E5D420294}\2\VarType
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{06EEE834-461C-42C2-8DCF-1502B527B1F9}\Instance\PropertySetStorage\{5CBF2787-48CF-4208-B90E-EE5E5D420294}\Section
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{11016101-E366-4D22-BC06-4ADA335C892B}\ShellFolder\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{11016101-E366-4D22-BC06-4ADA335C892B}\ShellFolder\CallForAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{11016101-E366-4D22-BC06-4ADA335C892B}\ShellFolder\HasNavigationEnum
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{11016101-E366-4D22-BC06-4ADA335C892B}\ShellFolder\HideFolderVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{11016101-E366-4D22-BC06-4ADA335C892B}\ShellFolder\HideInWebView
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{11016101-E366-4D22-BC06-4ADA335C892B}\ShellFolder\HideOnDesktopPerUser
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{11016101-E366-4D22-BC06-4ADA335C892B}\ShellFolder\MapNetDriveVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{11016101-E366-4D22-BC06-4ADA335C892B}\ShellFolder\NoFileFolderJunction
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{11016101-E366-4D22-BC06-4ADA335C892B}\ShellFolder\PinToNameSpaceTree
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{11016101-E366-4D22-BC06-4ADA335C892B}\ShellFolder\QueryForInfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{11016101-E366-4D22-BC06-4ADA335C892B}\ShellFolder\QueryForOverlay
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{11016101-E366-4D22-BC06-4ADA335C892B}\ShellFolder\RestrictedAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{11016101-E366-4D22-BC06-4ADA335C892B}\ShellFolder\UseDropHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{11016101-E366-4D22-BC06-4ADA335C892B}\ShellFolder\WantsAliasedNotifications
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{11016101-E366-4D22-BC06-4ADA335C892B}\ShellFolder\WantsFORDISPLAY
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{11016101-E366-4D22-BC06-4ADA335C892B}\ShellFolder\WantsFORPARSING
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{11016101-E366-4D22-BC06-4ADA335C892B}\ShellFolder\WantsParseDisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{11016101-E366-4D22-BC06-4ADA335C892B}\ShellFolder\WantsUniversalDelegate
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\CallForAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\HasNavigationEnum
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\HideFolderVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\HideInWebView
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\HideOnDesktopPerUser
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\MapNetDriveVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\NoFileFolderJunction
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\PinToNameSpaceTree
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\QueryForInfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\QueryForOverlay
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\RestrictedAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\UseDropHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\WantsAliasedNotifications
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\WantsFORDISPLAY
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\WantsFORPARSING
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\WantsParseDisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\WantsUniversalDelegate
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\LocalizedString
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\CallForAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\HasNavigationEnum
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\HideFolderVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\HideInWebView
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\HideOnDesktopPerUser
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\MapNetDriveVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\NoFileFolderJunction
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\PinToNameSpaceTree
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\QueryForInfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\QueryForOverlay
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\RestrictedAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\UseDropHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsAliasedNotifications
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsFORDISPLAY
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsFORPARSING
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsParseDisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsUniversalDelegate
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{26EE0668-A00A-44D7-9371-BEB064C98683}\ShellFolder\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{26EE0668-A00A-44D7-9371-BEB064C98683}\ShellFolder\CallForAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{26EE0668-A00A-44D7-9371-BEB064C98683}\ShellFolder\HasNavigationEnum
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{26EE0668-A00A-44D7-9371-BEB064C98683}\ShellFolder\HideFolderVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{26EE0668-A00A-44D7-9371-BEB064C98683}\ShellFolder\HideInWebView
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{26EE0668-A00A-44D7-9371-BEB064C98683}\ShellFolder\HideOnDesktopPerUser
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{26EE0668-A00A-44D7-9371-BEB064C98683}\ShellFolder\MapNetDriveVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{26EE0668-A00A-44D7-9371-BEB064C98683}\ShellFolder\NoFileFolderJunction
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{26EE0668-A00A-44D7-9371-BEB064C98683}\ShellFolder\PinToNameSpaceTree
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{26EE0668-A00A-44D7-9371-BEB064C98683}\ShellFolder\QueryForInfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{26EE0668-A00A-44D7-9371-BEB064C98683}\ShellFolder\QueryForOverlay
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{26EE0668-A00A-44D7-9371-BEB064C98683}\ShellFolder\RestrictedAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{26EE0668-A00A-44D7-9371-BEB064C98683}\ShellFolder\UseDropHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{26EE0668-A00A-44D7-9371-BEB064C98683}\ShellFolder\WantsAliasedNotifications
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{26EE0668-A00A-44D7-9371-BEB064C98683}\ShellFolder\WantsFORDISPLAY
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{26EE0668-A00A-44D7-9371-BEB064C98683}\ShellFolder\WantsFORPARSING
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{26EE0668-A00A-44D7-9371-BEB064C98683}\ShellFolder\WantsParseDisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{26EE0668-A00A-44D7-9371-BEB064C98683}\ShellFolder\WantsUniversalDelegate
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\ShellFolder\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\ShellFolder\CallForAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\ShellFolder\HasNavigationEnum
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\ShellFolder\HideFolderVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\ShellFolder\HideInWebView
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\ShellFolder\HideOnDesktopPerUser
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\ShellFolder\MapNetDriveVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\ShellFolder\NoFileFolderJunction
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\ShellFolder\PinToNameSpaceTree
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\ShellFolder\QueryForInfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\ShellFolder\QueryForOverlay
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\ShellFolder\RestrictedAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\ShellFolder\UseDropHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\ShellFolder\WantsAliasedNotifications
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\ShellFolder\WantsFORDISPLAY
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\ShellFolder\WantsFORPARSING
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\ShellFolder\WantsParseDisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\ShellFolder\WantsUniversalDelegate
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}\ShellFolder\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}\ShellFolder\CallForAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}\ShellFolder\HasNavigationEnum
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}\ShellFolder\HideFolderVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}\ShellFolder\HideInWebView
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}\ShellFolder\HideOnDesktopPerUser
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}\ShellFolder\MapNetDriveVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}\ShellFolder\NoFileFolderJunction
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}\ShellFolder\PinToNameSpaceTree
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}\ShellFolder\QueryForInfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}\ShellFolder\QueryForOverlay
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}\ShellFolder\RestrictedAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}\ShellFolder\UseDropHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}\ShellFolder\WantsAliasedNotifications
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}\ShellFolder\WantsFORDISPLAY
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}\ShellFolder\WantsFORPARSING
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}\ShellFolder\WantsParseDisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}\ShellFolder\WantsUniversalDelegate
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\ShellFolder\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\ShellFolder\CallForAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\ShellFolder\HasNavigationEnum
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\ShellFolder\HideFolderVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\ShellFolder\HideInWebView
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\ShellFolder\HideOnDesktopPerUser
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\ShellFolder\MapNetDriveVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\ShellFolder\NoFileFolderJunction
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\ShellFolder\PinToNameSpaceTree
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\ShellFolder\QueryForInfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\ShellFolder\QueryForOverlay
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\ShellFolder\RestrictedAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\ShellFolder\UseDropHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\ShellFolder\WantsAliasedNotifications
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\ShellFolder\WantsFORDISPLAY
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\ShellFolder\WantsFORPARSING
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\ShellFolder\WantsParseDisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\ShellFolder\WantsUniversalDelegate
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\CallForAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\HasNavigationEnum
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\HideFolderVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\HideInWebView
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\HideOnDesktopPerUser
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\MapNetDriveVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\NoFileFolderJunction
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\PinToNameSpaceTree
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\QueryForInfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\QueryForOverlay
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\RestrictedAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\UseDropHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\WantsAliasedNotifications
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\WantsFORDISPLAY
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\WantsFORPARSING
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\WantsParseDisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\WantsUniversalDelegate
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\ShellFolder\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\ShellFolder\CallForAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\ShellFolder\HasNavigationEnum
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\ShellFolder\HideFolderVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\ShellFolder\HideInWebView
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\ShellFolder\HideOnDesktopPerUser
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\ShellFolder\MapNetDriveVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\ShellFolder\NoFileFolderJunction
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\ShellFolder\PinToNameSpaceTree
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\ShellFolder\QueryForInfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\ShellFolder\QueryForOverlay
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\ShellFolder\RestrictedAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\ShellFolder\UseDropHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\ShellFolder\WantsAliasedNotifications
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\ShellFolder\WantsFORDISPLAY
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\ShellFolder\WantsFORPARSING
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\ShellFolder\WantsParseDisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\ShellFolder\WantsUniversalDelegate
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InProcServer32\LoadWithoutCOM
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\CallForAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\HasNavigationEnum
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\HideFolderVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\HideInWebView
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\HideOnDesktopPerUser
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\MapNetDriveVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\NoFileFolderJunction
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\PinToNameSpaceTree
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\QueryForInfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\QueryForOverlay
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\RestrictedAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\UseDropHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\WantsAliasedNotifications
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\WantsFORDISPLAY
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\WantsFORPARSING
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\WantsParseDisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\WantsUniversalDelegate
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{89D83576-6BD1-4C86-9454-BEB04E94C819}\ShellFolder\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{89D83576-6BD1-4C86-9454-BEB04E94C819}\ShellFolder\CallForAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{89D83576-6BD1-4C86-9454-BEB04E94C819}\ShellFolder\HasNavigationEnum
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{89D83576-6BD1-4C86-9454-BEB04E94C819}\ShellFolder\HideFolderVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{89D83576-6BD1-4C86-9454-BEB04E94C819}\ShellFolder\HideInWebView
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{89D83576-6BD1-4C86-9454-BEB04E94C819}\ShellFolder\HideOnDesktopPerUser
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{89D83576-6BD1-4C86-9454-BEB04E94C819}\ShellFolder\MapNetDriveVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{89D83576-6BD1-4C86-9454-BEB04E94C819}\ShellFolder\NoFileFolderJunction
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{89D83576-6BD1-4C86-9454-BEB04E94C819}\ShellFolder\PinToNameSpaceTree
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{89D83576-6BD1-4C86-9454-BEB04E94C819}\ShellFolder\QueryForInfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{89D83576-6BD1-4C86-9454-BEB04E94C819}\ShellFolder\QueryForOverlay
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{89D83576-6BD1-4C86-9454-BEB04E94C819}\ShellFolder\RestrictedAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{89D83576-6BD1-4C86-9454-BEB04E94C819}\ShellFolder\UseDropHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{89D83576-6BD1-4C86-9454-BEB04E94C819}\ShellFolder\WantsAliasedNotifications
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{89D83576-6BD1-4C86-9454-BEB04E94C819}\ShellFolder\WantsFORDISPLAY
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{89D83576-6BD1-4C86-9454-BEB04E94C819}\ShellFolder\WantsFORPARSING
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{89D83576-6BD1-4C86-9454-BEB04E94C819}\ShellFolder\WantsParseDisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{89D83576-6BD1-4C86-9454-BEB04E94C819}\ShellFolder\WantsUniversalDelegate
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9343812E-1C37-4A49-A12E-4B2D810D956B}\ShellFolder\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9343812E-1C37-4A49-A12E-4B2D810D956B}\ShellFolder\CallForAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9343812E-1C37-4A49-A12E-4B2D810D956B}\ShellFolder\HasNavigationEnum
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9343812E-1C37-4A49-A12E-4B2D810D956B}\ShellFolder\HideFolderVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9343812E-1C37-4A49-A12E-4B2D810D956B}\ShellFolder\HideInWebView
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9343812E-1C37-4A49-A12E-4B2D810D956B}\ShellFolder\HideOnDesktopPerUser
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9343812E-1C37-4A49-A12E-4B2D810D956B}\ShellFolder\MapNetDriveVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9343812E-1C37-4A49-A12E-4B2D810D956B}\ShellFolder\NoFileFolderJunction
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9343812E-1C37-4A49-A12E-4B2D810D956B}\ShellFolder\PinToNameSpaceTree
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9343812E-1C37-4A49-A12E-4B2D810D956B}\ShellFolder\QueryForInfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9343812E-1C37-4A49-A12E-4B2D810D956B}\ShellFolder\QueryForOverlay
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9343812E-1C37-4A49-A12E-4B2D810D956B}\ShellFolder\RestrictedAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9343812E-1C37-4A49-A12E-4B2D810D956B}\ShellFolder\UseDropHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9343812E-1C37-4A49-A12E-4B2D810D956B}\ShellFolder\WantsAliasedNotifications
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9343812E-1C37-4A49-A12E-4B2D810D956B}\ShellFolder\WantsFORDISPLAY
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9343812E-1C37-4A49-A12E-4B2D810D956B}\ShellFolder\WantsFORPARSING
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9343812E-1C37-4A49-A12E-4B2D810D956B}\ShellFolder\WantsParseDisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9343812E-1C37-4A49-A12E-4B2D810D956B}\ShellFolder\WantsUniversalDelegate
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{98AF66E4-AA41-4226-B80F-0B1A8F34EEB4}\ProgID\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{98af66e4-aa41-4226-b80f-0b1a8f34eeb4}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{98af66e4-aa41-4226-b80f-0b1a8f34eeb4}\DocObject\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{98af66e4-aa41-4226-b80f-0b1a8f34eeb4}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{98af66e4-aa41-4226-b80f-0b1a8f34eeb4}\InProcServer32\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{98af66e4-aa41-4226-b80f-0b1a8f34eeb4}\InProcServer32\ThreadingModel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{98af66e4-aa41-4226-b80f-0b1a8f34eeb4}\ProgID\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InProcServer32\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InProcServer32\ThreadingModel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32\ThreadingModel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B4FB3F98-C1EA-428D-A78A-D1F5659CBA93}\ShellFolder\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B4FB3F98-C1EA-428D-A78A-D1F5659CBA93}\ShellFolder\CallForAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B4FB3F98-C1EA-428D-A78A-D1F5659CBA93}\ShellFolder\HasNavigationEnum
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B4FB3F98-C1EA-428D-A78A-D1F5659CBA93}\ShellFolder\HideFolderVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B4FB3F98-C1EA-428D-A78A-D1F5659CBA93}\ShellFolder\HideInWebView
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B4FB3F98-C1EA-428D-A78A-D1F5659CBA93}\ShellFolder\HideOnDesktopPerUser
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B4FB3F98-C1EA-428D-A78A-D1F5659CBA93}\ShellFolder\MapNetDriveVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B4FB3F98-C1EA-428D-A78A-D1F5659CBA93}\ShellFolder\NoFileFolderJunction
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B4FB3F98-C1EA-428D-A78A-D1F5659CBA93}\ShellFolder\PinToNameSpaceTree
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B4FB3F98-C1EA-428D-A78A-D1F5659CBA93}\ShellFolder\QueryForInfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B4FB3F98-C1EA-428D-A78A-D1F5659CBA93}\ShellFolder\QueryForOverlay
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B4FB3F98-C1EA-428D-A78A-D1F5659CBA93}\ShellFolder\RestrictedAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B4FB3F98-C1EA-428D-A78A-D1F5659CBA93}\ShellFolder\UseDropHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B4FB3F98-C1EA-428D-A78A-D1F5659CBA93}\ShellFolder\WantsAliasedNotifications
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B4FB3F98-C1EA-428D-A78A-D1F5659CBA93}\ShellFolder\WantsFORDISPLAY
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B4FB3F98-C1EA-428D-A78A-D1F5659CBA93}\ShellFolder\WantsFORPARSING
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B4FB3F98-C1EA-428D-A78A-D1F5659CBA93}\ShellFolder\WantsParseDisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B4FB3F98-C1EA-428D-A78A-D1F5659CBA93}\ShellFolder\WantsUniversalDelegate
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{BD7A2E7B-21CB-41B2-A086-B309680C6B7E}\ShellFolder\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{BD7A2E7B-21CB-41B2-A086-B309680C6B7E}\ShellFolder\CallForAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{BD7A2E7B-21CB-41B2-A086-B309680C6B7E}\ShellFolder\HasNavigationEnum
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{BD7A2E7B-21CB-41B2-A086-B309680C6B7E}\ShellFolder\HideFolderVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{BD7A2E7B-21CB-41B2-A086-B309680C6B7E}\ShellFolder\HideInWebView
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{BD7A2E7B-21CB-41B2-A086-B309680C6B7E}\ShellFolder\HideOnDesktopPerUser
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{BD7A2E7B-21CB-41B2-A086-B309680C6B7E}\ShellFolder\MapNetDriveVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{BD7A2E7B-21CB-41B2-A086-B309680C6B7E}\ShellFolder\NoFileFolderJunction
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{BD7A2E7B-21CB-41B2-A086-B309680C6B7E}\ShellFolder\PinToNameSpaceTree
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{BD7A2E7B-21CB-41B2-A086-B309680C6B7E}\ShellFolder\QueryForInfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{BD7A2E7B-21CB-41B2-A086-B309680C6B7E}\ShellFolder\QueryForOverlay
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{BD7A2E7B-21CB-41B2-A086-B309680C6B7E}\ShellFolder\RestrictedAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{BD7A2E7B-21CB-41B2-A086-B309680C6B7E}\ShellFolder\UseDropHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{BD7A2E7B-21CB-41B2-A086-B309680C6B7E}\ShellFolder\WantsAliasedNotifications
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{BD7A2E7B-21CB-41B2-A086-B309680C6B7E}\ShellFolder\WantsFORDISPLAY
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{BD7A2E7B-21CB-41B2-A086-B309680C6B7E}\ShellFolder\WantsFORPARSING
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{BD7A2E7B-21CB-41B2-A086-B309680C6B7E}\ShellFolder\WantsParseDisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{BD7A2E7B-21CB-41B2-A086-B309680C6B7E}\ShellFolder\WantsUniversalDelegate
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D5E8041D-920F-45E9-B8FB-B1DEB82C6E5E}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DAF95313-E44D-46AF-BE1B-CBACEA2C3065}\ShellFolder\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DAF95313-E44D-46AF-BE1B-CBACEA2C3065}\ShellFolder\CallForAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DAF95313-E44D-46AF-BE1B-CBACEA2C3065}\ShellFolder\HasNavigationEnum
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DAF95313-E44D-46AF-BE1B-CBACEA2C3065}\ShellFolder\HideFolderVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DAF95313-E44D-46AF-BE1B-CBACEA2C3065}\ShellFolder\HideInWebView
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DAF95313-E44D-46AF-BE1B-CBACEA2C3065}\ShellFolder\HideOnDesktopPerUser
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DAF95313-E44D-46AF-BE1B-CBACEA2C3065}\ShellFolder\MapNetDriveVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DAF95313-E44D-46AF-BE1B-CBACEA2C3065}\ShellFolder\NoFileFolderJunction
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DAF95313-E44D-46AF-BE1B-CBACEA2C3065}\ShellFolder\PinToNameSpaceTree
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DAF95313-E44D-46AF-BE1B-CBACEA2C3065}\ShellFolder\QueryForInfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DAF95313-E44D-46AF-BE1B-CBACEA2C3065}\ShellFolder\QueryForOverlay
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DAF95313-E44D-46AF-BE1B-CBACEA2C3065}\ShellFolder\RestrictedAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DAF95313-E44D-46AF-BE1B-CBACEA2C3065}\ShellFolder\UseDropHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DAF95313-E44D-46AF-BE1B-CBACEA2C3065}\ShellFolder\WantsAliasedNotifications
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DAF95313-E44D-46AF-BE1B-CBACEA2C3065}\ShellFolder\WantsFORDISPLAY
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DAF95313-E44D-46AF-BE1B-CBACEA2C3065}\ShellFolder\WantsFORPARSING
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DAF95313-E44D-46AF-BE1B-CBACEA2C3065}\ShellFolder\WantsParseDisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DAF95313-E44D-46AF-BE1B-CBACEA2C3065}\ShellFolder\WantsUniversalDelegate
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DBC80044-A445-435B-BC74-9C25C1C588A9}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E345F35F-9397-435C-8F95-4E922C26259E}\ShellFolder\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E345F35F-9397-435C-8F95-4E922C26259E}\ShellFolder\CallForAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E345F35F-9397-435C-8F95-4E922C26259E}\ShellFolder\HasNavigationEnum
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E345F35F-9397-435C-8F95-4E922C26259E}\ShellFolder\HideFolderVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E345F35F-9397-435C-8F95-4E922C26259E}\ShellFolder\HideInWebView
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E345F35F-9397-435C-8F95-4E922C26259E}\ShellFolder\HideOnDesktopPerUser
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E345F35F-9397-435C-8F95-4E922C26259E}\ShellFolder\MapNetDriveVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E345F35F-9397-435C-8F95-4E922C26259E}\ShellFolder\NoFileFolderJunction
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E345F35F-9397-435C-8F95-4E922C26259E}\ShellFolder\PinToNameSpaceTree
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E345F35F-9397-435C-8F95-4E922C26259E}\ShellFolder\QueryForInfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E345F35F-9397-435C-8F95-4E922C26259E}\ShellFolder\QueryForOverlay
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E345F35F-9397-435C-8F95-4E922C26259E}\ShellFolder\RestrictedAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E345F35F-9397-435C-8F95-4E922C26259E}\ShellFolder\UseDropHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E345F35F-9397-435C-8F95-4E922C26259E}\ShellFolder\WantsAliasedNotifications
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E345F35F-9397-435C-8F95-4E922C26259E}\ShellFolder\WantsFORDISPLAY
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E345F35F-9397-435C-8F95-4E922C26259E}\ShellFolder\WantsFORPARSING
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E345F35F-9397-435C-8F95-4E922C26259E}\ShellFolder\WantsParseDisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E345F35F-9397-435C-8F95-4E922C26259E}\ShellFolder\WantsUniversalDelegate
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\CallForAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\HasNavigationEnum
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\HideFolderVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\HideInWebView
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\HideOnDesktopPerUser
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\MapNetDriveVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\NoFileFolderJunction
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\PinToNameSpaceTree
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\QueryForInfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\QueryForOverlay
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\RestrictedAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\UseDropHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\WantsAliasedNotifications
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\WantsFORDISPLAY
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\WantsFORPARSING
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\WantsParseDisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\WantsUniversalDelegate
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\ShellFolder\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\ShellFolder\CallForAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\ShellFolder\HasNavigationEnum
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\ShellFolder\HideFolderVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\ShellFolder\HideInWebView
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\ShellFolder\HideOnDesktopPerUser
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\ShellFolder\MapNetDriveVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\ShellFolder\NoFileFolderJunction
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\ShellFolder\PinToNameSpaceTree
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\ShellFolder\QueryForInfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\ShellFolder\QueryForOverlay
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\ShellFolder\RestrictedAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\ShellFolder\UseDropHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\ShellFolder\WantsAliasedNotifications
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\ShellFolder\WantsFORDISPLAY
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\ShellFolder\WantsFORPARSING
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\ShellFolder\WantsParseDisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\ShellFolder\WantsUniversalDelegate
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{FBF23B40-E3F0-101B-8488-00AA003E56F8}\DisableProcessIsolation
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{FBF23B40-E3F0-101B-8488-00AA003E56F8}\EnableShareDenyNone
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{FBF23B40-E3F0-101B-8488-00AA003E56F8}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{FBF23B40-E3F0-101B-8488-00AA003E56F8}\InProcServer32\LoadWithoutCOM
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{FBF23B40-E3F0-101B-8488-00AA003E56F8}\NoOplock
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{FBF23B40-E3F0-101B-8488-00AA003E56F8}\UseInProcHandlerCache
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{FBF23B40-E3F0-101B-8488-00AA003E56F8}\UseOutOfProcHandlerCache
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{FF393560-C2A7-11CF-BFF4-444553540000}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{FF393560-C2A7-11CF-BFF4-444553540000}\InProcServer32\LoadWithoutCOM
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{00000134-0000-0000-C000-000000000046}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{00020400-0000-0000-C000-000000000046}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{04C18CCF-1F57-4CBD-88CC-3900F5195CE3}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1AC7516E-E6BB-4A69-B63F-E841904DC5A6}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{26656EAA-54EB-4E6F-8F85-4F0EF901A406}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2A1C9EB2-DF62-4154-B800-63278FCB8037}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{48A98A1F-5CDD-47EE-9286-DB04A3EB7CE1}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{55272A00-42CB-11CE-8135-00AA004BB851}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6D5140C1-7436-11CE-8034-00AA006009FA}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{7673B35E-907A-449D-A49F-E5CE47F0B0B2}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{8A40A45D-055C-4B62-ABD7-6D613E2CEAEC}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{9EC704BA-E1D4-45C5-9B59-BFAE07D9F04E}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF50}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF52}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF55}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF58}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{B40C43F1-F039-44D2-AEB7-87F5AF8ABC3D}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{B5702E61-E75C-4B64-82A1-6CB4F832FCCF}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{B722BCCB-4E68-101B-A2BC-00AA00404770}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{BCD1DE7E-2DB1-418B-B047-4A74E101F8C1}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{D30C1661-CDAF-11D0-8A3E-00C04FC9E26E}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{D30C1661-CDAF-11D0-8A3E-00C04FC9E26E}\TypeLib\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{D30C1661-CDAF-11D0-8A3E-00C04FC9E26E}\TypeLib\Version
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{D358F4E1-0465-4965-9DD5-CAE303D2C345}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{F704B7E0-4760-46FF-BBDB-7439E0A2A814}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\AlwaysShowExt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\BrowseInPlace
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\DocObject
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\IsShortcut
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\NeverShowExt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\NoStaticDefaultVerb
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\NeverDefault
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\NoWorkingDirectory
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\SetWorkingDirectoryFromTarget
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command\DelegateExecute
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command\command
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\IsShortcut
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo\IconsVisible
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo\ShowIconsCommand
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\CLRLoadLogDir
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\DisableConfigCache
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\InstallRoot
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\NGen\Policy\v4.0\OptimizeUsedBinaries
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\OnlyUseLatestCLR
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\UseRyuJIT
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\COM3\Com+Enabled
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\COM3\GipActivityBypass
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{0000897b-83df-4b96-be07-0fb58b01c4a4}\LanguageProfile\0x00000000\{0001bea3-ed56-483d-a2e2-aeae25577436}\Enable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Defaults\Provider\Microsoft Strong Cryptographic Provider\Image Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Defaults\Provider\Microsoft Strong Cryptographic Provider\Type
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\MachineGuid
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\CacheLocation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\DisableMSIPeek
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\DownloadCacheQuotaInKB
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\EnableLog
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\FileInUseMillisecondsBetweenRetries
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\FileInUseRetryAttempts
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\ForceLog
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\LogFailures
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\LogResourceBinds
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\LoggingLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NoClientChecks
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\Latest
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\LegacyPolicyTimeStamp
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\index41
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\UseLegacyIdentityFormat
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Security\DisableFixSecuritySettings
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Security\DisableSecuritySettingsCheck
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v4\Full\Release
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLE\MaxSxSHashCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLE\MaximumAllowedAllocationSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLE\PageAllocatorSystemHeapIsPrivate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLE\PageAllocatorUseSystemHeap
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\Extensions\NdrOleExtDLL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\Extensions\RemoteRpcDll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\MaxRpcSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\SecurityService\DefaultAuthLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\UDTAlignmentPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\Windows\CEIPEnable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\Windows\DisabledProcesses\74DD1FC8
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\Windows\DisabledProcesses\867C797E
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\Windows\DisabledSessions\GlobalSession
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\Windows\DisabledSessions\MachineThrottling
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AutoUpdateDisableNotify
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\InternetSettingsDisableNotify
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\VistaSp1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\Tahoma
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize\DisableMetaFiles
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DevOverrideEnable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\ProgramData
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3131157199-1995805048-2727015567-1000\ProfileImagePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones\Pacific Standard Time\Dynamic DST\2007
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones\Pacific Standard Time\Dynamic DST\2020
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones\Pacific Standard Time\Dynamic DST\FirstEntry
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones\Pacific Standard Time\Dynamic DST\LastEntry
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\LoadAppInit_DLLs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\IEXPLORE.EXE\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\IEXPLORE.EXE\AppendPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\IEXPLORE.EXE\DontUseDesktopChangeRouter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\IEXPLORE.EXE\PATH
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel\{20D04FE0-3AEA-1069-A2D8-08002B30309D}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\KindMap\.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\DelegateFolders\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\DelegateFolders\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\DelegateFolders\{35786D3C-B075-49b9-88DD-029876E11C01}\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\DelegateFolders\{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7}\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\DelegateFolders\{b155bdf8-02f0-451e-9a26-ae317cfd7779}\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UsersFiles\NameSpace\DelegateFolders\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UsersFiles\NameSpace\DelegateFolders\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UsersFiles\NameSpace\DelegateFolders\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\1000
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1000
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1806
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1001
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1004
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1201
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1405
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1800
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1803
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1804
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1806
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\AllowFileCLSIDJunctions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ClassicShell
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DontShowSuperHidden
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\InheritConsoleHandles
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoBandCustomize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoCommonGroups
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoControlPanel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFileMenu
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoInternetIcon
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoNetCrawling
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPropertiesMyComputer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPropertiesRecycleBin
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetFolders
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSimpleStartMenu
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoStrCmpLogical
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoWebView
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\SeparateProcess
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\TurnOffSPIAnimations
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{031E4825-7B94-4DC3-B131-E946B44C8DD5}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{04731B67-D933-450A-90E6-4ACD2E9408FE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{11016101-E366-4D22-BC06-4ADA335C892B}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{208D2C60-3AEA-1069-A2D7-08002B30309D}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{20D04FE0-3AEA-1069-A2D8-08002B30309D}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{26EE0668-A00A-44D7-9371-BEB064C98683}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{4336A54D-038B-4685-AB02-99BB52D3FB8B}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{450D8FBA-AD25-11D0-98A8-0800361B1103}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{59031A47-3F72-44A7-89C5-5595FE6B30EE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{645FF040-5081-101B-9F08-00AA002F954E}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{7007ACC7-3202-11D1-AAD2-00805FC1270E}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{871C5380-42A0-1069-A2EA-08002B30309D}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{89D83576-6BD1-4C86-9454-BEB04E94C819}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{9343812E-1C37-4A49-A12E-4B2D810D956B}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{B4FB3F98-C1EA-428D-A78A-D1F5659CBA93}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{BD7A2E7B-21CB-41B2-A086-B309680C6B7E}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{DAF95313-E44D-46AF-BE1B-CBACEA2C3065}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{E345F35F-9397-435C-8F95-4E922C26259E}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\PropertySystem\FormatForDisplayHelper
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\PropertySystem\PropertyHandlers\.exe\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\SourcePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{993BE281-6695-4BA5-8A2A-7AACBFAAB69E}\COCREATESHELLFOLDERONLY
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{993BE281-6695-4BA5-8A2A-7AACBFAAB69E}\CTXMENU_LIMITEDQI
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{993BE281-6695-4BA5-8A2A-7AACBFAAB69E}\CTXMENU_NOVERBS
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{993BE281-6695-4BA5-8A2A-7AACBFAAB69E}\CTXMENU_XPQCMFLAGS
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{993BE281-6695-4BA5-8A2A-7AACBFAAB69E}\NEEDSFILESYSANCESTOR
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{993BE281-6695-4BA5-8A2A-7AACBFAAB69E}\NEEDSSTORAGEANCESTOR
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{993BE281-6695-4BA5-8A2A-7AACBFAAB69E}\NOIPROPERTYSTORE
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{993BE281-6695-4BA5-8A2A-7AACBFAAB69E}\NOLEGACYWEBVIEW
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{993BE281-6695-4BA5-8A2A-7AACBFAAB69E}\NOTAFILESYSTEM
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{993BE281-6695-4BA5-8A2A-7AACBFAAB69E}\NO_WEBVIEW
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{993BE281-6695-4BA5-8A2A-7AACBFAAB69E}\OTNEEDSSFCACHE
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{993BE281-6695-4BA5-8A2A-7AACBFAAB69E}\PINDLL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{993BE281-6695-4BA5-8A2A-7AACBFAAB69E}\UNBINDABLE
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\Disabled
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\QueuePesterInterval
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Cryptography\PrivKeyCacheMaxItems
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Cryptography\PrivKeyCachePurgeIntervalSeconds
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Cryptography\PrivateKeyLifetimeSeconds
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\DisableCachingOfSSLPages
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Security_HKLM_only
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\SpecialFoldersCacheSize
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\UrlEncoding
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers\ExecutableTypes
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers\TransparentEnabled
HKEY_LOCAL_MACHINE\SOFTWARE\RegisteredApplications\Internet Explorer
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\CLRLoadLogDir
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\InstallRoot
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\OnlyUseLatestCLR
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\UseLegacyV2RuntimeActivationPolicyDefaultValue
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\CTF\EnableAnchorContext
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Feeds\UrlCacheVersion
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Fusion\NoClientChecks
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Capabilities\FileAssociations\.htm
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Capabilities\FileAssociations\.html
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Capabilities\FileAssociations\.mht
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Capabilities\FileAssociations\.mhtml
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Capabilities\FileAssociations\.url
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Capabilities\MIMEAssociations\message/rfc822
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Capabilities\MIMEAssociations\text/html
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Capabilities\UrlAssociations\ftp
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Capabilities\UrlAssociations\http
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Capabilities\UrlAssociations\https
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{92780B25-18CC-41C8-B9BE-3C9C571A8263}\ButtonText
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{92780B25-18CC-41C8-B9BE-3C9C571A8263}\Default Visible
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{92780B25-18CC-41C8-B9BE-3C9C571A8263}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{92780B25-18CC-41C8-B9BE-3C9C571A8263}\MenuText
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{92780B25-18CC-41C8-B9BE-3C9C571A8263}\clsid
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\LuaOffLoRIEOn
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ProtectedModeOffForAllZones
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\AdminTabProcs
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\AlwaysShowMenus
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\Check_Associations
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\DEPOff
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\DOMStorage
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\Display Inline Videos
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\Enable AutoImageResize
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ADDON_MANAGEMENT\*
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ADDON_MANAGEMENT\iexplore.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\*
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\f34d7021989b1e9ccf9551d3d850f6105c337f7c9d5674d20a449a89f6cf6548.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\iexplore.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION\*
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION\f34d7021989b1e9ccf9551d3d850f6105c337f7c9d5674d20a449a89f6cf6548.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION\iexplore.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE\*
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE\f34d7021989b1e9ccf9551d3d850f6105c337f7c9d5674d20a449a89f6cf6548.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE\iexplore.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\*
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\f34d7021989b1e9ccf9551d3d850f6105c337f7c9d5674d20a449a89f6cf6548.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\iexplore.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER\*
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER\f34d7021989b1e9ccf9551d3d850f6105c337f7c9d5674d20a449a89f6cf6548.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER\iexplore.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER\*
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER\f34d7021989b1e9ccf9551d3d850f6105c337f7c9d5674d20a449a89f6cf6548.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER\iexplore.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MIME_HANDLING\*
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MIME_HANDLING\f34d7021989b1e9ccf9551d3d850f6105c337f7c9d5674d20a449a89f6cf6548.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MIME_HANDLING\iexplore.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MIME_SNIFFING\*
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MIME_SNIFFING\f34d7021989b1e9ccf9551d3d850f6105c337f7c9d5674d20a449a89f6cf6548.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MIME_SNIFFING\iexplore.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN\*
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN\f34d7021989b1e9ccf9551d3d850f6105c337f7c9d5674d20a449a89f6cf6548.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN\iexplore.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_RELEASE_CALLBACK_ON_STOP_BINDING\*
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_RELEASE_CALLBACK_ON_STOP_BINDING\f34d7021989b1e9ccf9551d3d850f6105c337f7c9d5674d20a449a89f6cf6548.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD\*
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD\iexplore.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ\*
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ\iexplore.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SAFE_BINDTOOBJECT\iexplore.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SSLUX\*
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SSLUX\iexplore.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_UNC_SAVEDFILECHECK\*
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_UNC_SAVEDFILECHECK\f34d7021989b1e9ccf9551d3d850f6105c337f7c9d5674d20a449a89f6cf6548.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_UNC_SAVEDFILECHECK\iexplore.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_XSSFILTER\iexplore.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ZONE_ELEVATION\iexplore.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FrameMerging
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FrameShutdownDelay
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FrameTabWindow
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\HangResistance
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\NavigationDelay
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\Page_Transitions
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\Print_Background
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\Secondary Start Pages
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\SessionMerging
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\Show image placeholders
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\SmoothScroll
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\StatusBarWeb
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\TabProcGrowth
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\TabShutdownDelay
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\Use FormSuggest
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\XDomainRequest
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Migration\IE Installed Date
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\No3DBorder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\ShowSearchSuggestionsGlobal
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\Codepage
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\FaviconPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\FaviconURL
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\PreviewURL
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\PreviewURLFallback
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ShowSearchSuggestions
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\SuggestionsURL
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\SuggestionsURL_JSON
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\SuggestionsURL_JSONFallback
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Security\DisableFixSecuritySettings
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Security\DisableSecuritySettingsCheck
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SmartDithering
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Version Vector\IE
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Version Vector\VML
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Version Vector\WindowsEdition
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\NET Framework Setup\NDP\v4\Full\Release
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RASAPI32\ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RASAPI32\EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RASAPI32\EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RASAPI32\FileDirectory
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RASAPI32\FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RASAPI32\MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RASMANCS\ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RASMANCS\EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RASMANCS\EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RASMANCS\FileDirectory
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RASMANCS\FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RASMANCS\MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\iexplore_RASAPI32\ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\iexplore_RASAPI32\EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\iexplore_RASAPI32\EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\iexplore_RASAPI32\FileDirectory
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\iexplore_RASAPI32\FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\iexplore_RASAPI32\MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\iexplore_RASMANCS\ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\iexplore_RASMANCS\EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\iexplore_RASMANCS\EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\iexplore_RASMANCS\FileDirectory
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\iexplore_RASMANCS\FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\iexplore_RASMANCS\MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows Search\CurrentVersion
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\DevicePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Compatible
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Platform
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Version
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ConnectTimeOut
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0\MinLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0\RecommendedLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ReceiveTimeOut
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Secure Mime Handlers\Application.Manifest
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\SendTimeOut
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\SpecialFoldersCacheSize
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Url History\DaysToKeep
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1806
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\1000
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\2500
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\MinLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\RecommendedLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1000
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\2500
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\MinLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\RecommendedLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1806
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\MinLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\RecommendedLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1001
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1004
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1201
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1405
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1800
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1803
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1804
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1806
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\2500
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\MinLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\RecommendedLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SideBySide\PreferExternalManifest
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Advanced\CascadeFolderBands
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Desktop\NameSpace\{031E4825-7B94-4dc3-B131-E946B44C8DD5}\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Desktop\NameSpace\{04731B67-D933-450a-90E6-4ACD2E9408FE}\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Desktop\NameSpace\{11016101-E366-4D22-BC06-4ADA335C892B}\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Desktop\NameSpace\{26EE0668-A00A-44D7-9371-BEB064C98683}\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Desktop\NameSpace\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Desktop\NameSpace\{450D8FBA-AD25-11D0-98A8-0800361B1103}\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Desktop\NameSpace\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Desktop\NameSpace\{59031a47-3f72-44a7-89c5-5595fe6b30ee}\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Desktop\NameSpace\{645FF040-5081-101B-9F08-00AA002F954E}\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Desktop\NameSpace\{89D83576-6BD1-4c86-9454-BEB04E94C819}\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Desktop\NameSpace\{9343812e-1c37-4a49-a12e-4b2d810d956b}\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Desktop\NameSpace\{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Desktop\NameSpace\{BD7A2E7B-21CB-41b2-A086-B309680C6B7E}\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Desktop\NameSpace\{ED228FDF-9EA8-4870-83b1-96b02CFE0D52}\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Desktop\NameSpace\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Desktop\NameSpace\{daf95313-e44d-46af-be1b-cbacea2c3065}\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Desktop\NameSpace\{e345f35f-9397-435c-8f95-4e922c26259e}\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A520A1A4-1780-4FF6-BD18-167343C5AF16}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A520A1A4-1780-4FF6-BD18-167343C5AF16}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A520A1A4-1780-4FF6-BD18-167343C5AF16}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A520A1A4-1780-4FF6-BD18-167343C5AF16}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A520A1A4-1780-4FF6-BD18-167343C5AF16}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A520A1A4-1780-4FF6-BD18-167343C5AF16}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A520A1A4-1780-4FF6-BD18-167343C5AF16}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A520A1A4-1780-4FF6-BD18-167343C5AF16}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A520A1A4-1780-4FF6-BD18-167343C5AF16}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A520A1A4-1780-4FF6-BD18-167343C5AF16}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A520A1A4-1780-4FF6-BD18-167343C5AF16}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A520A1A4-1780-4FF6-BD18-167343C5AF16}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A520A1A4-1780-4FF6-BD18-167343C5AF16}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A520A1A4-1780-4FF6-BD18-167343C5AF16}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A520A1A4-1780-4FF6-BD18-167343C5AF16}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A520A1A4-1780-4FF6-BD18-167343C5AF16}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A520A1A4-1780-4FF6-BD18-167343C5AF16}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A520A1A4-1780-4FF6-BD18-167343C5AF16}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A520A1A4-1780-4FF6-BD18-167343C5AF16}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A520A1A4-1780-4FF6-BD18-167343C5AF16}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\StreamResourceType
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\ComputerName\ActiveComputerName\ComputerName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\AccessProviders\MartaExtension
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\FipsAlgorithmPolicy
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\FipsAlgorithmPolicy\Enabled
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\MUI\StringCacheSettings\StringCacheGeneration
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\950
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\en-US
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\en-US
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Language Groups\1
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Locale\00000409
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SESSION MANAGER\SafeProcessSearchMode
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LDAP\LdapClientIntegrity
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LDAP\UseHostnameAsAlias
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LDAP\UseOldHostResolutionOrder
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Domain
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Hostname
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinSock2\Parameters\AutodialDLL
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinSock2\Parameters\WinSock_Registry_Version
HKEY_LOCAL_MACHINE\SYSTEM\Setup\OOBEInProgress
HKEY_LOCAL_MACHINE\SYSTEM\Setup\SystemSetupInProgress

Registry Key-Written

HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\LanguageList
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\0\DisplayMask
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\0\DisplayName
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\0\ErrorState
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\0\Expiration
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\0\FeedUrl
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\0\Handler
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\0\Path
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\1\DisplayMask
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\1\DisplayName
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\1\ErrorState
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\1\Expiration
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\1\FeedUrl
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\1\Handler
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\1\Path
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FullScreen
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Window_Placement
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\WindowsSearch\UpgradeTime
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{69A53482-D179-11EA-83F6-00163E2C0414}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{01979c6a-42fa-414c-b8aa-eee2c8202018}.check.100\CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{11CD958A-C507-4EF3-B3F2-5FD9DFBD2C78}.check.101\CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{852FB1F8-5CC6-4567-9C0E-7C330F8807C2}.check.100\CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{852FB1F8-5CC6-4567-9C0E-7C330F8807C2}.check.101\CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{945a8954-c147-4acd-923f-40c45405a658}.check.42\CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{C8E6F269-B90A-4053-A3BE-499AFCEC98C4}.check.0\CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.100\CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.101\CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.102\CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.103\CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.104\CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.106\CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Favorites\Links\Order
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\Zvpebfbsg.VagreargRkcybere.Qrsnhyg
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore\Count
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore\LoadTime
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore\Time
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore\Type
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore\Count
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore\LoadTime
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore\Time
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore\Type
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{92780B25-18CC-41C8-B9BE-3C9C571A8263}\iexplore\Count
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{92780B25-18CC-41C8-B9BE-3C9C571A8263}\iexplore\Time
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{92780B25-18CC-41C8-B9BE-3C9C571A8263}\iexplore\Type
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore\Count
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore\LoadTime
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore\Time
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore\Type
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-ae-97-44\WpadDecision
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-ae-97-44\WpadDecisionReason
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-ae-97-44\WpadDecisionTime
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-cf-f0-3d\WpadDecision
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-cf-f0-3d\WpadDecisionReason
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-cf-f0-3d\WpadDecisionTime
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\WpadLastNetwork
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{74306E05-02D8-40D6-B925-AFF78A888B42}\WpadDecision
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{74306E05-02D8-40D6-B925-AFF78A888B42}\WpadDecisionReason
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{74306E05-02D8-40D6-B925-AFF78A888B42}\WpadDecisionTime
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{74306E05-02D8-40D6-B925-AFF78A888B42}\WpadNetworkName
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\UNCAsIntranet
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\SecuritySafe
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RASAPI32\ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RASAPI32\EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RASAPI32\EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RASAPI32\FileDirectory
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RASAPI32\FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RASAPI32\MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RASMANCS\ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RASMANCS\EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RASMANCS\EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RASMANCS\FileDirectory
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RASMANCS\FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RASMANCS\MaxFileSize

Mutex-Accessed

ConnHashTable<2672>_HashTable_Mutex
IESQMMUTEX_0_208
Local\!BrowserEmulation!SharedMemory!Mutex
Local\!IETld!Mutex
Local\Feed Arbitration Shared Memory Mutex [ User : S-1-5-21-3131157199-1995805048-2727015567-1000 ]
Local\Feed Eventing Shared Memory Mutex S-1-5-21-3131157199-1995805048-2727015567-1000
Local\Feeds Store Mutex S-1-5-21-3131157199-1995805048-2727015567-1000
Local\RSS Eventing Connection Database Mutex 00000a70
Local\ZoneAttributeCacheCounterMutex
Local\ZonesCacheCounterMutex
Local\ZonesCounterMutex
Local\ZonesLockedCacheCounterMutex
Local\c:!users!virtual!appdata!local!microsoft!feeds cache!
RasPbFile

Processes

Process Name

PID

Parent PID

f34d7021989b1e9ccf9551d3d850f6105c337f7c9d5674d20a449a89f6cf6548.exe 2336 2284

Filter:

Registry File Process Services Network Synchronization

Show entries

Search:

Time	Repeat	API	Arguments	Result
1595998566.65		GetSystemTimeAsFileTime		Status SUCCESS
1595998566.65		LdrLoadDll	module_name: "kernel32.dll" basename: "kernel32" stack_pivoted: 0 flags: 0 module_address: "0x7dd60000"	Status SUCCESS
1595998566.65	2	LdrGetProcedureAddress	ordinal: 0 function_address: "0x7deb0fcb" function_name: "EncodePointer" module: "kernel32" module_address: "0x7dd60000"	Status SUCCESS
1595998566.65		LdrGetDllHandle	module_name: "kernel32.dll" module_address: "0x7dd60000" stack_pivoted: 0	Status SUCCESS
1595998566.65	19	LdrGetProcedureAddress	ordinal: 0 function_address: "0x7dd74f2b" function_name: "FlsAlloc" module: "kernel32" module_address: "0x7dd60000"	Status SUCCESS
1595998566.65		LdrGetProcedureAddress	ordinal: 0 function_address: "0x004072a0" function_name: "SetDefaultDllDirectories" module: "kernel32" module_address: "0x7dd60000"	Return Value 3221225785 Status FAILURE
1595998566.65	8	LdrGetProcedureAddress	ordinal: 0 function_address: "0x7ddf424f" function_name: "EnumSystemLocalesEx" module: "kernel32" module_address: "0x7dd60000"	Status SUCCESS
1595998566.66		LdrGetProcedureAddress	ordinal: 0 function_address: "0x00407350" function_name: "GetCurrentPackageId" module: "kernel32" module_address: "0x7dd60000"	Return Value 3221225785 Status FAILURE
1595998566.66		__exception__	stacktrace: ["BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x7dd733ca", "RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x7dea9ed2", "RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x7dea9ea5"] exception: {"address": "0x432c92", "exception_code": "0xc0000005", "instruction": "push ebp", "instruction_r": "55 8b ec 83 7d 08 00 74 2d ff 75 08 6a 00 ff 35", "module": "f34d7021989b1e9ccf9551d3d850f6105c337f7c9d5674d20a449a89f6cf6548.exe", "offset": 208018, "symbol": "_EncodePointerInternal@4+0x162c6 f34d7021989b1e9ccf9551d3d850f6105c337f7c9d5674d20a449a89f6cf6548+0x32c92"} registers: {"eax": 0, "ebp": 1638280, "ebx": 0, "ecx": 4793044, "edi": 4787728, "edx": 1, "esi": 4790200, "esp": 1638204}	Status SUCCESS
1595998566.66		SetUnhandledExceptionFilter		Status FAILURE

Showing 1 to 10 of 3,885 entries

Previous1 2 3 4 5…389Next

dfsvc.exe 2428 2336

Filter:

Registry File Process Services Network Synchronization

Show entries

Search:

Time	Repeat	API	Arguments	Result
1595998572.62	2	GetSystemTimeAsFileTime		Status SUCCESS
1595998572.62		NtCreateMutant	desired_access: "0x001f0001" mutant_name: "" initial_owner: 0 mutant_handle: "0x000000000000002c"	Status SUCCESS
1595998572.62		GetSystemTimeAsFileTime		Status SUCCESS
1595998572.62		NtOpenKeyEx	key_handle: "0x0000000000000030" desired_access: "0x02000000" regkey: "HKEY_LOCAL_MACHINE" options: 0	Status SUCCESS
1595998572.62		NtQueryKey	key_handle: "0x0000000000000030" buffer: "" regkey: "HKEY_LOCAL_MACHINE" information_class: 7	Status SUCCESS
1595998572.62		NtOpenKeyEx	key_handle: "0x0000000000000000" desired_access: "0x00020019" regkey: "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Diagnostics" options: 0	Return Value -1073741772 Status FAILURE
1595998572.62		LdrLoadDll	module_name: "ADVAPI32.dll" basename: "ADVAPI32" stack_pivoted: 0 flags: 0 module_address: "0x000007ff7ff10000"	Status SUCCESS
1595998572.64		LdrGetProcedureAddress	ordinal: 0 function_address: "0x000007ff7ff306f0" function_name: "RegOpenKeyExW" module: "ADVAPI32" module_address: "0x000007ff7ff10000"	Status SUCCESS
1595998572.64		RegOpenKeyExW	regkey_r: "Software\Microsoft\.NETFramework\Policy\" base_handle: "0xffffffff80000002" key_handle: "0x0000000000000038" options: 0 access: "0x00020019" regkey: "HKEY_LOCAL_MACHINE\Software\Microsoft\.NETFramework\Policy\"	Status SUCCESS
1595998572.64		LdrGetProcedureAddress	ordinal: 0 function_address: "0x000007ff7ff2c360" function_name: "RegQueryInfoKeyW" module: "ADVAPI32" module_address: "0x000007ff7ff10000"	Status SUCCESS

Showing 1 to 10 of 818 entries

Previous1 2 3 4 5…82Next

iexplore.exe 2672 2336

Filter:

Registry File Process Services Network Synchronization

Show entries

Search:

Time	Repeat	API	Arguments	Result
1595998599.07		GetSystemTimeAsFileTime		Status SUCCESS
1595998599.07		SetUnhandledExceptionFilter		Status FAILURE
1595998599.07		LdrGetDllHandle	module_name: "advapi32" module_address: "0x77c60000" stack_pivoted: 0	Status SUCCESS
1595998599.07	3	LdrGetProcedureAddress	ordinal: 0 function_address: "0x7ded0c59" function_name: "EventWrite" module: "ADVAPI32" module_address: "0x77c60000"	Status SUCCESS
1595998599.07		LdrGetDllHandle	module_name: "kernel32.dll" module_address: "0x7dd60000" stack_pivoted: 0	Status SUCCESS
1595998599.07	5	LdrGetProcedureAddress	ordinal: 0 function_address: "0x7dea8456" function_name: "InitializeSRWLock" module: "kernel32" module_address: "0x7dd60000"	Status SUCCESS
1595998599.07		RegOpenKeyExW	regkey_r: "Software\Policies\Microsoft\Internet Explorer\Main" base_handle: "0x80000002" key_handle: "0x00000000" options: 0 access: "0x00020019" regkey: "HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main"	Return Value 2 Status FAILURE
1595998599.07		RegOpenKeyExW	regkey_r: "Software\Microsoft\Internet Explorer\Main" base_handle: "0x80000002" key_handle: "0x000000bc" options: 0 access: "0x00020019" regkey: "HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main"	Status SUCCESS
1595998599.07		RegQueryValueExW	key_handle: "0x000000bc" regkey_r: "DEPOff" reg_type: 0 value: "" regkey: "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\DEPOff"	Return Value 2 Status FAILURE
1595998599.07		LdrGetDllHandle	module_name: "Kernel32.DLL" module_address: "0x7dd60000" stack_pivoted: 0	Status SUCCESS

Showing 1 to 10 of 6,817 entries

Previous1 2 3 4 5…682Next

dfsvc.exe 2904 2792

Filter:

Registry File Process Services Network Synchronization

Show entries

Search:

Time	Repeat	API	Arguments	Result
1595998600.94	2	GetSystemTimeAsFileTime		Status SUCCESS
1595998600.95		NtCreateMutant	desired_access: "0x001f0001" mutant_name: "" initial_owner: 0 mutant_handle: "0x000000000000002c"	Status SUCCESS
1595998600.95		GetSystemTimeAsFileTime		Status SUCCESS
1595998600.95		NtOpenKeyEx	key_handle: "0x0000000000000030" desired_access: "0x02000000" regkey: "HKEY_LOCAL_MACHINE" options: 0	Status SUCCESS
1595998600.95		NtQueryKey	key_handle: "0x0000000000000030" buffer: "" regkey: "HKEY_LOCAL_MACHINE" information_class: 7	Status SUCCESS
1595998600.95		NtOpenKeyEx	key_handle: "0x0000000000000000" desired_access: "0x00020019" regkey: "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Diagnostics" options: 0	Return Value -1073741772 Status FAILURE
1595998600.95		LdrLoadDll	module_name: "ADVAPI32.dll" basename: "ADVAPI32" stack_pivoted: 0 flags: 0 module_address: "0x000007ff7ff10000"	Status SUCCESS
1595998600.95		LdrGetProcedureAddress	ordinal: 0 function_address: "0x000007ff7ff306f0" function_name: "RegOpenKeyExW" module: "ADVAPI32" module_address: "0x000007ff7ff10000"	Status SUCCESS
1595998600.95		RegOpenKeyExW	regkey_r: "Software\Microsoft\.NETFramework\Policy\" base_handle: "0xffffffff80000002" key_handle: "0x0000000000000038" options: 0 access: "0x00020019" regkey: "HKEY_LOCAL_MACHINE\Software\Microsoft\.NETFramework\Policy\"	Status SUCCESS
1595998600.95		LdrGetProcedureAddress	ordinal: 0 function_address: "0x000007ff7ff2c360" function_name: "RegQueryInfoKeyW" module: "ADVAPI32" module_address: "0x000007ff7ff10000"	Status SUCCESS

Showing 1 to 10 of 820 entries

Previous1 2 3 4 5…82Next

explorer.exe 1060 1032

Time	Repeat	API	Arguments	Result
1595998625.98	24	GetSystemMetrics	index: 11	Return Value 32 Status SUCCESS
1595998626.01		GetForegroundWindow		Return Value 65626 Status SUCCESS
1595998626.01		EnumWindows		Return Value 1 Status SUCCESS
1595998626.01		NtClose	handle: "0x0000000000000b3c"	Status SUCCESS
1595998626.01		NtDelayExecution	skipped: 0 milliseconds: 0	Status SUCCESS
1595998626.02	8	GetSystemMetrics	index: 11	Return Value 32 Status SUCCESS
1595998626.04		NtDelayExecution	skipped: 0 milliseconds: 0	Status SUCCESS
1595998626.04	16	GetSystemMetrics	index: 11	Return Value 32 Status SUCCESS
1595998626.05	2	GetKeyState	key_code: 27	Status SUCCESS
1595998626.05	2	GetSystemMetrics	index: 6	Return Value 1 Status SUCCESS

iexplore.exe 2964 2800

Filter:

Registry File Process Services Network Synchronization

Show entries

Search:

Time	Repeat	API	Arguments	Result
1595998665.73		GetSystemTimeAsFileTime		Status SUCCESS
1595998665.73		SetUnhandledExceptionFilter		Status FAILURE
1595998665.73		LdrGetDllHandle	module_name: "advapi32" module_address: "0x77c60000" stack_pivoted: 0	Status SUCCESS
1595998665.73	3	LdrGetProcedureAddress	ordinal: 0 function_address: "0x7ded0c59" function_name: "EventWrite" module: "ADVAPI32" module_address: "0x77c60000"	Status SUCCESS
1595998665.73		LdrGetDllHandle	module_name: "kernel32.dll" module_address: "0x7dd60000" stack_pivoted: 0	Status SUCCESS
1595998665.73	5	LdrGetProcedureAddress	ordinal: 0 function_address: "0x7dea8456" function_name: "InitializeSRWLock" module: "kernel32" module_address: "0x7dd60000"	Status SUCCESS
1595998665.73		RegOpenKeyExW	regkey_r: "Software\Policies\Microsoft\Internet Explorer\Main" base_handle: "0x80000002" key_handle: "0x00000000" options: 0 access: "0x00020019" regkey: "HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main"	Return Value 2 Status FAILURE
1595998665.73		RegOpenKeyExW	regkey_r: "Software\Microsoft\Internet Explorer\Main" base_handle: "0x80000002" key_handle: "0x000000bc" options: 0 access: "0x00020019" regkey: "HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main"	Status SUCCESS
1595998665.73		RegQueryValueExW	key_handle: "0x000000bc" regkey_r: "DEPOff" reg_type: 0 value: "" regkey: "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\DEPOff"	Return Value 2 Status FAILURE
1595998665.73		LdrGetDllHandle	module_name: "Kernel32.DLL" module_address: "0x7dd60000" stack_pivoted: 0	Status SUCCESS

Showing 1 to 10 of 5,670 entries

Previous1 2 3 4 5…567Next

Classification

Indicators

Yara

Static Analysis

Version Infos

Sections

Resources

Imports

Library KERNEL32.dll:

Library GDI32.dll:

Library ole32.dll:

Library Secur32.dll:

Library SHELL32.dll:

Library USER32.dll:

Library CRYPT32.dll:

Library WININET.dll:

Library msi.dll:

Exports

Strings

Network

DNS Requests

HTTP Requests

http://downloadcbm.tsspltd.com/CBMCalculator.application

http://www.bing.com/favicon.ico

http://downloadcbm.tsspltd.com/CBMCalculator.application

http://downloadcbm.tsspltd.com/CBMCalculator.application

http://downloadcbm.tsspltd.com/CBMCalculator.application

http://downloadcbm.tsspltd.com/CBMCalculator.application

http://downloadcbm.tsspltd.com/CBMCalculator.application

http://downloadcbm.tsspltd.com/CBMCalculator.application

http://downloadcbm.tsspltd.com/Application%20Files/CBMCalculator_2_0_0_52/CBMCalculator.exe.manifest

Hosts Involved

Geolocation

Destination Country

File

Screenshots

Behavior Summary

File-Read

File-Written

File-Deleted

File-Opened

Network-Connects IP

Network-Resolves URL

Network-Connects Host

Directory-Created

Directory-Enumerated

Registry Key-Opened

Registry Key-Deleted

Registry Key-Read

Registry Key-Written

Mutex-Accessed

Processes

f34d7021989b1e9ccf9551d3d850f6105c337f7c9d5674d20a449a89f6cf6548.exe23362284

dfsvc.exe24282336

iexplore.exe26722336

dfsvc.exe29042792

explorer.exe10601032

iexplore.exe29642800

f34d7021989b1e9ccf9551d3d850f6105c337f7c9d5674d20a449a89f6cf6548.exe 2336 2284

dfsvc.exe 2428 2336

iexplore.exe 2672 2336

dfsvc.exe 2904 2792

explorer.exe 1060 1032

iexplore.exe 2964 2800