魔盾安全分析报告

分析类型 开始时间 结束时间 持续时间 分析引擎版本
FILE 2022-05-27 21:12:12 2022-05-27 21:13:19 67 秒 1.4-Maldun
虚拟机机器名 标签 虚拟机管理 开机时间 关机时间
win7-sp1-x64-shaapp03-1 win7-sp1-x64-shaapp03-1 KVM 2022-05-27 21:12:14 2022-05-27 21:13:22
魔盾分数

10.0

恶意的

文件详细信息

文件名 duplicate file finder plus_16.0.79.rar
文件大小 490296 字节
文件类型 PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
CRC32 6E292587
MD5 8d282dae469c287ff5c66f53e1d68ed7
SHA1 617d458fe2434492737be317a921efe752ee0c53
SHA256 5be5e4b0abb9189c524560b999e9449817ff9220e4d7e853656f82b392349e0b
SHA512 31fa194b9c724d4ed5d4b06da3c35d6a29d39f16bdb8818df91ebb2de2ea78abc9b491f65e592def5adb5ec2068e87d43d7b937b4fc4951f5bb08629e999d9a6
Ssdeep 12288:5ExGg+U1dB+uImwwZGgeJmA2v/IOBp7rh9:5OGg+sK8VA2v/xBX9
PEiD 无匹配
Yara
  • CRC32_poly_Constant (Look for CRC32 [poly])
  • RIPEMD160_Constants (Look for RIPEMD-160 constants)
  • SHA1_Constants (Look for SHA1 constants)
  • IsPE32 (Detected a 32bit PE sample)
  • IsWindowsGUI (Detected a Windows GUI sample)
  • IsPacked (Detected Entropy signature)
  • HasOverlay (Detected Overlay signature)
  • HasRichSignature (Detected Rich Signature)
  • UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser ()
  • UPX (Detected UPX. Commonly used by RAT!)
VirusTotal VirusTotal查询失败

特征

通过进程尝试延迟分析任务
Process: Duplicate File Finder Plus.exe tried to sleep 60 seconds, actually delayed analysis time by 0 seconds
Process: explorer.exe tried to sleep 120 seconds, actually delayed analysis time by 0 seconds
创建RWX内存
在加密调用中发现至少一个IP地址,域名,或文件名
ioc: www.digicert.com1
魔盾wping.org 域名信誉系统
Greylist: www.duplicatefilefinder4pc.com
Greylist: duplicatefilefinder4pc.com
魔盾wping.org IP地址信誉系统
Greylist: 104.85.244.134
Greylist: 172.67.204.35
魔盾安全Yara检测结果 - 普通
Warning: Detected UPX. Commonly used by RAT!
发起了一些HTTP请求
URL: http://www.duplicatefilefinder4pc.com/latestver-p.txt
二进制文件可能包含加密或压缩数据
section: name: UPX1, entropy: 7.92, characteristics: IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE, raw_size: 0x0001ec00, virtual_size: 0x0001f000
从文件自身的二进制镜像中读取数据
self_read: process: duplicate file finder plus_16.0.79.rar, pid: 2636, offset: 0x00000000, length: 0x00000007
self_read: process: duplicate file finder plus_16.0.79.rar, pid: 2636, offset: 0x00000000, length: 0x00002000
self_read: process: duplicate file finder plus_16.0.79.rar, pid: 2636, offset: 0x00000007, length: 0x00077b31
self_read: process: duplicate file finder plus_16.0.79.rar, pid: 2636, offset: 0x00001ff0, length: 0x00002000
self_read: process: duplicate file finder plus_16.0.79.rar, pid: 2636, offset: 0x00003fe0, length: 0x00002000
self_read: process: duplicate file finder plus_16.0.79.rar, pid: 2636, offset: 0x00005fd0, length: 0x00002000
self_read: process: duplicate file finder plus_16.0.79.rar, pid: 2636, offset: 0x00007fc0, length: 0x00002000
self_read: process: duplicate file finder plus_16.0.79.rar, pid: 2636, offset: 0x00009fb0, length: 0x00002000
self_read: process: duplicate file finder plus_16.0.79.rar, pid: 2636, offset: 0x0000bfa0, length: 0x00002000
self_read: process: duplicate file finder plus_16.0.79.rar, pid: 2636, offset: 0x0000df90, length: 0x00002000
self_read: process: duplicate file finder plus_16.0.79.rar, pid: 2636, offset: 0x0000ff80, length: 0x00002000
self_read: process: duplicate file finder plus_16.0.79.rar, pid: 2636, offset: 0x00011f70, length: 0x00002000
self_read: process: duplicate file finder plus_16.0.79.rar, pid: 2636, offset: 0x00013f60, length: 0x00002000
self_read: process: duplicate file finder plus_16.0.79.rar, pid: 2636, offset: 0x00015f50, length: 0x00002000
self_read: process: duplicate file finder plus_16.0.79.rar, pid: 2636, offset: 0x00017f40, length: 0x00002000
self_read: process: duplicate file finder plus_16.0.79.rar, pid: 2636, offset: 0x00019f30, length: 0x00002000
self_read: process: duplicate file finder plus_16.0.79.rar, pid: 2636, offset: 0x0001bf20, length: 0x00002000
self_read: process: duplicate file finder plus_16.0.79.rar, pid: 2636, offset: 0x0001df10, length: 0x00002000
self_read: process: duplicate file finder plus_16.0.79.rar, pid: 2636, offset: 0x0001ff00, length: 0x00002000
self_read: process: duplicate file finder plus_16.0.79.rar, pid: 2636, offset: 0x00021ef0, length: 0x00002000
self_read: process: duplicate file finder plus_16.0.79.rar, pid: 2636, offset: 0x00023ee0, length: 0x00002000
self_read: process: duplicate file finder plus_16.0.79.rar, pid: 2636, offset: 0x00025ed0, length: 0x00002000
self_read: process: duplicate file finder plus_16.0.79.rar, pid: 2636, offset: 0x00026200, length: 0x00000031
self_read: process: duplicate file finder plus_16.0.79.rar, pid: 2636, offset: 0x00026219, length: 0x0005173a
self_read: process: duplicate file finder plus_16.0.79.rar, pid: 2636, offset: 0x00077b30, length: 0x00000008
开始系统监听127.0.0.1:0
HTTP数据流中包含可疑的恶意软件数据
get_no_useragent: HTTP traffic contains a GET request with no user-agent header
suspicious_request: http://www.duplicatefilefinder4pc.com/latestver-p.txt
可执行文件被使用UPX压缩
section: name: UPX0, entropy: 0.00, characteristics: IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE, raw_size: 0x00000000, virtual_size: 0x0004a000
可疑的样本异常终止
样本投放可执行文件到临时目录然后抹除
Anomaly: C:\Users\test\AppData\Local\Temp\RarSFX0\Duplicate File Finder Plus.exe deleted
尝试创建或更改系统证书
检测到样本尝试模糊或欺骗文件类型
可能是恶意的样本写入可疑的执行文件并混淆扩展名
Suspicious: c:\users\test\appdata\local\temp\rarsfx0\duplicate file finder plus.exe.config
Suspicious: c:\users\test\appdata\local\temp\rarsfx0\duplicate file finder plus.exe.config
Suspicious: c:\users\test\appdata\local\temp\rarsfx0\duplicate file finder plus.exe.config
Suspicious: c:\users\test\appdata\local\temp\rarsfx0\duplicate file finder plus.exe.config
Suspicious: c:\users\test\appdata\local\temp\rarsfx0\duplicate file finder plus.exe.config
Suspicious: c:\users\test\appdata\local\temp\rarsfx0\duplicate file finder plus.exe.config
Suspicious: c:\users\test\appdata\local\temp\rarsfx0\duplicate file finder plus.exe.config
Suspicious: c:\users\test\appdata\local\temp\rarsfx0\duplicate file finder plus.exe.config
Suspicious: c:\users\test\appdata\local\temp\rarsfx0\duplicate file finder plus.exe.config
Suspicious: c:\users\test\appdata\local\temp\rarsfx0\duplicate file finder plus.exe.config
Suspicious: c:\users\test\appdata\local\temp\rarsfx0\duplicate file finder plus.exe.config
Suspicious: c:\users\test\appdata\local\temp\rarsfx0\duplicate file finder plus.exe.config
Suspicious: c:\users\test\appdata\local\temp\rarsfx0\duplicate file finder plus.exe.config
Suspicious: c:\users\test\appdata\local\temp\rarsfx0\duplicate file finder plus.exe.config
Suspicious: c:\users\test\appdata\local\temp\rarsfx0\duplicate file finder plus.exe.config
Suspicious: c:\users\test\appdata\local\temp\rarsfx0\duplicate file finder plus.exe.config
Suspicious: c:\users\test\appdata\local\temp\rarsfx0\duplicate file finder plus.exe.config
Suspicious: c:\users\test\appdata\local\temp\rarsfx0\duplicate file finder plus.exe.config
Suspicious: c:\users\test\appdata\local\temp\rarsfx0\duplicate file finder plus.exe.config
Suspicious: c:\users\test\appdata\local\temp\rarsfx0\duplicate file finder plus.exe.config
Suspicious: c:\users\test\appdata\local\temp\rarsfx0\duplicate file finder plus.exe.config

运行截图

网络分析

访问主机记录

直接访问 IP地址 国家名
104.22.25.131 United States
104.85.244.134 United States
172.67.169.247 United States
172.67.204.35 United States

域名解析

域名 响应
www.duplicatefilefinder4pc.com A 104.21.44.223
A 172.67.204.35
duplicatefilefinder4pc.com
use.fontawesome.com A 104.21.63.54
CNAME use.fontawesome.com.cdn.cloudflare.net
A 172.67.169.247
s7.addthis.com CNAME ds-s7.addthis.com.edgekey.net
A 104.85.244.134
CNAME s8.addthis.com
CNAME e4016.a.akamaiedge.net
embed.tawk.to A 104.22.24.131
A 172.67.38.66
A 104.22.25.131

TCP连接

IP地址 端口
104.22.25.131 443
104.22.25.131 443
104.22.25.131 443
104.22.25.131 443
104.22.25.131 443
104.22.25.131 443
104.85.244.134 443
104.96.203.48 80
172.67.169.247 443
172.67.169.247 443
172.67.204.35 80
172.67.204.35 443
172.67.204.35 443
172.67.204.35 443
172.67.204.35 443
172.67.204.35 443
172.67.204.35 443
172.67.204.35 443

UDP连接

IP地址 端口
192.168.122.1 53
192.168.122.1 53
192.168.122.1 53
192.168.122.1 53
192.168.122.1 53
192.168.122.1 53

HTTP请求

URL HTTP数据
http://acroipm.adobe.com/11/rdr/CHS/win/nooem/none/message.zip
GET /11/rdr/CHS/win/nooem/none/message.zip HTTP/1.1
Accept: */*
If-Modified-Since: Mon, 08 Nov 2017 08:44:36 GMT
User-Agent: IPM
Host: acroipm.adobe.com
Connection: Keep-Alive
Cache-Control: no-cache

http://www.duplicatefilefinder4pc.com/latestver-p.txt
GET /latestver-p.txt HTTP/1.1
Host: www.duplicatefilefinder4pc.com
Connection: Keep-Alive

静态分析

PE 信息

初始地址 0x00400000
入口地址 0x00469800
声明校验值 0x00000000
实际校验值 0x000819a5
最低操作系统版本要求 5.1
编译时间 2018-06-24 23:04:40
载入哈希 4bb6c97d0fd6fbaeabdd43515fbc6b28
图标
图标精确哈希值 f4f666aa5b7140c61ee1207635d7022d
图标相似性哈希值 01d5192ff2c9379c4085014f5894940f

版本信息

Translation: 0x0000 0x04b0
LegalCopyright: Copyright \xc2 2004-2021 TriSun Software Limited. All rights reserved.
Assembly Version: 16.0.79.0
InternalName: Duplicate File Finder Plus.exe
FileVersion: 16.0.079
CompanyName: TriSun Software Limited
LegalTrademarks:
Comments: Duplicate File Finder Plus
ProductName: Duplicate File Finder Plus
ProductVersion: 16.0.079
FileDescription: Duplicate File Finder Plus
OriginalFilename: Duplicate File Finder Plus.exe

PE数据组成

名称 虚拟地址 虚拟大小 原始数据大小 特征 熵(Entropy)
UPX0 0x00001000 0x0004a000 0x00000000 IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 0.00
UPX1 0x0004b000 0x0001f000 0x0001ec00 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 7.92
.rsrc 0x0006a000 0x00008000 0x00007200 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 6.24

覆盖

偏移量: 0x00026200
大小: 0x00051938

资源

名称 偏移量 大小 语言 子语言 熵(Entropy) 文件类型
RT_ICON 0x00070148 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL 4.15 GLS_BINARY_LSB_FIRST
RT_ICON 0x00070148 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL 4.15 GLS_BINARY_LSB_FIRST
RT_ICON 0x00070148 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL 4.15 GLS_BINARY_LSB_FIRST
RT_ICON 0x00070148 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL 4.15 GLS_BINARY_LSB_FIRST
RT_DIALOG 0x00062eb8 0x00000252 LANG_ENGLISH SUBLANG_ENGLISH_US 7.43 data
RT_DIALOG 0x00062eb8 0x00000252 LANG_ENGLISH SUBLANG_ENGLISH_US 7.43 data
RT_DIALOG 0x00062eb8 0x00000252 LANG_ENGLISH SUBLANG_ENGLISH_US 7.43 data
RT_DIALOG 0x00062eb8 0x00000252 LANG_ENGLISH SUBLANG_ENGLISH_US 7.43 data
RT_DIALOG 0x00062eb8 0x00000252 LANG_ENGLISH SUBLANG_ENGLISH_US 7.43 data
RT_DIALOG 0x00062eb8 0x00000252 LANG_ENGLISH SUBLANG_ENGLISH_US 7.43 data
RT_STRING 0x0006408c 0x000000d6 LANG_ENGLISH SUBLANG_ENGLISH_US 6.70 data
RT_STRING 0x0006408c 0x000000d6 LANG_ENGLISH SUBLANG_ENGLISH_US 6.70 data
RT_STRING 0x0006408c 0x000000d6 LANG_ENGLISH SUBLANG_ENGLISH_US 6.70 data
RT_STRING 0x0006408c 0x000000d6 LANG_ENGLISH SUBLANG_ENGLISH_US 6.70 data
RT_STRING 0x0006408c 0x000000d6 LANG_ENGLISH SUBLANG_ENGLISH_US 6.70 data
RT_STRING 0x0006408c 0x000000d6 LANG_ENGLISH SUBLANG_ENGLISH_US 6.70 data
RT_STRING 0x0006408c 0x000000d6 LANG_ENGLISH SUBLANG_ENGLISH_US 6.70 data
RT_STRING 0x0006408c 0x000000d6 LANG_ENGLISH SUBLANG_ENGLISH_US 6.70 data
RT_STRING 0x0006408c 0x000000d6 LANG_ENGLISH SUBLANG_ENGLISH_US 6.70 data
RT_STRING 0x0006408c 0x000000d6 LANG_ENGLISH SUBLANG_ENGLISH_US 6.70 data
RT_GROUP_ICON 0x000705b4 0x0000003e LANG_NEUTRAL SUBLANG_NEUTRAL 2.41 MS Windows icon resource - 4 icons, 256x256
RT_VERSION 0x000705f8 0x0000047c LANG_NEUTRAL SUBLANG_NEUTRAL 3.37 data
RT_MANIFEST 0x00070a78 0x00000533 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 4.92 XML 1.0 document, ASCII text, with CRLF line terminators

导入

库 gdiplus.dll:
0x470fe8 - GdipFree
库 KERNEL32.DLL:
0x470ff0 - LoadLibraryA
0x470ff4 - ExitProcess
0x470ff8 - GetProcAddress
0x470ffc - VirtualProtect

投放文件

无信息

行为分析

互斥量(Mutexes)
  • DefaultTabtip-MainUI
  • Local\MSCTF.Asm.MutexDefault1
  • Global\CLR_CASOFF_MUTEX
  • Global\.net clr networking
  • Local\!IETld!Mutex
执行的命令
  • C:\Users\test\AppData\Local\Temp\RarSFX0\Duplicate File Finder Plus.exe
  • explorer "https://DuplicateFileFinder4PC.com/sc/duplicate-file-finder-plus.htm?selectedTab=updates"
  • explorer "https://duplicatefilefinder4pc.com/f/duplicate-file-finder-plus.zip"
创建的服务 无信息
启动的服务 无信息

进程

duplicate file finder plus_16.0.79.rar PID: 2636, 上一级进程 PID: 2248

Duplicate File Finder Plus.exe PID: 2980, 上一级进程 PID: 2636

explorer.exe PID: 2504, 上一级进程 PID: 2980

explorer.exe PID: 2580, 上一级进程 PID: 2980

访问的文件
  • C:\Users\test\AppData\Local\Temp\<pi-ms-win-core-synch-l1-2-0.DLL
  • C:\Windows\System32\<pi-ms-win-core-synch-l1-2-0.DLL
  • C:\Windows\system\<pi-ms-win-core-synch-l1-2-0.DLL
  • C:\Windows\<pi-ms-win-core-synch-l1-2-0.DLL
  • C:\ProgramData\Oracle\Java\javapath\<pi-ms-win-core-synch-l1-2-0.DLL
  • C:\Windows\System32\wbem\<pi-ms-win-core-synch-l1-2-0.DLL
  • C:\Windows\System32\WindowsPowerShell\v1.0\<pi-ms-win-core-synch-l1-2-0.DLL
  • C:\Program Files (x86)\WinRAR\<pi-ms-win-core-synch-l1-2-0.DLL
  • C:\Users\test\AppData\Local\Temp\<pi-ms-win-core-fibers-l1-1-1.DLL
  • C:\Windows\System32\<pi-ms-win-core-fibers-l1-1-1.DLL
  • C:\Windows\system\<pi-ms-win-core-fibers-l1-1-1.DLL
  • C:\Windows\<pi-ms-win-core-fibers-l1-1-1.DLL
  • C:\ProgramData\Oracle\Java\javapath\<pi-ms-win-core-fibers-l1-1-1.DLL
  • C:\Windows\System32\wbem\<pi-ms-win-core-fibers-l1-1-1.DLL
  • C:\Windows\System32\WindowsPowerShell\v1.0\<pi-ms-win-core-fibers-l1-1-1.DLL
  • C:\Program Files (x86)\WinRAR\<pi-ms-win-core-fibers-l1-1-1.DLL
  • C:\Users\test\AppData\Local\Temp\<pi-ms-win-core-localization-l1-2-1.DLL
  • C:\Windows\System32\<pi-ms-win-core-localization-l1-2-1.DLL
  • C:\Windows\system\<pi-ms-win-core-localization-l1-2-1.DLL
  • C:\Windows\<pi-ms-win-core-localization-l1-2-1.DLL
  • C:\ProgramData\Oracle\Java\javapath\<pi-ms-win-core-localization-l1-2-1.DLL
  • C:\Windows\System32\wbem\<pi-ms-win-core-localization-l1-2-1.DLL
  • C:\Windows\System32\WindowsPowerShell\v1.0\<pi-ms-win-core-localization-l1-2-1.DLL
  • C:\Program Files (x86)\WinRAR\<pi-ms-win-core-localization-l1-2-1.DLL
  • C:\Windows\Globalization\Sorting\sortdefault.nls
  • C:\Users\test\AppData\Local\Temp\DXGIDebug.dll
  • C:\Users\test\AppData\Local\Temp\lpk.dll
  • C:\Users\test\AppData\Local\Temp\usp10.dll
  • C:\Users\test\AppData\Local\Temp\clbcatq.dll
  • C:\Users\test\AppData\Local\Temp\comres.dll
  • C:\Users\test\AppData\Local\Temp\ws2_32.dll
  • C:\Users\test\AppData\Local\Temp\ws2help.dll
  • C:\Users\test\AppData\Local\Temp\psapi.dll
  • C:\Users\test\AppData\Local\Temp\ieframe.dll
  • C:\Users\test\AppData\Local\Temp\ntshrui.dll
  • C:\Users\test\AppData\Local\Temp\atl.dll
  • C:\Users\test\AppData\Local\Temp\setupapi.dll
  • C:\Users\test\AppData\Local\Temp\apphelp.dll
  • C:\Users\test\AppData\Local\Temp\userenv.dll
  • C:\Users\test\AppData\Local\Temp\netapi32.dll
  • C:\Users\test\AppData\Local\Temp\shdocvw.dll
  • C:\Users\test\AppData\Local\Temp\crypt32.dll
  • C:\Users\test\AppData\Local\Temp\msasn1.dll
  • C:\Users\test\AppData\Local\Temp\cryptui.dll
  • C:\Users\test\AppData\Local\Temp\wintrust.dll
  • C:\Users\test\AppData\Local\Temp\shell32.dll
  • C:\Users\test\AppData\Local\Temp\secur32.dll
  • C:\Users\test\AppData\Local\Temp\cabinet.dll
  • C:\Users\test\AppData\Local\Temp\oleaccrc.dll
  • C:\Users\test\AppData\Local\Temp\ntmarta.dll
  • C:\Users\test\AppData\Local\Temp\profapi.dll
  • C:\Users\test\AppData\Local\Temp\WindowsCodecs.dll
  • C:\Users\test\AppData\Local\Temp\srvcli.dll
  • C:\Users\test\AppData\Local\Temp\cscapi.dll
  • C:\Users\test\AppData\Local\Temp\slc.dll
  • C:\Users\test\AppData\Local\Temp\imageres.dll
  • C:\Users\test\AppData\Local\Temp\dnsapi.DLL
  • C:\Users\test\AppData\Local\Temp\iphlpapi.DLL
  • C:\Users\test\AppData\Local\Temp\WINNSI.DLL
  • C:\Users\test\AppData\Local\Temp\netutils.dll
  • C:\Users\test\AppData\Local\Temp\mpr.dll
  • C:\Users\test\AppData\Local\Temp\devrtl.dll
  • C:\Users\test\AppData\Local\Temp\propsys.dll
  • C:\Users\test\AppData\Local\Temp\mlang.dll
  • C:\Users\test\AppData\Local\Temp\samcli.dll
  • C:\Users\test\AppData\Local\Temp\samlib.dll
  • C:\Users\test\AppData\Local\Temp\wkscli.dll
  • C:\Users\test\AppData\Local\Temp\dfscli.dll
  • C:\Users\test\AppData\Local\Temp\browcli.dll
  • C:\Users\test\AppData\Local\Temp\rasadhlp.dll
  • C:\Users\test\AppData\Local\Temp\dhcpcsvc6.dll
  • C:\Users\test\AppData\Local\Temp\dhcpcsvc.dll
  • C:\Users\test\AppData\Local\Temp\XmlLite.dll
  • C:\Users\test\AppData\Local\Temp\linkinfo.dll
  • C:\Users\test\AppData\Local\Temp\cryptsp.dll
  • C:\Users\test\AppData\Local\Temp\RpcRtRemote.dll
  • C:\Users\test\AppData\Local\Temp\aclui.dll
  • C:\Users\test\AppData\Local\Temp\dsrole.dll
  • C:\Users\test\AppData\Local\Temp\peerdist.dll
  • \Device\KsecDD
  • C:\Users\test\AppData\Local\Temp\duplicate file finder plus_16.0.79.rar
  • C:\Windows\win.ini
  • C:\Windows\SysWOW64\shell32.dll
  • C:\Users\test\AppData\Local\Temp\RarSFX0
  • C:\Users
  • C:\Users\test
  • C:\Users\test\AppData
  • C:\Users\test\AppData\Local
  • C:\Users\test\AppData\Local\Temp
  • C:\Users\test\AppData\Local\Temp\RarSFX0\__tmp_rar_sfx_access_check_21661526
  • C:\Users\test\AppData\Local\Temp\RarSFX0\Duplicate File Finder Plus.exe.config
  • C:\Users\test\AppData\Local\Temp\RarSFX0\Interop.IWshRuntimeLibrary.dll
  • C:\Users\test\AppData\Local\Temp\RarSFX0\TSS Foundation Libraries.dll
  • C:\Users\test\AppData\Local\Temp\RarSFX0\Duplicate File Finder Plus.exe
  • C:\Users\test\AppData\Local\Temp\RarSFX0\lang.ini
  • C:\Users\test\AppData\Local\Temp\RarSFX0\duplicate-file-finder-plus\xe6\xbf\x80\xe6\xb4\xbb\xe7\xa0\x81.txt
  • C:\Users\test\AppData\Local\Temp\RarSFX0\sounds\finished.wav
  • C:\Users\test\AppData\Local\Temp\RarSFX0\sounds
  • C:\Users\test\AppData\Local\Temp\RarSFX0\langs\en.xml
  • C:\Users\test\AppData\Local\Temp\RarSFX0\langs
  • C:\Users\test\AppData\Local\Temp\RarSFX0\langs\sc.xml
  • C:\Users\test\AppData\Local\Temp\RarSFX0\langs\tc.xml
  • \??\MountPointManager
  • C:\
  • C:\Users\desktop.ini
  • C:\Windows\System32\ntshrui.dll
  • C:\Windows\AppPatch\sysmain.sdb
  • C:\Windows\System32\
  • C:\Windows\SysWOW64\ntshrui.dll
  • C:\Windows
  • C:\Windows\System32
  • C:\Windows\System32\*.*
  • C:\Users\test\AppData\Local\Temp\
  • C:\Users\test\AppData\Local\Temp\RarSFX0\
  • C:\Users\test\AppData\Local\Temp\api-ms-win-appmodel-runtime-l1-1-1.DLL
  • C:\Windows\System32\api-ms-win-appmodel-runtime-l1-1-1.DLL
  • C:\Windows\system\api-ms-win-appmodel-runtime-l1-1-1.DLL
  • C:\Windows\api-ms-win-appmodel-runtime-l1-1-1.DLL
  • C:\ProgramData\Oracle\Java\javapath\api-ms-win-appmodel-runtime-l1-1-1.DLL
  • C:\Windows\System32\wbem\api-ms-win-appmodel-runtime-l1-1-1.DLL
  • C:\Windows\System32\WindowsPowerShell\v1.0\api-ms-win-appmodel-runtime-l1-1-1.DLL
  • C:\Program Files (x86)\WinRAR\api-ms-win-appmodel-runtime-l1-1-1.DLL
  • C:\Users\test\AppData\Local\Temp\ext-ms-win-kernel32-package-current-l1-1-0.DLL
  • C:\Windows\sysnative\MSCOREE.DLL.local
  • C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
  • C:\Windows\Microsoft.NET\Framework64\*
  • C:\Windows\Microsoft.NET\Framework64\v2.0.50727\clr.dll
  • C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
  • C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
  • C:\Users\test\AppData\Local\Temp\RarSFX0\Duplicate File Finder Plus.exe.Local\
  • C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6
  • C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll
  • C:\Windows\winsxs
  • C:\Windows\Microsoft.NET\Framework64\v4.0.30319
  • C:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\machine.config
  • C:\Windows\Microsoft.NET\Framework64\v2.0.50727\fusion.localgac
  • C:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\security.config
  • C:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\security.config.cch
  • C:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\enterprisesec.config
  • C:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\enterprisesec.config.cch
  • C:\Users\test\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\64bit\security.config
  • C:\Users\test\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\64bit\security.config.cch
  • C:\Windows\assembly\NativeImages_v2.0.50727_64\index187.dat
  • C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\9469491f37d9c35b596968b206615309\mscorlib.ni.dll
  • C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.INI
  • C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll
  • C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9
  • C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
  • C:\Windows\sysnative\p2pcollab.dll
  • C:\Windows\sysnative\QAGENTRT.DLL
  • C:\Windows\sysnative\dnsapi.dll
  • C:\Windows\sysnative\fveui.dll
  • C:\Users\test\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\*
  • C:\Users\test\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs\*
  • C:\Users\test\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs\*
  • C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ole32.dll
  • C:\Users\test\AppData\Local\Temp\RarSFX0\Duplicate File Finder Plus.exe.Config
  • C:\Users\test\AppData\Local\Temp\RarSFX0\Duplicate File Finder Plus.INI
  • C:\Windows\sysnative\l_intl.nls
  • C:\Windows\assembly\pubpol49.dat
  • C:\Windows\assembly\GAC\PublisherPolicy.tme
  • C:\Windows\assembly\NativeImages_v2.0.50727_64\System\adff7dd9fe8e541775c46b6363401b22\System.ni.dll
  • C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualBas#\684eae3bcd28cb6d1e6997e6497056e2\Microsoft.VisualBasic.ni.dll
  • C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.INI
  • C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.INI
  • C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
  • C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\5910828a337dbe848dc90c7ae0a7dee2\System.Drawing.ni.dll
  • C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\6c352ff9e3603b0e69d969ff7e7632f5\System.Windows.Forms.ni.dll
  • C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.INI
  • C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.INI
  • C:\Windows\Globalization\zh-cn.nlp
  • C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\0fde44651bdf14a3988b955dd94aa318\System.Runtime.Remoting.ni.dll
  • C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.INI
  • C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\ws2_32.dll
  • C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\091b931d0f6408001747dbbbb05dbe66\System.Configuration.ni.dll
  • C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.INI
  • C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\ee795155543768ea67eecddc686a1e9e\System.Xml.ni.dll
  • C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.INI
  • C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\sorttbls.nlp
  • C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\sortkey.nlp
  • C:\Windows\Globalization\en.nlp
  • C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\prcp.nlp
  • C:\Windows\sysnative\tzres.dll
  • C:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\enterprisesec.config.default
  • C:\Windows\Globalization\en-us.nlp
  • C:\Windows\assembly\GAC_64\mscorlib.resources\2.0.0.0_zh-CN_b77a5c561934e089
  • C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_zh-CN_b77a5c561934e089
  • C:\Windows\assembly\GAC\mscorlib.resources\2.0.0.0_zh-CN_b77a5c561934e089
  • C:\Users\test\AppData\Local\Temp\RarSFX0\zh-CN\mscorlib.resources.dll
  • C:\Users\test\AppData\Local\Temp\RarSFX0\zh-CN\mscorlib.resources\mscorlib.resources.dll
  • C:\Users\test\AppData\Local\Temp\RarSFX0\zh-CN\mscorlib.resources.exe
  • C:\Users\test\AppData\Local\Temp\RarSFX0\zh-CN\mscorlib.resources\mscorlib.resources.exe
  • C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll
  • C:\Windows\Microsoft.NET\Framework64\v2.0.50727\zh-CN\mscorrc.dll
  • C:\Windows\Microsoft.NET\Framework64\v2.0.50727\zh-CN\mscorrc.dll.DLL
  • C:\Windows\Microsoft.NET\Framework64\v2.0.50727\zh-CHS\mscorrc.dll
  • C:\Windows\Globalization\zh-chs.nlp
  • C:\Windows\assembly\GAC_64\mscorlib.resources\2.0.0.0_zh-CHS_b77a5c561934e089
  • C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_zh-CHS_b77a5c561934e089
  • C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_zh-CHS_b77a5c561934e089\mscorlib.resources.dll
  • C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_zh-CHS_b77a5c561934e089\mscorlib.resources.INI
  • C:\Windows\Globalization\zh-hans.nlp
  • C:\Windows\assembly\GAC_64\mscorlib.resources\2.0.0.0_zh-Hans_b77a5c561934e089
  • C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_zh-Hans_b77a5c561934e089
  • C:\Windows\assembly\GAC\mscorlib.resources\2.0.0.0_zh-Hans_b77a5c561934e089
  • C:\Users\test\AppData\Local\Temp\RarSFX0\zh-Hans\mscorlib.resources.dll
  • C:\Users\test\AppData\Local\Temp\RarSFX0\zh-Hans\mscorlib.resources\mscorlib.resources.dll
  • C:\Users\test\AppData\Local\Temp\RarSFX0\zh-Hans\mscorlib.resources.exe
  • C:\Users\test\AppData\Local\Temp\RarSFX0\zh-Hans\mscorlib.resources\mscorlib.resources.exe
  • C:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\security.config.default
  • C:\Users\test\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\64bit\security.config.default
  • C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\uxtheme.dll
  • C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
  • C:\Users\test\AppData\Local\Temp\RarSFX0\TSS Foundation Libraries.INI
  • C:\Windows\Microsoft.NET\Framework64\v2.0.50727\CRYPT32.dll
  • C:\Users\test\AppData\Roaming\TriSun_Software_Limited\Duplicate_File_Finder_Plu_Url_3qgjpfguy4txgiovvclrdkqxfnqfgkh4\16.0.79.0\user.config
  • C:\Users\test\AppData\Local\TriSun_Software_Limited\Duplicate_File_Finder_Plu_Url_3qgjpfguy4txgiovvclrdkqxfnqfgkh4\16.0.79.0\user.config
  • C:\Users\test\AppData\Local\TriSun_Software_Limited\Duplicate_File_Finder_Plu_Url_3qgjpfguy4txgiovvclrdkqxfnqfgkh4\16.0.79.0
  • C:\Users\test\AppData\Local\TriSun_Software_Limited\Duplicate_File_Finder_Plu_Url_3qgjpfguy4txgiovvclrdkqxfnqfgkh4
  • C:\Users\test\AppData\Local\TriSun_Software_Limited
  • C:\Users\test\AppData\Local\TriSun_Software_Limited\Duplicate_File_Finder_Plu_Url_3qgjpfguy4txgiovvclrdkqxfnqfgkh4\16.0.79.0\hapdhgzy.tmp
  • C:\Users\test\AppData\Local\TriSun_Software_Limited\Duplicate_File_Finder_Plu_Url_3qgjpfguy4txgiovvclrdkqxfnqfgkh4\16.0.79.0\hapdhgzy.newcfg
  • C:\Users\test\AppData\Local\TriSun_Software_Limited\Duplicate_File_Finder_Plu_Url_3qgjpfguy4txgiovvclrdkqxfnqfgkh4\*
  • C:\Users\test\AppData\Local\TriSun_Software_Limited\Duplicate_File_Finder_Plu_Url_3qgjpfguy4txgiovvclrdkqxfnqfgkh4\16.0.79.0\vqlh5xjt.tmp
  • C:\Users\test\AppData\Local\TriSun_Software_Limited\Duplicate_File_Finder_Plu_Url_3qgjpfguy4txgiovvclrdkqxfnqfgkh4\16.0.79.0\vqlh5xjt.newcfg
  • C:\Users\test\AppData\Local\TriSun_Software_Limited\Duplicate_File_Finder_Plu_Url_3qgjpfguy4txgiovvclrdkqxfnqfgkh4\16.0.79.0\
  • C:\Users\test\AppData\Local\TriSun_Software_Limited\Duplicate_File_Finder_Plu_Url_3qgjpfguy4txgiovvclrdkqxfnqfgkh4\16.0.79.0\ygxfhsdc.tmp
  • C:\Users\test\AppData\Local\TriSun_Software_Limited\Duplicate_File_Finder_Plu_Url_3qgjpfguy4txgiovvclrdkqxfnqfgkh4\16.0.79.0\ygxfhsdc.newcfg
  • C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\rasapi32.dll
  • C:\Windows\sysnative\zh-CN\KERNELBASE.dll.mui
  • C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\winhttp.dll
  • C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\iphlpapi.dll
  • C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Gdiplus.dll
  • C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_2b24536c71ed437a
  • C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_2b24536c71ed437a\GdiPlus.dll
  • C:\Users\test\AppData\Local\GDIPFONTCACHEV1.DAT
  • C:\Windows\Fonts\AGENCYR.TTF
  • C:\Windows\Fonts\simsun.ttc
  • C:\Windows\Fonts\segoeui.ttf
  • C:\Windows\Fonts\segoeuib.ttf
  • C:\Windows\Fonts\segoeuii.ttf
  • C:\Windows\Fonts\segoeuiz.ttf
  • C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\oleaut32.dll
  • C:\Users\test\AppData\Local\Temp\RarSFX0\zh-CN\Duplicate File Finder Plus.resources.dll
  • C:\Users\test\AppData\Local\Temp\RarSFX0\zh-CN\Duplicate File Finder Plus.resources\Duplicate File Finder Plus.resources.dll
  • C:\Users\test\AppData\Local\Temp\RarSFX0\zh-CN\Duplicate File Finder Plus.resources.exe
  • C:\Users\test\AppData\Local\Temp\RarSFX0\zh-CN\Duplicate File Finder Plus.resources\Duplicate File Finder Plus.resources.exe
  • C:\Users\test\AppData\Local\Temp\RarSFX0\zh-CHS\Duplicate File Finder Plus.resources.dll
  • C:\Users\test\AppData\Local\Temp\RarSFX0\zh-CHS\Duplicate File Finder Plus.resources\Duplicate File Finder Plus.resources.dll
  • C:\Users\test\AppData\Local\Temp\RarSFX0\zh-CHS\Duplicate File Finder Plus.resources.exe
  • C:\Users\test\AppData\Local\Temp\RarSFX0\zh-CHS\Duplicate File Finder Plus.resources\Duplicate File Finder Plus.resources.exe
  • C:\Users\test\AppData\Local\Temp\RarSFX0\zh-Hans\Duplicate File Finder Plus.resources.dll
  • C:\Users\test\AppData\Local\Temp\RarSFX0\zh-Hans\Duplicate File Finder Plus.resources\Duplicate File Finder Plus.resources.dll
  • C:\Users\test\AppData\Local\Temp\RarSFX0\zh-Hans\Duplicate File Finder Plus.resources.exe
  • C:\Users\test\AppData\Local\Temp\RarSFX0\zh-Hans\Duplicate File Finder Plus.resources\Duplicate File Finder Plus.resources.exe
  • C:\Windows\Fonts\staticcache.dat
  • C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\comctl32.dll
  • C:\Users\test\AppData\Local\Temp\RarSFX0\Interop.IWshRuntimeLibrary.INI
  • C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\imm32.dll
  • C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\security.dll
  • C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\crypt32.dll
  • C:\Users\test\AppData\Local\Temp\RarSFX0\imageres.dll
  • C:\Windows\sysnative\imageres.dll
  • C:\Windows\sysnative\zh-CN\imageres.dll.mui
  • C:\Windows\sysnative\zh-Hans\imageres.dll.mui
  • C:\Windows\sysnative\zh\imageres.dll.mui
  • C:\Windows\sysnative\en-US\imageres.dll.mui
  • C:\Users\test\AppData\Local\TriSun_Software_Limited\Duplicate_File_Finder_Plu_Url_3qgjpfguy4txgiovvclrdkqxfnqfgkh4\16.0.79.0\vgnx7it-.tmp
  • C:\Users\test\AppData\Local\TriSun_Software_Limited\Duplicate_File_Finder_Plu_Url_3qgjpfguy4txgiovvclrdkqxfnqfgkh4\16.0.79.0\vgnx7it-.newcfg
  • C:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\security.config.cch.new
  • C:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\security.config.cch.2980.21666472
  • C:\Users\test\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\64bit\security.config.cch.new
  • C:\Users\test\AppData\Roaming
  • C:\Users\test\AppData\Roaming\Microsoft
  • C:\Users\test\AppData\Roaming\Microsoft\CLR Security Config
  • C:\Users\test\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312
  • C:\Users\test\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\64bit
  • C:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\enterprisesec.config.cch.new
  • C:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\enterprisesec.config.cch.2980.21666472
  • C:\Users\test\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\64bit\security.config.cch.2980.21666487
  • C:\Windows\explorer.exe.123.Manifest
  • C:\Windows\sysnative\shell32.dll
  • C:\Windows\sysnative\ieframe.dll
读取的文件
  • C:\Windows\Globalization\Sorting\sortdefault.nls
  • \Device\KsecDD
  • C:\Users\test\AppData\Local\Temp\duplicate file finder plus_16.0.79.rar
  • C:\Windows\win.ini
  • C:\Windows\SysWOW64\shell32.dll
  • C:\Users\test\AppData\Local\Temp\RarSFX0\__tmp_rar_sfx_access_check_21661526
  • C:\
  • C:\Users\desktop.ini
  • C:\Users
  • C:\Users\test
  • C:\Users\test\AppData
  • C:\Users\test\AppData\Local
  • C:\Users\test\AppData\Local\Temp
  • C:\Users\test\AppData\Local\Temp\RarSFX0
  • C:\Users\test\AppData\Local\Temp\RarSFX0\langs
  • C:\Users\test\AppData\Local\Temp\RarSFX0\sounds
  • C:\Windows\System32\ntshrui.dll
  • C:\Windows\AppPatch\sysmain.sdb
  • C:\Windows\System32\
  • C:\Users\test\AppData\Local\Temp\RarSFX0\lang.ini
  • C:\Users\test\AppData\Local\Temp\api-ms-win-appmodel-runtime-l1-1-1.DLL
  • C:\Users\test\AppData\Local\Temp\ext-ms-win-kernel32-package-current-l1-1-0.DLL
  • C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
  • C:\Users\test\AppData\Local\Temp\RarSFX0\Duplicate File Finder Plus.exe.config
  • C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
  • C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll
  • C:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\machine.config
  • C:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\security.config
  • C:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\security.config.cch
  • C:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\enterprisesec.config
  • C:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\enterprisesec.config.cch
  • C:\Users\test\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\64bit\security.config
  • C:\Users\test\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\64bit\security.config.cch
  • C:\Windows\assembly\NativeImages_v2.0.50727_64\index187.dat
  • C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\9469491f37d9c35b596968b206615309\mscorlib.ni.dll
  • C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll
  • C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
  • C:\Users\test\AppData\Local\Temp\RarSFX0\Duplicate File Finder Plus.exe
  • C:\Windows\sysnative\l_intl.nls
  • C:\Windows\assembly\pubpol49.dat
  • C:\Users\test\AppData\Local\Temp\RarSFX0\Duplicate File Finder Plus.exe.Config
  • C:\Windows\assembly\NativeImages_v2.0.50727_64\System\adff7dd9fe8e541775c46b6363401b22\System.ni.dll
  • C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualBas#\684eae3bcd28cb6d1e6997e6497056e2\Microsoft.VisualBasic.ni.dll
  • C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
  • C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\5910828a337dbe848dc90c7ae0a7dee2\System.Drawing.ni.dll
  • C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\6c352ff9e3603b0e69d969ff7e7632f5\System.Windows.Forms.ni.dll
  • C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\0fde44651bdf14a3988b955dd94aa318\System.Runtime.Remoting.ni.dll
  • C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\091b931d0f6408001747dbbbb05dbe66\System.Configuration.ni.dll
  • C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\ee795155543768ea67eecddc686a1e9e\System.Xml.ni.dll
  • C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\sorttbls.nlp
  • C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\sortkey.nlp
  • C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\prcp.nlp
  • C:\Windows\sysnative\tzres.dll
  • C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll
  • C:\Windows\Microsoft.NET\Framework64\v2.0.50727\zh-CHS\mscorrc.dll
  • C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_zh-CHS_b77a5c561934e089\mscorlib.resources.dll
  • C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
  • C:\Users\test\AppData\Local\Temp\RarSFX0\TSS Foundation Libraries.dll
  • C:\Users\test\AppData\Local\TriSun_Software_Limited\Duplicate_File_Finder_Plu_Url_3qgjpfguy4txgiovvclrdkqxfnqfgkh4\16.0.79.0\hapdhgzy.newcfg
  • C:\Users\test\AppData\Local\Temp\RarSFX0\langs\sc.xml
  • C:\Users\test\AppData\Local\TriSun_Software_Limited\Duplicate_File_Finder_Plu_Url_3qgjpfguy4txgiovvclrdkqxfnqfgkh4\16.0.79.0\user.config
  • C:\Users\test\AppData\Local\TriSun_Software_Limited\Duplicate_File_Finder_Plu_Url_3qgjpfguy4txgiovvclrdkqxfnqfgkh4\16.0.79.0\vqlh5xjt.newcfg
  • C:\Users\test\AppData\Local\TriSun_Software_Limited\Duplicate_File_Finder_Plu_Url_3qgjpfguy4txgiovvclrdkqxfnqfgkh4\16.0.79.0\ygxfhsdc.newcfg
  • C:\Windows\sysnative\zh-CN\KERNELBASE.dll.mui
  • C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_2b24536c71ed437a\GdiPlus.dll
  • C:\Users\test\AppData\Local\GDIPFONTCACHEV1.DAT
  • C:\Windows\Fonts\simsun.ttc
  • C:\Windows\Fonts\segoeui.ttf
  • C:\Windows\Fonts\segoeuib.ttf
  • C:\Windows\Fonts\segoeuii.ttf
  • C:\Windows\Fonts\segoeuiz.ttf
  • C:\Windows\Fonts\staticcache.dat
  • C:\Users\test\AppData\Local\Temp\RarSFX0\Interop.IWshRuntimeLibrary.dll
  • C:\Windows\sysnative\imageres.dll
  • C:\Windows\sysnative\zh-CN\imageres.dll.mui
  • C:\Windows\sysnative\zh-Hans\imageres.dll.mui
  • C:\Windows\sysnative\zh\imageres.dll.mui
  • C:\Windows\sysnative\en-US\imageres.dll.mui
  • C:\Users\test\AppData\Local\TriSun_Software_Limited\Duplicate_File_Finder_Plu_Url_3qgjpfguy4txgiovvclrdkqxfnqfgkh4\16.0.79.0\vgnx7it-.newcfg
  • C:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\security.config.cch.new
  • C:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\enterprisesec.config.cch.new
  • C:\Windows\explorer.exe.123.Manifest
  • C:\Windows\sysnative\shell32.dll
  • C:\Windows\sysnative\ieframe.dll
修改的文件
  • C:\Users\test\AppData\Local\Temp\RarSFX0\__tmp_rar_sfx_access_check_21661526
  • C:\Users\test\AppData\Local\Temp\RarSFX0\Duplicate File Finder Plus.exe.config
  • C:\Users\test\AppData\Local\Temp\RarSFX0\Interop.IWshRuntimeLibrary.dll
  • C:\Users\test\AppData\Local\Temp\RarSFX0\TSS Foundation Libraries.dll
  • C:\Users\test\AppData\Local\Temp\RarSFX0\Duplicate File Finder Plus.exe
  • C:\Users\test\AppData\Local\Temp\RarSFX0\lang.ini
  • C:\Users\test\AppData\Local\Temp\RarSFX0\duplicate-file-finder-plus\xe6\xbf\x80\xe6\xb4\xbb\xe7\xa0\x81.txt
  • C:\Users\test\AppData\Local\Temp\RarSFX0\sounds\finished.wav
  • C:\Users\test\AppData\Local\Temp\RarSFX0\langs\en.xml
  • C:\Users\test\AppData\Local\Temp\RarSFX0\langs\sc.xml
  • C:\Users\test\AppData\Local\Temp\RarSFX0\langs\tc.xml
  • C:\Users\test\AppData\Local\Temp\RarSFX0\langs
  • C:\Users\test\AppData\Local\Temp\RarSFX0\sounds
  • C:\Users\test\AppData\Local\TriSun_Software_Limited\Duplicate_File_Finder_Plu_Url_3qgjpfguy4txgiovvclrdkqxfnqfgkh4\16.0.79.0\hapdhgzy.tmp
  • C:\Users\test\AppData\Local\TriSun_Software_Limited\Duplicate_File_Finder_Plu_Url_3qgjpfguy4txgiovvclrdkqxfnqfgkh4\16.0.79.0\hapdhgzy.newcfg
  • C:\Users\test\AppData\Local\TriSun_Software_Limited\Duplicate_File_Finder_Plu_Url_3qgjpfguy4txgiovvclrdkqxfnqfgkh4\16.0.79.0\user.config
  • C:\Users\test\AppData\Local\TriSun_Software_Limited\Duplicate_File_Finder_Plu_Url_3qgjpfguy4txgiovvclrdkqxfnqfgkh4\16.0.79.0\vqlh5xjt.tmp
  • C:\Users\test\AppData\Local\TriSun_Software_Limited\Duplicate_File_Finder_Plu_Url_3qgjpfguy4txgiovvclrdkqxfnqfgkh4\16.0.79.0\vqlh5xjt.newcfg
  • C:\Users\test\AppData\Local\TriSun_Software_Limited\Duplicate_File_Finder_Plu_Url_3qgjpfguy4txgiovvclrdkqxfnqfgkh4\16.0.79.0\ygxfhsdc.tmp
  • C:\Users\test\AppData\Local\TriSun_Software_Limited\Duplicate_File_Finder_Plu_Url_3qgjpfguy4txgiovvclrdkqxfnqfgkh4\16.0.79.0\ygxfhsdc.newcfg
  • C:\Users\test\AppData\Local\GDIPFONTCACHEV1.DAT
  • C:\Users\test\AppData\Local\TriSun_Software_Limited\Duplicate_File_Finder_Plu_Url_3qgjpfguy4txgiovvclrdkqxfnqfgkh4\16.0.79.0\vgnx7it-.tmp
  • C:\Users\test\AppData\Local\TriSun_Software_Limited\Duplicate_File_Finder_Plu_Url_3qgjpfguy4txgiovvclrdkqxfnqfgkh4\16.0.79.0\vgnx7it-.newcfg
  • C:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\security.config.cch.new
  • C:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\security.config.cch.2980.21666472
  • C:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\security.config.cch
  • C:\Users\test\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\64bit\security.config.cch.new
  • C:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\enterprisesec.config.cch.new
  • C:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\enterprisesec.config.cch.2980.21666472
  • C:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\enterprisesec.config.cch
删除的文件
  • C:\Users\test\AppData\Local\Temp\RarSFX0\__tmp_rar_sfx_access_check_21661526
  • C:\Users\test\AppData\Local\Temp\RarSFX0
  • C:\Users\test\AppData\Local\Temp\RarSFX0\Duplicate File Finder Plus.exe
  • C:\Users\test\AppData\Local\Temp\RarSFX0\Duplicate File Finder Plus.exe.config
  • C:\Users\test\AppData\Local\Temp\RarSFX0\duplicate-file-finder-plus\xe6\xbf\x80\xe6\xb4\xbb\xe7\xa0\x81.txt
  • C:\Users\test\AppData\Local\Temp\RarSFX0\Interop.IWshRuntimeLibrary.dll
  • C:\Users\test\AppData\Local\Temp\RarSFX0\lang.ini
  • C:\Users\test\AppData\Local\Temp\RarSFX0\TSS Foundation Libraries.dll
  • C:\Users\test\AppData\Local\Temp\RarSFX0\langs
  • C:\Users\test\AppData\Local\Temp\RarSFX0\langs\en.xml
  • C:\Users\test\AppData\Local\Temp\RarSFX0\langs\sc.xml
  • C:\Users\test\AppData\Local\Temp\RarSFX0\langs\tc.xml
  • C:\Users\test\AppData\Local\Temp\RarSFX0\sounds
  • C:\Users\test\AppData\Local\Temp\RarSFX0\sounds\finished.wav
  • C:\Users\test\AppData\Local\TriSun_Software_Limited\Duplicate_File_Finder_Plu_Url_3qgjpfguy4txgiovvclrdkqxfnqfgkh4\16.0.79.0\hapdhgzy.tmp
  • C:\Users\test\AppData\Local\TriSun_Software_Limited\Duplicate_File_Finder_Plu_Url_3qgjpfguy4txgiovvclrdkqxfnqfgkh4\16.0.79.0\hapdhgzy.newcfg
  • C:\Users\test\AppData\Local\TriSun_Software_Limited\Duplicate_File_Finder_Plu_Url_3qgjpfguy4txgiovvclrdkqxfnqfgkh4\16.0.79.0\vqlh5xjt.tmp
  • C:\Users\test\AppData\Local\TriSun_Software_Limited\Duplicate_File_Finder_Plu_Url_3qgjpfguy4txgiovvclrdkqxfnqfgkh4\16.0.79.0\vqlh5xjt.newcfg
  • C:\Users\test\AppData\Local\TriSun_Software_Limited\Duplicate_File_Finder_Plu_Url_3qgjpfguy4txgiovvclrdkqxfnqfgkh4\16.0.79.0\ygxfhsdc.tmp
  • C:\Users\test\AppData\Local\TriSun_Software_Limited\Duplicate_File_Finder_Plu_Url_3qgjpfguy4txgiovvclrdkqxfnqfgkh4\16.0.79.0\ygxfhsdc.newcfg
  • C:\Users\test\AppData\Local\TriSun_Software_Limited\Duplicate_File_Finder_Plu_Url_3qgjpfguy4txgiovvclrdkqxfnqfgkh4\16.0.79.0\vgnx7it-.newcfg
  • C:\Users\test\AppData\Local\TriSun_Software_Limited\Duplicate_File_Finder_Plu_Url_3qgjpfguy4txgiovvclrdkqxfnqfgkh4\16.0.79.0\vgnx7it-.tmp
  • C:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\security.config.cch.2980.21666472
  • C:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\enterprisesec.config.cch.2980.21666472
  • C:\Users\test\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\64bit\security.config.cch.2980.21666487
注册表键
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Locale
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Locale\Alternate Sorts
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Language Groups
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Locale\00000804
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Language Groups\a
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\en-US
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\en-US
  • HKEY_CURRENT_USER
  • HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows
  • HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\ScrollInset
  • HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\DragDelay
  • HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\DragMinDist
  • HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\ScrollDelay
  • HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\ScrollInterval
  • HKEY_LOCAL_MACHINE\Software\Policies
  • HKEY_CURRENT_USER\Software\Policies
  • HKEY_CURRENT_USER\Software
  • HKEY_LOCAL_MACHINE\Software
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Explorer\AutoComplete
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoComplete
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoComplete\Append Completion
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Explorer\AutoComplete
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoComplete\AutoSuggest
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoComplete\Always Use Tab
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoComplete
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\AutoComplete\Always Use Tab
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SideBySide
  • HKEY_CLASSES_ROOT\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InProcServer32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InProcServer32\(Default)
  • HKEY_CLASSES_ROOT\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InProcServer32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InProcServer32\(Default)
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoComplete\Client\
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\AutoComplete\Client\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\Compatibility\duplicate file finder plus_16.0.79.rar
  • HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{0000897b-83df-4b96-be07-0fb58b01c4a4}\LanguageProfile\0x00000000\{0001bea3-ed56-483d-a2e2-aeae25577436}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{0000897b-83df-4b96-be07-0fb58b01c4a4}\LanguageProfile\0x00000000\{0001bea3-ed56-483d-a2e2-aeae25577436}\Enable
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{0000897b-83df-4b96-be07-0fb58b01c4a4}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{03B5835F-F03C-411B-9CE2-AA23E1171E36}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{07EB03D6-B001-41DF-9192-BF9B841EE71F}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{3697C5FA-60DD-4B56-92D4-74A569205C16}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{3FC47A08-E5C9-4BCA-A2C7-BC9A282AED14}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{531FDEBF-9B4C-4A43-A2AA-960E8FCDC732}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{78CB5B0E-26ED-4FCC-854C-77E8F3D1AA80}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{81D4E9C9-1D3B-41BC-9E6C-4B40BF79E35E}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{8613E14C-D0C0-4161-AC0F-1DD2563286BC}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{A028AE76-01B1-46C2-99C4-ACD9858AE02F}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{AE6BE008-07FB-400D-8BEB-337A64F7051F}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{C1EE01F2-B3B6-4A6A-9DDD-E988C088EC82}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{DCBD6FA8-032F-11D3-B5B1-00C04FC324A1}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{E429B25A-E5D3-4D1F-9BE3-0C608477E3A1}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{F25E9F57-2FC8-4EB3-A41A-CCE5F08541E6}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{F89E9E58-BD2F-4008-9AC2-0F816C09F4EE}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90}
  • HKEY_CURRENT_USER\Keyboard Layout\Toggle
  • HKEY_CURRENT_USER\Keyboard Layout\Toggle\Language Hotkey
  • HKEY_CURRENT_USER\Keyboard Layout\Toggle\Hotkey
  • HKEY_CURRENT_USER\Keyboard Layout\Toggle\Layout Hotkey
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Windows Error Reporting\WMR
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\Windows Error Reporting\WMR\Disable
  • HKEY_CURRENT_USER\Software\Microsoft\CTF\DirectSwitchHotkeys
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\CTF\EnableAnchorContext
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{372941a3-1bd9-11e5-9838-806e6f6e6963}\
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{372941a3-1bd9-11e5-9838-806e6f6e6963}\Data
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{372941a3-1bd9-11e5-9838-806e6f6e6963}\Generation
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{372941a4-1bd9-11e5-9838-806e6f6e6963}\
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{372941a4-1bd9-11e5-9838-806e6f6e6963}\Data
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{372941a4-1bd9-11e5-9838-806e6f6e6963}\Generation
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\KnownClasses
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ConfirmFileDelete
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\ConfirmFileDelete
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\NoFileFolderConnection
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Shell\RegisteredApplications\UrlAssociations\Directory\OpenWithProgids
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\Directory
  • HKEY_CLASSES_ROOT\Directory
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\CurVer
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\ShellEx\PropertyHandler
  • HKEY_CLASSES_ROOT\Folder
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\ShellEx\PropertyHandler
  • HKEY_CLASSES_ROOT\AllFilesystemObjects
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\ShellEx\PropertyHandler
  • HKEY_CLASSES_ROOT\.config
  • HKEY_CLASSES_ROOT\.config\OpenWithProgids
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.config\OpenWithProgids
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.config
  • HKEY_CLASSES_ROOT\Unknown
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Unknown\CurVer
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Unknown\
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Unknown\ShellEx\IconHandler
  • HKEY_CLASSES_ROOT\SystemFileAssociations\.config
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Unknown\DocObject
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Unknown\BrowseInPlace
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Unknown\Clsid
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Unknown\IsShortcut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Unknown\AlwaysShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Unknown\NeverShowExt
  • HKEY_CLASSES_ROOT\.txt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.txt\(Default)
  • HKEY_CLASSES_ROOT\.txt\OpenWithProgids
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.txt\OpenWithProgids
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.txt
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.txt\
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.txt\UserChoice
  • HKEY_CLASSES_ROOT\txtfile
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\txtfile\CurVer
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\txtfile\
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\txtfile\ShellEx\IconHandler
  • HKEY_CLASSES_ROOT\SystemFileAssociations\.txt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.txt\ShellEx\IconHandler
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.txt\PerceivedType
  • HKEY_CLASSES_ROOT\SystemFileAssociations\text
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\text\ShellEx\IconHandler
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\txtfile\DocObject
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.txt\DocObject
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\text\DocObject
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\txtfile\BrowseInPlace
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.txt\BrowseInPlace
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\text\BrowseInPlace
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.txt\Content Type
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\txtfile\Clsid
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.txt\Clsid
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\text\Clsid
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\txtfile\IsShortcut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.txt\IsShortcut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\text\IsShortcut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\txtfile\AlwaysShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.txt\AlwaysShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\text\AlwaysShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\txtfile\NeverShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.txt\NeverShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\text\NeverShowExt
  • HKEY_CLASSES_ROOT\.dll
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.dll\(Default)
  • HKEY_CLASSES_ROOT\.dll\OpenWithProgids
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dll\OpenWithProgids
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dll
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dll\
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dll\UserChoice
  • HKEY_CLASSES_ROOT\dllfile
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\dllfile\CurVer
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\dllfile\
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\dllfile\ShellEx\IconHandler
  • HKEY_CLASSES_ROOT\SystemFileAssociations\.dll
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.dll\ShellEx\IconHandler
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.dll\PerceivedType
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.dll\PerceivedType
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\dllfile\DocObject
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.dll\DocObject
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\dllfile\BrowseInPlace
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.dll\BrowseInPlace
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.dll\Content Type
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\dllfile\Clsid
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.dll\Clsid
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\dllfile\IsShortcut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.dll\IsShortcut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\dllfile\AlwaysShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\dllfile\NeverShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.dll\NeverShowExt
  • HKEY_CLASSES_ROOT\.ini
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.ini\(Default)
  • HKEY_CLASSES_ROOT\.ini\OpenWithProgids
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ini\OpenWithProgids
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ini
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ini\
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ini\UserChoice
  • HKEY_CLASSES_ROOT\inifile
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\inifile\CurVer
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\inifile\
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\inifile\ShellEx\IconHandler
  • HKEY_CLASSES_ROOT\SystemFileAssociations\.ini
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.ini\PerceivedType
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\inifile\DocObject
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\inifile\BrowseInPlace
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.ini\Content Type
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\inifile\Clsid
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\inifile\IsShortcut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\inifile\AlwaysShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\inifile\NeverShowExt
  • HKEY_CLASSES_ROOT\.xml
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.xml\(Default)
  • HKEY_CLASSES_ROOT\.xml\OpenWithProgids
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\OpenWithProgids
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\UserChoice
  • HKEY_CLASSES_ROOT\xmlfile
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\xmlfile\CurVer
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\xmlfile\
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\xmlfile\ShellEx\IconHandler
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\xmlfile\ShellEx\IconHandler\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\xmlfile\DocObject
  • HKEY_CLASSES_ROOT\SystemFileAssociations\.xml
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.xml\DocObject
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.xml\PerceivedType
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\xmlfile\BrowseInPlace
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\xmlfile\BrowseInPlace\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.xml\BrowseInPlace
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.xml\Content Type
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\xmlfile\Clsid
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\xmlfile\CLSID\(Default)
  • HKEY_CLASSES_ROOT\CLSID\{48123BC4-99D9-11D1-A6B3-00C04FD91555}\Implemented Categories\{00021490-0000-0000-C000-000000000046}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\xmlfile\IsShortcut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.xml\IsShortcut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\xmlfile\AlwaysShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.xml\AlwaysShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\xmlfile\NeverShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.xml\NeverShowExt
  • HKEY_CLASSES_ROOT\.wav
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.wav\(Default)
  • HKEY_CLASSES_ROOT\.wav\OpenWithProgids
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\OpenWithProgids
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\UserChoice
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\UserChoice\Progid
  • HKEY_CLASSES_ROOT\WMP11.AssocFile.WAV
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WMP11.AssocFile.WAV\CurVer
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WMP11.AssocFile.WAV\
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WMP11.AssocFile.WAV\ShellEx\IconHandler
  • HKEY_CLASSES_ROOT\SystemFileAssociations\.wav
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.wav\ShellEx\IconHandler
  • HKEY_CLASSES_ROOT\SystemFileAssociations\audio
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\audio\ShellEx\IconHandler
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WMP11.AssocFile.WAV\DocObject
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.wav\DocObject
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\audio\DocObject
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WMP11.AssocFile.WAV\BrowseInPlace
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.wav\BrowseInPlace
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\audio\BrowseInPlace
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.wav\Content Type
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WMP11.AssocFile.WAV\Clsid
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.wav\Clsid
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\audio\Clsid
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WMP11.AssocFile.WAV\IsShortcut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.wav\IsShortcut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\audio\IsShortcut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WMP11.AssocFile.WAV\AlwaysShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.wav\AlwaysShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\audio\AlwaysShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WMP11.AssocFile.WAV\NeverShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.wav\NeverShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\audio\NeverShowExt
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\MaxUndoItems
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Advanced\MaxUndoItems
  • HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\CopyHookHandlers\FileSystem
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\CopyHookHandlers\FileSystem\(Default)
  • HKEY_CLASSES_ROOT\CLSID\{217FC9C0-3AEA-1069-A2DB-08002B30309D}\InProcServer32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{217FC9C0-3AEA-1069-A2DB-08002B30309D}\InProcServer32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\CopyHookHandlers\Sharing
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\CopyHookHandlers\Sharing\(Default)
  • HKEY_CLASSES_ROOT\CLSID\{40DD6E20-7C17-11CE-A804-00AA003CA9F6}\InProcServer32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{40DD6E20-7C17-11CE-A804-00AA003CA9F6}\InProcServer32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{40DD6E20-7C17-11CE-A804-00AA003CA9F6}\InProcServer32\LoadWithoutCOM
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked
  • HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{40dd6e20-7c17-11ce-a804-00aa003ca9f6}\InProcServer32
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Cache
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers
  • HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Custom\ntshrui.dll
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached\{40DD6E20-7C17-11CE-A804-00AA003CA9F6} {000214FC-0000-0000-C000-000000000046} 0xFFFF
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\SQMClient\Windows
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SQMClient\Windows\CEIPEnable
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{40DD6E20-7C17-11CE-A804-00AA003CA9F6}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\CopyHookHandlers\WinSCPCopyHook
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\CopyHookHandlers\WinSCPCopyHook\(Default)
  • HKEY_CLASSES_ROOT\CLSID\{E15E1D68-0D1C-49F7-BEB8-812B1E00FA60}\InProcServer32
  • HKEY_CLASSES_ROOT\Drive\shellex\FolderExtensions
  • HKEY_CLASSES_ROOT\Drive\shellex\FolderExtensions\{fbeb8a05-beee-4442-804e-409d6c4515e9}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\FolderExtensions\{fbeb8a05-beee-4442-804e-409d6c4515e9}\DriveMask
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\PROFILELIST
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-18
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-18\ProfileImagePath
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-19
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-19\ProfileImagePath
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-20
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-20\ProfileImagePath
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-2280033686-3172497658-3481507381-1000
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-2280033686-3172497658-3481507381-1000\ProfileImagePath
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-2280033686-3172497658-3481507381-1001
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-2280033686-3172497658-3481507381-1001\ProfileImagePath
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Sharing
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\App Paths\duplicate file finder plus_16.0.79.rar
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\duplicate file finder plus_16.0.79.rar
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\PropertySystem\PropertyHandlers\.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\PropertySystem\PropertyHandlers\.exe\(Default)
  • HKEY_CLASSES_ROOT\CLSID\{66742402-F9B9-11D1-A202-0000F81FEDEE}\OverrideFileSystemProperties
  • HKEY_CLASSES_ROOT\CLSID\{66742402-F9B9-11D1-A202-0000F81FEDEE}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{66742402-F9B9-11D1-A202-0000F81FEDEE}\DisableProcessIsolation
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{66742402-F9B9-11D1-A202-0000F81FEDEE}\NoOplock
  • HKEY_CLASSES_ROOT\ExplorerCLSIDFlags\{66742402-F9B9-11D1-A202-0000F81FEDEE}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{66742402-F9B9-11D1-A202-0000F81FEDEE}\UseInProcHandlerCache
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{66742402-F9B9-11D1-A202-0000F81FEDEE}\UseOutOfProcHandlerCache
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\PropertySystem\PropertyHandlers\.config
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Unknown\ShellEx\PropertyHandler
  • HKEY_CLASSES_ROOT\*
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\ShellEx\PropertyHandler
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\PropertySystem\PropertyHandlers\.txt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\txtfile\ShellEx\PropertyHandler
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.txt\ShellEx\PropertyHandler
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.txt\ShellEx\PropertyHandler
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\text\ShellEx\PropertyHandler
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\PropertySystem\PropertyHandlers\.dll
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\PropertySystem\PropertyHandlers\.dll\(Default)
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\PropertySystem\PropertyHandlers\.ini
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\inifile\ShellEx\PropertyHandler
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.ini\ShellEx\PropertyHandler
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\PropertySystem\PropertyHandlers\.xml
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\xmlfile\ShellEx\PropertyHandler
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.xml\ShellEx\PropertyHandler
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.xml\ShellEx\PropertyHandler
  • HKEY_CLASSES_ROOT\CLSID\{48123BC4-99D9-11D1-A6B3-00C04FD91555}\ShellFolder
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{48123BC4-99D9-11D1-A6B3-00C04FD91555}\ShellFolder
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{48123BC4-99D9-11D1-A6B3-00C04FD91555}\ShellFolder
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\NonEnum
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\NonEnum
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{48123BC4-99D9-11D1-A6B3-00C04FD91555}
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\PropertySystem\PropertyHandlers\.wav
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\PropertySystem\PropertyHandlers\.wav\(Default)
  • HKEY_CLASSES_ROOT\CLSID\{E46787A1-4629-4423-A693-BE1F003B2742}\OverrideFileSystemProperties
  • HKEY_CLASSES_ROOT\CLSID\{E46787A1-4629-4423-A693-BE1F003B2742}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E46787A1-4629-4423-A693-BE1F003B2742}\DisableProcessIsolation
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E46787A1-4629-4423-A693-BE1F003B2742}\NoOplock
  • HKEY_CLASSES_ROOT\ExplorerCLSIDFlags\{E46787A1-4629-4423-A693-BE1F003B2742}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E46787A1-4629-4423-A693-BE1F003B2742}\UseInProcHandlerCache
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E46787A1-4629-4423-A693-BE1F003B2742}\UseOutOfProcHandlerCache
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\GRE_Initialize
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize\DisableMetaFiles
  • HKEY_LOCAL_MACHINE\Software\Microsoft\.NETFramework\Policy\
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\Policy\v4.0
  • HKEY_LOCAL_MACHINE\Software\Microsoft\.NETFramework
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\InstallRoot
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\CLRLoadLogDir
  • HKEY_CURRENT_USER\Software\Microsoft\.NETFramework
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\OnlyUseLatestCLR
  • Policy\Standards
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\Policy\Standards
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\Policy\standards\v2.0.50727
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NoClientChecks
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\PreferExternalManifest
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SideBySide\AssemblyStorageRoots
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\GCStressStart
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\GCStressStartAtJit
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\DisableConfigCache
  • HKEY_LOCAL_MACHINE\Software\Microsoft\.NETFramework\Policy\AppPatch
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\Policy\AppPatch\v4.0.30319.00000
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\Policy\AppPatch\v4.0.30319.00000\mscorwks.dll
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Fusion
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Duplicate File Finder Plus.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\CacheLocation
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\DownloadCacheQuotaInKB
  • HKEY_CURRENT_USER\Software\Microsoft\Fusion
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\EnableLog
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\LoggingLevel
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\ForceLog
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\LogFailures
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\VersioningLog
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\LogResourceBinds
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\UseLegacyIdentityFormat
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\DisableMSIPeek
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DevOverrideEnable
  • HKEY_LOCAL_MACHINE\Software\Microsoft\.NETFramework\Security\Policy\Extensions\NamedPermissionSets
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\Security\Policy\Extensions\NamedPermissionSets\Internet
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\Security\Policy\Extensions\NamedPermissionSets\LocalIntranet
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-2280033686-3172497658-3481507381-1000
  • HKEY_LOCAL_MACHINE\Software\Microsoft\.NETFramework\v2.0.50727\Security\Policy
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\LatestIndex
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\index187
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\index187\NIUsageMask
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\index187\ILUsageMask
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\181938c6\7950e2c5
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\181938c6\7950e2c5\82
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\181938c6\7950e2c5\82\DisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\181938c6\7950e2c5\82\ConfigMask
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\181938c6\7950e2c5\82\ConfigString
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\181938c6\7950e2c5\82\MVID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\181938c6\7950e2c5\82\EvalationData
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\181938c6\7950e2c5\82\Status
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\181938c6\7950e2c5\82\ILDependencies
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\181938c6\7950e2c5\82\NIDependencies
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\181938c6\7950e2c5\82\MissingDependencies
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\7950e2c5\19b8f67f\82
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\7950e2c5\19b8f67f\82\DisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\7950e2c5\19b8f67f\82\Status
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\7950e2c5\19b8f67f\82\Modules
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\7950e2c5\19b8f67f\82\SIG
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\7950e2c5\19b8f67f\82\LastModTime
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Fusion\GACChangeNotification\Default
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\mscorlib,2.0.0.0,,b77a5c561934e089,AMD64
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\crypt32
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\crypt32\DebugHeapFlags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\msasn1
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Providers\Trust\Certificate\{31D1ADC1-D329-11D1-8ED8-0080C76516C6}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\Certificate\{31D1ADC1-D329-11D1-8ED8-0080C76516C6}\$DLL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\Certificate\{31D1ADC1-D329-11D1-8ED8-0080C76516C6}\$Function
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{31D1ADC1-D329-11D1-8ED8-0080C76516C6}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{31D1ADC1-D329-11D1-8ED8-0080C76516C6}\$DLL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{31D1ADC1-D329-11D1-8ED8-0080C76516C6}\$Function
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Providers\Trust\Initialization\{31D1ADC1-D329-11D1-8ED8-0080C76516C6}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\Initialization\{31D1ADC1-D329-11D1-8ED8-0080C76516C6}\$DLL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\Initialization\{31D1ADC1-D329-11D1-8ED8-0080C76516C6}\$Function
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Providers\Trust\Message\{31D1ADC1-D329-11D1-8ED8-0080C76516C6}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\Message\{31D1ADC1-D329-11D1-8ED8-0080C76516C6}\$DLL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\Message\{31D1ADC1-D329-11D1-8ED8-0080C76516C6}\$Function
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Providers\Trust\Signature\{31D1ADC1-D329-11D1-8ED8-0080C76516C6}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\Signature\{31D1ADC1-D329-11D1-8ED8-0080C76516C6}\$DLL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\Signature\{31D1ADC1-D329-11D1-8ED8-0080C76516C6}\$Function
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Providers\Trust\CertCheck\{31D1ADC1-D329-11D1-8ED8-0080C76516C6}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\CertCheck\{31D1ADC1-D329-11D1-8ED8-0080C76516C6}\$DLL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\CertCheck\{31D1ADC1-D329-11D1-8ED8-0080C76516C6}\$Function
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Providers\Trust\DiagnosticPolicy\{31D1ADC1-D329-11D1-8ED8-0080C76516C6}
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Providers\Trust\Cleanup\{31D1ADC1-D329-11D1-8ED8-0080C76516C6}
  • HKEY_USERS\S-1-5-21-2280033686-3172497658-3481507381-1000
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\State
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Security
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Security\Safety Warning Level
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\SystemCertificates\TrustedPublisher\Safer
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\TrustedPublisher\Safer
  • HKEY_LOCAL_MACHINE\Software\Microsoft\SystemCertificates\TrustedPublisher\Safer
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\crypt32\DiagLevel
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\crypt32\DiagMatchAnyMask
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Wintrust\Config
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllPutSignedDataMsg
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllPutSignedDataMsg\{000C10F1-0000-0000-C000-000000000046}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllPutSignedDataMsg\{06C9E010-38CE-11D4-A2A3-00104BD35090}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllPutSignedDataMsg\{1629F04E-2799-4DB5-8FE5-ACE10F17EBAB}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllPutSignedDataMsg\{1A610570-38CE-11D4-A2A3-00104BD35090}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllPutSignedDataMsg\{603BCC1F-4B59-4E08-B724-D2C6297EF351}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllPutSignedDataMsg\{9BA61D3F-E73A-11D0-8CD2-00C04FC295EE}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllPutSignedDataMsg\{C689AAB8-8E78-11D0-8C47-00C04FC295EE}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllPutSignedDataMsg\{C689AAB9-8E78-11D0-8C47-00C04FC295EE}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllPutSignedDataMsg\{C689AABA-8E78-11D0-8C47-00C04FC295EE}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllPutSignedDataMsg\{DE351A42-8E59-11D0-8C47-00C04FC295EE}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllPutSignedDataMsg\{DE351A43-8E59-11D0-8C47-00C04FC295EE}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 1
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 1\CryptSIPDllPutSignedDataMsg
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllGetSignedDataMsg
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllGetSignedDataMsg\{000C10F1-0000-0000-C000-000000000046}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllGetSignedDataMsg\{06C9E010-38CE-11D4-A2A3-00104BD35090}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllGetSignedDataMsg\{1629F04E-2799-4DB5-8FE5-ACE10F17EBAB}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllGetSignedDataMsg\{1A610570-38CE-11D4-A2A3-00104BD35090}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllGetSignedDataMsg\{603BCC1F-4B59-4E08-B724-D2C6297EF351}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllGetSignedDataMsg\{9BA61D3F-E73A-11D0-8CD2-00C04FC295EE}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllGetSignedDataMsg\{C689AAB8-8E78-11D0-8C47-00C04FC295EE}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllGetSignedDataMsg\{C689AAB9-8E78-11D0-8C47-00C04FC295EE}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllGetSignedDataMsg\{C689AABA-8E78-11D0-8C47-00C04FC295EE}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllGetSignedDataMsg\{DE351A42-8E59-11D0-8C47-00C04FC295EE}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllGetSignedDataMsg\{DE351A43-8E59-11D0-8C47-00C04FC295EE}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 1\CryptSIPDllGetSignedDataMsg
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptDllFindOIDInfo
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptDllFindOIDInfo\1.3.6.1.4.1.311.44.3.4!7
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 0\CryptDllFindOIDInfo\1.3.6.1.4.1.311.44.3.4!7
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptDllFindOIDInfo\1.3.6.1.4.1.311.44.3.4!7\Name
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\MUI\StringCacheSettings
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\MUI\StringCacheSettings\StringCacheGeneration
  • HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4b\AAF68885
  • HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\AAF68885\LanguageList
  • HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\AAF68885\@%SystemRoot%\system32\p2pcollab.dll,-8042
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptDllFindOIDInfo\1.3.6.1.4.1.311.47.1.1!7
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 0\CryptDllFindOIDInfo\1.3.6.1.4.1.311.47.1.1!7
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptDllFindOIDInfo\1.3.6.1.4.1.311.47.1.1!7\Name
  • HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\AAF68885\@%SystemRoot%\system32\qagentrt.dll,-10
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptDllFindOIDInfo\1.3.6.1.4.1.311.64.1.1!7
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 0\CryptDllFindOIDInfo\1.3.6.1.4.1.311.64.1.1!7
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptDllFindOIDInfo\1.3.6.1.4.1.311.64.1.1!7\Name
  • HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\AAF68885\@%SystemRoot%\system32\dnsapi.dll,-103
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptDllFindOIDInfo\1.3.6.1.4.1.311.67.1.1!7
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 0\CryptDllFindOIDInfo\1.3.6.1.4.1.311.67.1.1!7
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptDllFindOIDInfo\1.3.6.1.4.1.311.67.1.1!7\Name
  • HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\AAF68885\@%SystemRoot%\System32\fveui.dll,-843
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptDllFindOIDInfo\1.3.6.1.4.1.311.67.1.2!7
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 0\CryptDllFindOIDInfo\1.3.6.1.4.1.311.67.1.2!7
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptDllFindOIDInfo\1.3.6.1.4.1.311.67.1.2!7\Name
  • HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\AAF68885\@%SystemRoot%\System32\fveui.dll,-844
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\WMR\Disable
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CertDllOpenStoreProv
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CertDllOpenStoreProv\#16
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CertDllOpenStoreProv\Ldap
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 1\CertDllOpenStoreProv
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllVerifyIndirectData
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllVerifyIndirectData\{000C10F1-0000-0000-C000-000000000046}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllVerifyIndirectData\{06C9E010-38CE-11D4-A2A3-00104BD35090}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllVerifyIndirectData\{1629F04E-2799-4DB5-8FE5-ACE10F17EBAB}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllVerifyIndirectData\{1A610570-38CE-11D4-A2A3-00104BD35090}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllVerifyIndirectData\{603BCC1F-4B59-4E08-B724-D2C6297EF351}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllVerifyIndirectData\{9BA61D3F-E73A-11D0-8CD2-00C04FC295EE}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllVerifyIndirectData\{C689AAB8-8E78-11D0-8C47-00C04FC295EE}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllVerifyIndirectData\{C689AAB9-8E78-11D0-8C47-00C04FC295EE}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllVerifyIndirectData\{C689AABA-8E78-11D0-8C47-00C04FC295EE}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllVerifyIndirectData\{DE351A42-8E59-11D0-8C47-00C04FC295EE}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllVerifyIndirectData\{DE351A43-8E59-11D0-8C47-00C04FC295EE}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 1\CryptSIPDllVerifyIndirectData
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptDllVerifyEncodedSignature
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 1\CryptDllVerifyEncodedSignature
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptDllImportPublicKeyInfoEx2
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 1\CryptDllImportPublicKeyInfoEx2
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 0\CertDllCreateCertificateChainEngine\Config
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\SystemCertificates\Root\ProtectedRoots
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\SystemCertificates\ChainEngine\Config
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CertDllCreateCertificateChainEngine\Config\DisableMandatoryBasicConstraints
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CertDllCreateCertificateChainEngine\Config\DisableCANameConstraints
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CertDllCreateCertificateChainEngine\Config\DisableUnsupportedCriticalExtensions
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CertDllCreateCertificateChainEngine\Config\MaxAIAUrlCountInCert
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CertDllCreateCertificateChainEngine\Config\MaxAIAUrlRetrievalCountPerChain
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CertDllCreateCertificateChainEngine\Config\MaxUrlRetrievalByteCount
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CertDllCreateCertificateChainEngine\Config\MaxAIAUrlRetrievalByteCount
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CertDllCreateCertificateChainEngine\Config\MaxAIAUrlRetrievalCertCount
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CertDllCreateCertificateChainEngine\Config\CryptnetPreFetchTriggerPeriodSeconds
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CertDllCreateCertificateChainEngine\Config\EnableWeakSignatureFlags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CertDllCreateCertificateChainEngine\Config\ChainCacheResyncFiletime
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\My\PhysicalStores
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\My
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\MY\
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\MY\Certificates
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\MY\CRLs
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\MY\CTLs
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\MY\Keys
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\CA\PhysicalStores
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\CA
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\CA\
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\CA\Certificates
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\CA\Certificates\8F43288AD272F3103B6FB1428485EA3014C0BCFE
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\CA\Certificates\8F43288AD272F3103B6FB1428485EA3014C0BCFE\Blob
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\CA\CRLs
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\CA\CTLs
  • HKEY_CURRENT_USER\
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\CA
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\CA\Certificates
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\CA\CRLs
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\CA\CTLs
  • HKEY_LOCAL_MACHINE\Software\Microsoft\SystemCertificates\CA\PhysicalStores
  • HKEY_LOCAL_MACHINE\Software\Microsoft\SystemCertificates\CA
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\109F1CAED645BB78B3EA2B94C0697C740733031C
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\109F1CAED645BB78B3EA2B94C0697C740733031C\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\475BA6DA2AFD5AE3ADAE78A261CA0E3E548B9532
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\475BA6DA2AFD5AE3ADAE78A261CA0E3E548B9532\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\D559A586669B08F46A30A133F8A9ED3D038E2EA8
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\D559A586669B08F46A30A133F8A9ED3D038E2EA8\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\FEE449EE0E3965A5246F000E87FDE2A065FD89D4
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\FEE449EE0E3965A5246F000E87FDE2A065FD89D4\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\CRLs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\CRLs\A377D1B1C0538833035211F4083D00FECC414DAB
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\CRLs\A377D1B1C0538833035211F4083D00FECC414DAB\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\CTLs
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\SystemCertificates\CA
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SystemCertificates\CA\Certificates
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SystemCertificates\CA\CRLs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SystemCertificates\CA\CTLs
  • HKEY_LOCAL_MACHINE\Software\Microsoft\EnterpriseCertificates\CA\PhysicalStores
  • HKEY_LOCAL_MACHINE\Software\Microsoft\EnterpriseCertificates\CA
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EnterpriseCertificates\CA\
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EnterpriseCertificates\CA\Certificates
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EnterpriseCertificates\CA\CRLs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EnterpriseCertificates\CA\CTLs
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Disallowed\PhysicalStores
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Disallowed
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Disallowed\
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Disallowed\Certificates
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Disallowed\CRLs
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Disallowed\CTLs
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\Disallowed
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs
  • HKEY_LOCAL_MACHINE\Software\Microsoft\SystemCertificates\Disallowed\PhysicalStores
  • HKEY_LOCAL_MACHINE\Software\Microsoft\SystemCertificates\Disallowed
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\Disallowed\
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates\637162CC59A3A1E25956FA5FA8F60D2E1C52EAC6
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates\637162CC59A3A1E25956FA5FA8F60D2E1C52EAC6\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates\7D7F4414CCEF168ADF6BF40753B5BECD78375931
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates\7D7F4414CCEF168ADF6BF40753B5BECD78375931\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\Disallowed\CRLs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\Disallowed\CTLs
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\SystemCertificates\Disallowed
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SystemCertificates\Disallowed\Certificates
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SystemCertificates\Disallowed\CRLs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SystemCertificates\Disallowed\CTLs
  • HKEY_LOCAL_MACHINE\Software\Microsoft\EnterpriseCertificates\Disallowed\PhysicalStores
  • HKEY_LOCAL_MACHINE\Software\Microsoft\EnterpriseCertificates\Disallowed
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EnterpriseCertificates\Disallowed\
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EnterpriseCertificates\Disallowed\Certificates
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EnterpriseCertificates\Disallowed\CRLs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EnterpriseCertificates\Disallowed\CTLs
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\PhysicalStores
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\ProtectedRoots
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\Certificates
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\Certificates\039EEDB80BE7A03C6953893B20D2D9323A4C2AFD
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\Certificates\039EEDB80BE7A03C6953893B20D2D9323A4C2AFD\Blob
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\Certificates\03A5B14663EB12023091B84A6D6A68BC871DE66B
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\Certificates\03A5B14663EB12023091B84A6D6A68BC871DE66B\Blob
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\Certificates\07E032E020B72C3F192F0628A2593A19A70F069E
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\Certificates\07E032E020B72C3F192F0628A2593A19A70F069E\Blob
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\Certificates\36527D4FA26A68F9EB4596F1D99ABB2C0EA76DFA
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\Certificates\36527D4FA26A68F9EB4596F1D99ABB2C0EA76DFA\Blob
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\Certificates\503006091D97D4F5AE39F7CBE7927D7D652D3431
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\Certificates\503006091D97D4F5AE39F7CBE7927D7D652D3431\Blob
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\Certificates\58E8ABB0361533FB80F79B1B6D29D3FF8D5F00F0
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\Certificates\58E8ABB0361533FB80F79B1B6D29D3FF8D5F00F0\Blob
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\Certificates\8CF427FD790C3AD166068DE81E57EFBB932272D4
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\Certificates\8CF427FD790C3AD166068DE81E57EFBB932272D4\Blob
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\Certificates\9F744E9F2B4DBAEC0F312C50B6563B8E2D93C311
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\Certificates\9F744E9F2B4DBAEC0F312C50B6563B8E2D93C311\Blob
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\Certificates\AFE5D244A8D1194230FF479FE2F897BBCD7A8CB4
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\Certificates\AFE5D244A8D1194230FF479FE2F897BBCD7A8CB4\Blob
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\Certificates\B31EB1B740E36C8402DADC37D44DF5D4674952F9
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\Certificates\B31EB1B740E36C8402DADC37D44DF5D4674952F9\Blob
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\Certificates\B94294BF91EA8FB64BE61097C7FB001359B676CB
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\Certificates\B94294BF91EA8FB64BE61097C7FB001359B676CB\Blob
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\Certificates\D69B561148F01C77C54578C10926DF5B856976AD
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\Certificates\D69B561148F01C77C54578C10926DF5B856976AD\Blob
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\Certificates\DAC9024F54D8F6DF94935FB1732638CA6AD77C13
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\Certificates\DAC9024F54D8F6DF94935FB1732638CA6AD77C13\Blob
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\Certificates\DF3C24F9BFD666761B268073FE06D1CC8D4F82A4
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\Certificates\DF3C24F9BFD666761B268073FE06D1CC8D4F82A4\Blob
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\CRLs
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\CTLs
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\ProtectedRoots\Certificates
  • HKEY_LOCAL_MACHINE\Software\Microsoft\SystemCertificates\Root\PhysicalStores
  • HKEY_LOCAL_MACHINE\Software\Microsoft\SystemCertificates\Root
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\18F7C1FCC3090203FD5BAA2F861A754976C8DD25
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\18F7C1FCC3090203FD5BAA2F861A754976C8DD25\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\245C97DF7514E7CF2DF8BE72AE957B9E04741E85
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\245C97DF7514E7CF2DF8BE72AE957B9E04741E85\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\7F88CD7223F3C813818C994614A89C99FA3B5247
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\7F88CD7223F3C813818C994614A89C99FA3B5247\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\8F43288AD272F3103B6FB1428485EA3014C0BCFE
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\8F43288AD272F3103B6FB1428485EA3014C0BCFE\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\A43489159A520F0D93D032CCAF37E7FE20A8B419
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\A43489159A520F0D93D032CCAF37E7FE20A8B419\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\A7217F919843199C958C128449DD52D2723B0A8A
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\A7217F919843199C958C128449DD52D2723B0A8A\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\BE36A4562FB2EE05DBB3D32323ADF445084ED656
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\BE36A4562FB2EE05DBB3D32323ADF445084ED656\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\CDD4EEAE6000AC7F40C3802C171E30148030C072
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\CDD4EEAE6000AC7F40C3802C171E30148030C072\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\D85213E038F309D02A40917B59E142368AE6B1C0
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\D85213E038F309D02A40917B59E142368AE6B1C0\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\DBB84423C928ABE889D0E368FC3191D151DDB1AB
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\DBB84423C928ABE889D0E368FC3191D151DDB1AB\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\E12DFB4B41D7D9C32B30514BAC1D81D8385E2D46
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\E12DFB4B41D7D9C32B30514BAC1D81D8385E2D46\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\CRLs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\CTLs
  • HKEY_LOCAL_MACHINE\Software\Microsoft\SystemCertificates\AuthRoot
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\02FAF3E291435468607857694DF5E45B68851868
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\02FAF3E291435468607857694DF5E45B68851868\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\3679CA35668772304D30A5FB873B0FA77BB70D54
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\3679CA35668772304D30A5FB873B0FA77BB70D54\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\3E2BF7F2031B96F38CE6C4D8A85D3E2D58476A0F
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\3E2BF7F2031B96F38CE6C4D8A85D3E2D58476A0F\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\6252DC40F71143A22FDE9EF7348E064251B18118
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\6252DC40F71143A22FDE9EF7348E064251B18118\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\742C3192E607E424EB4549542BE1BBC53E6174E2
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\742C3192E607E424EB4549542BE1BBC53E6174E2\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\91C6D6EE3E8AC86384E548C299295C756C817B81
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\91C6D6EE3E8AC86384E548C299295C756C817B81\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\97817950D81C9670CC34D809CF794431367EF474
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\97817950D81C9670CC34D809CF794431367EF474\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\A8985D3A65E5E5C4B2D7D66D40C6DD2FB19C5436
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\A8985D3A65E5E5C4B2D7D66D40C6DD2FB19C5436\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\B1BC968BD4F49D622AA89A81F2150152A41D829C
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\B1BC968BD4F49D622AA89A81F2150152A41D829C\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D23209AD23D314232174E40D7F9D62139786633A
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D23209AD23D314232174E40D7F9D62139786633A\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D4DE20D05E66FC53FE1A50882C78DB2852CAE474
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D4DE20D05E66FC53FE1A50882C78DB2852CAE474\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DE28F4A4FFE5B92FA3C503D1A349A7F9962A8212
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DE28F4A4FFE5B92FA3C503D1A349A7F9962A8212\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\E12DFB4B41D7D9C32B30514BAC1D81D8385E2D46
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\E12DFB4B41D7D9C32B30514BAC1D81D8385E2D46\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\CRLs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\CTLs
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\SystemCertificates\Root
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SystemCertificates\Root\Certificates
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SystemCertificates\Root\CRLs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SystemCertificates\Root\CTLs
  • HKEY_LOCAL_MACHINE\Software\Microsoft\EnterpriseCertificates\Root\PhysicalStores
  • HKEY_LOCAL_MACHINE\Software\Microsoft\EnterpriseCertificates\Root
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EnterpriseCertificates\Root\
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EnterpriseCertificates\Root\Certificates
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EnterpriseCertificates\Root\CRLs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EnterpriseCertificates\Root\CTLs
  • HKEY_LOCAL_MACHINE\Software\Microsoft\SystemCertificates\SmartCardRoot
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\SmartCardRoot\
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\SmartCardRoot\Certificates
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\SmartCardRoot\CRLs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\SmartCardRoot\CTLs
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\SmartCardRoot
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\SmartCardRoot\
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\TrustedPeople\PhysicalStores
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\TrustedPeople
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\TrustedPeople\
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\TrustedPeople
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs
  • HKEY_LOCAL_MACHINE\Software\Microsoft\SystemCertificates\TrustedPeople\PhysicalStores
  • HKEY_LOCAL_MACHINE\Software\Microsoft\SystemCertificates\TrustedPeople
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\TrustedPeople\
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\TrustedPeople\Certificates
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\TrustedPeople\CRLs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\TrustedPeople\CTLs
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\SystemCertificates\TrustedPeople
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs
  • HKEY_LOCAL_MACHINE\Software\Microsoft\EnterpriseCertificates\TrustedPeople\PhysicalStores
  • HKEY_LOCAL_MACHINE\Software\Microsoft\EnterpriseCertificates\TrustedPeople
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EnterpriseCertificates\TrustedPeople\
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EnterpriseCertificates\TrustedPeople\Certificates
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EnterpriseCertificates\TrustedPeople\CRLs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EnterpriseCertificates\TrustedPeople\CTLs
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\trust\PhysicalStores
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\trust
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\trust\
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\trust\Certificates
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\trust\CRLs
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\trust\CTLs
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\trust
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\trust\Certificates
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\trust\CRLs
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\trust\CTLs
  • HKEY_LOCAL_MACHINE\Software\Microsoft\SystemCertificates\trust\PhysicalStores
  • HKEY_LOCAL_MACHINE\Software\Microsoft\SystemCertificates\trust
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\trust\
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\trust\Certificates
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\trust\CRLs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\trust\CTLs
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\SystemCertificates\trust
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SystemCertificates\trust\Certificates
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SystemCertificates\trust\CRLs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SystemCertificates\trust\CTLs
  • HKEY_LOCAL_MACHINE\Software\Microsoft\EnterpriseCertificates\trust\PhysicalStores
  • HKEY_LOCAL_MACHINE\Software\Microsoft\EnterpriseCertificates\trust
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EnterpriseCertificates\Trust\
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EnterpriseCertificates\Trust\Certificates
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EnterpriseCertificates\Trust\CRLs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EnterpriseCertificates\Trust\CTLs
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Diagnostics
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\UserenvDebugLevel
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\System
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System\GpSvcDebugLevel
  • HKEY_LOCAL_MACHINE\System\Setup
  • HKEY_LOCAL_MACHINE\SYSTEM\Setup\SystemSetupInProgress
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\SystemCertificates
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptDllImportPublicKeyInfoEx
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 1\CryptDllImportPublicKeyInfoEx
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptDllConvertPublicKeyInfo
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 1\CryptDllConvertPublicKeyInfo
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Providers\Trust\Certificate\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\Certificate\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$DLL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\Certificate\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$Function
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$DLL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$Function
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Providers\Trust\Initialization\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\Initialization\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$DLL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\Initialization\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$Function
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Providers\Trust\Message\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\Message\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$DLL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\Message\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$Function
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Providers\Trust\Signature\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\Signature\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$DLL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\Signature\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$Function
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Providers\Trust\CertCheck\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\CertCheck\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$DLL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\CertCheck\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$Function
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Providers\Trust\DiagnosticPolicy\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Providers\Trust\Cleanup\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\Cleanup\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$DLL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\Cleanup\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$Function
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CertDllVerifyCertificateChainPolicy
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 1\CertDllVerifyCertificateChainPolicy
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\2ff08686\279c367
  • HKEY_LOCAL_MACHINE\Software\Microsoft\StrongName
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Fusion\PublisherPolicy\Default
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\Latest
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\index49
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\LegacyPolicyTimeStamp
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.8.0.Microsoft.VisualBasic__b03f5f7f11d50a3a
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\1c22df2f\4f99a7c9
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\1c22df2f\4f99a7c9\35
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\1c22df2f\4f99a7c9\35\DisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\1c22df2f\4f99a7c9\35\ConfigMask
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\1c22df2f\4f99a7c9\35\ConfigString
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\1c22df2f\4f99a7c9\35\MVID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\1c22df2f\4f99a7c9\35\EvalationData
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\1c22df2f\4f99a7c9\35\Status
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\1c22df2f\4f99a7c9\35\ILDependencies
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\1c22df2f\4f99a7c9\35\NIDependencies
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\1c22df2f\4f99a7c9\35\MissingDependencies
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\c991064\2bd33e1c\81
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\c991064\2bd33e1c\81\DisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\c991064\2bd33e1c\81\Status
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\c991064\2bd33e1c\81\Modules
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\c991064\2bd33e1c\81\SIG
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\c991064\2bd33e1c\81\LastModTime
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\6dc7d4c0\a5cd4db\87
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\6dc7d4c0\a5cd4db\87\DisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\6dc7d4c0\a5cd4db\87\Status
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\6dc7d4c0\a5cd4db\87\Modules
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\6dc7d4c0\a5cd4db\87\SIG
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\6dc7d4c0\a5cd4db\87\LastModTime
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\3ced59c5\1b2590b1\85
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\3ced59c5\1b2590b1\85\DisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\3ced59c5\1b2590b1\85\Status
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\3ced59c5\1b2590b1\85\Modules
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\3ced59c5\1b2590b1\85\SIG
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\3ced59c5\1b2590b1\85\LastModTime
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\f6e8397\46ad0879\77
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\f6e8397\46ad0879\77\DisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\f6e8397\46ad0879\77\Status
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\f6e8397\46ad0879\77\Modules
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\f6e8397\46ad0879\77\SIG
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\f6e8397\46ad0879\77\LastModTime
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\2b1a4e4\38a3212c\4c
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\2b1a4e4\38a3212c\4c\DisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\2b1a4e4\38a3212c\4c\Status
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\2b1a4e4\38a3212c\4c\Modules
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\2b1a4e4\38a3212c\4c\SIG
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\2b1a4e4\38a3212c\4c\LastModTime
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\24bf93f6\3d7304a5\76
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\24bf93f6\3d7304a5\76\DisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\24bf93f6\3d7304a5\76\Status
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\24bf93f6\3d7304a5\76\Modules
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\24bf93f6\3d7304a5\76\SIG
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\24bf93f6\3d7304a5\76\LastModTime
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\4f99a7c9\53bea2b0\35
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\4f99a7c9\53bea2b0\35\DisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\4f99a7c9\53bea2b0\35\Status
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\4f99a7c9\53bea2b0\35\Modules
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\4f99a7c9\53bea2b0\35\SIG
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\4f99a7c9\53bea2b0\35\LastModTime
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\30bc7c4f\3f50fe4f\90
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\30bc7c4f\3f50fe4f\90\DisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\30bc7c4f\3f50fe4f\90\ConfigMask
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\30bc7c4f\3f50fe4f\90\ConfigString
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\30bc7c4f\3f50fe4f\90\MVID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\30bc7c4f\3f50fe4f\90\EvalationData
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\30bc7c4f\3f50fe4f\90\Status
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\30bc7c4f\3f50fe4f\90\ILDependencies
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\30bc7c4f\3f50fe4f\90\NIDependencies
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\30bc7c4f\3f50fe4f\90\MissingDependencies
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\424bd4d8\1c83327b\8e
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\424bd4d8\1c83327b\8e\DisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\424bd4d8\1c83327b\8e\Status
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\424bd4d8\1c83327b\8e\Modules
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\424bd4d8\1c83327b\8e\SIG
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\424bd4d8\1c83327b\8e\LastModTime
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\19ab8d57\1bd7b0d8\8f
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\19ab8d57\1bd7b0d8\8f\DisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\19ab8d57\1bd7b0d8\8f\Status
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\19ab8d57\1bd7b0d8\8f\Modules
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\19ab8d57\1bd7b0d8\8f\SIG
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\19ab8d57\1bd7b0d8\8f\LastModTime
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\3f50fe4f\6f1da7aa\90
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\3f50fe4f\6f1da7aa\90\DisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\3f50fe4f\6f1da7aa\90\Status
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\3f50fe4f\6f1da7aa\90\Modules
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\3f50fe4f\6f1da7aa\90\SIG
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\3f50fe4f\6f1da7aa\90\LastModTime
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\Microsoft.VisualBasic,8.0.0.0,,b03f5f7f11d50a3a,MSIL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.2.0.System__b77a5c561934e089
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System,2.0.0.0,,b77a5c561934e089,MSIL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.2.0.System.Xml__b77a5c561934e089
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Xml,2.0.0.0,,b77a5c561934e089,MSIL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.2.0.System.Configuration__b03f5f7f11d50a3a
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Configuration,2.0.0.0,,b03f5f7f11d50a3a,MSIL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.2.0.System.Web__b03f5f7f11d50a3a
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Web,2.0.0.0,,b03f5f7f11d50a3a,AMD64
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.2.0.System.Management__b03f5f7f11d50a3a
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Management,2.0.0.0,,b03f5f7f11d50a3a,MSIL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.2.0.System.Runtime.Remoting__b77a5c561934e089
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Runtime.Remoting,2.0.0.0,,b77a5c561934e089,MSIL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.2.0.System.Deployment__b03f5f7f11d50a3a
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Deployment,2.0.0.0,,b03f5f7f11d50a3a,MSIL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.2.0.System.Drawing__b03f5f7f11d50a3a
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Drawing,2.0.0.0,,b03f5f7f11d50a3a,MSIL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.2.0.System.Windows.Forms__b77a5c561934e089
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Windows.Forms,2.0.0.0,,b77a5c561934e089,MSIL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\Policy\APTCA
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\CseOn
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\TailCallOpt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\PInvokeInline
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\PInvokeCalliOpt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\NewGCCalc
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\TURNOFFDEBUGINFO
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\DisableHotCold
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\internal\jit\Perf
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\61e7e666\c991064
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\61e7e666\c991064\83
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\61e7e666\c991064\83\DisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\61e7e666\c991064\83\ConfigMask
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\61e7e666\c991064\83\ConfigString
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\61e7e666\c991064\83\MVID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\61e7e666\c991064\83\EvalationData
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\61e7e666\c991064\83\Status
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\61e7e666\c991064\83\ILDependencies
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\61e7e666\c991064\83\NIDependencies
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\61e7e666\c991064\83\MissingDependencies
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\475dce40\2d382ce6\8d
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\475dce40\2d382ce6\8d\DisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\475dce40\2d382ce6\8d\Status
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\475dce40\2d382ce6\8d\Modules
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\475dce40\2d382ce6\8d\SIG
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\475dce40\2d382ce6\8d\LastModTime
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\2dd6ac50\163e1f5e\8a
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\2dd6ac50\163e1f5e\8a\DisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\2dd6ac50\163e1f5e\8a\Status
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\2dd6ac50\163e1f5e\8a\Modules
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\2dd6ac50\163e1f5e\8a\SIG
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\2dd6ac50\163e1f5e\8a\LastModTime
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\41c04c7e\7f3b6ac4\80
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\41c04c7e\7f3b6ac4\80\DisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\41c04c7e\7f3b6ac4\80\Status
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\41c04c7e\7f3b6ac4\80\Modules
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\41c04c7e\7f3b6ac4\80\SIG
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\41c04c7e\7f3b6ac4\80\LastModTime
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\3cca06a0\6dc7d4c0\84
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\3cca06a0\6dc7d4c0\84\DisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\3cca06a0\6dc7d4c0\84\ConfigMask
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\3cca06a0\6dc7d4c0\84\ConfigString
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\3cca06a0\6dc7d4c0\84\MVID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\3cca06a0\6dc7d4c0\84\EvalationData
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\3cca06a0\6dc7d4c0\84\Status
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\3cca06a0\6dc7d4c0\84\ILDependencies
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\3cca06a0\6dc7d4c0\84\NIDependencies
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\3cca06a0\6dc7d4c0\84\MissingDependencies
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.2.0.System.Runtime.Serialization.Formatters.Soap__b03f5f7f11d50a3a
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Runtime.Serialization.Formatters.Soap,2.0.0.0,,b03f5f7f11d50a3a,MSIL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.2.0.Accessibility__b03f5f7f11d50a3a
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\Accessibility,2.0.0.0,,b03f5f7f11d50a3a,MSIL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.2.0.System.Security__b03f5f7f11d50a3a
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Security,2.0.0.0,,b03f5f7f11d50a3a,MSIL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\DbgJITDebugLaunchSetting
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\DbgManagedDebugger
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\432ba598\f6e8397
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\432ba598\f6e8397\77
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\432ba598\f6e8397\77\DisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\432ba598\f6e8397\77\ConfigMask
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\432ba598\f6e8397\77\ConfigString
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\432ba598\f6e8397\77\MVID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\432ba598\f6e8397\77\EvalationData
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\432ba598\f6e8397\77\Status
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\432ba598\f6e8397\77\ILDependencies
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\432ba598\f6e8397\77\NIDependencies
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\432ba598\f6e8397\77\MissingDependencies
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\3a6a696d\52d7076e\7a
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\3a6a696d\52d7076e\7a\DisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\3a6a696d\52d7076e\7a\Status
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\3a6a696d\52d7076e\7a\Modules
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\3a6a696d\52d7076e\7a\SIG
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\3a6a696d\52d7076e\7a\LastModTime
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.2.0.System.DirectoryServices__b03f5f7f11d50a3a
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.DirectoryServices,2.0.0.0,,b03f5f7f11d50a3a,MSIL
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\InstallationType
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\159a66b8\424bd4d8
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\159a66b8\424bd4d8\8f
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\159a66b8\424bd4d8\8f\DisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\159a66b8\424bd4d8\8f\ConfigMask
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\159a66b8\424bd4d8\8f\ConfigString
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\159a66b8\424bd4d8\8f\MVID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\159a66b8\424bd4d8\8f\EvalationData
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\159a66b8\424bd4d8\8f\Status
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\159a66b8\424bd4d8\8f\ILDependencies
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\159a66b8\424bd4d8\8f\NIDependencies
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\159a66b8\424bd4d8\8f\MissingDependencies
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\6faf58\19ab8d57
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\6faf58\19ab8d57\8e
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\6faf58\19ab8d57\8e\DisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\6faf58\19ab8d57\8e\ConfigMask
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\6faf58\19ab8d57\8e\ConfigString
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\6faf58\19ab8d57\8e\MVID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\6faf58\19ab8d57\8e\EvalationData
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\6faf58\19ab8d57\8e\Status
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\6faf58\19ab8d57\8e\ILDependencies
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\6faf58\19ab8d57\8e\NIDependencies
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\6faf58\19ab8d57\8e\MissingDependencies
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\75638fee\7566cac\8c
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\75638fee\7566cac\8c\DisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\75638fee\7566cac\8c\Status
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\75638fee\7566cac\8c\Modules
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\75638fee\7566cac\8c\SIG
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\75638fee\7566cac\8c\LastModTime
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.2.0.System.Data.SqlXml__b77a5c561934e089
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Data.SqlXml,2.0.0.0,,b77a5c561934e089,MSIL
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\.NET CLR Networking\Performance
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\.NET CLR Networking\Performance\Library
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\.NET CLR Networking\Performance\IsMultiInstance
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\.NET CLR Networking\Performance\First Counter
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\.net clr networking\Performance
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\.NET CLR Networking\Performance\CategoryOptions
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\.NET CLR Networking\Performance\FileMappingSize
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\.NET CLR Networking\Performance\Counter Names
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.2.0.mscorlib.resources_zh-CN_b77a5c561934e089
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\5e8c75c\1df8bab1
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-21-2280033686-3172497658-3481507381-1000\Installer\Assemblies\C:|Users|test|AppData|Local|Temp|RarSFX0|Duplicate File Finder Plus.exe.Config
  • HKEY_CURRENT_USER\Software\Microsoft\Installer\Assemblies\C:|Users|test|AppData|Local|Temp|RarSFX0|Duplicate File Finder Plus.exe.Config
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Users|test|AppData|Local|Temp|RarSFX0|Duplicate File Finder Plus.exe.Config
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-21-2280033686-3172497658-3481507381-1000\Installer\Assemblies\Global
  • HKEY_CURRENT_USER\Software\Microsoft\Installer\Assemblies\Global
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\Global
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.2.0.mscorlib.resources_zh-CHS_b77a5c561934e089
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\5e8c75c\4c10cb4a
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.2.0.mscorlib.resources_zh-Hans_b77a5c561934e089
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\5e8c75c\5948e265
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\Security\Policy\Extensions\NamedPermissionSets
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\Security\Policy\Extensions\NamedPermissionSets\Internet\MediaPermission
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\Security\Policy\Extensions\NamedPermissionSets\Internet\MediaPermission\Xml
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\Security\Policy\Extensions\NamedPermissionSets\Internet\WebBrowserPermission
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\Security\Policy\Extensions\NamedPermissionSets\Internet\WebBrowserPermission\Xml
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\Security\Policy\Extensions\NamedPermissionSets\LocalIntranet\MediaPermission
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\Security\Policy\Extensions\NamedPermissionSets\LocalIntranet\MediaPermission\Xml
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\Security\Policy\Extensions\NamedPermissionSets\LocalIntranet\WebBrowserPermission
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\Security\Policy\Extensions\NamedPermissionSets\LocalIntranet\WebBrowserPermission\Xml
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\bd84498\7c7bb741
  • HKEY_CURRENT_USER\Software\Classes
  • HKEY_CURRENT_USER\Software\Classes\AppID\Duplicate File Finder Plus.exe
  • HKEY_LOCAL_MACHINE\Software\Microsoft\OLE\AppCompat
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLE\AppCompat\RaiseDefaultAuthnLevel
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLE
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLE\DefaultAccessPermission
  • HKEY_CURRENT_USER\Software\Classes\Interface\{00000134-0000-0000-C000-000000000046}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{00000134-0000-0000-C000-000000000046}\ProxyStubClsid32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{00000134-0000-0000-C000-000000000046}\ProxyStubClsid32\(Default)
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc\Extensions
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\Extensions\NdrOleExtDLL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\Extensions\RemoteRpcDll
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BFE
  • HKEY_LOCAL_MACHINE\Software\Microsoft\SQMClient\Windows\DisabledProcesses\
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\Windows\DisabledProcesses\3914E19B
  • HKEY_LOCAL_MACHINE\Software\Microsoft\SQMClient\Windows\DisabledSessions\
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\Windows\DisabledSessions\MachineThrottling
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\Windows\DisabledSessions\GlobalSession
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\LSA\AccessProviders
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\AccessProviders\MartaExtension
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\EnableConsoleTracing
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\Duplicate File Finder Plus_RASAPI32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Duplicate File Finder Plus_RASAPI32\EnableFileTracing
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Duplicate File Finder Plus_RASAPI32\EnableConsoleTracing
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Duplicate File Finder Plus_RASAPI32\FileTracingMask
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Duplicate File Finder Plus_RASAPI32\ConsoleTracingMask
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Duplicate File Finder Plus_RASAPI32\MaxFileSize
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Duplicate File Finder Plus_RASAPI32\FileDirectory
  • HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\DnsCache\Parameters
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\DNS
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\QueryAdapterName
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\DisableAdapterDomainName
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\UseDomainNameDevolution
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\UseDomainNameDevolution
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\DomainNameDevolutionLevel
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\PrioritizeRecordData
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\PrioritizeRecordData
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\AllowUnqualifiedQuery
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\AllowUnqualifiedQuery
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\AppendToMultiLabelName
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\ScreenBadTlds
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\ScreenUnreachableServers
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\ScreenDefaultServers
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\DynamicServerQueryOrder
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\FilterClusterIp
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\WaitForNameErrorOnAll
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\UseEdns
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\DnsSecureNameQueryFallback
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\EnableDAForAllNetworks
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\DirectAccessQueryOrder
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\QueryIpMatching
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\UseHostsFile
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\AddrConfigControl
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\RegistrationEnabled
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\DisableDynamicUpdate
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\RegisterPrimaryName
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\RegisterAdapterName
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\EnableAdapterDomainNameRegistration
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\RegisterReverseLookup
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\DisableReverseAddressRegistrations
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\RegisterWanAdapters
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\DisableWanDynamicUpdate
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\RegistrationTtl
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\DefaultRegistrationTTL
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\RegistrationRefreshInterval
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\DefaultRegistrationRefreshInterval
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\RegistrationMaxAddressCount
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\MaxNumberOfAddressesToRegister
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\UpdateSecurityLevel
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\UpdateSecurityLevel
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\UpdateTopLevelDomainZones
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\DowncaseSpnCauseApiOwnerIsTooLazy
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\RegistrationOverwrite
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\MaxCacheSize
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\MaxCacheTtl
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\MaxNegativeCacheTtl
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\AdapterTimeoutLimit
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\ServerPriorityTimeLimit
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\MaxCachedSockets
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\EnableMulticast
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\MulticastResponderFlags
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\MulticastSenderFlags
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\MulticastSenderMaxTimeout
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\DnsTest
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\UseCompartments
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\CacheAllCompartments
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\UseNewRegistration
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\ResolverRegistration
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\ResolverRegistrationOnly
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\DnsQueryTimeouts
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\DnsQueryTimeouts
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\DnsQuickQueryTimeouts
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\DnsQuickQueryTimeouts
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\System\DNSClient
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Domain
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Hostname
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{33E35B0A-D1F6-4AB1-A1AE-56B8A256B787}
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{33E35B0A-D1F6-4AB1-A1AE-56B8A256B787}\QueryAdapterName
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{33E35B0A-D1F6-4AB1-A1AE-56B8A256B787}\DisableAdapterDomainName
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{33E35B0A-D1F6-4AB1-A1AE-56B8A256B787}\RegistrationEnabled
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{33E35B0A-D1F6-4AB1-A1AE-56B8A256B787}\RegisterAdapterName
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{33E35B0A-D1F6-4AB1-A1AE-56B8A256B787}\RegistrationMaxAddressCount
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{33E35B0A-D1F6-4AB1-A1AE-56B8A256B787}\MaxNumberOfAddressesToRegister
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{33E35B0A-D1F6-4AB1-A1AE-56B8A256B787}\EnableMulticast
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{33E35B0A-D1F6-4AB1-A1AE-56B8A256B787}\Domain
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{33E35B0A-D1F6-4AB1-A1AE-56B8A256B787}\DhcpDomain
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{846EE342-7039-11DE-9D20-806E6F6E6963}
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}\QueryAdapterName
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}\DisableAdapterDomainName
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}\RegistrationEnabled
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}\DisableDynamicUpdate
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}\RegisterAdapterName
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}\EnableAdapterDomainNameRegistration
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}\RegistrationMaxAddressCount
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}\MaxNumberOfAddressesToRegister
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}\EnableMulticast
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}\Domain
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}\DhcpDomain
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\SearchList
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetBT\Parameters\NodeType
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetBT\Parameters\DhcpNodeType
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetBT\Parameters\ScopeId
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetBT\Parameters\DhcpScopeId
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetBT\Parameters\EnableProxy
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetBT\Parameters\EnableDns
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts
  • HKEY_CURRENT_USER\Software\Microsoft\GDIPlus
  • HKEY_CURRENT_USER\Software\Microsoft\GDIPlus\FontCachePath
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\1ca9b51c\10efbece
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\1ca9b51c\69c6f36c
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\1ca9b51c\608c8e01
  • HKEY_CLASSES_ROOT\CLSID\{FAE3D380-FEA4-4623-8C75-C6B61110B681}\Instance
  • HKEY_CLASSES_ROOT\CLSID\{FAE3D380-FEA4-4623-8C75-C6B61110B681}\Instance\Disabled
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontLink\SystemLink
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\DataStore_V1.0
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\DataStore_V1.0\Disable
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\DataStore_V1.0\DataFilePath
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane1
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane2
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane3
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane4
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane5
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane6
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane7
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane8
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane9
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane10
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane11
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane12
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane13
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane14
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane15
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane16
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Segoe UI
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane1
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane2
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane3
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane4
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane5
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane6
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane7
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane8
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane9
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane10
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane11
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane12
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane13
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane14
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane15
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane16
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\FontSubstitutes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\\xe5\xae\x8b\xe4\xbd\x93
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\Compatibility\Duplicate File Finder Plus.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\34d0e537\196068f7
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\EnableAnchorContext
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Anchor Underline
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\LsaExtensionConfig\SspiCli
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\LsaExtensionConfig\SspiCli\CheckSignatureDll
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\LsaExtensionConfig\SspiCli\CheckSignatureRoutine
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SecurityProviders
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\SspiCache
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\Name
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\Comment
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\Capabilities
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\RpcId
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\Version
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\Type
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\TokenSize
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders\SaslProfiles
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders\Schannel
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL\UserContextLockCount
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL\UserContextListCount
  • HKEY_CURRENT_USER\Software\Microsoft\CTF\LayoutIcon\0804\00000804
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\TurnOffSPIAnimations
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\TurnOffSPIAnimations
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Diagnostics\Performance\Shell\ResponseMonitor
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Diagnostics\Performance\Shell\ResponseMonitor\MinTriggerPeriod
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Diagnostics\Performance\Shell\ResponseMonitor\LatencyThreshold
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Diagnostics\Performance\Shell\ResponseMonitor\LatencyPeak
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Diagnostics\Performance\Shell\ResponseMonitor\LatencyAverageWeight
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Diagnostics\Performance\Shell\ResponseMonitor\LatencyWeigthBoost
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Diagnostics\Performance\Shell\ResponseMonitor\IdleThreshold
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ExplorerStartupTraceRecorded
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FolderTypes\{EF87B4CB-F2CE-4785-8658-4CA6C63E38C6}\TopViews\{00000000-0000-0000-0000-000000000000}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPropertiesMyComputer
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPropertiesMyComputer
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPropertiesRecycleBin
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPropertiesRecycleBin
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoControlPanel
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoControlPanel
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetFolders
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetFolders
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoInternetIcon
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoInternetIcon
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Applications\explorer.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoCommonGroups
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoCommonGroups
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\DelegateFolders
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{031E4825-7B94-4dc3-B131-E946B44C8DD5}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{031E4825-7B94-4dc3-B131-E946B44C8DD5}\SuppressionPolicy
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{04731B67-D933-450a-90E6-4ACD2E9408FE}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{04731B67-D933-450a-90E6-4ACD2E9408FE}\SuppressionPolicy
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{0875DCB6-C686-4243-9432-ADCCF0B9F2D7}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{0875DCB6-C686-4243-9432-ADCCF0B9F2D7}\SuppressionPolicy
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{11016101-E366-4D22-BC06-4ADA335C892B}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{11016101-E366-4D22-BC06-4ADA335C892B}\SuppressionPolicy
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{138508bc-1e03-49ea-9c8f-ea9e1d05d65d}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{138508bc-1e03-49ea-9c8f-ea9e1d05d65d}\SuppressionPolicy
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{26EE0668-A00A-44D7-9371-BEB064C98683}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{26EE0668-A00A-44D7-9371-BEB064C98683}\SuppressionPolicy
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{4336a54d-038b-4685-ab02-99bb52d3fb8b}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\SuppressionPolicy
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{450D8FBA-AD25-11D0-98A8-0800361B1103}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{450D8FBA-AD25-11D0-98A8-0800361B1103}\SuppressionPolicy
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\SuppressionPolicy
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{59031a47-3f72-44a7-89c5-5595fe6b30ee}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{59031a47-3f72-44a7-89c5-5595fe6b30ee}\SuppressionPolicy
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{645FF040-5081-101B-9F08-00AA002F954E}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{645FF040-5081-101B-9F08-00AA002F954E}\SuppressionPolicy
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{7CCA70DB-DE7A-4FB7-9B2B-52E2335A3B5A}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{7CCA70DB-DE7A-4FB7-9B2B-52E2335A3B5A}\SuppressionPolicy
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{89D83576-6BD1-4c86-9454-BEB04E94C819}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{89D83576-6BD1-4c86-9454-BEB04E94C819}\SuppressionPolicy
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{8FD8B88D-30E1-4F25-AC2B-553D3D65F0EA}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{8FD8B88D-30E1-4F25-AC2B-553D3D65F0EA}\SuppressionPolicy
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{9343812e-1c37-4a49-a12e-4b2d810d956b}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{9343812e-1c37-4a49-a12e-4b2d810d956b}\SuppressionPolicy
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{98D99750-0B8A-4c59-9151-589053683D73}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{98D99750-0B8A-4c59-9151-589053683D73}\SuppressionPolicy
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{B0FBD52D-C4A7-4a19-985D-11309D1AC8AE}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{B0FBD52D-C4A7-4a19-985D-11309D1AC8AE}\SuppressionPolicy
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}\SuppressionPolicy
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{BD7A2E7B-21CB-41b2-A086-B309680C6B7E}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{BD7A2E7B-21CB-41b2-A086-B309680C6B7E}\SuppressionPolicy
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{daf95313-e44d-46af-be1b-cbacea2c3065}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{daf95313-e44d-46af-be1b-cbacea2c3065}\SuppressionPolicy
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{e345f35f-9397-435c-8f95-4e922c26259e}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{e345f35f-9397-435c-8f95-4e922c26259e}\SuppressionPolicy
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{ED228FDF-9EA8-4870-83b1-96b02CFE0D52}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{ED228FDF-9EA8-4870-83b1-96b02CFE0D52}\SuppressionPolicy
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\SuppressionPolicy
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{F3F5824C-AD58-4728-AF59-A1EBE3392799}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{F3F5824C-AD58-4728-AF59-A1EBE3392799}\SuppressionPolicy
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\DelegateFolders
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\Desktop\NameSpace
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\Desktop\NameSpace\DelegateFolders
  • HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\Attributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\CallForAttributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\RestrictedAttributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsFORDISPLAY
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\HideFolderVerbs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\UseDropHandler
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsFORPARSING
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsParseDisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\QueryForOverlay
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\MapNetDriveVerbs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\QueryForInfoTip
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\HideInWebView
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\HideOnDesktopPerUser
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsAliasedNotifications
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsUniversalDelegate
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\NoFileFolderJunction
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\PinToNameSpaceTree
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\HasNavigationEnum
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{20D04FE0-3AEA-1069-A2D8-08002B30309D}
  • HKEY_CLASSES_ROOT\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\Attributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\CallForAttributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\RestrictedAttributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\WantsFORDISPLAY
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\HideFolderVerbs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\UseDropHandler
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\WantsFORPARSING
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\WantsParseDisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\QueryForOverlay
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\MapNetDriveVerbs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\QueryForInfoTip
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\HideInWebView
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\HideOnDesktopPerUser
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\WantsAliasedNotifications
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\WantsUniversalDelegate
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\NoFileFolderJunction
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\PinToNameSpaceTree
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\HasNavigationEnum
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{208D2C60-3AEA-1069-A2D7-08002B30309D}
  • HKEY_CLASSES_ROOT\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\Attributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\CallForAttributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\RestrictedAttributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\WantsFORDISPLAY
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\HideFolderVerbs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\UseDropHandler
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\WantsFORPARSING
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\WantsParseDisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\QueryForOverlay
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\MapNetDriveVerbs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\QueryForInfoTip
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\HideInWebView
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\HideOnDesktopPerUser
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\WantsAliasedNotifications
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\WantsUniversalDelegate
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\NoFileFolderJunction
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\PinToNameSpaceTree
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\HasNavigationEnum
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\Attributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{871C5380-42A0-1069-A2EA-08002B30309D}
  • HKEY_CLASSES_ROOT\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InProcServer32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InProcServer32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InProcServer32\LoadWithoutCOM
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SafeBoot\Option
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\AppCompatibility
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\AppCompat
  • HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{871c5380-42a0-1069-a2ea-08002b30309d}\InProcServer32
  • HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Custom\ieframe.dll
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached\{871C5380-42A0-1069-A2EA-08002B30309D} {000214E6-0000-0000-C000-000000000046} 0xFFFF
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{871C5380-42A0-1069-A2EA-08002B30309D}
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE\explorer.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE\*
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Security_HKLM_only
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ALLOW_REVERSE_SOLIDUS_IN_USERINFO_KB932562
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ALLOW_REVERSE_SOLIDUS_IN_USERINFO_KB932562
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_IETLDLIST_FOR_DOMAIN_DETERMINATION
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_USE_IETLDLIST_FOR_DOMAIN_DETERMINATION
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IETld
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IETld\IETldDllVersionLow
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IETld\IETldDllVersionHigh
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IETld\IETldVersionLow
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IETld\IETldVersionHigh
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS\explorer.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS\*
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Shell\RegisteredApplications\UrlAssociations\https\OpenWithProgids
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\https
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\https\UserChoice
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\https\UserChoice\Progid
  • HKEY_CLASSES_ROOT\IE.HTTPS
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.HTTPS\CurVer
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.HTTPS\
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.HTTPS\shell\
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.HTTPS\ShellFolder
  • HKEY_CLASSES_ROOT\https
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\https\ShellFolder
读取的注册表键
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Locale\00000804
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Language Groups\a
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\en-US
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\en-US
  • HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\ScrollInset
  • HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\DragDelay
  • HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\DragMinDist
  • HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\ScrollDelay
  • HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\ScrollInterval
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoComplete\Append Completion
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoComplete\AutoSuggest
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoComplete\Always Use Tab
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\AutoComplete\Always Use Tab
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InProcServer32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InProcServer32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\AutoComplete\Client\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{0000897b-83df-4b96-be07-0fb58b01c4a4}\LanguageProfile\0x00000000\{0001bea3-ed56-483d-a2e2-aeae25577436}\Enable
  • HKEY_CURRENT_USER\Keyboard Layout\Toggle\Language Hotkey
  • HKEY_CURRENT_USER\Keyboard Layout\Toggle\Hotkey
  • HKEY_CURRENT_USER\Keyboard Layout\Toggle\Layout Hotkey
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\Windows Error Reporting\WMR\Disable
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\CTF\EnableAnchorContext
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{372941a3-1bd9-11e5-9838-806e6f6e6963}\Data
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{372941a3-1bd9-11e5-9838-806e6f6e6963}\Generation
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{372941a4-1bd9-11e5-9838-806e6f6e6963}\Data
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{372941a4-1bd9-11e5-9838-806e6f6e6963}\Generation
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ConfirmFileDelete
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\ConfirmFileDelete
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\NoFileFolderConnection
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Unknown\DocObject
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Unknown\BrowseInPlace
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Unknown\IsShortcut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Unknown\AlwaysShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Unknown\NeverShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.txt\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.txt\PerceivedType
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\txtfile\DocObject
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.txt\DocObject
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\text\DocObject
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\txtfile\BrowseInPlace
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.txt\BrowseInPlace
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\text\BrowseInPlace
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.txt\Content Type
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\txtfile\IsShortcut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.txt\IsShortcut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\text\IsShortcut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\txtfile\AlwaysShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.txt\AlwaysShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\text\AlwaysShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\txtfile\NeverShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.txt\NeverShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\text\NeverShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.dll\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.dll\PerceivedType
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.dll\PerceivedType
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\dllfile\DocObject
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.dll\DocObject
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\dllfile\BrowseInPlace
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.dll\BrowseInPlace
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.dll\Content Type
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\dllfile\IsShortcut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.dll\IsShortcut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\dllfile\AlwaysShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\dllfile\NeverShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.dll\NeverShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.ini\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.ini\PerceivedType
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\inifile\DocObject
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\inifile\BrowseInPlace
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.ini\Content Type
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\inifile\IsShortcut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\inifile\AlwaysShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\inifile\NeverShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.xml\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\xmlfile\ShellEx\IconHandler\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\xmlfile\DocObject
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.xml\DocObject
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.xml\PerceivedType
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\xmlfile\BrowseInPlace
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\xmlfile\BrowseInPlace\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.xml\BrowseInPlace
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.xml\Content Type
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\xmlfile\CLSID\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\xmlfile\IsShortcut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.xml\IsShortcut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\xmlfile\AlwaysShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.xml\AlwaysShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\xmlfile\NeverShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.xml\NeverShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.wav\(Default)
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\UserChoice\Progid
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WMP11.AssocFile.WAV\DocObject
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.wav\DocObject
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\audio\DocObject
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WMP11.AssocFile.WAV\BrowseInPlace
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.wav\BrowseInPlace
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\audio\BrowseInPlace
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.wav\Content Type
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WMP11.AssocFile.WAV\IsShortcut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.wav\IsShortcut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\audio\IsShortcut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WMP11.AssocFile.WAV\AlwaysShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.wav\AlwaysShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\audio\AlwaysShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WMP11.AssocFile.WAV\NeverShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.wav\NeverShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\audio\NeverShowExt
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\MaxUndoItems
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Advanced\MaxUndoItems
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\CopyHookHandlers\FileSystem\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{217FC9C0-3AEA-1069-A2DB-08002B30309D}\InProcServer32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\CopyHookHandlers\Sharing\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{40DD6E20-7C17-11CE-A804-00AA003CA9F6}\InProcServer32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{40DD6E20-7C17-11CE-A804-00AA003CA9F6}\InProcServer32\LoadWithoutCOM
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Cache
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached\{40DD6E20-7C17-11CE-A804-00AA003CA9F6} {000214FC-0000-0000-C000-000000000046} 0xFFFF
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SQMClient\Windows\CEIPEnable
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\CopyHookHandlers\WinSCPCopyHook\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\FolderExtensions\{fbeb8a05-beee-4442-804e-409d6c4515e9}\DriveMask
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-18\ProfileImagePath
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-19\ProfileImagePath
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-20\ProfileImagePath
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-2280033686-3172497658-3481507381-1000\ProfileImagePath
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-2280033686-3172497658-3481507381-1001\ProfileImagePath
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\PropertySystem\PropertyHandlers\.exe\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{66742402-F9B9-11D1-A202-0000F81FEDEE}\DisableProcessIsolation
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{66742402-F9B9-11D1-A202-0000F81FEDEE}\NoOplock
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{66742402-F9B9-11D1-A202-0000F81FEDEE}\UseInProcHandlerCache
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{66742402-F9B9-11D1-A202-0000F81FEDEE}\UseOutOfProcHandlerCache
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\PropertySystem\PropertyHandlers\.dll\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{48123BC4-99D9-11D1-A6B3-00C04FD91555}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\PropertySystem\PropertyHandlers\.wav\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E46787A1-4629-4423-A693-BE1F003B2742}\DisableProcessIsolation
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E46787A1-4629-4423-A693-BE1F003B2742}\NoOplock
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E46787A1-4629-4423-A693-BE1F003B2742}\UseInProcHandlerCache
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E46787A1-4629-4423-A693-BE1F003B2742}\UseOutOfProcHandlerCache
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize\DisableMetaFiles
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\InstallRoot
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\CLRLoadLogDir
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\OnlyUseLatestCLR
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NoClientChecks
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\PreferExternalManifest
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\GCStressStart
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\GCStressStartAtJit
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\DisableConfigCache
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\CacheLocation
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\DownloadCacheQuotaInKB
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\EnableLog
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\LoggingLevel
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\ForceLog
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\LogFailures
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\VersioningLog
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\LogResourceBinds
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\UseLegacyIdentityFormat
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\DisableMSIPeek
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DevOverrideEnable
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\LatestIndex
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\index187\NIUsageMask
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\index187\ILUsageMask
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\181938c6\7950e2c5\82\DisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\181938c6\7950e2c5\82\ConfigMask
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\181938c6\7950e2c5\82\ConfigString
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\181938c6\7950e2c5\82\MVID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\181938c6\7950e2c5\82\EvalationData
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\181938c6\7950e2c5\82\Status
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\181938c6\7950e2c5\82\ILDependencies
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\181938c6\7950e2c5\82\NIDependencies
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\181938c6\7950e2c5\82\MissingDependencies
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\7950e2c5\19b8f67f\82\DisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\7950e2c5\19b8f67f\82\Status
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\7950e2c5\19b8f67f\82\Modules
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\7950e2c5\19b8f67f\82\SIG
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\7950e2c5\19b8f67f\82\LastModTime
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\mscorlib,2.0.0.0,,b77a5c561934e089,AMD64
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\crypt32\DebugHeapFlags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\Certificate\{31D1ADC1-D329-11D1-8ED8-0080C76516C6}\$DLL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\Certificate\{31D1ADC1-D329-11D1-8ED8-0080C76516C6}\$Function
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{31D1ADC1-D329-11D1-8ED8-0080C76516C6}\$DLL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{31D1ADC1-D329-11D1-8ED8-0080C76516C6}\$Function
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\Initialization\{31D1ADC1-D329-11D1-8ED8-0080C76516C6}\$DLL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\Initialization\{31D1ADC1-D329-11D1-8ED8-0080C76516C6}\$Function
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\Message\{31D1ADC1-D329-11D1-8ED8-0080C76516C6}\$DLL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\Message\{31D1ADC1-D329-11D1-8ED8-0080C76516C6}\$Function
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\Signature\{31D1ADC1-D329-11D1-8ED8-0080C76516C6}\$DLL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\Signature\{31D1ADC1-D329-11D1-8ED8-0080C76516C6}\$Function
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\CertCheck\{31D1ADC1-D329-11D1-8ED8-0080C76516C6}\$DLL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\CertCheck\{31D1ADC1-D329-11D1-8ED8-0080C76516C6}\$Function
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\State
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Security\Safety Warning Level
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\crypt32\DiagLevel
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\crypt32\DiagMatchAnyMask
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptDllFindOIDInfo\1.3.6.1.4.1.311.44.3.4!7\Name
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\MUI\StringCacheSettings\StringCacheGeneration
  • HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\AAF68885\@%SystemRoot%\system32\p2pcollab.dll,-8042
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptDllFindOIDInfo\1.3.6.1.4.1.311.47.1.1!7\Name
  • HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\AAF68885\@%SystemRoot%\system32\qagentrt.dll,-10
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptDllFindOIDInfo\1.3.6.1.4.1.311.64.1.1!7\Name
  • HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\AAF68885\@%SystemRoot%\system32\dnsapi.dll,-103
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptDllFindOIDInfo\1.3.6.1.4.1.311.67.1.1!7\Name
  • HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\AAF68885\@%SystemRoot%\System32\fveui.dll,-843
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptDllFindOIDInfo\1.3.6.1.4.1.311.67.1.2!7\Name
  • HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\AAF68885\@%SystemRoot%\System32\fveui.dll,-844
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\WMR\Disable
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CertDllCreateCertificateChainEngine\Config\DisableMandatoryBasicConstraints
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CertDllCreateCertificateChainEngine\Config\DisableCANameConstraints
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CertDllCreateCertificateChainEngine\Config\DisableUnsupportedCriticalExtensions
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CertDllCreateCertificateChainEngine\Config\MaxAIAUrlCountInCert
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CertDllCreateCertificateChainEngine\Config\MaxAIAUrlRetrievalCountPerChain
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CertDllCreateCertificateChainEngine\Config\MaxUrlRetrievalByteCount
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CertDllCreateCertificateChainEngine\Config\MaxAIAUrlRetrievalByteCount
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CertDllCreateCertificateChainEngine\Config\MaxAIAUrlRetrievalCertCount
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CertDllCreateCertificateChainEngine\Config\CryptnetPreFetchTriggerPeriodSeconds
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CertDllCreateCertificateChainEngine\Config\EnableWeakSignatureFlags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CertDllCreateCertificateChainEngine\Config\ChainCacheResyncFiletime
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\CA\Certificates\8F43288AD272F3103B6FB1428485EA3014C0BCFE\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\109F1CAED645BB78B3EA2B94C0697C740733031C\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\475BA6DA2AFD5AE3ADAE78A261CA0E3E548B9532\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\D559A586669B08F46A30A133F8A9ED3D038E2EA8\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\FEE449EE0E3965A5246F000E87FDE2A065FD89D4\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\CRLs\A377D1B1C0538833035211F4083D00FECC414DAB\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates\637162CC59A3A1E25956FA5FA8F60D2E1C52EAC6\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates\7D7F4414CCEF168ADF6BF40753B5BECD78375931\Blob
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\Certificates\039EEDB80BE7A03C6953893B20D2D9323A4C2AFD\Blob
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\Certificates\03A5B14663EB12023091B84A6D6A68BC871DE66B\Blob
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\Certificates\07E032E020B72C3F192F0628A2593A19A70F069E\Blob
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\Certificates\36527D4FA26A68F9EB4596F1D99ABB2C0EA76DFA\Blob
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\Certificates\503006091D97D4F5AE39F7CBE7927D7D652D3431\Blob
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\Certificates\58E8ABB0361533FB80F79B1B6D29D3FF8D5F00F0\Blob
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\Certificates\8CF427FD790C3AD166068DE81E57EFBB932272D4\Blob
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\Certificates\9F744E9F2B4DBAEC0F312C50B6563B8E2D93C311\Blob
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\Certificates\AFE5D244A8D1194230FF479FE2F897BBCD7A8CB4\Blob
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\Certificates\B31EB1B740E36C8402DADC37D44DF5D4674952F9\Blob
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\Certificates\B94294BF91EA8FB64BE61097C7FB001359B676CB\Blob
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\Certificates\D69B561148F01C77C54578C10926DF5B856976AD\Blob
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\Certificates\DAC9024F54D8F6DF94935FB1732638CA6AD77C13\Blob
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\Certificates\DF3C24F9BFD666761B268073FE06D1CC8D4F82A4\Blob
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Root\ProtectedRoots\Certificates
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\18F7C1FCC3090203FD5BAA2F861A754976C8DD25\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\245C97DF7514E7CF2DF8BE72AE957B9E04741E85\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\7F88CD7223F3C813818C994614A89C99FA3B5247\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\8F43288AD272F3103B6FB1428485EA3014C0BCFE\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\A43489159A520F0D93D032CCAF37E7FE20A8B419\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\A7217F919843199C958C128449DD52D2723B0A8A\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\BE36A4562FB2EE05DBB3D32323ADF445084ED656\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\CDD4EEAE6000AC7F40C3802C171E30148030C072\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\D85213E038F309D02A40917B59E142368AE6B1C0\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\DBB84423C928ABE889D0E368FC3191D151DDB1AB\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\E12DFB4B41D7D9C32B30514BAC1D81D8385E2D46\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\02FAF3E291435468607857694DF5E45B68851868\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\3679CA35668772304D30A5FB873B0FA77BB70D54\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\3E2BF7F2031B96F38CE6C4D8A85D3E2D58476A0F\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\6252DC40F71143A22FDE9EF7348E064251B18118\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\742C3192E607E424EB4549542BE1BBC53E6174E2\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\91C6D6EE3E8AC86384E548C299295C756C817B81\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\97817950D81C9670CC34D809CF794431367EF474\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\A8985D3A65E5E5C4B2D7D66D40C6DD2FB19C5436\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\B1BC968BD4F49D622AA89A81F2150152A41D829C\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D23209AD23D314232174E40D7F9D62139786633A\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D4DE20D05E66FC53FE1A50882C78DB2852CAE474\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DE28F4A4FFE5B92FA3C503D1A349A7F9962A8212\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\E12DFB4B41D7D9C32B30514BAC1D81D8385E2D46\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\UserenvDebugLevel
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System\GpSvcDebugLevel
  • HKEY_LOCAL_MACHINE\SYSTEM\Setup\SystemSetupInProgress
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\Certificate\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$DLL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\Certificate\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$Function
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$DLL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$Function
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\Initialization\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$DLL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\Initialization\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$Function
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\Message\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$DLL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\Message\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$Function
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\Signature\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$DLL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\Signature\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$Function
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\CertCheck\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$DLL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\CertCheck\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$Function
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\Cleanup\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$DLL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\Cleanup\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$Function
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\Latest
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\index49
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\LegacyPolicyTimeStamp
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\1c22df2f\4f99a7c9\35\DisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\1c22df2f\4f99a7c9\35\ConfigMask
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\1c22df2f\4f99a7c9\35\ConfigString
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\1c22df2f\4f99a7c9\35\MVID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\1c22df2f\4f99a7c9\35\EvalationData
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\1c22df2f\4f99a7c9\35\Status
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\1c22df2f\4f99a7c9\35\ILDependencies
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\1c22df2f\4f99a7c9\35\NIDependencies
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\1c22df2f\4f99a7c9\35\MissingDependencies
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\c991064\2bd33e1c\81\DisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\c991064\2bd33e1c\81\Status
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\c991064\2bd33e1c\81\Modules
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\c991064\2bd33e1c\81\SIG
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\c991064\2bd33e1c\81\LastModTime
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\6dc7d4c0\a5cd4db\87\DisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\6dc7d4c0\a5cd4db\87\Status
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\6dc7d4c0\a5cd4db\87\Modules
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\6dc7d4c0\a5cd4db\87\SIG
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\6dc7d4c0\a5cd4db\87\LastModTime
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\3ced59c5\1b2590b1\85\DisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\3ced59c5\1b2590b1\85\Status
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\3ced59c5\1b2590b1\85\Modules
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\3ced59c5\1b2590b1\85\SIG
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\3ced59c5\1b2590b1\85\LastModTime
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\f6e8397\46ad0879\77\DisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\f6e8397\46ad0879\77\Status
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\f6e8397\46ad0879\77\Modules
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\f6e8397\46ad0879\77\SIG
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\f6e8397\46ad0879\77\LastModTime
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\2b1a4e4\38a3212c\4c\DisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\2b1a4e4\38a3212c\4c\Status
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\2b1a4e4\38a3212c\4c\Modules
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\2b1a4e4\38a3212c\4c\SIG
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\2b1a4e4\38a3212c\4c\LastModTime
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\24bf93f6\3d7304a5\76\DisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\24bf93f6\3d7304a5\76\Status
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\24bf93f6\3d7304a5\76\Modules
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\24bf93f6\3d7304a5\76\SIG
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\24bf93f6\3d7304a5\76\LastModTime
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\4f99a7c9\53bea2b0\35\DisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\4f99a7c9\53bea2b0\35\Status
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\4f99a7c9\53bea2b0\35\Modules
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\4f99a7c9\53bea2b0\35\SIG
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\4f99a7c9\53bea2b0\35\LastModTime
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\30bc7c4f\3f50fe4f\90\DisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\30bc7c4f\3f50fe4f\90\ConfigMask
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\30bc7c4f\3f50fe4f\90\ConfigString
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\30bc7c4f\3f50fe4f\90\MVID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\30bc7c4f\3f50fe4f\90\EvalationData
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\30bc7c4f\3f50fe4f\90\Status
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\30bc7c4f\3f50fe4f\90\ILDependencies
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\30bc7c4f\3f50fe4f\90\NIDependencies
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\30bc7c4f\3f50fe4f\90\MissingDependencies
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\424bd4d8\1c83327b\8e\DisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\424bd4d8\1c83327b\8e\Status
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\424bd4d8\1c83327b\8e\Modules
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\424bd4d8\1c83327b\8e\SIG
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\424bd4d8\1c83327b\8e\LastModTime
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\19ab8d57\1bd7b0d8\8f\DisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\19ab8d57\1bd7b0d8\8f\Status
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\19ab8d57\1bd7b0d8\8f\Modules
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\19ab8d57\1bd7b0d8\8f\SIG
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\19ab8d57\1bd7b0d8\8f\LastModTime
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\3f50fe4f\6f1da7aa\90\DisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\3f50fe4f\6f1da7aa\90\Status
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\3f50fe4f\6f1da7aa\90\Modules
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\3f50fe4f\6f1da7aa\90\SIG
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\3f50fe4f\6f1da7aa\90\LastModTime
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\Microsoft.VisualBasic,8.0.0.0,,b03f5f7f11d50a3a,MSIL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System,2.0.0.0,,b77a5c561934e089,MSIL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Xml,2.0.0.0,,b77a5c561934e089,MSIL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Configuration,2.0.0.0,,b03f5f7f11d50a3a,MSIL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Web,2.0.0.0,,b03f5f7f11d50a3a,AMD64
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Management,2.0.0.0,,b03f5f7f11d50a3a,MSIL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Runtime.Remoting,2.0.0.0,,b77a5c561934e089,MSIL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Deployment,2.0.0.0,,b03f5f7f11d50a3a,MSIL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Drawing,2.0.0.0,,b03f5f7f11d50a3a,MSIL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Windows.Forms,2.0.0.0,,b77a5c561934e089,MSIL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\CseOn
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\TailCallOpt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\PInvokeInline
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\PInvokeCalliOpt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\NewGCCalc
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\TURNOFFDEBUGINFO
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\DisableHotCold
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\61e7e666\c991064\83\DisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\61e7e666\c991064\83\ConfigMask
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\61e7e666\c991064\83\ConfigString
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\61e7e666\c991064\83\MVID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\61e7e666\c991064\83\EvalationData
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\61e7e666\c991064\83\Status
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\61e7e666\c991064\83\ILDependencies
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\61e7e666\c991064\83\NIDependencies
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\61e7e666\c991064\83\MissingDependencies
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\475dce40\2d382ce6\8d\DisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\475dce40\2d382ce6\8d\Status
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\475dce40\2d382ce6\8d\Modules
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\475dce40\2d382ce6\8d\SIG
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\475dce40\2d382ce6\8d\LastModTime
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\2dd6ac50\163e1f5e\8a\DisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\2dd6ac50\163e1f5e\8a\Status
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\2dd6ac50\163e1f5e\8a\Modules
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\2dd6ac50\163e1f5e\8a\SIG
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\2dd6ac50\163e1f5e\8a\LastModTime
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\41c04c7e\7f3b6ac4\80\DisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\41c04c7e\7f3b6ac4\80\Status
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\41c04c7e\7f3b6ac4\80\Modules
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\41c04c7e\7f3b6ac4\80\SIG
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\41c04c7e\7f3b6ac4\80\LastModTime
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\3cca06a0\6dc7d4c0\84\DisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\3cca06a0\6dc7d4c0\84\ConfigMask
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\3cca06a0\6dc7d4c0\84\ConfigString
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\3cca06a0\6dc7d4c0\84\MVID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\3cca06a0\6dc7d4c0\84\EvalationData
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\3cca06a0\6dc7d4c0\84\Status
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\3cca06a0\6dc7d4c0\84\ILDependencies
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\3cca06a0\6dc7d4c0\84\NIDependencies
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\3cca06a0\6dc7d4c0\84\MissingDependencies
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Runtime.Serialization.Formatters.Soap,2.0.0.0,,b03f5f7f11d50a3a,MSIL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\Accessibility,2.0.0.0,,b03f5f7f11d50a3a,MSIL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Security,2.0.0.0,,b03f5f7f11d50a3a,MSIL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\DbgJITDebugLaunchSetting
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\DbgManagedDebugger
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\432ba598\f6e8397\77\DisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\432ba598\f6e8397\77\ConfigMask
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\432ba598\f6e8397\77\ConfigString
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\432ba598\f6e8397\77\MVID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\432ba598\f6e8397\77\EvalationData
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\432ba598\f6e8397\77\Status
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\432ba598\f6e8397\77\ILDependencies
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\432ba598\f6e8397\77\NIDependencies
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\432ba598\f6e8397\77\MissingDependencies
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\3a6a696d\52d7076e\7a\DisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\3a6a696d\52d7076e\7a\Status
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\3a6a696d\52d7076e\7a\Modules
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\3a6a696d\52d7076e\7a\SIG
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\3a6a696d\52d7076e\7a\LastModTime
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.DirectoryServices,2.0.0.0,,b03f5f7f11d50a3a,MSIL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\InstallationType
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\159a66b8\424bd4d8\8f\DisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\159a66b8\424bd4d8\8f\ConfigMask
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\159a66b8\424bd4d8\8f\ConfigString
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\159a66b8\424bd4d8\8f\MVID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\159a66b8\424bd4d8\8f\EvalationData
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\159a66b8\424bd4d8\8f\Status
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\159a66b8\424bd4d8\8f\ILDependencies
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\159a66b8\424bd4d8\8f\NIDependencies
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\159a66b8\424bd4d8\8f\MissingDependencies
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\6faf58\19ab8d57\8e\DisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\6faf58\19ab8d57\8e\ConfigMask
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\6faf58\19ab8d57\8e\ConfigString
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\6faf58\19ab8d57\8e\MVID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\6faf58\19ab8d57\8e\EvalationData
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\6faf58\19ab8d57\8e\Status
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\6faf58\19ab8d57\8e\ILDependencies
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\6faf58\19ab8d57\8e\NIDependencies
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\NI\6faf58\19ab8d57\8e\MissingDependencies
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\75638fee\7566cac\8c\DisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\75638fee\7566cac\8c\Status
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\75638fee\7566cac\8c\Modules
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\75638fee\7566cac\8c\SIG
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_64\IL\75638fee\7566cac\8c\LastModTime
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Data.SqlXml,2.0.0.0,,b77a5c561934e089,MSIL
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\.NET CLR Networking\Performance\Library
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\.NET CLR Networking\Performance\IsMultiInstance
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\.NET CLR Networking\Performance\First Counter
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\.NET CLR Networking\Performance\CategoryOptions
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\.NET CLR Networking\Performance\FileMappingSize
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\.NET CLR Networking\Performance\Counter Names
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\Security\Policy\Extensions\NamedPermissionSets\Internet\MediaPermission\Xml
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\Security\Policy\Extensions\NamedPermissionSets\Internet\WebBrowserPermission\Xml
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\Security\Policy\Extensions\NamedPermissionSets\LocalIntranet\MediaPermission\Xml
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\Security\Policy\Extensions\NamedPermissionSets\LocalIntranet\WebBrowserPermission\Xml
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLE\AppCompat\RaiseDefaultAuthnLevel
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLE\DefaultAccessPermission
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{00000134-0000-0000-C000-000000000046}\ProxyStubClsid32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\Extensions\NdrOleExtDLL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\Extensions\RemoteRpcDll
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\Windows\DisabledProcesses\3914E19B
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\Windows\DisabledSessions\MachineThrottling
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\Windows\DisabledSessions\GlobalSession
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\AccessProviders\MartaExtension
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\EnableConsoleTracing
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Duplicate File Finder Plus_RASAPI32\EnableFileTracing
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Duplicate File Finder Plus_RASAPI32\FileTracingMask
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Duplicate File Finder Plus_RASAPI32\EnableConsoleTracing
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Duplicate File Finder Plus_RASAPI32\ConsoleTracingMask
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Duplicate File Finder Plus_RASAPI32\MaxFileSize
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Duplicate File Finder Plus_RASAPI32\FileDirectory
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\QueryAdapterName
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\DisableAdapterDomainName
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\UseDomainNameDevolution
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\UseDomainNameDevolution
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\DomainNameDevolutionLevel
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\PrioritizeRecordData
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\PrioritizeRecordData
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\AllowUnqualifiedQuery
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\AllowUnqualifiedQuery
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\AppendToMultiLabelName
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\ScreenBadTlds
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\ScreenUnreachableServers
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\ScreenDefaultServers
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\DynamicServerQueryOrder
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\FilterClusterIp
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\WaitForNameErrorOnAll
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\UseEdns
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\DnsSecureNameQueryFallback
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\EnableDAForAllNetworks
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\DirectAccessQueryOrder
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\QueryIpMatching
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\UseHostsFile
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\AddrConfigControl
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\RegistrationEnabled
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\DisableDynamicUpdate
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\RegisterPrimaryName
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\RegisterAdapterName
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\EnableAdapterDomainNameRegistration
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\RegisterReverseLookup
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\DisableReverseAddressRegistrations
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\RegisterWanAdapters
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\DisableWanDynamicUpdate
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\RegistrationTtl
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\DefaultRegistrationTTL
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\RegistrationRefreshInterval
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\DefaultRegistrationRefreshInterval
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\RegistrationMaxAddressCount
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\MaxNumberOfAddressesToRegister
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\UpdateSecurityLevel
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\UpdateSecurityLevel
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\UpdateTopLevelDomainZones
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\DowncaseSpnCauseApiOwnerIsTooLazy
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\RegistrationOverwrite
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\MaxCacheSize
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\MaxCacheTtl
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\MaxNegativeCacheTtl
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\AdapterTimeoutLimit
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\ServerPriorityTimeLimit
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\MaxCachedSockets
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\EnableMulticast
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\MulticastResponderFlags
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\MulticastSenderFlags
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\MulticastSenderMaxTimeout
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\DnsTest
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\UseCompartments
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\CacheAllCompartments
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\UseNewRegistration
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\ResolverRegistration
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\ResolverRegistrationOnly
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\DnsQueryTimeouts
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\DnsQueryTimeouts
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache\Parameters\DnsQuickQueryTimeouts
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\DnsQuickQueryTimeouts
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Domain
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Hostname
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{33E35B0A-D1F6-4AB1-A1AE-56B8A256B787}\QueryAdapterName
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{33E35B0A-D1F6-4AB1-A1AE-56B8A256B787}\DisableAdapterDomainName
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{33E35B0A-D1F6-4AB1-A1AE-56B8A256B787}\RegistrationEnabled
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{33E35B0A-D1F6-4AB1-A1AE-56B8A256B787}\RegisterAdapterName
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{33E35B0A-D1F6-4AB1-A1AE-56B8A256B787}\RegistrationMaxAddressCount
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{33E35B0A-D1F6-4AB1-A1AE-56B8A256B787}\MaxNumberOfAddressesToRegister
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{33E35B0A-D1F6-4AB1-A1AE-56B8A256B787}\EnableMulticast
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{33E35B0A-D1F6-4AB1-A1AE-56B8A256B787}\Domain
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{33E35B0A-D1F6-4AB1-A1AE-56B8A256B787}\DhcpDomain
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}\QueryAdapterName
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}\DisableAdapterDomainName
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}\RegistrationEnabled
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}\DisableDynamicUpdate
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}\RegisterAdapterName
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}\EnableAdapterDomainNameRegistration
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}\RegistrationMaxAddressCount
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}\MaxNumberOfAddressesToRegister
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}\EnableMulticast
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}\Domain
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}\DhcpDomain
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\SearchList
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetBT\Parameters\NodeType
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetBT\Parameters\DhcpNodeType
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetBT\Parameters\ScopeId
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetBT\Parameters\DhcpScopeId
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetBT\Parameters\EnableProxy
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetBT\Parameters\EnableDns
  • HKEY_CURRENT_USER\Software\Microsoft\GDIPlus\FontCachePath
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\DataStore_V1.0\Disable
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\DataStore_V1.0\DataFilePath
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane1
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane2
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane3
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane4
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane5
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane6
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane7
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane8
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane9
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane10
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane11
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane12
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane13
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane14
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane15
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane16
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane1
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane2
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane3
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane4
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane5
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane6
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane7
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane8
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane9
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane10
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane11
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane12
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane13
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane14
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane15
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane16
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\\xe5\xae\x8b\xe4\xbd\x93
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\EnableAnchorContext
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Anchor Underline
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\LsaExtensionConfig\SspiCli\CheckSignatureDll
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\LsaExtensionConfig\SspiCli\CheckSignatureRoutine
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SecurityProviders
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\Name
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\Comment
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\Capabilities
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\RpcId
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\Version
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\Type
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\TokenSize
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL\UserContextLockCount
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL\UserContextListCount
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\TurnOffSPIAnimations
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\TurnOffSPIAnimations
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Diagnostics\Performance\Shell\ResponseMonitor\MinTriggerPeriod
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Diagnostics\Performance\Shell\ResponseMonitor\LatencyThreshold
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Diagnostics\Performance\Shell\ResponseMonitor\LatencyPeak
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Diagnostics\Performance\Shell\ResponseMonitor\LatencyAverageWeight
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Diagnostics\Performance\Shell\ResponseMonitor\LatencyWeigthBoost
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Diagnostics\Performance\Shell\ResponseMonitor\IdleThreshold
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ExplorerStartupTraceRecorded
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPropertiesMyComputer
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPropertiesMyComputer
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPropertiesRecycleBin
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPropertiesRecycleBin
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoControlPanel
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoControlPanel
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetFolders
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetFolders
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoInternetIcon
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoInternetIcon
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoCommonGroups
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoCommonGroups
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{031E4825-7B94-4dc3-B131-E946B44C8DD5}\SuppressionPolicy
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{04731B67-D933-450a-90E6-4ACD2E9408FE}\SuppressionPolicy
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{0875DCB6-C686-4243-9432-ADCCF0B9F2D7}\SuppressionPolicy
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{11016101-E366-4D22-BC06-4ADA335C892B}\SuppressionPolicy
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{138508bc-1e03-49ea-9c8f-ea9e1d05d65d}\SuppressionPolicy
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{26EE0668-A00A-44D7-9371-BEB064C98683}\SuppressionPolicy
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\SuppressionPolicy
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{450D8FBA-AD25-11D0-98A8-0800361B1103}\SuppressionPolicy
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\SuppressionPolicy
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{59031a47-3f72-44a7-89c5-5595fe6b30ee}\SuppressionPolicy
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{645FF040-5081-101B-9F08-00AA002F954E}\SuppressionPolicy
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{7CCA70DB-DE7A-4FB7-9B2B-52E2335A3B5A}\SuppressionPolicy
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{89D83576-6BD1-4c86-9454-BEB04E94C819}\SuppressionPolicy
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{8FD8B88D-30E1-4F25-AC2B-553D3D65F0EA}\SuppressionPolicy
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{9343812e-1c37-4a49-a12e-4b2d810d956b}\SuppressionPolicy
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{98D99750-0B8A-4c59-9151-589053683D73}\SuppressionPolicy
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{B0FBD52D-C4A7-4a19-985D-11309D1AC8AE}\SuppressionPolicy
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}\SuppressionPolicy
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{BD7A2E7B-21CB-41b2-A086-B309680C6B7E}\SuppressionPolicy
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{daf95313-e44d-46af-be1b-cbacea2c3065}\SuppressionPolicy
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{e345f35f-9397-435c-8f95-4e922c26259e}\SuppressionPolicy
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{ED228FDF-9EA8-4870-83b1-96b02CFE0D52}\SuppressionPolicy
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\SuppressionPolicy
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{F3F5824C-AD58-4728-AF59-A1EBE3392799}\SuppressionPolicy
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\Attributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\CallForAttributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\RestrictedAttributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsFORDISPLAY
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\HideFolderVerbs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\UseDropHandler
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsFORPARSING
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsParseDisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\QueryForOverlay
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\MapNetDriveVerbs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\QueryForInfoTip
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\HideInWebView
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\HideOnDesktopPerUser
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsAliasedNotifications
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsUniversalDelegate
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\NoFileFolderJunction
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\PinToNameSpaceTree
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\HasNavigationEnum
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{20D04FE0-3AEA-1069-A2D8-08002B30309D}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\Attributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\CallForAttributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\RestrictedAttributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\WantsFORDISPLAY
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\HideFolderVerbs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\UseDropHandler
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\WantsFORPARSING
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\WantsParseDisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\QueryForOverlay
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\MapNetDriveVerbs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\QueryForInfoTip
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\HideInWebView
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\HideOnDesktopPerUser
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\WantsAliasedNotifications
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\WantsUniversalDelegate
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\NoFileFolderJunction
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\PinToNameSpaceTree
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder\HasNavigationEnum
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{208D2C60-3AEA-1069-A2D7-08002B30309D}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\Attributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\CallForAttributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\RestrictedAttributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\WantsFORDISPLAY
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\HideFolderVerbs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\UseDropHandler
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\WantsFORPARSING
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\WantsParseDisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\QueryForOverlay
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\MapNetDriveVerbs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\QueryForInfoTip
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\HideInWebView
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\HideOnDesktopPerUser
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\WantsAliasedNotifications
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\WantsUniversalDelegate
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\NoFileFolderJunction
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\PinToNameSpaceTree
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\HasNavigationEnum
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\Attributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{871C5380-42A0-1069-A2EA-08002B30309D}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InProcServer32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InProcServer32\LoadWithoutCOM
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached\{871C5380-42A0-1069-A2EA-08002B30309D} {000214E6-0000-0000-C000-000000000046} 0xFFFF
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE\explorer.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE\*
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Security_HKLM_only
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IETld\IETldDllVersionLow
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IETld\IETldDllVersionHigh
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IETld\IETldVersionLow
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IETld\IETldVersionHigh
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS\explorer.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS\*
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\https\UserChoice\Progid
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.HTTPS\ShellFolder
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\https\ShellFolder
修改的注册表键
  • HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\4B\AAF68885\LanguageList
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43\Blob
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\Duplicate File Finder Plus_RASAPI32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Duplicate File Finder Plus_RASAPI32\EnableFileTracing
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Duplicate File Finder Plus_RASAPI32\EnableConsoleTracing
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Duplicate File Finder Plus_RASAPI32\FileTracingMask
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Duplicate File Finder Plus_RASAPI32\ConsoleTracingMask
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Duplicate File Finder Plus_RASAPI32\MaxFileSize
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Duplicate File Finder Plus_RASAPI32\FileDirectory
删除的注册表键
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
API解析
  • kernel32.dll.GetLastError
  • kernel32.dll.SetLastError
  • kernel32.dll.GetCurrentProcess
  • kernel32.dll.DeviceIoControl
  • kernel32.dll.SetFileTime
  • kernel32.dll.CloseHandle
  • kernel32.dll.CreateDirectoryW
  • kernel32.dll.RemoveDirectoryW
  • kernel32.dll.CreateFileW
  • kernel32.dll.DeleteFileW
  • kernel32.dll.CreateHardLinkW
  • kernel32.dll.GetShortPathNameW
  • kernel32.dll.GetLongPathNameW
  • kernel32.dll.MoveFileW
  • kernel32.dll.GetFileType
  • kernel32.dll.GetStdHandle
  • kernel32.dll.WriteFile
  • kernel32.dll.ReadFile
  • kernel32.dll.FlushFileBuffers
  • kernel32.dll.SetEndOfFile
  • kernel32.dll.SetFilePointer
  • kernel32.dll.SetFileAttributesW
  • kernel32.dll.GetFileAttributesW
  • kernel32.dll.FindClose
  • kernel32.dll.FindFirstFileW
  • kernel32.dll.FindNextFileW
  • kernel32.dll.GetVersionExW
  • kernel32.dll.GetCurrentDirectoryW
  • kernel32.dll.GetFullPathNameW
  • kernel32.dll.FoldStringW
  • kernel32.dll.GetModuleFileNameW
  • kernel32.dll.GetModuleHandleW
  • kernel32.dll.FindResourceW
  • kernel32.dll.FreeLibrary
  • kernel32.dll.GetProcAddress
  • kernel32.dll.GetCurrentProcessId
  • kernel32.dll.ExitProcess
  • kernel32.dll.SetThreadExecutionState
  • kernel32.dll.Sleep
  • kernel32.dll.LoadLibraryW
  • kernel32.dll.GetSystemDirectoryW
  • kernel32.dll.CompareStringW
  • kernel32.dll.AllocConsole
  • kernel32.dll.FreeConsole
  • kernel32.dll.AttachConsole
  • kernel32.dll.WriteConsoleW
  • kernel32.dll.GetProcessAffinityMask
  • kernel32.dll.CreateThread
  • kernel32.dll.SetThreadPriority
  • kernel32.dll.InitializeCriticalSection
  • kernel32.dll.EnterCriticalSection
  • kernel32.dll.LeaveCriticalSection
  • kernel32.dll.DeleteCriticalSection
  • kernel32.dll.SetEvent
  • kernel32.dll.ResetEvent
  • kernel32.dll.ReleaseSemaphore
  • kernel32.dll.WaitForSingleObject
  • kernel32.dll.CreateEventW
  • kernel32.dll.CreateSemaphoreW
  • kernel32.dll.GetSystemTime
  • kernel32.dll.SystemTimeToTzSpecificLocalTime
  • kernel32.dll.TzSpecificLocalTimeToSystemTime
  • kernel32.dll.SystemTimeToFileTime
  • kernel32.dll.FileTimeToLocalFileTime
  • kernel32.dll.LocalFileTimeToFileTime
  • kernel32.dll.FileTimeToSystemTime
  • kernel32.dll.GetCPInfo
  • kernel32.dll.IsDBCSLeadByte
  • kernel32.dll.MultiByteToWideChar
  • kernel32.dll.WideCharToMultiByte
  • kernel32.dll.GlobalAlloc
  • kernel32.dll.GetTickCount
  • kernel32.dll.LockResource
  • kernel32.dll.GlobalLock
  • kernel32.dll.GlobalUnlock
  • kernel32.dll.GlobalFree
  • kernel32.dll.LoadResource
  • kernel32.dll.SizeofResource
  • kernel32.dll.SetCurrentDirectoryW
  • kernel32.dll.GetExitCodeProcess
  • kernel32.dll.GetLocalTime
  • kernel32.dll.MapViewOfFile
  • kernel32.dll.UnmapViewOfFile
  • kernel32.dll.CreateFileMappingW
  • kernel32.dll.OpenFileMappingW
  • kernel32.dll.GetCommandLineW
  • kernel32.dll.SetEnvironmentVariableW
  • kernel32.dll.ExpandEnvironmentStringsW
  • kernel32.dll.GetTempPathW
  • kernel32.dll.MoveFileExW
  • kernel32.dll.GetLocaleInfoW
  • kernel32.dll.GetTimeFormatW
  • kernel32.dll.GetDateFormatW
  • kernel32.dll.GetNumberFormatW
  • kernel32.dll.SetFilePointerEx
  • kernel32.dll.GetConsoleMode
  • kernel32.dll.GetConsoleCP
  • kernel32.dll.HeapSize
  • kernel32.dll.SetStdHandle
  • kernel32.dll.GetProcessHeap
  • kernel32.dll.RaiseException
  • kernel32.dll.GetSystemInfo
  • kernel32.dll.VirtualProtect
  • kernel32.dll.VirtualQuery
  • kernel32.dll.LoadLibraryExA
  • kernel32.dll.IsProcessorFeaturePresent
  • kernel32.dll.IsDebuggerPresent
  • kernel32.dll.UnhandledExceptionFilter
  • kernel32.dll.SetUnhandledExceptionFilter
  • kernel32.dll.GetStartupInfoW
  • kernel32.dll.QueryPerformanceCounter
  • kernel32.dll.GetCurrentThreadId
  • kernel32.dll.GetSystemTimeAsFileTime
  • kernel32.dll.InitializeSListHead
  • kernel32.dll.TerminateProcess
  • kernel32.dll.RtlUnwind
  • kernel32.dll.InitializeCriticalSectionAndSpinCount
  • kernel32.dll.TlsAlloc
  • kernel32.dll.TlsGetValue
  • kernel32.dll.TlsSetValue
  • kernel32.dll.TlsFree
  • kernel32.dll.LoadLibraryExW
  • kernel32.dll.QueryPerformanceFrequency
  • kernel32.dll.GetModuleHandleExW
  • kernel32.dll.GetModuleFileNameA
  • kernel32.dll.GetACP
  • kernel32.dll.HeapFree
  • kernel32.dll.HeapAlloc
  • kernel32.dll.HeapReAlloc
  • kernel32.dll.GetStringTypeW
  • kernel32.dll.LCMapStringW
  • kernel32.dll.FindFirstFileExA
  • kernel32.dll.FindNextFileA
  • kernel32.dll.IsValidCodePage
  • kernel32.dll.GetOEMCP
  • kernel32.dll.GetCommandLineA
  • kernel32.dll.GetEnvironmentStringsW
  • kernel32.dll.FreeEnvironmentStringsW
  • gdiplus.dll.GdiplusShutdown
  • gdiplus.dll.GdiplusStartup
  • gdiplus.dll.GdipCreateHBITMAPFromBitmap
  • gdiplus.dll.GdipCreateBitmapFromStreamICM
  • gdiplus.dll.GdipCreateBitmapFromStream
  • gdiplus.dll.GdipDisposeImage
  • gdiplus.dll.GdipCloneImage
  • gdiplus.dll.GdipFree
  • gdiplus.dll.GdipAlloc
  • kernel32.dll.InitializeCriticalSectionEx
  • kernel32.dll.FlsAlloc
  • kernel32.dll.FlsSetValue
  • kernel32.dll.FlsGetValue
  • kernel32.dll.LCMapStringEx
  • kernel32.dll.SetDllDirectoryW
  • kernel32.dll.SortGetHandle
  • kernel32.dll.SortCloseHandle
  • ole32.dll.OleInitialize
  • cryptbase.dll.SystemFunction036
  • comctl32.dll.InitCommonControlsEx
  • user32.dll.GetWindowInfo
  • user32.dll.GetAncestor
  • user32.dll.GetMonitorInfoA
  • user32.dll.EnumDisplayMonitors
  • user32.dll.EnumDisplayDevicesA
  • gdi32.dll.ExtTextOutW
  • gdi32.dll.GdiIsMetaPrintDC
  • shell32.dll.SHGetMalloc
  • ole32.dll.CoGetMalloc
  • user32.dll.LoadIconW
  • user32.dll.LoadBitmapW
  • gdi32.dll.GetObjectW
  • user32.dll.GetDC
  • gdi32.dll.GetDeviceCaps
  • user32.dll.ReleaseDC
  • user32.dll.DialogBoxParamW
  • comctl32.dll.RegisterClassNameW
  • uxtheme.dll.EnableThemeDialogTexture
  • uxtheme.dll.OpenThemeData
  • uxtheme.dll.SetWindowTheme
  • imm32.dll.ImmIsIME
  • user32.dll.GetWindowRect
  • user32.dll.GetClientRect
  • user32.dll.GetWindowTextW
  • user32.dll.SetWindowTextW
  • user32.dll.GetSystemMetrics
  • user32.dll.GetWindow
  • user32.dll.GetDlgItem
  • user32.dll.SendMessageW
  • user32.dll.GetClassNameW
  • user32.dll.FindWindowExW
  • shlwapi.dll.SHAutoComplete
  • ole32.dll.CoCreateInstance
  • comctl32.dll.#320
  • comctl32.dll.#324
  • comctl32.dll.#411
  • comctl32.dll.#410
  • ole32.dll.CLSIDFromString
  • user32.dll.PeekMessageW
  • user32.dll.GetMessageW
  • user32.dll.TranslateMessage
  • user32.dll.DispatchMessageW
  • user32.dll.SetDlgItemTextW
  • comctl32.dll.#413
  • user32.dll.EnableWindow
  • user32.dll.GetDlgItemTextW
  • user32.dll.SetFocus
  • ole32.dll.CoInitializeEx
  • ole32.dll.CoUninitialize
  • ole32.dll.CoRegisterInitializeSpy
  • ole32.dll.CoRevokeInitializeSpy
  • imm32.dll.ImmGetContext
  • imm32.dll.ImmGetDefaultIMEWnd
  • imm32.dll.ImmReleaseContext
  • user32.dll.LoadStringW
  • user32.dll.ShowWindow
  • user32.dll.GetWindowLongW
  • user32.dll.SetWindowLongW
  • user32.dll.CharUpperW
  • user32.dll.SendDlgItemMessageW
  • shell32.dll.ShellExecuteExW
  • setupapi.dll.CM_Get_Device_Interface_List_Size_ExW
  • setupapi.dll.CM_Get_Device_Interface_List_ExW
  • user32.dll.IsWindowVisible
  • user32.dll.WaitForInputIdle
  • user32.dll.EndDialog
  • comctl32.dll.#412
  • comctl32.dll.#388
  • shell32.dll.SHFileOperationW
  • oleaut32.dll.#200
  • comctl32.dll.#385
  • propsys.dll.PSLookupPropertyHandlerCLSID
  • propsys.dll.PSCreatePropertyStoreFromObject
  • oleaut32.dll.#6
  • propsys.dll.PropVariantToBoolean
  • propsys.dll.VariantToUInt64
  • propsys.dll.PropVariantToVariant
  • propsys.dll.InitPropVariantFromBuffer
  • propsys.dll.PropVariantToBuffer
  • comctl32.dll.#328
  • comctl32.dll.#386
  • ole32.dll.CreateBindCtx
  • shell32.dll.#66
  • advapi32.dll.GetNamedSecurityInfoW
  • sechost.dll.ConvertStringSidToSidW
  • netutils.dll.NetApiBufferFree
  • advapi32.dll.RegOpenKeyExW
  • ole32.dll.CoTaskMemFree
  • advapi32.dll.RegQueryValueExW
  • propsys.dll.PropVariantToUInt64
  • comctl32.dll.#321
  • gdi32.dll.DeleteObject
  • ole32.dll.OleUninitialize
  • oleaut32.dll.#500
  • ext-ms-win-kernel32-package-current-l1-1-0.dll.GetCurrentPackageId
  • advapi32.dll.UnregisterTraceGuids
  • advapi32.dll.RegQueryInfoKeyW
  • advapi32.dll.RegEnumKeyExW
  • advapi32.dll.RegEnumValueW
  • advapi32.dll.RegCloseKey
  • kernel32.dll.FlsFree
  • kernel32.dll.CreateEventExW
  • kernel32.dll.CreateSemaphoreExW
  • kernel32.dll.SetThreadStackGuarantee
  • kernel32.dll.CreateThreadpoolTimer
  • kernel32.dll.SetThreadpoolTimer
  • kernel32.dll.WaitForThreadpoolTimerCallbacks
  • kernel32.dll.CloseThreadpoolTimer
  • kernel32.dll.CreateThreadpoolWait
  • kernel32.dll.SetThreadpoolWait
  • kernel32.dll.CloseThreadpoolWait
  • kernel32.dll.FlushProcessWriteBuffers
  • kernel32.dll.FreeLibraryWhenCallbackReturns
  • kernel32.dll.GetCurrentProcessorNumber
  • kernel32.dll.GetLogicalProcessorInformation
  • kernel32.dll.CreateSymbolicLinkW
  • kernel32.dll.EnumSystemLocalesEx
  • kernel32.dll.CompareStringEx
  • kernel32.dll.GetDateFormatEx
  • kernel32.dll.GetLocaleInfoEx
  • kernel32.dll.GetTimeFormatEx
  • kernel32.dll.GetUserDefaultLocaleName
  • kernel32.dll.IsValidLocaleName
  • kernel32.dll.GetTickCount64
  • kernel32.dll.AcquireSRWLockExclusive
  • kernel32.dll.ReleaseSRWLockExclusive
  • advapi32.dll.EventRegister
  • mscoree.dll.#142
  • mscoreei.dll.RegisterShimImplCallback
  • mscoreei.dll.OnShimDllMainCalled
  • mscoreei.dll._CorExeMain
  • shlwapi.dll.UrlIsW
  • kernel32.dll.GetNativeSystemInfo
  • version.dll.GetFileVersionInfoSizeW
  • version.dll.GetFileVersionInfoW
  • version.dll.VerQueryValueW
  • msvcrt.dll._set_error_mode
  • msvcrt.dll.?set_terminate@@YAP6AXXZP6AXXZ@Z
  • kernel32.dll.FindActCtxSectionStringW
  • kernel32.dll.GetSystemWindowsDirectoryW
  • mscoree.dll.GetProcessExecutableHeap
  • mscoreei.dll.GetProcessExecutableHeap
  • mscorwks.dll._CorExeMain
  • mscorwks.dll.GetCLRFunction
  • advapi32.dll.RegisterTraceGuidsW
  • advapi32.dll.GetTraceLoggerHandle
  • advapi32.dll.GetTraceEnableLevel
  • advapi32.dll.GetTraceEnableFlags
  • advapi32.dll.TraceEvent
  • mscoree.dll.IEE
  • mscoreei.dll.IEE
  • mscorwks.dll.IEE
  • mscoree.dll.GetStartupFlags
  • mscoreei.dll.GetStartupFlags
  • mscoree.dll.GetHostConfigurationFile
  • mscoreei.dll.GetHostConfigurationFile
  • mscoreei.dll.GetCORVersion
  • mscoree.dll.GetCORSystemDirectory
  • mscoreei.dll.GetCORSystemDirectory_RetAddr
  • mscoreei.dll.CreateConfigStream
  • ntdll.dll.RtlVirtualUnwind
  • kernel32.dll.IsWow64Process
  • advapi32.dll.AllocateAndInitializeSid
  • advapi32.dll.OpenProcessToken
  • advapi32.dll.GetTokenInformation
  • advapi32.dll.InitializeAcl
  • advapi32.dll.AddAccessAllowedAce
  • advapi32.dll.FreeSid
  • kernel32.dll.AddVectoredContinueHandler
  • kernel32.dll.RemoveVectoredContinueHandler
  • advapi32.dll.ConvertSidToStringSidW
  • shell32.dll.SHGetFolderPathW
  • kernel32.dll.GetWriteWatch
  • kernel32.dll.ResetWriteWatch
  • kernel32.dll.CreateMemoryResourceNotification
  • kernel32.dll.QueryMemoryResourceNotification
  • kernel32.dll.GlobalMemoryStatusEx
  • kernel32.dll.ProcessIdToSessionId
  • imm32.dll.ImmCreateContext
  • imm32.dll.ImmDestroyContext
  • imm32.dll.ImmNotifyIME
  • imm32.dll.ImmAssociateContext
  • imm32.dll.ImmGetCompositionStringA
  • imm32.dll.ImmSetCompositionStringA
  • imm32.dll.ImmGetCompositionStringW
  • imm32.dll.ImmSetCompositionStringW
  • imm32.dll.ImmSetCandidateWindow
  • mscorsec.dll.GetPublisher
  • mscoree.dll.CoInitializeEE
  • mscoreei.dll.CoInitializeEE
  • mscorwks.dll.CoInitializeEE
  • wintrust.dll.WintrustCertificateTrust
  • mscorsec.dll.CORPolicyEE
  • wintrust.dll.SoftpubInitialize
  • wintrust.dll.SoftpubLoadMessage
  • wintrust.dll.SoftpubLoadSignature
  • wintrust.dll.SoftpubCheckCert
  • cryptsp.dll.CryptAcquireContextA
  • wintrust.dll.CryptSIPPutSignedDataMsg
  • wintrust.dll.CryptSIPGetSignedDataMsg
  • imagehlp.dll.ImageGetCertificateData
  • ncrypt.dll.BCryptOpenAlgorithmProvider
  • bcryptprimitives.dll.GetHashInterface
  • ncrypt.dll.BCryptGetProperty
  • ncrypt.dll.BCryptCreateHash
  • ncrypt.dll.BCryptHashData
  • wintrust.dll.CryptSIPVerifyIndirectData
  • bcrypt.dll.BCryptOpenAlgorithmProvider
  • bcrypt.dll.BCryptGetProperty
  • bcrypt.dll.BCryptCreateHash
  • bcrypt.dll.BCryptHashData
  • bcrypt.dll.BCryptFinishHash
  • bcrypt.dll.BCryptDestroyHash
  • bcrypt.dll.BCryptCloseAlgorithmProvider
  • ncrypt.dll.BCryptDestroyHash
  • cryptsp.dll.CryptReleaseContext
  • crypt32.dll.CryptVerifyTimeStampSignature
  • ncrypt.dll.BCryptFinishHash
  • bcryptprimitives.dll.GetAsymmetricEncryptionInterface
  • ncrypt.dll.BCryptImportKeyPair
  • ncrypt.dll.BCryptVerifySignature
  • ncrypt.dll.BCryptDestroyKey
  • userenv.dll.GetUserProfileDirectoryW
  • sechost.dll.ConvertSidToStringSidW
  • userenv.dll.RegisterGPNotification
  • gpapi.dll.RegisterGPNotificationInternal
  • sechost.dll.OpenSCManagerW
  • sechost.dll.OpenServiceW
  • sechost.dll.CloseServiceHandle
  • sechost.dll.QueryServiceConfigW
  • cryptsp.dll.CryptImportKey
  • cryptsp.dll.CryptCreateHash
  • cryptsp.dll.CryptHashData
  • cryptsp.dll.CryptVerifySignatureA
  • cryptsp.dll.CryptDestroyKey
  • cryptsp.dll.CryptDestroyHash
  • wintrust.dll.SoftpubAuthenticode
  • wintrust.dll.SoftpubCleanup
  • advapi32.dll.SaferiSearchMatchingHashRules
  • ole32.dll.CoTaskMemAlloc
  • mscoree.dll.CoUninitializeEE
  • mscoreei.dll.CoUninitializeEE
  • mscorwks.dll.CoUninitializeEE
  • ole32.dll.CoGetContextToken
  • advapi32.dll.CryptAcquireContextA
  • advapi32.dll.CryptReleaseContext
  • advapi32.dll.CryptCreateHash
  • advapi32.dll.CryptDestroyHash
  • advapi32.dll.CryptHashData
  • advapi32.dll.CryptGetHashParam
  • advapi32.dll.CryptImportKey
  • advapi32.dll.CryptExportKey
  • advapi32.dll.CryptGenKey
  • advapi32.dll.CryptGetKeyParam
  • advapi32.dll.CryptDestroyKey
  • advapi32.dll.CryptVerifySignatureA
  • advapi32.dll.CryptSignHashA
  • advapi32.dll.CryptGetProvParam
  • advapi32.dll.CryptGetUserKey
  • advapi32.dll.CryptEnumProvidersA
  • mscoree.dll.GetMetaDataInternalInterface
  • mscoreei.dll.GetMetaDataInternalInterface
  • mscorwks.dll.GetMetaDataInternalInterface
  • mscorjit.dll.getJit
  • user32.dll.RegisterWindowMessageW
  • kernel32.dll.GetCurrentThread
  • kernel32.dll.DuplicateHandle
  • kernel32.dll.lstrlen
  • kernel32.dll.lstrlenW
  • kernel32.dll.GetUserDefaultUILanguage
  • user32.dll.DefWindowProcW
  • gdi32.dll.GetStockObject
  • user32.dll.RegisterClassW
  • user32.dll.CreateWindowExW
  • user32.dll.SetWindowLongPtrW
  • user32.dll.GetWindowLongPtrW
  • user32.dll.CallWindowProcW
  • user32.dll.GetParent
  • ole32.dll.IIDFromString
  • kernel32.dll.LocalFree
  • kernel32.dll.LocalAlloc
  • mscoree.dll.ND_RI8
  • mscoreei.dll.ND_RI8
  • mscoree.dll.ND_RU1
  • mscoreei.dll.ND_RU1
  • advapi32.dll.LsaClose
  • advapi32.dll.LsaFreeMemory
  • advapi32.dll.LsaOpenPolicy
  • advapi32.dll.LsaLookupSids
  • advapi32.dll.LsaLookupNames2
  • ws2_32.dll.WSAStartup
  • ws2_32.dll.WSASocketW
  • ws2_32.dll.setsockopt
  • ws2_32.dll.WSAEventSelect
  • ws2_32.dll.ioctlsocket
  • ws2_32.dll.closesocket
  • kernel32.dll.GetFileAttributesExW
  • kernel32.dll.SetErrorMode
  • kernel32.dll.GetFileSize
  • mscoree.dll.ND_RI2
  • mscoreei.dll.ND_RI2
  • kernel32.dll.GetComputerNameW
  • advapi32.dll.ConvertStringSecurityDescriptorToSecurityDescriptorW
  • kernel32.dll.ReleaseMutex
  • advapi32.dll.CreateWellKnownSid
  • kernel32.dll.CreateMutexW
  • kernel32.dll.OpenMutexW
  • kernel32.dll.OpenProcess
  • kernel32.dll.GetProcessTimes
  • ws2_32.dll.inet_addr
  • mscoreei.dll.LoadLibraryShim
  • culture.dll.ConvertLangIdToCultureName
  • ole32.dll.CoCreateGuid
  • ws2_32.dll.bind
  • ws2_32.dll.listen
  • ws2_32.dll.getsockname
  • ws2_32.dll.accept
  • kernel32.dll.CreateIoCompletionPort
  • kernel32.dll.PostQueuedCompletionStatus
  • ntdll.dll.NtQueryInformationThread
  • ntdll.dll.NtQuerySystemInformation
  • ntdll.dll.NtGetCurrentProcessorNumber
  • uxtheme.dll.IsAppThemed
  • kernel32.dll.CreateActCtxA
  • ole32.dll.CoWaitForMultipleHandles
  • sechost.dll.LookupAccountNameLocalW
  • advapi32.dll.LookupAccountSidW
  • sechost.dll.LookupAccountSidLocalW
  • cryptsp.dll.CryptAcquireContextW
  • cryptsp.dll.CryptGenRandom
  • ole32.dll.NdrOleInitializeExtension
  • ole32.dll.CoGetClassObject
  • ole32.dll.CoGetMarshalSizeMax
  • ole32.dll.CoMarshalInterface
  • ole32.dll.CoUnmarshalInterface
  • ole32.dll.StringFromIID
  • ole32.dll.CoGetPSClsid
  • ole32.dll.CoReleaseMarshalData
  • ole32.dll.DcomChannelSetHResult
  • rpcrtremote.dll.I_RpcExtInitializeExtensionPoint
  • crypt32.dll.CryptQueryObject
  • crypt32.dll.CertCloseStore
  • crypt32.dll.CertDuplicateCertificateContext
  • crypt32.dll.CertGetCertificateContextProperty
  • cryptsp.dll.CryptGetHashParam
  • shfolder.dll.SHGetFolderPathW
  • kernel32.dll.GetPrivateProfileStringA
  • advapi32.dll.AdjustTokenPrivileges
  • ntmarta.dll.GetMartaExtensionInterface
  • advapi32.dll.GetSecurityDescriptorLength
  • advapi32.dll.SetNamedSecurityInfoW
  • kernel32.dll.GetEnvironmentVariableW
  • user32.dll.AdjustWindowRectEx
  • rasapi32.dll.RasEnumConnectionsW
  • rtutils.dll.TraceRegisterExA
  • rtutils.dll.TracePrintfExA
  • sechost.dll.QueryServiceStatus
  • ws2_32.dll.WSAIoctl
  • kernel32.dll.FormatMessageW
  • rasapi32.dll.RasConnectionNotificationW
  • advapi32.dll.RegOpenCurrentUser
  • sechost.dll.NotifyServiceStatusChangeA
  • advapi32.dll.RegNotifyChangeKeyValue
  • winhttp.dll.WinHttpGetIEProxyConfigForCurrentUser
  • iphlpapi.dll.GetNetworkParams
  • dnsapi.dll.DnsQueryConfig
  • user32.dll.GetProcessWindowStation
  • user32.dll.GetUserObjectInformationA
  • kernel32.dll.SetConsoleCtrlHandler
  • user32.dll.GetClassInfoW
  • iphlpapi.dll.GetAdaptersAddresses
  • user32.dll.SystemParametersInfoW
  • iphlpapi.dll.GetIpInterfaceEntry
  • iphlpapi.dll.GetBestInterfaceEx
  • ws2_32.dll.getaddrinfo
  • ws2_32.dll.freeaddrinfo
  • kernel32.dll.GetSystemDefaultLCID
  • kernel32.dll.FindAtomW
  • kernel32.dll.AddAtomW
  • mscoree.dll.LoadLibraryShim
  • gdiplus.dll.GdipCreateFontFromLogfontW
  • kernel32.dll.RegOpenKeyExW
  • kernel32.dll.RegQueryInfoKeyA
  • kernel32.dll.RegCloseKey
  • kernel32.dll.RegCreateKeyExW
  • kernel32.dll.RegQueryValueExW
  • gdiplus.dll.GdipGetFontUnit
  • gdiplus.dll.GdipGetFontSize
  • gdiplus.dll.GdipGetFontStyle
  • gdiplus.dll.GdipGetFamily
  • gdiplus.dll.GdipCreateFromHDC
  • gdiplus.dll.GdipGetDpiY
  • gdiplus.dll.GdipGetFontHeight
  • gdiplus.dll.GdipGetEmHeight
  • gdiplus.dll.GdipGetLineSpacing
  • gdiplus.dll.GdipDeleteGraphics
  • gdiplus.dll.GdipCreateFont
  • gdiplus.dll.GdipDeleteFont
  • user32.dll.GetSysColor
  • gdiplus.dll.GdipCreateFontFamilyFromName
  • user32.dll.MonitorFromRect
  • user32.dll.GetMonitorInfoW
  • gdi32.dll.CreateDCW
  • gdi32.dll.DeleteDC
  • oleaut32.dll.OleCreatePictureIndirect
  • ole32.dll.CoGetObjectContext
  • user32.dll.GetIconInfo
  • user32.dll.CopyImage
  • user32.dll.LoadCursorW
  • user32.dll.UpdateWindow
  • gdiplus.dll.GdipLoadImageFromStream
  • windowscodecs.dll.DllGetClassObject
  • kernel32.dll.WerRegisterMemoryBlock
  • gdiplus.dll.GdipImageForceValidation
  • gdiplus.dll.GdipGetImageType
  • gdiplus.dll.GdipGetImageRawFormat
  • gdiplus.dll.GdipImageGetFrameDimensionsCount
  • gdiplus.dll.GdipImageGetFrameDimensionsList
  • gdiplus.dll.GdipGetFamilyName
  • gdi32.dll.CreateCompatibleDC
  • gdi32.dll.GetCurrentObject
  • gdi32.dll.SaveDC
  • gdi32.dll.CreateFontIndirectW
  • gdi32.dll.SelectObject
  • gdi32.dll.GetMapMode
  • gdi32.dll.GetTextMetricsW
  • user32.dll.DrawTextExW
  • gdi32.dll.GetLayout
  • gdi32.dll.GdiRealizationInfo
  • gdi32.dll.FontIsLinked
  • gdi32.dll.GetTextFaceAliasW
  • advapi32.dll.RegQueryValueExA
  • gdi32.dll.GetTextExtentPoint32W
  • gdi32.dll.GetTextExtentExPointWPri
  • user32.dll.GetDoubleClickTime
  • gdiplus.dll.GdipGetImageWidth
  • gdiplus.dll.GdipGetImageHeight
  • gdiplus.dll.GdipCreateBitmapFromScan0
  • gdiplus.dll.GdipGetImagePixelFormat
  • gdiplus.dll.GdipGetImageGraphicsContext
  • gdiplus.dll.GdipGraphicsClear
  • gdiplus.dll.GdipCreateImageAttributes
  • gdiplus.dll.GdipSetImageAttributesColorKeys
  • gdiplus.dll.GdipDrawImageRectRectI
  • gdiplus.dll.GdipDisposeImageAttributes
  • ws2_32.dll.WSAConnect
  • user32.dll.SetTimer
  • user32.dll.GetWindowThreadProcessId
  • user32.dll.IsWindow
  • user32.dll.KillTimer
  • gdiplus.dll.GdipGetLogFontW
  • mscoree.dll.ND_WU1
  • mscoreei.dll.ND_WU1
  • user32.dll.CreateIconFromResourceEx
  • user32.dll.GetCursorPos
  • user32.dll.MonitorFromPoint
  • kernel32.dll.GetCurrentActCtx
  • kernel32.dll.ActivateActCtx
  • user32.dll.GetSystemMenu
  • user32.dll.GetWindowPlacement
  • user32.dll.EnableMenuItem
  • user32.dll.GetWindowTextLengthW
  • user32.dll.SetWindowPos
  • user32.dll.RedrawWindow
  • user32.dll.MapWindowPoints
  • kernel32.dll.RtlMoveMemory
  • user32.dll.InvalidateRect
  • ws2_32.dll.send
  • ws2_32.dll.recv
  • user32.dll.NotifyWinEvent
  • user32.dll.GetFocus
  • gdiplus.dll.GdipBitmapGetPixel
  • user32.dll.SetForegroundWindow
  • user32.dll.GetCursor
  • ole32.dll.CoRegisterMessageFilter
  • imm32.dll.ImmLockIMC
  • imm32.dll.ImmUnlockIMC
  • user32.dll.GetKeyboardLayout
  • imm32.dll.ImmGetOpenStatus
  • imm32.dll.ImmSetCompositionFontW
  • gdi32.dll.SetTextColor
  • gdi32.dll.SetBkColor
  • gdi32.dll.CreateSolidBrush
  • imm32.dll.ImmGetCompositionWindow
  • imm32.dll.ImmSetCompositionWindow
  • user32.dll.PostMessageW
  • gdiplus.dll.GdipCreateHalftonePalette
  • gdi32.dll.SelectPalette
  • gdiplus.dll.GdipSetPageUnit
  • gdiplus.dll.GdipCreateMatrix
  • gdiplus.dll.GdipGetWorldTransform
  • gdiplus.dll.GdipIsMatrixIdentity
  • gdiplus.dll.GdipDeleteMatrix
  • gdiplus.dll.GdipCreateRegion
  • gdiplus.dll.GdipGetClip
  • gdiplus.dll.GdipIsInfiniteRegion
  • gdiplus.dll.GdipDeleteRegion
  • gdiplus.dll.GdipSaveGraphics
  • gdiplus.dll.GdipGetMatrixElements
  • gdiplus.dll.GdipGetDC
  • gdi32.dll.OffsetViewportOrgEx
  • gdi32.dll.GetNearestColor
  • user32.dll.FillRect
  • gdi32.dll.RestoreDC
  • gdiplus.dll.GdipReleaseDC
  • user32.dll.IsWindowUnicode
  • user32.dll.GetMessageA
  • user32.dll.DispatchMessageA
  • user32.dll.BeginPaint
  • user32.dll.EndPaint
  • gdi32.dll.GetObjectType
  • gdi32.dll.CreateCompatibleBitmap
  • gdi32.dll.GetDIBits
  • gdi32.dll.CreateDIBSection
  • gdiplus.dll.GdipTranslateWorldTransform
  • gdiplus.dll.GdipSetClipRectI
  • gdiplus.dll.GdipRestoreGraphics
  • gdiplus.dll.GdipGetRegionHRgn
  • gdi32.dll.CreateRectRgn
  • gdi32.dll.GetClipRgn
  • gdi32.dll.SelectClipRgn
  • user32.dll.DrawFrameControl
  • gdiplus.dll.GdipDrawImageI
  • gdiplus.dll.GdipGetTextRenderingHint
  • gdi32.dll.GetTextAlign
  • gdi32.dll.GetTextColor
  • gdi32.dll.GetBkMode
  • gdi32.dll.SetBkMode
  • gdi32.dll.BitBlt
  • gdiplus.dll.GdipCreateStringFormat
  • gdiplus.dll.GdipSetStringFormatAlign
  • gdiplus.dll.GdipSetStringFormatLineAlign
  • gdiplus.dll.GdipSetStringFormatHotkeyPrefix
  • gdiplus.dll.GdipGetStringFormatFlags
  • gdiplus.dll.GdipSetStringFormatFlags
  • gdiplus.dll.GdipSetStringFormatMeasurableCharacterRanges
  • gdiplus.dll.GdipCreateRegionRectI
  • gdiplus.dll.GdipDeleteStringFormat
  • gdiplus.dll.GdipCreateSolidFill
  • gdiplus.dll.GdipSetClipRegion
  • gdiplus.dll.GdipGetRegionScansCount
  • gdiplus.dll.GdipGetRegionScans
  • gdiplus.dll.GdipCreateRegionRect
  • gdiplus.dll.GdipDeleteBrush
  • gdiplus.dll.GdipCombineRegionRegion
  • gdiplus.dll.GdipDrawImageRectI
  • uxtheme.dll.BufferedPaintInit
  • uxtheme.dll.BeginBufferedPaint
  • uxtheme.dll.EndBufferedPaint
  • user32.dll.WaitMessage
  • kernel32.dll.DeactivateActCtx
  • user32.dll.DestroyWindow
  • security.dll.EnumerateSecurityPackagesW
  • security.dll.FreeContextBuffer
  • cryptsp.dll.SystemFunction035
  • mscoree.dll.ND_RI4
  • mscoreei.dll.ND_RI4
  • security.dll.FreeCredentialsHandle
  • security.dll.AcquireCredentialsHandleW
  • schannel.dll.SpUserModeInitialize
  • advapi32.dll.RegCreateKeyExW
  • security.dll.DeleteSecurityContext
  • security.dll.InitializeSecurityContextW
  • user32.dll.GetKeyState
  • user32.dll.SetCursor
  • comctl32.dll._TrackMouseEvent
  • oleaut32.dll.SysAllocString
  • oleaut32.dll.SysStringLen
  • oleaut32.dll.SysFreeString
  • secur32.dll.FreeContextBuffer
  • ncrypt.dll.SslOpenProvider
  • ncrypt.dll.GetSChannelInterface
  • ncrypt.dll.SslIncrementProviderReferenceCount
  • ncrypt.dll.SslImportKey
  • bcryptprimitives.dll.GetCipherInterface
  • security.dll.QueryContextAttributesW
  • ncrypt.dll.SslLookupCipherSuiteInfo
  • crypt32.dll.CertFreeCertificateContext
  • crypt32.dll.CertDuplicateStore
  • crypt32.dll.CertEnumCertificatesInStore
  • crypt32.dll.CertFreeCertificateChain
  • crypt32.dll.CertOpenStore
  • crypt32.dll.CertAddCertificateLinkToStore
  • crypt32.dll.CertGetCertificateChain
  • bcryptprimitives.dll.GetSignatureInterface
  • crypt32.dll.CertDuplicateCertificateChain
  • crypt32.dll.CertVerifyCertificateChainPolicy
  • security.dll.EncryptMessage
  • ncrypt.dll.SslEncryptPacket
  • security.dll.DecryptMessage
  • ncrypt.dll.SslDecryptPacket
  • user32.dll.GetActiveWindow
  • user32.dll.EnumThreadWindows
  • user32.dll.MessageBoxW
  • user32.dll.GetCapture
  • kernel32.dll.CreateProcessW
  • user32.dll.PostThreadMessageW
  • user32.dll.DestroyIcon
  • uxtheme.dll.BufferedPaintUnInit
  • user32.dll.SetClassLongPtrW
  • user32.dll.UnregisterClassW
  • kernel32.dll.DeleteAtom
  • user32.dll.DestroyCursor
  • ncrypt.dll.SslDecrementProviderReferenceCount
  • ncrypt.dll.SslFreeObject
  • kernel32.dll.CreateActCtxW
  • kernel32.dll.AddRefActCtx
  • kernel32.dll.ReleaseActCtx
  • kernel32.dll.QueryActCtxW
  • advapi32.dll.EventUnregister
  • ole32.dll.CoGetApartmentType
  • comctl32.dll.#236
  • comctl32.dll.#323
  • advapi32.dll.RegEnumKeyW
  • advapi32.dll.OpenThreadToken
  • ole32.dll.StringFromGUID2
  • apphelp.dll.ApphelpCheckShellObject
  • urlmon.dll.CreateUri
  • kernel32.dll.InitializeSRWLock
  • kernel32.dll.AcquireSRWLockShared
  • kernel32.dll.ReleaseSRWLockShared
  • advapi32.dll.AddMandatoryAce
  • ole32.dll.CoAllowSetForegroundWindow