| Category | Started On | Completed On | Duration | Cuckoo Version |
|---|---|---|---|---|
| FILE | 2016-08-22 20:25:03.600433 | 2016-08-22 20:26:05.925865 | 62 seconds | 2.0-dev |
| Machine | Label | Manager | Started On | Shutdown On |
|---|---|---|---|---|
| win7cuckoo | win7 Clone 1 | VirtualBox | 2016-08-22 20:25:04 | 2016-08-22 20:26:05 |
File Details
| File name | da0042e4ca77ad11ec0a9c10571b01d07d582d2b.zip |
|---|---|
| File size | 4447 bytes |
| File type | Zip archive data, at least v2.0 to extract |
| CRC32 | 06BAC4ED |
| MD5 | 6a5689dae28663ab8fa7d19d5f426e85 |
| SHA1 | da0042e4ca77ad11ec0a9c10571b01d07d582d2b |
| SHA256 | 4e1dcb723bba7d94489152292ded593a9e1d107989169e947d6b179172dc2b56 |
| SHA512 | 5d356f13f7fe582f0e413191d469996e205232abc996b37adc51ef60d20e276688d8ecf02fbe9fa2586171ce53ad30295b32bfb52cc642f470b59dd949fa90cc |
| Ssdeep | 96:KXdBWeXpCRvL2FVs9awzWcuBjIUSDDGr8wH7:K7WeXpMvqFV4awycumU+jwH7 |
| PEiD | None matched |
| Yara |
|
| VirusTotal | File not found on VirusTotal |
MetaFlows Scores
Metaflows Analysis Results (Signatures=125, Anomalies=0, PEiD=0, Yara=2, VT[1471897599]=0): Snort Events=3, AV Events=1
Total Score=125
SNORT EVENTS:
ET INFO Executable Download from dotted-quad Host
ET INFO SUSPICIOUS Dotted Quad Host MZ Response
ET POLICY PE EXE or DLL Windows file download HTTP
CLAMAV DETECTED:
Sanesecurity.Malware.25250.ZipHeur.UNOFFICIAL FOUND
Dropped File/Buffer Yara Signatures:
71d5ef964f50174873bab328a47c86ccd4c9f485 [BUFFER]: shellcode
b2501dbaf7136afe587be5c87208f1cf3772ee4c [BUFFER]: embedded_win_api
cee6e54fa897c2a33290eb1c0ff8697663de5fbe [BUFFER]: shellcode
f32c98c9855dd1305389fe042b8287f6e4aaad68 [BUFFER]: shellcode
Total Score=125
SNORT EVENTS:
ET INFO Executable Download from dotted-quad Host
ET INFO SUSPICIOUS Dotted Quad Host MZ Response
ET POLICY PE EXE or DLL Windows file download HTTP
CLAMAV DETECTED:
Sanesecurity.Malware.25250.ZipHeur.UNOFFICIAL FOUND
Dropped File/Buffer Yara Signatures:
71d5ef964f50174873bab328a47c86ccd4c9f485 [BUFFER]: shellcode
b2501dbaf7136afe587be5c87208f1cf3772ee4c [BUFFER]: embedded_win_api
cee6e54fa897c2a33290eb1c0ff8697663de5fbe [BUFFER]: shellcode
f32c98c9855dd1305389fe042b8287f6e4aaad68 [BUFFER]: shellcode
Signatures
recon_fingerprint details
dumped_buffer details
Windows_Connection_Settings_Accessed details
suspicious_process details
Windows_Proxy_Tinkering details
network_wscript_downloader details
persistence_ads details
antivm_generic_cpu details
antiav_bitdefender_libs details
antivm_vmware_files details
antiemu_wine details
injection_runpe details
Screenshots
Static Analysis
Dropped Files
Network Analysis
Behavior Summary
File-Read
- C:\Windows\SysWOW64\explorer.exe
- C:\ProgramData\Windows Font Preloader Service\15iy37s3aay.exe
- C:\Windows\System32\wshom.ocx
- C:\Windows\System32\stdole2.tlb
- C:\Users\Harry Dresden\AppData\Local\Temp\Greg-Resume.js
- C:\Windows\System32\msxml3.dll
- C:\Users\Harry Dresden\Desktop\desktop.ini
- C:\Windows\System32\wscript.exe
File-Written
- C:\Users\Harry Dresden\AppData\Local\Temp\rad0AFDD.tmp
- C:\Users\Harry Dresden\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YLC2QM2Y\bbcrypt[1].exe
File-Deleted
- C:\ProgramData\Windows Font Preloader Service\npicgzugz.txt
- C:\ProgramData\Windows Font Preloader Service\15iy37s3aay.exe:Zone.Identifier
- C:\Users\Harry Dresden\AppData\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000000.db
- C:\Users\Harry Dresden\AppData\Local\Temp\Greg-Resume.js
File-Opened
- C:\
- C:\Windows\SysWOW64\ntdll.dll
- C:\ProgramData\Windows Font Preloader Service
- C:\Windows\SysWOW64\tapi3.dll
- C:\ProgramData\Windows Font Preloader Service\15iy37s3aay.exe
- C:\Windows\SysWOW64\explorer.exe
- C:\Windows\System32\wshqos.dll
- C:\
- C:\Users\Harry Dresden\AppData\Local\
- C:\Windows\System32\msxml3.dll
- C:\Users\Harry Dresden\Desktop\desktop.ini
- C:\Windows\System32
- C:\Windows\System32\cmd.exe
- C:\Windows\System32\wshom.ocx
- C:\Users\
- C:\Users\Harry Dresden\
- C:\Users\Harry Dresden\AppData\
- C:\Users\Harry Dresden\AppData\Local\Temp\Greg-Resume.js
- C:\Windows\System32\en-US\wshtcpip.dll.mui
- C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac
- C:\Windows\System32\en-US\wshqos.dll.mui
- C:\Windows\
- C:\Windows\System32\en-US\wship6.dll.mui
- C:\Windows\System32\wscript.exe
- C:\Windows\System32\stdole2.tlb
- C:\Windows\Globalization\Sorting\sortdefault.nls
- C:\Windows\System32\
- C:\Users\Harry Dresden\AppData\Local\Temp\
- C:\Windows\System32\rsaenh.dll
- C:\Windows
- C:\Windows\System32\ieframe.dll
- C:\
- C:\Windows\Globalization\Sorting\sortdefault.nls
- C:\Users\
- C:\Users\Harry Dresden\
- C:\Users\Harry Dresden\AppData\
- C:\Users\Harry Dresden\AppData\Local\
File-Moved
- C:\Users\Harry Dresden\AppData\Local\Temp\rad0AFDD.tmp -> C:\ProgramData\Windows Font Preloader Service\15iy37s3aay.exe
Network-Connects Host
- 93.174.91.49
Directory-Created
- C:\ProgramData\Windows Font Preloader Service
- C:\Users\Harry Dresden\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YLC2QM2Y
- C:\Users\Harry Dresden\AppData\Local\Microsoft\Windows\Caches
Directory-Enumerated
- C:\Users\Harry Dresden
- C:\Users\Harry Dresden\AppData\Local\Temp\rad0AFDD.tmp
- C:\Users\Harry Dresden\AppData\Local\Temp
- C:\Users\Harry Dresden\AppData\Local
- C:\Windows\winsxs\x86_microsoft.windows.common-controls_*6.0.*_*
- C:\Users
- C:\Users\Harry Dresden\AppData
- C:\Users\Harry Dresden\AppData\Local\Temp\rad0AFDD.tmp
Registry Key-Opened
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Modem
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\IKEEXT
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\VaultSvc
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\lmhosts
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\HidBth
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RpcLocator
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\{87979D8F-DBB2-48D6-A984-D5B3AF417131}
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\iaStorV
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Schedule
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\.NET Data Provider for Oracle
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MegaSR
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\discache
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\vds
- HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\LSA\AccessProviders
- HKEY_LOCAL_MACHINE\SOFTWARE\Adobe
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\TDPIPE
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SysMain
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\ws2ifsl
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PcaSvc
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BDESVC
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\ProfSvc
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\.NET Memory Cache 4.0
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\1394ohci
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\EventSystem
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\QWAVE
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\AeLookupSvc
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\monitor
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WinDefend
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Mcx2Svc
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BrFiltUp
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\TCPIP6TUNNEL
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\clr_optimization_v2.0.50727_32
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\ACPI
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\viaide
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\i8042prt
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LanmanServer
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\exfat
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Power
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\mountmgr
- HKEY_CURRENT_USER\Software\Win7zip
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Fax
- HKEY_LOCAL_MACHINE\SOFTWARE\Clients
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteRegistry
- HKEY_LOCAL_MACHINE\SOFTWARE\Oracle
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\ql2300
- HKEY_LOCAL_MACHINE\SOFTWARE\Google
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\DPS
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\VBoxMouse
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Serial
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\luafv
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LanmanWorkstation
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\amdxata
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SSDPSRV
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\ALG
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RasAgileVpn
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PNRPsvc
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\nv_agp
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\usbprint
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Browser
- HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\Rpc
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\AppID
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\isapnp
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\KtmRm
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\hkmsvc
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\sffp_sd
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\sfloppy
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SMSvcHost 3.0.0.0
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\megasas
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\InetInfo
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\fdc
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WacomPen
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LSI_SCSI
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NDIS
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MTConfig
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WIMMount
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LSI_FC
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\amdsata
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PolicyAgent
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Filetrace
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\ldap
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\fvevol
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\HpSAMD
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BrUsbSer
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\TsUsbFlt
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\cmdide
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\AFD
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\HomeGroupProvider
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WbioSrvc
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\KSecDD
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\HidIr
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\TrkWks
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\VBoxSF
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BTHPORT
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Beep
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\CLFS
- HKEY_LOCAL_MACHINE\SOFTWARE\PassMark
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\pciide
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PerfProc
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\ASP.NET_64_2.0.50727
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RDPREFMP
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\vsmraid
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\adpu320
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\rdpbus
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RpcSs
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\adp94xx
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\simptcp
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\CmBatt
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\VBoxVideo
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\AppIDSvc
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PortProxy
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\aspnet_state
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NlaSvc
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\adsi
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\fdPHost
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\AudioSrv
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Rasl2tp
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WSearchIdxPi
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\rspndr
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\hidserv
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PptpMiniport
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WUDFRd
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\UmPass
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\uagp35
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\mouclass
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\cdrom
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\blbdrive
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\pla
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BTHMODEM
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Brserid
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RDPNP
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Wanarpv6
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\UI0Detect
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\KeyIso
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetTcpActivator
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Fs_Rec
- HKEY_CURRENT_USER\Software\AppDataLow\Software\{9986501E-992B-CD35-6266-A5874FE2BCCA}\0C4C1E75\07acef82af04
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\arc
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\nfrd960
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Psched
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\QWAVEdrv
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WcsPlugInService
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\UGatherer
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\.NET CLR Networking
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\UxSms
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\VBoxService
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\ClickToRunSvc
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MSDTC Bridge 3.0.0.0
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\DCLocator
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\kbdhid
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\ASP
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\CertPropSvc
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WwanSvc
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wudfsvc
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Appinfo
- HKEY_LOCAL_MACHINE\SOFTWARE\ODBC
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wuauserv
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wercplsupport
- HKEY_LOCAL_MACHINE\SOFTWARE\Macromedia
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WinHttpAutoProxySvc
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\mouhid
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\.NET Data Provider for SqlServer
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\ASP.NET_2.0.50727
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\VgaSave
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wcncsvc
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WAS
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\tcpipreg
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\.NET CLR Networking 4.0.0.0
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\p2psvc
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\HTTP
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\ebdrv
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NdisCap
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\W32Time
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\volmgr
- HKEY_LOCAL_MACHINE\SOFTWARE\JreMetrics
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\atapi
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\E1G60
- HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\nvraid
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\clr_optimization_v2.0.50727_64
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\ASP.NET
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\vwifibus
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RDPENCDD
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SMSvcHost 4.0.0.0
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\ASP.NET_4.0.30319
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MSTEE
- HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Netlogon
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\sermouse
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NativeWifiP
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\AmdK8
- HKEY_LOCAL_MACHINE\SOFTWARE\RegisteredApplications
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PerfOS
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\mpsdrv
- HKEY_LOCAL_MACHINE\SOFTWARE\Licenses
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WPDBusEnum
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SstpSvc
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WebClient
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MRxDAV
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\AsyncMac
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\CNG
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\spldr
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\CompositeBus
- HKEY_CURRENT_USER\Software\AppDataLow\Software\{1C1C1C1C-1C1C-1C1C-1C1C-1C1C1C1C1C1C}\00101CF2\fd01153281ab2
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MSPCLOCK
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\.NET CLR Data
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\iScsiPrt
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WdiSystemHost
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PerfNet
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\stisvc
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RasMan
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RdpVideoMiniport
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\tunnel
- HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\DcomLaunch
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\hcw85cir
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\ehSched
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\AxInstSV
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FileInfo
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\sppsvc
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WMPNetworkSvc
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\ESENT
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Parport
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\TermDD
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\DXGKrnl
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\15iy37s3aay.exe
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Disk
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MSiSCSI
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Themes
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\VSS
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\amdide
- HKEY_CURRENT_USER\Software\AppDataLow\Software\MyMailClient
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FontCache3.0.0.0
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\sffp_mmc
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\umbus
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\flpydisk
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\swenum
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PerfDisk
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\stexstor
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\usbohci
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\.NETFramework
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\ErrDev
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\tdx
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MSDTC
- HKEY_LOCAL_MACHINE\Software\Win7zip
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\elxstor
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\usbehci
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Ndisuio
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MozillaMaintenance
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\vdrvroot
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NdisTapi
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MMCSS
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\ProtectedStorage
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NTDS
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\b57nd60a
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetPipeActivator
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SensrSvc
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WinSock2
- HKEY_LOCAL_MACHINE\SOFTWARE\Intel
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MpsSvc
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Serenum
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\USBSTOR
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\scfilter
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SENS
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\TBS
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NdisWan
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WSearch
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\ServiceModelService 3.0.0.0
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\KSecPkg
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\partmgr
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\secdrv
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FontCache
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\sffdisk
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Smb
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\ql40xx
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\arcsas
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\b06bdrv
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\fastfat
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SiSRaid4
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RDPDD
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\mrxsmb20
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\DIRECTIO
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\mrxsmb10
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\dot3svc
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LSI_SAS2
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FDResPub
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Wdf01000
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\volsnap
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LSI_SAS
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\TDTCP
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\aliide
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\IEEtwCollectorService
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetTcpPortSharing
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\IPNAT
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SCPolicySvc
- HKEY_LOCAL_MACHINE\SOFTWARE\HeartMath
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WerSvc
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PlugPlay
- HKEY_LOCAL_MACHINE\SOFTWARE\Python
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\rdyboost
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RasAuto
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MSDTC Bridge 4.0.0.0
- HKEY_LOCAL_MACHINE\SOFTWARE\SyncIntegrationClients
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BrFiltLo
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\msdsm
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\usbccgp
- HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LDAP
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\netprofm
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\udfs
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WPCSvc
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\usbvideo
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RpcEptMapper
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\DfsC
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MSSCNTRS
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WmiApRpl
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\msahci
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Netman
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Winmgmt
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\EFS
- HKEY_LOCAL_MACHINE\SOFTWARE
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\msisadrv
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\nsi
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\osppsvc
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\COMSysApp
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\HDAudBus
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\intelide
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\CryptSvc
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\seclogon
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\napagent
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\AppHostSvc
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bthserv
- HKEY_CURRENT_USER\Software\AppDataLow\Software
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SamSs
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\ehRecvr
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\pci
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PNRPAutoReg
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\pcw
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PEAUTH
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\TabletInputService
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Lsa
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\gpsvc
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Spooler
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\TSDDD
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\pcmcia
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\ose
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\srv2
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\HidUsb
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\THREADORDER
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\amdsbs
- HKEY_CURRENT_USER\Software\AppDataLow\Google Updater
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\TrustedInstaller
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\HdAudAddService
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SiSRaid2
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\gagp30kx
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SNMP
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bowser
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\srv
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\clr_optimization_v4.0.30319_32
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Wd
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\agp440
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WmiAcpi
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\UGTHRSVC
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\defragsvc
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\mrxsmb
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RDPWD
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\volmgrx
- HKEY_LOCAL_MACHINE\SOFTWARE\Foxit Software
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\IpFilterDriver
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WANARP
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetMsmqActivator
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NDProxy
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\ServiceModelOperation 3.0.0.0
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PerfHost
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\srvnet
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\rdbss
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Null
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\usbhub
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\lltdsvc
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\AdobeARMservice
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\IPMIDRV
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\hwpolicy
- HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\EapHost
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WudfPf
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\iphlpsvc
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\upnphost
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLEAUT
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Windows Workflow Foundation 4.0.0.0
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Wlansvc
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\adpahci
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Ntfs
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MSKSSRV
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BrSerWdm
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\HidBatt
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SCardSvr
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\usbuhci
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\mshidkmdf
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SDRSVC
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RasPppoe
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\drmkaud
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\vga
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Winsock
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\lltdio
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\crypt32
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\AmdPPM
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\idsvc
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Npfs
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\ohci1394
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\AudioEndpointBuilder
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RasAcd
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\ShellHWDetection
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\usbcir
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\uliagpkx
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\HomeGroupListener
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wmiApSrv
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wbengine
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SessionEnv
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\p2pimsvc
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\sbp2port
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LPDSVC
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\mpio
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WdiServiceHost
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FsDepends
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SNMPTRAP
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WfpLwf
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WatAdminSvc
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MSPQM
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BattC
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\AcpiPmi
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\tssecsrv
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\TermService
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\nsiproxy
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MsRPC
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\IPBusEnum
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\TapiSrv
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\VBoxGuest
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RDPUDD
- HKEY_LOCAL_MACHINE\SOFTWARE\mozilla.org
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\inetaccs
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BrUsbMdm
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\TCPIPTUNNEL
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RDPCDD
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\DiagTrack
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\TCPIP6
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Processor
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\msiserver
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\iirsp
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dhcp
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\crcdisk
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Msfs
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\xmlprov
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\crypt32
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\IRENUM
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\sppuinotify
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\intelppm
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Compbatt
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\swprv
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\mssmbios
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\nvstor
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RasSstp
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Mup
- HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\vhdmp
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\cdfs
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wscsvc
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\ServiceModelEndpoint 3.0.0.0
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\clr_optimization_v4.0.30319_64
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\ksthunk
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Wecsvc
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WinRM
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Windows Workflow Foundation 3.0.0.0
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\kbdclass
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\circlass
- HKEY_CLASSES_ROOT\PROTOCOLS\Name-Space Handler\http\
- HKEY_CURRENT_USER\Software
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INITIALIZE_URLACTION_SHELLEXECUTE_TO_ALLOW_KB936610
- HKEY_LOCAL_MACHINE\Software\Microsoft\COM3
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
- HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings
- HKEY_CLASSES_ROOT\.js
- HKEY_LOCAL_MACHINE\Software\Policies
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONES_DEFAULT_DRIVE_INTRANET_KB941000
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_INITIALIZE_URLACTION_SHELLEXECUTE_TO_ALLOW_KB936610
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ALLOW_REVERSE_SOLIDUS_IN_USERINFO_KB932562
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_IGNORE_POLICIES_ZONEMAP_IF_ESC_ENABLED_KB918915
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONES_CHECK_ZONEMAP_POLICY_KB941001
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\application/octet-stream
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Pre Platform
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Security
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{5F058833-0652-4B15-B7EA-02DD7798ACE8}\0a-00-27-00-00-00
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MIME_HANDLING
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Security
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_CERT_WARNINGS_ON_POST_FROM_ISTREAM_KB2894776
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ZONES_CHECK_ZONEMAP_POLICY_KB941001
- HKEY_LOCAL_MACHINE\Software
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Pre Platform
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{5F058833-0652-4B15-B7EA-02DD7798ACE8}
- HKEY_CLASSES_ROOT\PROTOCOLS\Name-Space Handler\*\
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_POLICIES_ZONEMAP_IF_ESC_ENABLED_KB918915
- HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_URLMON_IQDA_SIZE
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ALLOW_REVERSE_SOLIDUS_IN_USERINFO_KB932562
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent
- HKEY_CURRENT_USER\Software\Policies
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER
- HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\KindMap
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_URLMON_IQDA_SIZE
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00
- HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings
- HKEY_LOCAL_MACHINE\System\Setup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ZONES_DEFAULT_DRIVE_INTRANET_KB941000
- HKEY_CLASSES_ROOT\MIME\Database\Content Type\application/octet-stream
- HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform
- HKEY_CLASSES_ROOT\PROTOCOLS\Name-Space Handler\
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION
- HKEY_CLASSES_ROOT\JSFile\ScriptEngine
- HKEY_CURRENT_USER\SOFTWARE\Classes\PROTOCOLS\Filter\application/octet-stream
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\UrlMon Settings
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SHOW_CERT_WARNINGS_ON_POST_FROM_ISTREAM_KB2894776
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings
- HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
Registry Key-Deleted
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyOverride
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\AutoDetect
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{5F058833-0652-4B15-B7EA-02DD7798ACE8}\WpadDetectedUrl
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDetectedUrl
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\AutoConfigURL
Registry Key-Read
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\MaxRpcSize
- HKEY_CURRENT_USER\Software\AppDataLow\Software\{9986501E-992B-CD35-6266-A5874FE2BCCA}\0C4C1E75\07acef82af04\dab2d44ff47
- HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LDAP\UseHostnameAsAlias
- HKEY_CURRENT_USER\Software\AppDataLow\Software\{9986501E-992B-CD35-6266-A5874FE2BCCA}\0C4C1E75\07acef82af04\335446143c8
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\en-US
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\crypt32\DebugHeapFlags
- HKEY_LOCAL_MACHINE\SYSTEM\Setup\SystemSetupInProgress
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LDAP\LdapClientIntegrity
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize\DisableMetaFiles
- HKEY_CURRENT_USER\Software\AppDataLow\Software\{9986501E-992B-CD35-6266-A5874FE2BCCA}\0C4C1E75\07acef82af04\0ca5b420d3cfe95e35
- HKEY_LOCAL_MACHINE\SYSTEM\Setup\OOBEInProgress
- HKEY_CURRENT_USER\Software\AppDataLow\Software\{9986501E-992B-CD35-6266-A5874FE2BCCA}\0C4C1E75\07acef82af04\77c0dfcb60ac5c
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LDAP\UseOldHostResolutionOrder
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\Windows\CEIPSampledIn
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Language Groups\1
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\Windows\CEIPEnable
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\en-US
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\AccessProviders\MartaExtension
- HKEY_CURRENT_USER\Software\AppDataLow\Software\{9986501E-992B-CD35-6266-A5874FE2BCCA}\0C4C1E75\07acef82af04\a4a7fbfdcd2e
- HKEY_CURRENT_USER\Software\AppDataLow\Software\{9986501E-992B-CD35-6266-A5874FE2BCCA}\0C4C1E75\07acef82af04\6bf5ee163c0c6ac03bc
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\ComputerName\ActiveComputerName\ComputerName
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProductId
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Locale\00000409
- HKEY_CURRENT_USER\Software\AppDataLow\Software\{9986501E-992B-CD35-6266-A5874FE2BCCA}\0C4C1E75\07acef82af04\813b2c69f961f2b6be
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{04731B67-D933-450A-90E6-4ACD2E9408FE}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\Initialization\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$Function
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BD7A2E7B-21CB-41B2-A086-B309680C6B7E}\ShellFolder\PinToNameSpaceTree
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\*
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{138508BC-1E03-49EA-9C8F-EA9E1D05D65D}\ShellFolder\WantsFORDISPLAY
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ReceiveTimeOut
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{89D83576-6BD1-4C86-9454-BEB04E94C819}\ShellFolder\RestrictedAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\WantsFORPARSING
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileAssociation\AllowedReservedCharacters
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4FB3F98-C1EA-428D-A78A-D1F5659CBA93}\ShellFolder\NoFileFolderJunction
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{031E4825-7B94-4DC3-B131-E946B44C8DD5}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ConnectTimeOut
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{031E4825-7B94-4DC3-B131-E946B44C8DD5}\ShellFolder\MapNetDriveVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\ShellFolder\WantsParseDisplayName
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\ShellFolder\RestrictedAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetFolders
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000566-0000-0010-8000-00AA006D2EA4}\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\LocalizedName
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\wscript.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DAF95313-E44D-46AF-BE1B-CBACEA2C3065}\ShellFolder\WantsFORPARSING
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSimpleStartMenu
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\crypt32\DiagMatchAnyMask
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Platform
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}\ShellFolder\HideFolderVerbs
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{b9fc2740-d442-11e0-8ee6-806e6f6e6963}\Generation
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\ParsingName
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DAF95313-E44D-46AF-BE1B-CBACEA2C3065}\ShellFolder\WantsFORDISPLAY
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BD7A2E7B-21CB-41B2-A086-B309680C6B7E}\ShellFolder\HasNavigationEnum
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4FB3F98-C1EA-428D-A78A-D1F5659CBA93}\ShellFolder\WantsFORDISPLAY
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E345F35F-9397-435C-8F95-4E922C26259E}\ShellFolder\HideOnDesktopPerUser
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9343812E-1C37-4A49-A12E-4B2D810D956B}\ShellFolder\MapNetDriveVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\Extensions\RemoteRpcDll
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\NoFileFolderJunction
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{031E4825-7B94-4DC3-B131-E946B44C8DD5}\ShellFolder\HideInWebView
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\Attributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\NoFileFolderJunction
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BCD1DE7E-2DB1-418B-B047-4A74E101F8C1}\ProxyStubClsid32\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\ShellFolder\WantsFORPARSING
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BD7A2E7B-21CB-41B2-A086-B309680C6B7E}\ShellFolder\MapNetDriveVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.ade\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\MapNetDriveVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26EE0668-A00A-44D7-9371-BEB064C98683}\ShellFolder\WantsFORDISPLAY
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}\ShellFolder\QueryForOverlay
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0875DCB6-C686-4243-9432-ADCCF0B9F2D7}\ShellFolder\HideInWebView
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3F5824C-AD58-4728-AF59-A1EBE3392799}\ShellFolder\HideInWebView
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3F5824C-AD58-4728-AF59-A1EBE3392799}\ShellFolder\WantsUniversalDelegate
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{138508BC-1E03-49EA-9C8F-EA9E1D05D65D}\ShellFolder\HasNavigationEnum
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.cer\(Default)
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\HideIcons
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ConnectTimeOut
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{4336A54D-038B-4685-AB02-99BB52D3FB8B}
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\HasNavigationEnum
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3F5824C-AD58-4728-AF59-A1EBE3392799}\ShellFolder\RestrictedAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}\ShellFolder\HideInWebView
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MIME_HANDLING\wscript.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\AutoCheckSelect
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{04731B67-D933-450A-90E6-4ACD2E9408FE}\ShellFolder\NoFileFolderJunction
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DAF95313-E44D-46AF-BE1B-CBACEA2C3065}\ShellFolder\WantsUniversalDelegate
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72C24DD5-D70A-438B-8A42-98424B88AFB8}\InProcServer32\InprocServer32
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{89D83576-6BD1-4C86-9454-BEB04E94C819}\ShellFolder\PinToNameSpaceTree
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FD8B88D-30E1-4F25-AC2B-553D3D65F0EA}\ShellFolder\WantsAliasedNotifications
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000566-0000-0010-8000-00AA006D2EA4}\InprocServer32\InprocServer32
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11016101-E366-4D22-BC06-4ADA335C892B}\ShellFolder\Attributes
- HKEY_CURRENT_USER\Directory\IsShortcut
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\InitFolderHandler
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0875DCB6-C686-4243-9432-ADCCF0B9F2D7}\ShellFolder\HideFolderVerbs
- HKEY_CURRENT_USER\Directory\AlwaysShowExt
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\PreCreate
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{b9fc2740-d442-11e0-8ee6-806e6f6e6963}\Data
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FD8B88D-30E1-4F25-AC2B-553D3D65F0EA}\ShellFolder\WantsFORPARSING
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.exe\Content Type
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\PinToNameSpaceTree
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11016101-E366-4D22-BC06-4ADA335C892B}\ShellFolder\UseDropHandler
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\ShellFolder\HideInWebView
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F6D90F16-9C73-11D3-B32E-00C04F990BB4}\ProgID\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\RestrictedAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER\wscript.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\ShellFolder\HideOnDesktopPerUser
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\IsShortcut
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\ShellFolder\WantsFORPARSING
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11016101-E366-4D22-BC06-4ADA335C892B}\ShellFolder\HideInWebView
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98D99750-0B8A-4C59-9151-589053683D73}\ShellFolder\RestrictedAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98D99750-0B8A-4C59-9151-589053683D73}\ShellFolder\HasNavigationEnum
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E345F35F-9397-435C-8F95-4E922C26259E}\ShellFolder\RestrictedAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\ShellFolder\WantsUniversalDelegate
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{645FF040-5081-101B-9F08-00AA002F954E}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Script Host\Settings\IgnoreUserSettings
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER\wscript.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{89D83576-6BD1-4C86-9454-BEB04E94C819}\ShellFolder\Attributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\MapNetDriveVerbs
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\Flags
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BD7A2E7B-21CB-41B2-A086-B309680C6B7E}\ShellFolder\HideInWebView
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}\ShellFolder\WantsFORDISPLAY
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\DocObject
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E345F35F-9397-435C-8F95-4E922C26259E}\ShellFolder\WantsAliasedNotifications
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\ShellFolder\WantsUniversalDelegate
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{9343812E-1C37-4A49-A12E-4B2D810D956B}
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{04731B67-D933-450A-90E6-4ACD2E9408FE}\ShellFolder\MapNetDriveVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\RelativePath
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4FB3F98-C1EA-428D-A78A-D1F5659CBA93}\ShellFolder\HasNavigationEnum
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\MapNetDriveVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{BD7A2E7B-21CB-41b2-A086-B309680C6B7E}\SuppressionPolicy
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{031E4825-7B94-4DC3-B131-E946B44C8DD5}\ShellFolder\UseDropHandler
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\CallForAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{450D8FBA-AD25-11D0-98A8-0800361B1103}\SuppressionPolicy
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{04731B67-D933-450A-90E6-4ACD2E9408FE}\ShellFolder\HideFolderVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E345F35F-9397-435C-8F95-4E922C26259E}\ShellFolder\WantsUniversalDelegate
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\DontPrettyPath
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9343812E-1C37-4A49-A12E-4B2D810D956B}\ShellFolder\WantsParseDisplayName
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3F5824C-AD58-4728-AF59-A1EBE3392799}\ShellFolder\PinToNameSpaceTree
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DevicePath
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DAF95313-E44D-46AF-BE1B-CBACEA2C3065}\ShellFolder\QueryForInfoTip
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4FB3F98-C1EA-428D-A78A-D1F5659CBA93}\ShellFolder\MapNetDriveVerbs
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9343812E-1C37-4A49-A12E-4B2D810D956B}\ShellFolder\WantsAliasedNotifications
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Script Host\Settings\LogSecuritySuccesses
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{031E4825-7B94-4DC3-B131-E946B44C8DD5}\ShellFolder\WantsUniversalDelegate
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E345F35F-9397-435C-8F95-4E922C26259E}\ShellFolder\WantsFORDISPLAY
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\*
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32\ThreadingModel
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InProcServer32\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\QueryForInfoTip
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\WantsUniversalDelegate
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{031E4825-7B94-4DC3-B131-E946B44C8DD5}\ShellFolder\WantsParseDisplayName
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\UseDropHandler
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN\wscript.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\2005
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26EE0668-A00A-44D7-9371-BEB064C98683}\ShellFolder\HasNavigationEnum
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\ShellFolder\WantsParseDisplayName
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BD7A2E7B-21CB-41B2-A086-B309680C6B7E}\ShellFolder\HideFolderVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\ShellFolder\UseDropHandler
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowTypeOverlay
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\ShellFolder\UseDropHandler
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\MapNetDrvBtn
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\Certificate\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$Function
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER\*
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Filter
- HKEY_CURRENT_USER\Directory\NeverShowExt
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\ShellFolder\PinToNameSpaceTree
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{138508bc-1e03-49ea-9c8f-ea9e1d05d65d}\SuppressionPolicy
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\en-US
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FD8B88D-30E1-4F25-AC2B-553D3D65F0EA}\ShellFolder\HideInWebView
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\MigrateProxy
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3F5824C-AD58-4728-AF59-A1EBE3392799}\ShellFolder\CallForAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\ShellFolder\PinToNameSpaceTree
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\Flags
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\ShellFolder\QueryForInfoTip
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers\LogFileName
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoWebView
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\QueryForInfoTip
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000566-0000-0010-8000-00AA006D2EA4}\InprocServer32\ThreadingModel
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\WantsFORPARSING
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FD8B88D-30E1-4F25-AC2B-553D3D65F0EA}\ShellFolder\QueryForOverlay
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{89D83576-6BD1-4C86-9454-BEB04E94C819}\ShellFolder\WantsFORDISPLAY
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\ShellFolder\WantsUniversalDelegate
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.js\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Roamable
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4FB3F98-C1EA-428D-A78A-D1F5659CBA93}\ShellFolder\HideInWebView
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Script Host\Settings\Enabled
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$DLL
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\ShellFolder\WantsAliasedNotifications
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{031E4825-7B94-4DC3-B131-E946B44C8DD5}\ShellFolder\HideOnDesktopPerUser
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26EE0668-A00A-44D7-9371-BEB064C98683}\ShellFolder\QueryForInfoTip
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ADODB.Stream\CLSID\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{89D83576-6BD1-4c86-9454-BEB04E94C819}\SuppressionPolicy
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{98D99750-0B8A-4c59-9151-589053683D73}\SuppressionPolicy
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E345F35F-9397-435C-8F95-4E922C26259E}\ShellFolder\PinToNameSpaceTree
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\FipsAlgorithmPolicy
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\ShellFolder\PinToNameSpaceTree
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{450D8FBA-AD25-11D0-98A8-0800361B1103}
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3F5824C-AD58-4728-AF59-A1EBE3392799}\ShellFolder\WantsFORPARSING
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98D99750-0B8A-4C59-9151-589053683D73}\ShellFolder\WantsFORPARSING
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\IsShortcut
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\ShellFolder\HideFolderVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\ShellFolder\HideFolderVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\HideInWebView
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command\(Default)
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\crypt32\DiagLevel
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0875DCB6-C686-4243-9432-ADCCF0B9F2D7}\ShellFolder\MapNetDriveVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DAF95313-E44D-46AF-BE1B-CBACEA2C3065}\ShellFolder\WantsParseDisplayName
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0875DCB6-C686-4243-9432-ADCCF0B9F2D7}\ShellFolder\WantsFORDISPLAY
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\ShellFolder\QueryForInfoTip
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3F5824C-AD58-4728-AF59-A1EBE3392799}\ShellFolder\WantsFORDISPLAY
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3F5824C-AD58-4728-AF59-A1EBE3392799}\ShellFolder\WantsAliasedNotifications
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98D99750-0B8A-4C59-9151-589053683D73}\ShellFolder\HideFolderVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\MapNetDriveVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\QueryForOverlay
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\SeparateProcess
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.exe\AlwaysShowExt
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9343812E-1C37-4A49-A12E-4B2D810D956B}\ShellFolder\CallForAttributes
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Hidden
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Script Host\Settings\Timeout
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Cryptography\PrivKeyCachePurgeIntervalSeconds
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{DAF95313-E44D-46AF-BE1B-CBACEA2C3065}
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4FB3F98-C1EA-428D-A78A-D1F5659CBA93}\ShellFolder\QueryForOverlay
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DAF95313-E44D-46AF-BE1B-CBACEA2C3065}\ShellFolder\MapNetDriveVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}\ShellFolder\HasNavigationEnum
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoWebView
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLE\MaximumAllowedAllocationSize
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\WantsFORDISPLAY
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\QueryForOverlay
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\ShellFolder\RestrictedAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{138508BC-1E03-49EA-9C8F-EA9E1D05D65D}\ShellFolder\RestrictedAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{208D2C60-3AEA-1069-A2D7-08002B30309D}
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{138508BC-1E03-49EA-9C8F-EA9E1D05D65D}\ShellFolder\HideInWebView
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{89D83576-6BD1-4C86-9454-BEB04E94C819}\ShellFolder\NoFileFolderJunction
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\KindMap\.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDhcp
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\ParsingName
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\ShellFolder\HideFolderVerbs
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\SendTimeOut
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BD7A2E7B-21CB-41B2-A086-B309680C6B7E}\ShellFolder\WantsFORPARSING
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E345F35F-9397-435C-8F95-4E922C26259E}\ShellFolder\HideInWebView
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\ShellFolder\NoFileFolderJunction
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{04731B67-D933-450A-90E6-4ACD2E9408FE}\ShellFolder\CallForAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\ShellFolder\WantsParseDisplayName
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{00020430-0000-0000-C000-000000000046}\2.0\0\win64\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E345F35F-9397-435C-8F95-4E922C26259E}\ShellFolder\HideFolderVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{138508BC-1E03-49EA-9C8F-EA9E1D05D65D}\ShellFolder\MapNetDriveVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{031E4825-7B94-4DC3-B131-E946B44C8DD5}\ShellFolder\NoFileFolderJunction
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}
- HKEY_LOCAL_MACHINE\SYSTEM\Setup\SystemSetupInProgress
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DontShowSuperHidden
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{04731B67-D933-450A-90E6-4ACD2E9408FE}\ShellFolder\WantsParseDisplayName
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26EE0668-A00A-44D7-9371-BEB064C98683}\ShellFolder\CallForAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{04731B67-D933-450A-90E6-4ACD2E9408FE}\ShellFolder\Attributes
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowInfoTip
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\ShellFolder\WantsUniversalDelegate
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{138508BC-1E03-49EA-9C8F-EA9E1D05D65D}\ShellFolder\Attributes
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecisionReason
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{F3F5824C-AD58-4728-AF59-A1EBE3392799}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\SourcePath
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{04731B67-D933-450A-90E6-4ACD2E9408FE}\ShellFolder\QueryForInfoTip
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98D99750-0B8A-4C59-9151-589053683D73}\ShellFolder\NoFileFolderJunction
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\ShellFolder\WantsFORDISPLAY
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{138508BC-1E03-49EA-9C8F-EA9E1D05D65D}\ShellFolder\CallForAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{138508BC-1E03-49EA-9C8F-EA9E1D05D65D}\ShellFolder\HideFolderVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{04731B67-D933-450A-90E6-4ACD2E9408FE}\ShellFolder\PinToNameSpaceTree
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\NeverShowExt
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers\SaferFlags
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsParseDisplayName
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26EE0668-A00A-44D7-9371-BEB064C98683}\ShellFolder\HideFolderVerbs
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\AutoConfigURL
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3F5824C-AD58-4728-AF59-A1EBE3392799}\ShellFolder\WantsParseDisplayName
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98D99750-0B8A-4C59-9151-589053683D73}\ShellFolder\PinToNameSpaceTree
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\NeverShowExt
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FD8B88D-30E1-4F25-AC2B-553D3D65F0EA}\ShellFolder\HideFolderVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2A1C9EB2-DF62-4154-B800-63278FCB8037}\ProxyStubClsid32\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98D99750-0B8A-4C59-9151-589053683D73}\ShellFolder\QueryForOverlay
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\WantsUniversalDelegate
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\ShellFolder\QueryForOverlay
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0875DCB6-C686-4243-9432-ADCCF0B9F2D7}\ShellFolder\QueryForInfoTip
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\SessionMerging
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4FB3F98-C1EA-428D-A78A-D1F5659CBA93}\ShellFolder\HideFolderVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.bat\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\ShellFolder\RestrictedAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\ShellFolder\Attributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E345F35F-9397-435C-8F95-4E922C26259E}\ShellFolder\Attributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0D43FE01-F093-11CF-8940-00A0C9054228}\InprocServer32\ThreadingModel
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\ShellFolder\HasNavigationEnum
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32\InprocServer32
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{031E4825-7B94-4DC3-B131-E946B44C8DD5}\ShellFolder\HasNavigationEnum
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{20D04FE0-3AEA-1069-A2D8-08002B30309D}
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{89D83576-6BD1-4C86-9454-BEB04E94C819}\ShellFolder\HideFolderVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\AlwaysShowExt
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\application/octet-stream\CLSID
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Locale\00000409
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\InfoTip
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\SuppressionPolicy
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0875DCB6-C686-4243-9432-ADCCF0B9F2D7}\ShellFolder\QueryForOverlay
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\ShellFolder\Attributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\HideFolderVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\wscript.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\Attributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{138508BC-1E03-49EA-9C8F-EA9E1D05D65D}\ShellFolder\UseDropHandler
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\WantsParseDisplayName
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\QueryForInfoTip
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoCommonGroups
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\ShellFolder\NoFileFolderJunction
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\FolderTypeID
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F6D90F16-9C73-11D3-B32E-00C04F990BB4}\InProcServer32\ThreadingModel
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.crt\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{89D83576-6BD1-4C86-9454-BEB04E94C819}\ShellFolder\QueryForInfoTip
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\Windows\DisabledSessions\MachineThrottling
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\ShellFolder\MapNetDriveVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Defaults\Provider\Microsoft Enhanced RSA and AES Cryptographic Provider\Type
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000566-0000-0010-8000-00AA006D2EA4}\InprocServer32\(Default)
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnableUTF8
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11016101-E366-4D22-BC06-4ADA335C892B}\ShellFolder\RestrictedAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\COM3\COM+Enabled
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{04731B67-D933-450A-90E6-4ACD2E9408FE}\ShellFolder\WantsFORPARSING
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Name
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{04731B67-D933-450A-90E6-4ACD2E9408FE}\ShellFolder\HideInWebView
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\RestrictedAttributes
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Desktop
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0875DCB6-C686-4243-9432-ADCCF0B9F2D7}\ShellFolder\WantsFORPARSING
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER\*
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FD8B88D-30E1-4F25-AC2B-553D3D65F0EA}\ShellFolder\CallForAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{11016101-E366-4D22-BC06-4ADA335C892B}\SuppressionPolicy
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0875DCB6-C686-4243-9432-ADCCF0B9F2D7}\ShellFolder\WantsParseDisplayName
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{e345f35f-9397-435c-8f95-4e922c26259e}\SuppressionPolicy
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\BrowseInPlace
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\PublishExpandedPath
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0875DCB6-C686-4243-9432-ADCCF0B9F2D7}\ShellFolder\CallForAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72C24DD5-D70A-438B-8A42-98424B88AFB8}\ProgID\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.bas\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\HideFolderVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Category
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.com\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98D99750-0B8A-4C59-9151-589053683D73}\ShellFolder\Attributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\BrowseInPlace
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{645FF040-5081-101B-9F08-00AA002F954E}\SuppressionPolicy
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{00000134-0000-0000-C000-000000000046}\ProxyStubClsid32\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0875DCB6-C686-4243-9432-ADCCF0B9F2D7}\ShellFolder\NoFileFolderJunction
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\WantsFORPARSING
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\WantsParseDisplayName
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2005
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\ShellFolder\MapNetDriveVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\CallForAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\QueryForInfoTip
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Version
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26EE0668-A00A-44D7-9371-BEB064C98683}\ShellFolder\WantsFORPARSING
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\ShellFolder\WantsFORPARSING
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FD8B88D-30E1-4F25-AC2B-553D3D65F0EA}\ShellFolder\Attributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BD7A2E7B-21CB-41B2-A086-B309680C6B7E}\ShellFolder\UseDropHandler
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\LocalRedirectOnly
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\Cleanup\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$DLL
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowCompColor
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FrameTabWindow
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{8A40A45D-055C-4B62-ABD7-6D613E2CEAEC}\ProxyStubClsid32\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\HideInWebView
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DAF95313-E44D-46AF-BE1B-CBACEA2C3065}\ShellFolder\PinToNameSpaceTree
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Description
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11016101-E366-4D22-BC06-4ADA335C892B}\ShellFolder\QueryForInfoTip
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3F5824C-AD58-4728-AF59-A1EBE3392799}\ShellFolder\QueryForOverlay
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Icon
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPropertiesRecycleBin
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{89D83576-6BD1-4C86-9454-BEB04E94C819}\ShellFolder\WantsFORPARSING
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000566-0000-0010-8000-00AA006D2EA4}\ProgID\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}\ShellFolder\QueryForInfoTip
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPropertiesMyComputer
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\ShellFolder\WantsFORDISPLAY
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{59031a47-3f72-44a7-89c5-5595fe6b30ee}\SuppressionPolicy
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Srp\GP\RuleCount
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{138508BC-1E03-49EA-9C8F-EA9E1D05D65D}\ShellFolder\WantsAliasedNotifications
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Category
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3F5824C-AD58-4728-AF59-A1EBE3392799}\ShellFolder\HasNavigationEnum
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\HasNavigationEnum
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\State
- HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings\DisplayLogo
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\ParentFolder
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72C24DD5-D70A-438B-8A42-98424B88AFB8}\InProcServer32\ThreadingModel
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1A10
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Description
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E345F35F-9397-435C-8F95-4E922C26259E}\ShellFolder\QueryForOverlay
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\TabProcGrowth
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{04731B67-D933-450A-90E6-4ACD2E9408FE}\ShellFolder\WantsAliasedNotifications
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FD8B88D-30E1-4F25-AC2B-553D3D65F0EA}\ShellFolder\MapNetDriveVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DAF95313-E44D-46AF-BE1B-CBACEA2C3065}\ShellFolder\WantsAliasedNotifications
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26EE0668-A00A-44D7-9371-BEB064C98683}\ShellFolder\HideOnDesktopPerUser
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoCommonGroups
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{138508BC-1E03-49EA-9C8F-EA9E1D05D65D}\ShellFolder\WantsUniversalDelegate
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{138508BC-1E03-49EA-9C8F-EA9E1D05D65D}
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9343812E-1C37-4A49-A12E-4B2D810D956B}\ShellFolder\HideFolderVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\ShellFolder\WantsFORDISPLAY
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\NoFileFolderJunction
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\ShellFolder\WantsFORPARSING
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{89D83576-6BD1-4C86-9454-BEB04E94C819}\ShellFolder\MapNetDriveVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11016101-E366-4D22-BC06-4ADA335C892B}\ShellFolder\MapNetDriveVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DAF95313-E44D-46AF-BE1B-CBACEA2C3065}\ShellFolder\UseDropHandler
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11016101-E366-4D22-BC06-4ADA335C892B}\ShellFolder\NoFileFolderJunction
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9343812E-1C37-4A49-A12E-4B2D810D956B}\ShellFolder\Attributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26EE0668-A00A-44D7-9371-BEB064C98683}\ShellFolder\QueryForOverlay
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPropertiesMyComputer
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\Cleanup\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$Function
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26EE0668-A00A-44D7-9371-BEB064C98683}\ShellFolder\WantsUniversalDelegate
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\NeverShowExt
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DAF95313-E44D-46AF-BE1B-CBACEA2C3065}\ShellFolder\RestrictedAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\ShellFolder\WantsAliasedNotifications
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9343812E-1C37-4A49-A12E-4B2D810D956B}\ShellFolder\QueryForInfoTip
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\FolderExtensions\{fbeb8a05-beee-4442-804e-409d6c4515e9}\DriveMask
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\PublishExpandedPath
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\PreCreate
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{89D83576-6BD1-4C86-9454-BEB04E94C819}\ShellFolder\QueryForOverlay
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPropertiesRecycleBin
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}\ShellFolder\WantsUniversalDelegate
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26EE0668-A00A-44D7-9371-BEB064C98683}\ShellFolder\PinToNameSpaceTree
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F6D90F16-9C73-11D3-B32E-00C04F990BB4}\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FD8B88D-30E1-4F25-AC2B-553D3D65F0EA}\ShellFolder\RestrictedAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DAF95313-E44D-46AF-BE1B-CBACEA2C3065}\ShellFolder\CallForAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98D99750-0B8A-4C59-9151-589053683D73}\ShellFolder\WantsParseDisplayName
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers\PolicyScope
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoControlPanel
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{b9fc273d-d442-11e0-8ee6-806e6f6e6963}\Generation
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0875DCB6-C686-4243-9432-ADCCF0B9F2D7}\ShellFolder\PinToNameSpaceTree
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\FipsAlgorithmPolicy\Enabled
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{8FD8B88D-30E1-4F25-AC2B-553D3D65F0EA}\SuppressionPolicy
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BD7A2E7B-21CB-41B2-A086-B309680C6B7E}\ShellFolder\WantsFORDISPLAY
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\Certificate\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$DLL
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Security\Safety Warning Level
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\RestrictedAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9343812E-1C37-4A49-A12E-4B2D810D956B}\ShellFolder\HasNavigationEnum
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Defaults\Provider\Microsoft Strong Cryptographic Provider\Type
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\CallForAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\MapNetDriveVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11016101-E366-4D22-BC06-4ADA335C892B}\ShellFolder\QueryForOverlay
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DAF95313-E44D-46AF-BE1B-CBACEA2C3065}\ShellFolder\HideInWebView
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4FB3F98-C1EA-428D-A78A-D1F5659CBA93}\ShellFolder\RestrictedAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\ShellFolder\HasNavigationEnum
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\SessionMerging
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsFORPARSING
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.exe\BrowseInPlace
- HKEY_CURRENT_USER\Directory\DocObject
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\Attributes
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\SeparateProcess
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98D99750-0B8A-4C59-9151-589053683D73}\ShellFolder\MapNetDriveVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN\*
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FD8B88D-30E1-4F25-AC2B-553D3D65F0EA}\ShellFolder\UseDropHandler
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MIME_HANDLING\*
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9343812E-1C37-4A49-A12E-4B2D810D956B}\ShellFolder\WantsFORDISPLAY
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\WantsUniversalDelegate
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\HideOnDesktopPerUser
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{11016101-E366-4D22-BC06-4ADA335C892B}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{9343812e-1c37-4a49-a12e-4b2d810d956b}\SuppressionPolicy
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\QueryForOverlay
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\HideInWebView
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{04731B67-D933-450A-90E6-4ACD2E9408FE}\ShellFolder\HideOnDesktopPerUser
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{89D83576-6BD1-4C86-9454-BEB04E94C819}\ShellFolder\WantsParseDisplayName
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26EE0668-A00A-44D7-9371-BEB064C98683}\ShellFolder\Attributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\ShellFolder\HideOnDesktopPerUser
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DAF95313-E44D-46AF-BE1B-CBACEA2C3065}\ShellFolder\QueryForOverlay
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{8FD8B88D-30E1-4F25-AC2B-553D3D65F0EA}
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98D99750-0B8A-4C59-9151-589053683D73}\ShellFolder\CallForAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\WantsFORDISPLAY
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\PinToNameSpaceTree
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\UseDropHandler
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\ShellFolder\QueryForInfoTip
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\ShellFolder\QueryForOverlay
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DAF95313-E44D-46AF-BE1B-CBACEA2C3065}\ShellFolder\NoFileFolderJunction
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoInternetIcon
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Scripting.FileSystemObject\CLSID\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DontShowSuperHidden
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E345F35F-9397-435C-8F95-4E922C26259E}\ShellFolder\CallForAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98D99750-0B8A-4C59-9151-589053683D73}\ShellFolder\HideOnDesktopPerUser
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0D43FE01-F093-11CF-8940-00A0C9054228}\InprocServer32\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{138508BC-1E03-49EA-9C8F-EA9E1D05D65D}\ShellFolder\HideOnDesktopPerUser
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26EE0668-A00A-44D7-9371-BEB064C98683}\ShellFolder\UseDropHandler
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetFolders
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsAliasedNotifications
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72C24DD5-D70A-438B-8A42-98424B88AFB8}\InProcServer32\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\ShellFolder\NoFileFolderJunction
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\ShellFolder\HideOnDesktopPerUser
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\HasNavigationEnum
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{daf95313-e44d-46af-be1b-cbacea2c3065}\SuppressionPolicy
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BD7A2E7B-21CB-41B2-A086-B309680C6B7E}\ShellFolder\WantsParseDisplayName
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\Flags
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\Signature\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$DLL
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FD8B88D-30E1-4F25-AC2B-553D3D65F0EA}\ShellFolder\WantsParseDisplayName
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\IsShortcut
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\FolderTypeID
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98D99750-0B8A-4C59-9151-589053683D73}\ShellFolder\UseDropHandler
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\crypt32\DebugHeapFlags
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\StreamResource
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4FB3F98-C1EA-428D-A78A-D1F5659CBA93}\ShellFolder\Attributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\Initialization\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$DLL
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\AutoDetect
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FrameTabWindow
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11016101-E366-4D22-BC06-4ADA335C892B}\ShellFolder\HideFolderVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\SuppressionPolicy
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers\DefaultLevel
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E345F35F-9397-435C-8F95-4E922C26259E}\ShellFolder\UseDropHandler
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{B4FB3F98-C1EA-428D-A78A-D1F5659CBA93}\SuppressionPolicy
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\CertCheck\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$Function
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\JScript\CLSID\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{89D83576-6BD1-4C86-9454-BEB04E94C819}\ShellFolder\HasNavigationEnum
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\WantsUniversalDelegate
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InProcServer32\LoadWithoutCOM
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11016101-E366-4D22-BC06-4ADA335C892B}\ShellFolder\HideOnDesktopPerUser
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{E345F35F-9397-435C-8F95-4E922C26259E}
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MSXML2.XMLHTTP\CLSID\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26EE0668-A00A-44D7-9371-BEB064C98683}\ShellFolder\NoFileFolderJunction
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\HideOnDesktopPerUser
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Security
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BD7A2E7B-21CB-41B2-A086-B309680C6B7E}\ShellFolder\QueryForInfoTip
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SESSION MANAGER\SafeProcessSearchMode
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BD7A2E7B-21CB-41B2-A086-B309680C6B7E}\ShellFolder\HideOnDesktopPerUser
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{031E4825-7B94-4DC3-B131-E946B44C8DD5}\ShellFolder\QueryForOverlay
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BD7A2E7B-21CB-41B2-A086-B309680C6B7E}\ShellFolder\CallForAttributes
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\wscript.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26EE0668-A00A-44D7-9371-BEB064C98683}\ShellFolder\WantsAliasedNotifications
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\SendTimeOut
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Security\DisableSecuritySettingsCheck
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98D99750-0B8A-4C59-9151-589053683D73}\ShellFolder\WantsFORDISPLAY
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}\ShellFolder\PinToNameSpaceTree
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DAF95313-E44D-46AF-BE1B-CBACEA2C3065}\ShellFolder\Attributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98D99750-0B8A-4C59-9151-589053683D73}\ShellFolder\WantsUniversalDelegate
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11016101-E366-4D22-BC06-4ADA335C892B}\ShellFolder\WantsFORPARSING
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\Attributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\InitFolderHandler
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F6D90F16-9C73-11D3-B32E-00C04F990BB4}\InProcServer32\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\WantsParseDisplayName
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0875DCB6-C686-4243-9432-ADCCF0B9F2D7}\ShellFolder\HasNavigationEnum
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WScript.Shell\CLSID\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\RelativePath
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\*
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ReceiveTimeOut
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\ShellFolder\HideInWebView
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}\ShellFolder\UseDropHandler
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}\ShellFolder\WantsAliasedNotifications
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{138508BC-1E03-49EA-9C8F-EA9E1D05D65D}\ShellFolder\QueryForInfoTip
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{04731B67-D933-450A-90E6-4ACD2E9408FE}\ShellFolder\RestrictedAttributes
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\wscript.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsFORDISPLAY
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}\ShellFolder\RestrictedAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BD7A2E7B-21CB-41B2-A086-B309680C6B7E}\ShellFolder\WantsAliasedNotifications
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Defaults\Provider\Microsoft Enhanced RSA and AES Cryptographic Provider\Image Path
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BD7A2E7B-21CB-41B2-A086-B309680C6B7E}\ShellFolder\RestrictedAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0D43FE01-F093-11CF-8940-00A0C9054228}\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoNetCrawling
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Icon
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{89D83576-6BD1-4C86-9454-BEB04E94C819}\ShellFolder\CallForAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4FB3F98-C1EA-428D-A78A-D1F5659CBA93}\ShellFolder\WantsAliasedNotifications
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{031E4825-7B94-4DC3-B131-E946B44C8DD5}\ShellFolder\WantsFORDISPLAY
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{0875DCB6-C686-4243-9432-ADCCF0B9F2D7}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Platform
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11016101-E366-4D22-BC06-4ADA335C892B}\ShellFolder\PinToNameSpaceTree
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\WantsAliasedNotifications
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\TabProcGrowth
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26EE0668-A00A-44D7-9371-BEB064C98683}\ShellFolder\RestrictedAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{F3F5824C-AD58-4728-AF59-A1EBE3392799}\SuppressionPolicy
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{89D83576-6BD1-4C86-9454-BEB04E94C819}\ShellFolder\UseDropHandler
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\ShellFolder\CallForAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\Attributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\Message\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$DLL
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{138508BC-1E03-49EA-9C8F-EA9E1D05D65D}\ShellFolder\QueryForOverlay
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26EE0668-A00A-44D7-9371-BEB064C98683}\ShellFolder\HideInWebView
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\LocalizedName
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{26656EAA-54EB-4E6F-8F85-4F0EF901A406}\ProxyStubClsid32\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command\DelegateExecute
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Attributes
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\InheritConsoleHandles
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\WantsAliasedNotifications
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FD8B88D-30E1-4F25-AC2B-553D3D65F0EA}\ShellFolder\WantsFORDISPLAY
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$Function
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\HideFolderVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\PinToNameSpaceTree
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers\Levels
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{89D83576-6BD1-4C86-9454-BEB04E94C819}
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\PinToNameSpaceTree
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\AdminTabProcs
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\ShellFolder\WantsParseDisplayName
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11016101-E366-4D22-BC06-4ADA335C892B}\ShellFolder\CallForAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\ShellFolder\HideFolderVerbs
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyOverride
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\ShellFolder\NoFileFolderJunction
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\Attributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\AlwaysShowExt
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11016101-E366-4D22-BC06-4ADA335C892B}\ShellFolder\WantsParseDisplayName
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FD8B88D-30E1-4F25-AC2B-553D3D65F0EA}\ShellFolder\NoFileFolderJunction
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\WantsParseDisplayName
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{031E4825-7B94-4DC3-B131-E946B44C8DD5}\ShellFolder\WantsAliasedNotifications
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\NoWorkingDirectory
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4FB3F98-C1EA-428D-A78A-D1F5659CBA93}\ShellFolder\WantsFORPARSING
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9343812E-1C37-4A49-A12E-4B2D810D956B}\ShellFolder\QueryForOverlay
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{04731B67-D933-450A-90E6-4ACD2E9408FE}\ShellFolder\QueryForOverlay
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3F5824C-AD58-4728-AF59-A1EBE3392799}\ShellFolder\HideFolderVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\en-US
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.exe\IsShortcut
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\WantsFORDISPLAY
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0875DCB6-C686-4243-9432-ADCCF0B9F2D7}\ShellFolder\WantsAliasedNotifications
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{b9fc273d-d442-11e0-8ee6-806e6f6e6963}\Data
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E345F35F-9397-435C-8F95-4E922C26259E}\ShellFolder\QueryForInfoTip
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FD8B88D-30E1-4F25-AC2B-553D3D65F0EA}\ShellFolder\HasNavigationEnum
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{ED228FDF-9EA8-4870-83b1-96b02CFE0D52}\SuppressionPolicy
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\InheritConsoleHandles
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{89D83576-6BD1-4C86-9454-BEB04E94C819}\ShellFolder\HideInWebView
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\ShellFolder\WantsFORDISPLAY
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{89D83576-6BD1-4C86-9454-BEB04E94C819}\ShellFolder\WantsUniversalDelegate
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Script Host\Settings\UseWINSAFER
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0D43FE01-F093-11CF-8940-00A0C9054228}\InprocServer32\InprocServer32
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetBT\Linkage\Export
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Cryptography\PrivKeyCacheMaxItems
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3F5824C-AD58-4728-AF59-A1EBE3392799}\ShellFolder\QueryForInfoTip
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\Windows\DisabledSessions\GlobalSession
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BD7A2E7B-21CB-41B2-A086-B309680C6B7E}\ShellFolder\WantsUniversalDelegate
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1806
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\DocObject
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{b9fc273c-d442-11e0-8ee6-806e6f6e6963}\Generation
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{031E4825-7B94-4DC3-B131-E946B44C8DD5}\ShellFolder\HideFolderVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72C24DD5-D70A-438B-8A42-98424B88AFB8}\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\QueryForInfoTip
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\Windows\CEIPSampledIn
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}\ShellFolder\WantsParseDisplayName
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}\ShellFolder\MapNetDriveVerbs
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\AppData
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0D43FE01-F093-11CF-8940-00A0C9054228}\ProgID\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\StreamResource
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\ShellFolder\CallForAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{031E4825-7B94-4dc3-B131-E946B44C8DD5}\SuppressionPolicy
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0875DCB6-C686-4243-9432-ADCCF0B9F2D7}\ShellFolder\Attributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\ShellFolder\MapNetDriveVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\AdminTabProcs
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Script Host\Settings\TrustPolicy
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\QueryForOverlay
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0875DCB6-C686-4243-9432-ADCCF0B9F2D7}\ShellFolder\HideOnDesktopPerUser
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Compatible
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Version
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\Windows\DisabledProcesses\DA0C75D6
- HKEY_CURRENT_USER\Directory\BrowseInPlace
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsUniversalDelegate
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.exe\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{138508BC-1E03-49EA-9C8F-EA9E1D05D65D}\ShellFolder\WantsFORPARSING
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Name
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{BD7A2E7B-21CB-41B2-A086-B309680C6B7E}
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{031E4825-7B94-4DC3-B131-E946B44C8DD5}\ShellFolder\PinToNameSpaceTree
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\ShellFolder\MapNetDriveVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\ShellFolder\CallForAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{B4FB3F98-C1EA-428D-A78A-D1F5659CBA93}
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\HideFileExt
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\InfoTip
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.adp\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command\command
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{26EE0668-A00A-44D7-9371-BEB064C98683}
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\ShellFolder\UseDropHandler
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\NoNetCrawling
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{89D83576-6BD1-4C86-9454-BEB04E94C819}\ShellFolder\WantsAliasedNotifications
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{138508BC-1E03-49EA-9C8F-EA9E1D05D65D}\ShellFolder\PinToNameSpaceTree
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\NoFileFolderJunction
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{04731B67-D933-450A-90E6-4ACD2E9408FE}\ShellFolder\UseDropHandler
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\UseDropHandler
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11016101-E366-4D22-BC06-4ADA335C892B}\ShellFolder\HasNavigationEnum
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{04731B67-D933-450A-90E6-4ACD2E9408FE}\ShellFolder\WantsUniversalDelegate
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{031E4825-7B94-4DC3-B131-E946B44C8DD5}\ShellFolder\WantsFORPARSING
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E345F35F-9397-435C-8F95-4E922C26259E}\ShellFolder\HasNavigationEnum
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.exe\DocObject
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\CallForAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\Message\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$Function
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E345F35F-9397-435C-8F95-4E922C26259E}\ShellFolder\NoFileFolderJunction
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\SuppressionPolicy
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\QueryForOverlay
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers\TransparentEnabled
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\AllowFileCLSIDJunctions
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{98D99750-0B8A-4C59-9151-589053683D73}
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\UseDropHandler
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9343812E-1C37-4A49-A12E-4B2D810D956B}\ShellFolder\UseDropHandler
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoInternetIcon
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{04731B67-D933-450A-90E6-4ACD2E9408FE}\ShellFolder\WantsFORDISPLAY
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Language Groups\1
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\WantsAliasedNotifications
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4FB3F98-C1EA-428D-A78A-D1F5659CBA93}\ShellFolder\QueryForInfoTip
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\ShellFolder\Attributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3F5824C-AD58-4728-AF59-A1EBE3392799}\ShellFolder\HideOnDesktopPerUser
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.cpl\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FD8B88D-30E1-4F25-AC2B-553D3D65F0EA}\ShellFolder\QueryForInfoTip
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Stream
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{138508BC-1E03-49EA-9C8F-EA9E1D05D65D}\ShellFolder\WantsParseDisplayName
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DAF95313-E44D-46AF-BE1B-CBACEA2C3065}\ShellFolder\HasNavigationEnum
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\JSFile\ScriptEngine\(Default)
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{5F058833-0652-4B15-B7EA-02DD7798ACE8}\WpadDecision
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}\ShellFolder\WantsFORPARSING
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\ShellFolder\WantsAliasedNotifications
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.cmd\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\ShellFolder\QueryForOverlay
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3F5824C-AD58-4728-AF59-A1EBE3392799}\ShellFolder\MapNetDriveVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\StreamResourceType
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9343812E-1C37-4A49-A12E-4B2D810D956B}\ShellFolder\HideInWebView
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FD8B88D-30E1-4F25-AC2B-553D3D65F0EA}\ShellFolder\PinToNameSpaceTree
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26EE0668-A00A-44D7-9371-BEB064C98683}\ShellFolder\WantsParseDisplayName
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{031E4825-7B94-4DC3-B131-E946B44C8DD5}\ShellFolder\QueryForInfoTip
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11016101-E366-4D22-BC06-4ADA335C892B}\ShellFolder\WantsAliasedNotifications
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\RestrictedAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}\ShellFolder\HideOnDesktopPerUser
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DAF95313-E44D-46AF-BE1B-CBACEA2C3065}\ShellFolder\HideFolderVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Attributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ClassicShell
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Roamable
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{031E4825-7B94-4DC3-B131-E946B44C8DD5}\ShellFolder\RestrictedAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0875DCB6-C686-4243-9432-ADCCF0B9F2D7}\ShellFolder\RestrictedAttributes
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecisionTime
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecision
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{031E4825-7B94-4DC3-B131-E946B44C8DD5}\ShellFolder\CallForAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BD7A2E7B-21CB-41B2-A086-B309680C6B7E}\ShellFolder\Attributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11016101-E366-4D22-BC06-4ADA335C892B}\ShellFolder\WantsUniversalDelegate
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\SpecialFoldersCacheSize
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}\ShellFolder\NoFileFolderJunction
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\WebView
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DAF95313-E44D-46AF-BE1B-CBACEA2C3065}\ShellFolder\HideOnDesktopPerUser
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\ShellFolder\WantsAliasedNotifications
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26EE0668-A00A-44D7-9371-BEB064C98683}\ShellFolder\MapNetDriveVerbs
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoNetCrawling
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\CertCheck\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$DLL
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\ShellFolder\CallForAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{138508BC-1E03-49EA-9C8F-EA9E1D05D65D}\ShellFolder\NoFileFolderJunction
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\MachineGuid
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\ShellFolder\QueryForInfoTip
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\BrowseInPlace
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4FB3F98-C1EA-428D-A78A-D1F5659CBA93}\ShellFolder\WantsUniversalDelegate
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\IconsOnly
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3F5824C-AD58-4728-AF59-A1EBE3392799}\ShellFolder\Attributes
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoControlPanel
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9343812E-1C37-4A49-A12E-4B2D810D956B}\ShellFolder\WantsFORPARSING
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\HideInWebView
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Cryptography\PrivateKeyLifetimeSeconds
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.chm\(Default)
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\*
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\RestrictedAttributes
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\Flags
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{59031A47-3F72-44A7-89C5-5595FE6B30EE}
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\ShellFolder\HideInWebView
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9343812E-1C37-4A49-A12E-4B2D810D956B}\ShellFolder\RestrictedAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{031E4825-7B94-4DC3-B131-E946B44C8DD5}\ShellFolder\Attributes
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\HideInWebView
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\ShellFolder\HasNavigationEnum
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\SpecialFoldersCacheSize
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}\ShellFolder\Attributes
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\SpecialFoldersCacheSize
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{871C5380-42A0-1069-A2EA-08002B30309D}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\Windows\CEIPEnable
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\StreamResourceType
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Security
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BD7A2E7B-21CB-41B2-A086-B309680C6B7E}\ShellFolder\NoFileFolderJunction
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\SeparateProcess
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\ParentFolder
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}\ShellFolder\CallForAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\DocObject
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FrameMerging
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BD7A2E7B-21CB-41B2-A086-B309680C6B7E}\ShellFolder\QueryForOverlay
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98D99750-0B8A-4C59-9151-589053683D73}\ShellFolder\QueryForInfoTip
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Script Host\Settings\DisplayLogo
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\Signature\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$Function
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\PinToNameSpaceTree
- HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings\Timeout
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3F5824C-AD58-4728-AF59-A1EBE3392799}\ShellFolder\NoFileFolderJunction
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Compatible
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSimpleStartMenu
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0875DCB6-C686-4243-9432-ADCCF0B9F2D7}\ShellFolder\WantsUniversalDelegate
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\UseDropHandler
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\ClassicShell
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\HideFolderVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{55272A00-42CB-11CE-8135-00AA004BB851}\ProxyStubClsid32\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\ShellFolder\HasNavigationEnum
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4FB3F98-C1EA-428D-A78A-D1F5659CBA93}\ShellFolder\UseDropHandler
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4FB3F98-C1EA-428D-A78A-D1F5659CBA93}\ShellFolder\CallForAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9343812E-1C37-4A49-A12E-4B2D810D956B}\ShellFolder\WantsUniversalDelegate
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\ShellFolder\RestrictedAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{F935DC20-1CF0-11D0-ADB9-00C04FD58A0B}\1.0\0\win64\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\ShellFolder\HideOnDesktopPerUser
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{04731B67-D933-450a-90E6-4ACD2E9408FE}\SuppressionPolicy
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\HasNavigationEnum
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\AllowFileCLSIDJunctions
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\HideOnDesktopPerUser
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\LocalRedirectOnly
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F6D90F16-9C73-11D3-B32E-00C04F990BB4}\InProcServer32\InprocServer32
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{0875DCB6-C686-4243-9432-ADCCF0B9F2D7}\SuppressionPolicy
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Security\DisableSecuritySettingsCheck
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98D99750-0B8A-4C59-9151-589053683D73}\ShellFolder\HideInWebView
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{b9fc273c-d442-11e0-8ee6-806e6f6e6963}\Data
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FrameMerging
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Security_HKLM_only
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4FB3F98-C1EA-428D-A78A-D1F5659CBA93}\ShellFolder\WantsParseDisplayName
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\ShellFolder\HideInWebView
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E345F35F-9397-435C-8F95-4E922C26259E}\ShellFolder\WantsFORPARSING
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\SpecialFoldersCacheSize
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\HasNavigationEnum
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FD8B88D-30E1-4F25-AC2B-553D3D65F0EA}\ShellFolder\HideOnDesktopPerUser
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E345F35F-9397-435C-8F95-4E922C26259E}\ShellFolder\WantsParseDisplayName
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4FB3F98-C1EA-428D-A78A-D1F5659CBA93}\ShellFolder\HideOnDesktopPerUser
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11016101-E366-4D22-BC06-4ADA335C892B}\ShellFolder\WantsFORDISPLAY
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\ShellFolder\UseDropHandler
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4FB3F98-C1EA-428D-A78A-D1F5659CBA93}\ShellFolder\PinToNameSpaceTree
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.asp\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\SetWorkingDirectoryFromTarget
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDns
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{5F058833-0652-4B15-B7EA-02DD7798ACE8}\WpadDecisionTime
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{26EE0668-A00A-44D7-9371-BEB064C98683}\SuppressionPolicy
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\NoFileFolderJunction
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{89D83576-6BD1-4C86-9454-BEB04E94C819}\ShellFolder\HideOnDesktopPerUser
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9343812E-1C37-4A49-A12E-4B2D810D956B}\ShellFolder\HideOnDesktopPerUser
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1806
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\HideFolderVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize\DisableMetaFiles
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.exe\NeverShowExt
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\Flags
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FD8B88D-30E1-4F25-AC2B-553D3D65F0EA}\ShellFolder\WantsUniversalDelegate
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\WantsFORPARSING
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9343812E-1C37-4A49-A12E-4B2D810D956B}\ShellFolder\NoFileFolderJunction
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowSuperHidden
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3F5824C-AD58-4728-AF59-A1EBE3392799}\ShellFolder\UseDropHandler
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E345F35F-9397-435C-8F95-4E922C26259E}\ShellFolder\MapNetDriveVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\NeverShowExt
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\CallForAttributes
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached\{871C5380-42A0-1069-A2EA-08002B30309D} {000214E6-0000-0000-C000-000000000046} 0xFFFF
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\IsShortcut
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\ShellFolder\QueryForOverlay
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\WpadExpirationDays
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\HideOnDesktopPerUser
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{04731B67-D933-450A-90E6-4ACD2E9408FE}\ShellFolder\HasNavigationEnum
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Defaults\Provider\Microsoft Strong Cryptographic Provider\Image Path
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\HideOnDesktopPerUser
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Stream
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\WantsAliasedNotifications
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\BrowseInPlace
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98D99750-0B8A-4C59-9151-589053683D73}\ShellFolder\WantsAliasedNotifications
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\ShellFolder\Attributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\DocObject
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\WantsFORDISPLAY
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0875DCB6-C686-4243-9432-ADCCF0B9F2D7}\ShellFolder\UseDropHandler
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDetectedUrl
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9343812E-1C37-4A49-A12E-4B2D810D956B}\ShellFolder\PinToNameSpaceTree
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\ShellFolder\PinToNameSpaceTree
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Language Groups\1
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Command Processor\DelayedExpansion
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Command Processor\PathCompletionChar
- HKEY_CURRENT_USER\Software\Microsoft\Command Processor\DisableUNCCheck
- HKEY_CURRENT_USER\Software\Microsoft\Command Processor\EnableExtensions
- HKEY_CURRENT_USER\Software\Microsoft\Command Processor\CompletionChar
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Command Processor\DefaultColor
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\en-US
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Command Processor\AutoRun
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Command Processor\CompletionChar
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Locale\00000409
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\en-US
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize\DisableMetaFiles
- HKEY_CURRENT_USER\Software\Microsoft\Command Processor\PathCompletionChar
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Command Processor\DisableUNCCheck
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Command Processor\EnableExtensions
- HKEY_CURRENT_USER\Software\Microsoft\Command Processor\DelayedExpansion
- HKEY_CURRENT_USER\Software\Microsoft\Command Processor\DefaultColor
- HKEY_CURRENT_USER\Software\Microsoft\Command Processor\AutoRun
Registry Key-Written
- HKEY_CURRENT_USER\Software\AppDataLow\Software\{9986501E-992B-CD35-6266-A5874FE2BCCA}\0C4C1E75\07acef82af04\335446143c8
- HKEY_CURRENT_USER\Software\AppDataLow\Software\{9986501E-992B-CD35-6266-A5874FE2BCCA}\0C4C1E75\07acef82af04\77c0dfcb60ac5c
- HKEY_CURRENT_USER\Software\AppDataLow\Software\{9986501E-992B-CD35-6266-A5874FE2BCCA}\0C4C1E75\07acef82af04\dab2d44ff47
- HKEY_CURRENT_USER\Software\AppDataLow\Google Updater\LastUpdate
- HKEY_CURRENT_USER\Software\AppDataLow\Software\{9986501E-992B-CD35-6266-A5874FE2BCCA}\0C4C1E75\07acef82af04\a4a7fbfdcd2e
- HKEY_CURRENT_USER\Software\AppDataLow\Software\{9986501E-992B-CD35-6266-A5874FE2BCCA}\0C4C1E75\07acef82af04\6bf5ee163c0c6ac03bc
- HKEY_CURRENT_USER\Software\AppDataLow\Software\{9986501E-992B-CD35-6266-A5874FE2BCCA}\0C4C1E75\07acef82af04\813b2c69f961f2b6be
- HKEY_CURRENT_USER\Software\AppDataLow\Software\{9986501E-992B-CD35-6266-A5874FE2BCCA}\0C4C1E75\07acef82af04\0ca5b420d3cfe95e35
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{5F058833-0652-4B15-B7EA-02DD7798ACE8}\WpadDecisionReason
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{5F058833-0652-4B15-B7EA-02DD7798ACE8}\WpadDecision
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{5F058833-0652-4B15-B7EA-02DD7798ACE8}\WpadDecisionTime
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{5F058833-0652-4B15-B7EA-02DD7798ACE8}\WpadNetworkName
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecision
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\UNCAsIntranet
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecisionReason
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecisionTime
Mutex-Accessed
- Local\ZonesCacheCounterMutex
- Local\ZonesLockedCacheCounterMutex
Processes
registry filesystem process services network synchronization