魔盾安全分析报告

分析类型 开始时间 结束时间 持续时间 分析引擎版本
FILE 2016-10-20 18:50:02 2016-10-20 18:52:35 153 秒 1.4-Maldun
虚拟机机器名 标签 虚拟机管理 开机时间 关机时间
win7-sp1-x64-2 win7-sp1-x64-2 KVM 2016-10-20 18:50:02 2016-10-20 18:52:35
魔盾分数

10.0

恶意的

文件详细信息

文件名 143741d7ec789d40c632f9994772854d.html
文件大小 73373 字节
文件类型 HTML document, UTF-8 Unicode text, with very long lines, with CRLF, CR, LF line terminators
CRC32 28EAA6E2
MD5 143741d7ec789d40c632f9994772854d
SHA1 8b945791c9b80ab48e90fa0adaa53b5a9e6c55c0
SHA256 57bbd96dabeb68f81392e0c376ebb48a92b875fc70fe34a4f9bbe02165fb15ec
SHA512 0621559e4c1d5a7a8fdca5a38e82773865de3366b7cd833bb905e5684312d0fdc600c40075155bf145e10732cb05463ac24b02115a385732ec4537e27a760092
Ssdeep 1536:YoVgz250jLUwHZiGZs69yP0yP6oERv0vQ:JGUw5ByP0yPyso
PEiD 无匹配
Yara 无Yara规则匹配
VirusTotal VirusTotal链接
VirusTotal扫描时间: 2016-08-31 18:31:27
扫描结果: 20/56

特征

发起了一些HTTP请求
url: http://fonts.googleapis.com/css?family=Tangerine|Pacifico|Gloria+Hallelujah|Monofett|Geostar|Nosifer
url: http://revegeneral.org/media/system/css/modal.css
url: http://revegeneral.org/components/com_flexicontent/assets/css/flexicontent.css
url: http://revegeneral.org/plugins/system/SocialMediaPresence/socialstyle.css
url: http://revegeneral.org/plugins/editors/jckeditor/typography/typography2.php
url: http://revegeneral.org/components/com_komento/assets/css/module.css
url: http://revegeneral.org/media/mod_tquotes/css/tquote.css
url: http://revegeneral.org/components/com_k2/css/k2.css
url: http://revegeneral.org/media/mod_tquotes/css/tquote1.css
url: http://revegeneral.org/media/mod_tquotes/css/tquote2.css
url: http://revegeneral.org/media/sourcecoast/css/sc_bootstrap.css
url: http://revegeneral.org/media/sourcecoast/css/common.css
url: http://revegeneral.org/media/sourcecoast/themes/sclogin/default.css
url: http://revegeneral.org/media/system/js/mootools-core.js
url: http://revegeneral.org/components/com_flexicontent/librairies/select2/select2.css
url: http://revegeneral.org/media/modals/css/bootstrap.min.css
url: http://revegeneral.org/plugins/system/rokbox/assets/styles/rokbox.css
url: http://revegeneral.org/freichat/client/jquery/freichat_themes/freichatcss.php
url: http://revegeneral.org/plugins/system/rokbox/assets/fonts/rokbox.eot
url: http://revegeneral.org/freichat/client/themes/silver/styles.css
url: http://fonts.gstatic.com/s/tangerine/v7/HGfsyCL5WASpHOFnouG-RPY6323mHUZFJMgTvxaG2iE.eot
url: http://fonts.gstatic.com/s/geostar/v6/IcataThX2txXS5f602ccTA.eot
url: http://fonts.gstatic.com/s/gloriahallelujah/v8/CA1k7SlXcY5kvI81M_R28RWp_va1cOkgzoB8dfDAF9k.eot
url: http://fonts.gstatic.com/s/nosifer/v5/22TLRN_sb7eGnW3UzCoN7w.eot
url: http://fonts.gstatic.com/s/pacifico/v7/-vGerp1w0ZI2FbLjP6XX__esZW2xOQ-xsNqO47m55DA.eot
url: http://fonts.gstatic.com/s/monofett/v6/zgcqY-au-yAst5CiOkK_e_esZW2xOQ-xsNqO47m55DA.eot
url: http://revegeneral.org/media/system/js/core.js
url: http://revegeneral.org/media/jui/js/jquery.min.js
url: http://revegeneral.org/media/jui/js/jquery-noconflict.js
url: http://revegeneral.org/media/jui/js/jquery-migrate.min.js
url: http://revegeneral.org/components/com_k2/js/k2.js?v2.6.9&sitepath=/
url: http://revegeneral.org/media/system/js/mootools-more.js
url: http://revegeneral.org/media/jui/js/jquery.ui.core.min.js
url: http://revegeneral.org/media/jui/js/jquery.ui.sortable.min.js
url: http://revegeneral.org/components/com_flexicontent/librairies/jquery/js/jquery-ui/jquery.ui.autocomplete.min.js
url: http://revegeneral.org/components/com_flexicontent/librairies/select2/select2.js
url: http://revegeneral.org/components/com_flexicontent/assets/js/tmpl-common.js
url: http://revegeneral.org/media/jui/js/bootstrap.min.js
url: http://revegeneral.org/media/modals/js/jquery.colorbox-min.js
url: http://revegeneral.org/media/modals/js/script.min.js
url: http://revegeneral.org/plugins/system/rokbox/assets/js/rokbox.js
url: http://revegeneral.org/media/system/js/modal.js
url: http://revegeneral.org/media/plg_system_eprivacy/js/mthash.js
url: http://revegeneral.org/media/plg_system_eprivacy/js/eprivacy.js
url: http://revegeneral.org/freichat/client/main.php?id=4ea271nu2mo6f9l95s864l8jt3&xhash=abd7c5566664dc18d8b345e41efad8a1
url: http://revegeneral.org/media/com_wrapper/js/iframe-height.min.js
url: http://revegeneral.org/media/sourcecoast/js/mod_sclogin.js
url: http://revegeneral.org//plugins/system/videobox/css/videobox.css
url: http://revegeneral.org//plugins/system/videobox/js/jquery.min.js
url: http://revegeneral.org//plugins/system/videobox/css/functions.css
url: http://revegeneral.org//plugins/system/videobox/js/videobox.js
url: http://revegeneral.org//plugins/system/videobox/js/functions.js
url: http://revegeneral.org/media/sourcecoast/js/jquery.placeholder.js
url: http://revegeneral.org/modules/mod_swmenufree/jquery-1.6.min.js
url: http://revegeneral.org/modules/mod_swmenufree/jquery.corner.js
url: http://revegeneral.org/modules/mod_swmenufree/transmenu_Packed.js
尝试断开连接或更改Cuckoo监控的Windows功能
unhook: function_name: CreateWindowExW, type: modification
文件已被至少十个VirusTotal上的反病毒引擎检测为病毒
Bkav: JS.eIframeTrojanjQuery.A7EB
McAfee: JS/Redirector.db
Baidu: JS.Trojan-Downloader.FakejQuery.a
ESET-NOD32: JS/TrojanDownloader.FakejQuery.A
Avast: JS:Injection-I [Trj]
GData: Script.Trojan.FakeJQuery.B
NANO-Antivirus: Trojan.Script.Redirector.efelwn
DrWeb: JS.Redirector.304
VIPRE: Trojan.JS.Redirector.qe (v)
McAfee-GW-Edition: JS/Redirector.db
Sophos: Troj/JSRedir-RX
Avira: HTML/ExpKit.Gen2
Antiy-AVL: Trojan/Generic.ASMalwRG.43
Microsoft: Trojan:JS/Redirector.QE
AVware: Trojan.JS.Redirector.qe (v)
Rising: Downloader.FakejQuery!8.7B40 (shepherd)
Ikarus: Trojan.JS.FakejQuery
Fortinet: JS/Moat.5BFF32D1!tr
AVG: XPL/Def.DM.90_123
Qihoo-360: html.script.facelike.c
魔盾wping.org 域名信誉系统
灰名单: revegeneral.org
魔盾wping.org IP地址信誉系统
灰名单: 77.134.88.39

运行截图

网络分析

访问主机记录

直接访问 IP地址 国家名
77.134.88.39 France
203.208.51.64 China
203.208.39.255 China

域名解析

域名 响应
revegeneral.org A 77.134.88.39
fonts.googleapis.com A 203.208.51.70
A 203.208.51.71
A 203.208.51.72
A 203.208.51.67
A 203.208.51.73
A 203.208.51.66
A 203.208.51.65
A 203.208.51.64
CNAME googleadapis.l.google.com
A 203.208.51.69
A 203.208.51.78
A 203.208.51.68
fonts.gstatic.com A 203.208.39.239
A 203.208.39.247
A 203.208.39.255
A 203.208.39.248
CNAME gstaticadssl.l.google.com

TCP连接

IP地址 端口
203.208.39.255 80
203.208.39.255 80
203.208.39.255 80
203.208.39.255 80
203.208.39.255 80
203.208.51.64 80
77.134.88.39 80
77.134.88.39 80
77.134.88.39 80
77.134.88.39 80
77.134.88.39 80
77.134.88.39 80
77.134.88.39 80
77.134.88.39 80
77.134.88.39 80

UDP连接

IP地址 端口
192.168.122.1 53
192.168.122.1 53
192.168.122.1 53

HTTP请求

URL HTTP数据
http://fonts.googleapis.com/css?family=Tangerine|Pacifico|Gloria+Hallelujah|Monofett|Geostar|Nosifer 
GET /css?family=Tangerine|Pacifico|Gloria+Hallelujah|Monofett|Geostar|Nosifer HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: fonts.googleapis.com
Connection: Keep-Alive
http://revegeneral.org/media/system/css/modal.css 
GET /media/system/css/modal.css HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: revegeneral.org
Connection: Keep-Alive
http://revegeneral.org/components/com_flexicontent/assets/css/flexicontent.css 
GET /components/com_flexicontent/assets/css/flexicontent.css HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: revegeneral.org
Connection: Keep-Alive
http://revegeneral.org/plugins/system/SocialMediaPresence/socialstyle.css 
GET /plugins/system/SocialMediaPresence/socialstyle.css HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: revegeneral.org
Connection: Keep-Alive
http://revegeneral.org/plugins/editors/jckeditor/typography/typography2.php 
GET /plugins/editors/jckeditor/typography/typography2.php HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: revegeneral.org
Connection: Keep-Alive
http://revegeneral.org/components/com_komento/assets/css/module.css 
GET /components/com_komento/assets/css/module.css HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: revegeneral.org
Connection: Keep-Alive
http://revegeneral.org/media/mod_tquotes/css/tquote.css 
GET /media/mod_tquotes/css/tquote.css HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: revegeneral.org
Connection: Keep-Alive
http://revegeneral.org/components/com_k2/css/k2.css 
GET /components/com_k2/css/k2.css HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: revegeneral.org
Connection: Keep-Alive
http://revegeneral.org/media/mod_tquotes/css/tquote1.css 
GET /media/mod_tquotes/css/tquote1.css HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: revegeneral.org
Connection: Keep-Alive
http://revegeneral.org/media/mod_tquotes/css/tquote2.css 
GET /media/mod_tquotes/css/tquote2.css HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: revegeneral.org
Connection: Keep-Alive
http://revegeneral.org/media/sourcecoast/css/sc_bootstrap.css 
GET /media/sourcecoast/css/sc_bootstrap.css HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: revegeneral.org
Connection: Keep-Alive
http://revegeneral.org/media/sourcecoast/css/common.css 
GET /media/sourcecoast/css/common.css HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: revegeneral.org
Connection: Keep-Alive
http://revegeneral.org/media/sourcecoast/themes/sclogin/default.css 
GET /media/sourcecoast/themes/sclogin/default.css HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: revegeneral.org
Connection: Keep-Alive
http://revegeneral.org/media/system/js/mootools-core.js 
GET /media/system/js/mootools-core.js HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: revegeneral.org
Connection: Keep-Alive
http://revegeneral.org/components/com_flexicontent/librairies/select2/select2.css 
GET /components/com_flexicontent/librairies/select2/select2.css HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: revegeneral.org
Connection: Keep-Alive
http://revegeneral.org/media/modals/css/bootstrap.min.css 
GET /media/modals/css/bootstrap.min.css HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: revegeneral.org
Connection: Keep-Alive
http://revegeneral.org/plugins/system/rokbox/assets/styles/rokbox.css 
GET /plugins/system/rokbox/assets/styles/rokbox.css HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: revegeneral.org
Connection: Keep-Alive
http://revegeneral.org/freichat/client/jquery/freichat_themes/freichatcss.php 
GET /freichat/client/jquery/freichat_themes/freichatcss.php HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: revegeneral.org
Connection: Keep-Alive
http://revegeneral.org/plugins/system/rokbox/assets/fonts/rokbox.eot 
GET /plugins/system/rokbox/assets/fonts/rokbox.eot HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: revegeneral.org
Connection: Keep-Alive
Cookie: PHPSESSID=j1cetetnk6g5d2e133kr7scbj0
http://revegeneral.org/freichat/client/themes/silver/styles.css 
GET /freichat/client/themes/silver/styles.css HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: revegeneral.org
Connection: Keep-Alive
Cookie: PHPSESSID=j1cetetnk6g5d2e133kr7scbj0
http://fonts.gstatic.com/s/tangerine/v7/HGfsyCL5WASpHOFnouG-RPY6323mHUZFJMgTvxaG2iE.eot 
GET /s/tangerine/v7/HGfsyCL5WASpHOFnouG-RPY6323mHUZFJMgTvxaG2iE.eot HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: fonts.gstatic.com
Connection: Keep-Alive
http://fonts.gstatic.com/s/geostar/v6/IcataThX2txXS5f602ccTA.eot 
GET /s/geostar/v6/IcataThX2txXS5f602ccTA.eot HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: fonts.gstatic.com
Connection: Keep-Alive
http://fonts.gstatic.com/s/gloriahallelujah/v8/CA1k7SlXcY5kvI81M_R28RWp_va1cOkgzoB8dfDAF9k.eot 
GET /s/gloriahallelujah/v8/CA1k7SlXcY5kvI81M_R28RWp_va1cOkgzoB8dfDAF9k.eot HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: fonts.gstatic.com
Connection: Keep-Alive
http://fonts.gstatic.com/s/nosifer/v5/22TLRN_sb7eGnW3UzCoN7w.eot 
GET /s/nosifer/v5/22TLRN_sb7eGnW3UzCoN7w.eot HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: fonts.gstatic.com
Connection: Keep-Alive
http://fonts.gstatic.com/s/pacifico/v7/-vGerp1w0ZI2FbLjP6XX__esZW2xOQ-xsNqO47m55DA.eot 
GET /s/pacifico/v7/-vGerp1w0ZI2FbLjP6XX__esZW2xOQ-xsNqO47m55DA.eot HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: fonts.gstatic.com
Connection: Keep-Alive
http://fonts.gstatic.com/s/monofett/v6/zgcqY-au-yAst5CiOkK_e_esZW2xOQ-xsNqO47m55DA.eot 
GET /s/monofett/v6/zgcqY-au-yAst5CiOkK_e_esZW2xOQ-xsNqO47m55DA.eot HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: fonts.gstatic.com
Connection: Keep-Alive
http://revegeneral.org/media/system/js/core.js 
GET /media/system/js/core.js HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: revegeneral.org
Connection: Keep-Alive
Cookie: PHPSESSID=j1cetetnk6g5d2e133kr7scbj0
http://revegeneral.org/media/jui/js/jquery.min.js 
GET /media/jui/js/jquery.min.js HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: revegeneral.org
Connection: Keep-Alive
Cookie: PHPSESSID=j1cetetnk6g5d2e133kr7scbj0
http://revegeneral.org/media/jui/js/jquery-noconflict.js 
GET /media/jui/js/jquery-noconflict.js HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: revegeneral.org
Connection: Keep-Alive
Cookie: PHPSESSID=j1cetetnk6g5d2e133kr7scbj0
http://revegeneral.org/media/jui/js/jquery-migrate.min.js 
GET /media/jui/js/jquery-migrate.min.js HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: revegeneral.org
Connection: Keep-Alive
Cookie: PHPSESSID=j1cetetnk6g5d2e133kr7scbj0
http://revegeneral.org/components/com_k2/js/k2.js?v2.6.9&sitepath=/ 
GET /components/com_k2/js/k2.js?v2.6.9&sitepath=/ HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: revegeneral.org
Connection: Keep-Alive
Cookie: PHPSESSID=j1cetetnk6g5d2e133kr7scbj0
http://revegeneral.org/media/system/js/mootools-more.js 
GET /media/system/js/mootools-more.js HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: revegeneral.org
Connection: Keep-Alive
Cookie: PHPSESSID=j1cetetnk6g5d2e133kr7scbj0
http://revegeneral.org/media/jui/js/jquery.ui.core.min.js 
GET /media/jui/js/jquery.ui.core.min.js HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: revegeneral.org
Connection: Keep-Alive
Cookie: PHPSESSID=j1cetetnk6g5d2e133kr7scbj0
http://revegeneral.org/media/jui/js/jquery.ui.sortable.min.js 
GET /media/jui/js/jquery.ui.sortable.min.js HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: revegeneral.org
Connection: Keep-Alive
Cookie: PHPSESSID=j1cetetnk6g5d2e133kr7scbj0
http://revegeneral.org/components/com_flexicontent/librairies/jquery/js/jquery-ui/jquery.ui.autocomplete.min.js 
GET /components/com_flexicontent/librairies/jquery/js/jquery-ui/jquery.ui.autocomplete.min.js HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: revegeneral.org
Connection: Keep-Alive
Cookie: PHPSESSID=j1cetetnk6g5d2e133kr7scbj0
http://revegeneral.org/components/com_flexicontent/librairies/select2/select2.js 
GET /components/com_flexicontent/librairies/select2/select2.js HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: revegeneral.org
Connection: Keep-Alive
Cookie: PHPSESSID=j1cetetnk6g5d2e133kr7scbj0
http://revegeneral.org/components/com_flexicontent/assets/js/tmpl-common.js 
GET /components/com_flexicontent/assets/js/tmpl-common.js HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: revegeneral.org
Connection: Keep-Alive
Cookie: PHPSESSID=j1cetetnk6g5d2e133kr7scbj0
http://revegeneral.org/media/jui/js/bootstrap.min.js 
GET /media/jui/js/bootstrap.min.js HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: revegeneral.org
Connection: Keep-Alive
Cookie: PHPSESSID=j1cetetnk6g5d2e133kr7scbj0
http://revegeneral.org/media/modals/js/jquery.colorbox-min.js 
GET /media/modals/js/jquery.colorbox-min.js HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: revegeneral.org
Connection: Keep-Alive
Cookie: PHPSESSID=j1cetetnk6g5d2e133kr7scbj0
http://revegeneral.org/media/modals/js/script.min.js 
GET /media/modals/js/script.min.js HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: revegeneral.org
Connection: Keep-Alive
Cookie: PHPSESSID=j1cetetnk6g5d2e133kr7scbj0
http://revegeneral.org/plugins/system/rokbox/assets/js/rokbox.js 
GET /plugins/system/rokbox/assets/js/rokbox.js HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: revegeneral.org
Connection: Keep-Alive
Cookie: PHPSESSID=j1cetetnk6g5d2e133kr7scbj0
http://revegeneral.org/media/system/js/modal.js 
GET /media/system/js/modal.js HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: revegeneral.org
Connection: Keep-Alive
Cookie: PHPSESSID=j1cetetnk6g5d2e133kr7scbj0
http://revegeneral.org/media/plg_system_eprivacy/js/mthash.js 
GET /media/plg_system_eprivacy/js/mthash.js HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: revegeneral.org
Connection: Keep-Alive
Cookie: PHPSESSID=j1cetetnk6g5d2e133kr7scbj0
http://revegeneral.org/media/plg_system_eprivacy/js/eprivacy.js 
GET /media/plg_system_eprivacy/js/eprivacy.js HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: revegeneral.org
Connection: Keep-Alive
Cookie: PHPSESSID=j1cetetnk6g5d2e133kr7scbj0
http://revegeneral.org/freichat/client/main.php?id=4ea271nu2mo6f9l95s864l8jt3&xhash=abd7c5566664dc18d8b345e41efad8a1 
GET /freichat/client/main.php?id=4ea271nu2mo6f9l95s864l8jt3&xhash=abd7c5566664dc18d8b345e41efad8a1 HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: revegeneral.org
Connection: Keep-Alive
Cookie: PHPSESSID=j1cetetnk6g5d2e133kr7scbj0
http://revegeneral.org/media/com_wrapper/js/iframe-height.min.js 
GET /media/com_wrapper/js/iframe-height.min.js HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: revegeneral.org
Connection: Keep-Alive
Cookie: PHPSESSID=j1cetetnk6g5d2e133kr7scbj0
http://revegeneral.org/media/sourcecoast/js/mod_sclogin.js 
GET /media/sourcecoast/js/mod_sclogin.js HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: revegeneral.org
Connection: Keep-Alive
Cookie: PHPSESSID=j1cetetnk6g5d2e133kr7scbj0
http://revegeneral.org//plugins/system/videobox/css/videobox.css 
GET //plugins/system/videobox/css/videobox.css HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: revegeneral.org
Connection: Keep-Alive
Cookie: PHPSESSID=j1cetetnk6g5d2e133kr7scbj0
http://revegeneral.org//plugins/system/videobox/js/jquery.min.js 
GET //plugins/system/videobox/js/jquery.min.js HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: revegeneral.org
Connection: Keep-Alive
Cookie: PHPSESSID=j1cetetnk6g5d2e133kr7scbj0
http://revegeneral.org//plugins/system/videobox/css/functions.css 
GET //plugins/system/videobox/css/functions.css HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: revegeneral.org
Connection: Keep-Alive
Cookie: PHPSESSID=j1cetetnk6g5d2e133kr7scbj0
http://revegeneral.org//plugins/system/videobox/js/videobox.js 
GET //plugins/system/videobox/js/videobox.js HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: revegeneral.org
Connection: Keep-Alive
Cookie: PHPSESSID=j1cetetnk6g5d2e133kr7scbj0
http://revegeneral.org//plugins/system/videobox/js/functions.js 
GET //plugins/system/videobox/js/functions.js HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: revegeneral.org
Connection: Keep-Alive
Cookie: PHPSESSID=j1cetetnk6g5d2e133kr7scbj0
http://revegeneral.org/media/sourcecoast/js/jquery.placeholder.js 
GET /media/sourcecoast/js/jquery.placeholder.js HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: revegeneral.org
Connection: Keep-Alive
Cookie: PHPSESSID=j1cetetnk6g5d2e133kr7scbj0
http://revegeneral.org/modules/mod_swmenufree/jquery-1.6.min.js 
GET /modules/mod_swmenufree/jquery-1.6.min.js HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: revegeneral.org
Connection: Keep-Alive
Cookie: PHPSESSID=j1cetetnk6g5d2e133kr7scbj0
http://revegeneral.org/modules/mod_swmenufree/jquery.corner.js 
GET /modules/mod_swmenufree/jquery.corner.js HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: revegeneral.org
Connection: Keep-Alive
Cookie: PHPSESSID=j1cetetnk6g5d2e133kr7scbj0
http://revegeneral.org/modules/mod_swmenufree/transmenu_Packed.js 
GET /modules/mod_swmenufree/transmenu_Packed.js HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: revegeneral.org
Connection: Keep-Alive
Cookie: PHPSESSID=j1cetetnk6g5d2e133kr7scbj0

静态分析

无信息

投放文件

modal[1].js

文件名 modal[1].js
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\modal[1].js
文件大小 10127 bytes
文件类型 UTF-8 Unicode text, with very long lines
MD5 e9b6a8290967133c0fb20baa4dc79484
SHA1 5d8bdcc312e81e1ad3fe6bf1d9f8cade583f8c56
SHA256 bb0d7bdcac2da7402e126ad96a388ce507fa972b741323a5a40ea65df2076b8d
SHA512 dfd3c92e62280484b123ebec07089725dc42d4b483a0d8322248ccd4b2aeddc675731e88606e3dc0fb196e1efc67086038936775a78061ed840f8e0bb2ea9f8b
Ssdeep 192:aLFQzkb7avfyG/2dwEZunhnJONh6SNaeAG:aLFQzkMfve+EZuhnwh6S5AG
Yara 无匹配
VirusTotal 搜索相关分析

core[1].js

文件名 core[1].js
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\core[1].js
文件大小 5680 bytes
文件类型 UTF-8 Unicode text, with very long lines
MD5 a32889dc9186e95a44fe0bd73a6ff5c1
SHA1 5693a611c8801b9d86c18212d0c6187bedefdaca
SHA256 40ce33e05603d4dd57e70a5dd5be839b1779dbd1997bc0b84613eabca077f016
SHA512 41df78ae05804b18d98fe3eed5a7c56b3c10bbe42870e10739b55d7f655e15bc093fc3b34dc652a58c28de52d6df5652173f93477b52aacba70f7e3140914610
Ssdeep 96:MfdyOjt4axflb2yAzGrfZLJmR2cyu29Uh9qLog/SuhQ4yw5vqI8+So:MdyOjt4aRUyAyjZVW2cyumUh91g/dq4b
Yara 无匹配
VirusTotal 搜索相关分析

index.dat

文件名 index.dat
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
文件大小 245760 bytes
文件类型 Internet Explorer cache file version Ver 5.2
MD5 61c8de1b9d6548ee72945fcc73b464a1
SHA1 e1216ee9ef61dfc65c7a432eb5bc16b554d4ef53
SHA256 6ba195ed3423bff73b8b773cf93dea55e162c987c86aad28b0e84e02f42f117e
SHA512 27bee2880917fcaa27fa09e97c7865831a15310f7289c52d6993fbc8931a1d8ca4b75878ab8d9097c57e09a252b4ec6c71440912442b451ffb6397c93e72f371
Ssdeep 1536:cNyZsaNf7I0ZuqrM9ETLmGgkd9afr0HBxYmbJh33uW/i+xxQ9k:cYsad7I0ZuqrM9E+0UmbP33/TxxQ
Yara
  • NET ()
VirusTotal 搜索相关分析

modal[1].css

文件名 modal[1].css
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\modal[1].css
文件大小 3016 bytes
文件类型 UTF-8 Unicode text
MD5 cfcbc429942d3f72e9e483ebf430f4f3
SHA1 f28398768b27b58d61c0791f7097c42b2f5ed556
SHA256 1bca4e822e6aee3528e2bb3f376e7bc8aa2936970ef0d21dc90cd0fceda310a2
SHA512 8fc169e2fa79e9cb474028f946a148c67fdd39adf080e70e4dae38f95d0dd4aafa9994ba263a3c8398dd497c7cb1cfde3ab73bd22eb8a285adb73a1c163011aa
Ssdeep 48:gJWGXrMCerjxW3XrXXB+15BoAD2WJmKZuDrgkNIDeIYN6kXHYcYr1eBXZt0:qXK54gHBoApmKC7IKzN6mHYPr0K
Yara 无匹配
VirusTotal 搜索相关分析

tmpl-common[1].js

文件名 tmpl-common[1].js
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\tmpl-common[1].js
文件大小 11689 bytes
文件类型 ASCII text
MD5 2e2cc88dd4c183d8c0f050e1fd2ff7b7
SHA1 94a30eb570f063be9a8cd3d24bd827c913dcac80
SHA256 adf7247f72729a5715ede561e9f95152977f0f845379e30ad5a3baaeed3098c1
SHA512 e24fbc231c295230f12652db1643a81a9eb9398bd9c27d7e390ff18ef4c1429cabfbdb3d8a46432d8521ec7a3d30d1f347f67f12bc76747bcc573976e79cf874
Ssdeep 192:muRl7iBiBlw8hmVzaFsgnUiBz/AwvY84u3pZzFH:T+BiI8hmVzreBz/RvY8hZzFH
Yara 无匹配
VirusTotal 搜索相关分析

HGfsyCL5WASpHOFnouG-RPY6323mHUZFJMgTvxaG2iE[1].eot

文件名 HGfsyCL5WASpHOFnouG-RPY6323mHUZFJMgTvxaG2iE[1].eot
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\HGfsyCL5WASpHOFnouG-RPY6323mHUZFJMgTvxaG2iE[1].eot
文件大小 22717 bytes
文件类型 Embedded OpenType (EOT)
MD5 3d68d2d0e42db3ddadc84301d099bf51
SHA1 c13b6e58e19a6e0aa6d8946e259d5d5eacfa4c3e
SHA256 ab221b92cea3a709acf13ee64c2d05e2560db242b7c4304b80e21328448618fb
SHA512 c0201ef693a890edefc7adcfcd0a2ab83aa9417f674e19cd476192351401534895c1de50a87cf4f4aab0cc17aba4383a16f128a05d91c149bc856405a67f712d
Ssdeep 384:dSn+EN1FIF0Ny/O9evgCydQiLOiW5JPcfV5GRnJY7vc7ZtLT+Q7K/b7bx1DYn:M+Sw0Ny/O9OgvdQJiOFJ6vMt3+ic7bxs
Yara 无匹配
VirusTotal 搜索相关分析

{EA803A84-3864-11E6-8AD3-525400BD8512}.dat

文件名 {EA803A84-3864-11E6-8AD3-525400BD8512}.dat
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{EA803A84-3864-11E6-8AD3-525400BD8512}.dat
文件大小 6656 bytes
文件类型 Composite Document File V2 Document, No summary info
MD5 abfffb9b3926f5e22db61567f309f12f
SHA1 1259a06f9862c34ee0ee3d6222b06c60f456d6ac
SHA256 2de0c4f9f9a156be3b4f5cad08294f538d5d7c78eb5b752826505d22c5fd14a0
SHA512 74d0c97ba4cf3645df5460bb7cbbcd339446af0c66a44e722a7eb2afcc7f6fc188c92e8ad2ae73e2491fd8f193a3a1cd7286644d3ec05e3affd6584199918b19
Ssdeep 48:rK5QUwoYD+QgCVUwoYD+QgCn/Rngi7UoCn/RngiED+QJD+QwD+Qe:1xpTgCVxpTgCJnPooCJnPgT9T0Te
Yara 无匹配
VirusTotal 搜索相关分析

mod_sclogin[1].js

文件名 mod_sclogin[1].js
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\mod_sclogin[1].js
文件大小 3456 bytes
文件类型 ASCII text
MD5 3a0e53d001d2f3864b794e49b376abc6
SHA1 ac26314c5d4e02617cb7977926044f16be2bec6f
SHA256 622f737b773c35cc0c9dd9dd53953d2a87ed15515dc9915036196072244b94b5
SHA512 57ef67cdb977f68a9705731e12467dbfe247f4d76c8aae2399ecf1d423b1d775b6550ffcbac3b9334cb14c32e4e38004788be30283b8507402aa8d08a6d15ee6
Ssdeep 96:6jyjZiN4gY1lbhvEwpEiKrEUK/1JWqNycCJ/V6mXfzGykO4fElKJJf:gW9fNEwpEiKrEUK/1JWqNycCJ/jyykOo
Yara 无匹配
VirusTotal 搜索相关分析

jquery.colorbox-min[1].js

文件名 jquery.colorbox-min[1].js
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\jquery.colorbox-min[1].js
文件大小 11885 bytes
文件类型 ASCII text, with very long lines
MD5 da2d04baa23b2df3337c8e41db46c6a9
SHA1 beb17e239fc381a190d04745ab1d2439a4cf13f0
SHA256 ae9a546337f6cecd89b87a4986e145f6e596b3ea929d1b00374efa1b61f58a76
SHA512 801e15f9ca602319a45bc4a8b0257f4b7f963d4be1ebb9d9a8e23045bd0c2099c6f1652ca80548c7022b497f1dce612d873aa2b30df7cfa4d9670d00ca414944
Ssdeep 192:xc4qxo1kDXwm79oXw2JOuLq/9czy++gBa+JBL1FJ37C6+OnQs:xc1EkDXV9+D3Jp937RL
Yara 无匹配
VirusTotal 搜索相关分析

bootstrap.min[1].css

文件名 bootstrap.min[1].css
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\bootstrap.min[1].css
文件大小 4378 bytes
文件类型 ASCII text, with very long lines, with no line terminators
MD5 f17ddc087f93f2eed0e112b2f5aa2a68
SHA1 29a28976ca3a949836ebe496cde340effc71433d
SHA256 e117415e789603e1a71a1cb2839acfadef9c9575ac68e0168f69517ca455d2dc
SHA512 efcec1c7a5c187bb90125134d0050662beab840454953cad1672955b33950f6d69bd9373e66931e272a5cc65234c34f93915f03c4fd68c211c38d0a6b75fc95c
Ssdeep 48:nNfJYfp3ADMPcQbWT7CKv9ZpzgrUcIJgrUchHfb3z+wBTbBgrUcdKNdpxN:NfY3xjeCKxcUcBUc1PXBPaUcdKVz
Yara 无匹配
VirusTotal 搜索相关分析

IcataThX2txXS5f602ccTA[1].eot

文件名 IcataThX2txXS5f602ccTA[1].eot
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\IcataThX2txXS5f602ccTA[1].eot
文件大小 15688 bytes
文件类型 Embedded OpenType (EOT)
MD5 603b4a29d1b1a9f5784ced4bb9721f4f
SHA1 d47aa63ad3c424cb3143ca26863fd846eb23d274
SHA256 1282db0f88083bda6eeebe895218fb5d362eed2a1673daef30b306817aa2beed
SHA512 ca4050a71a5ebefa18c52871f10a48c7cb2d7c5a0ef5ede99c97f08286d7019a5bb44fe0ebe13adefb0fbf59b3b8d9c544b571205a3333afba37ff24cb2aaacf
Ssdeep 384:C38X8wDBYsduwYTwTMXOlqmhJccnqlXMMF2hp7:8cB6xVTdXOl7nnIXMQCR
Yara 无匹配
VirusTotal 搜索相关分析

css[1].txt

文件名 css[1].txt
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\css[1].txt
文件大小 1077 bytes
文件类型 ASCII text
MD5 77aa98dd245ddd4270f04bf94ac0d571
SHA1 504e789d7c39ac27e209ccadb46b4ce78c456848
SHA256 1b22241dd3300d036f8084780814d70de415bbd5d3589ec09a7576c792485086
SHA512 86bfd59ecfc20a464ed43d06fe2a1f1b3f127a7d6b7944bd8b6df6a82f54946f0d8d53cb20c6629544f70edc55d593e784b21bda5f18b09a0aaa4673d8c790cf
Ssdeep 24:5ZMOYsK07wVOYsKIeVS2pBOYsK2rKaixOYsKIL1OYsKjF1KaiIOYsK85FDc:AOLK1OLKIcSsOLKcpsOLKmOLKjF1pxOm
Yara 无匹配
VirusTotal 搜索相关分析

eprivacy[1].js

文件名 eprivacy[1].js
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\eprivacy[1].js
文件大小 12863 bytes
文件类型 ASCII text
MD5 7a2b8a1039f38c79a14563c91a8dde6a
SHA1 fb14efba66e2d8a0c663363ecbd90104ee97a539
SHA256 2bae2f3e58c79ce57c284d216bb3a20c811e7aeb43d6f10697cf6f730e912309
SHA512 707a4d29ec7e40f83c7c4acb9b9948dae24810a5495f793cffe209761f6dd989c4c1b786c4f5600629482ec4421a766eaee92b4d90a09e76f095081f1fbb0592
Ssdeep 384:JJI1s1ThhLyZf7/7MAuvp72URskRE5ee/JsGgK91hDw45CBRgn:7Ii1ThhLyZf7/7MAuvp72URskRE5ee/T
Yara 无匹配
VirusTotal 搜索相关分析

sc_bootstrap[1].css

文件名 sc_bootstrap[1].css
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\sc_bootstrap[1].css
文件大小 113419 bytes
文件类型 ASCII text
MD5 2003b969926c9b065b8580233fd18e57
SHA1 b8537748e8bf3c2c9ed070961a4900a5f8a2c9e3
SHA256 d2d11e153f808b1bb20c90c2e53f362d6d78c3d43294ab87d8736c25a6c0041e
SHA512 4911316cf2dbd007d499580ac8ed158792a339e86b701ac64f18d78aa583347cb9c7489a7f10b2c84d74881c1fd5148e20ae77a8d7db0d666bd58fc20c79b707
Ssdeep 1536:A9M0PtYer6h3lR4jP7MY6tS05Ozl4rdeIE2H9yWxarQa9:+PtYer6hSjMYaS05Ozl4rdeIEs9yWSQK
Yara 无匹配
VirusTotal 搜索相关分析

mootools-core[1].js

文件名 mootools-core[1].js
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\mootools-core[1].js
文件大小 83893 bytes
文件类型 ASCII text, with very long lines
MD5 dae9bedb881e4fa30a39d88aae444a0d
SHA1 c7b66b70133c005c8283f3e1843db92769f71d38
SHA256 b0fc8a4f81d13b1f3bc1843a6f2d43f46e5c9128837096b8d53f2360b8daec18
SHA512 f7fbea8f50c29719bc6038c3e22693b6ef822c88848dceeeb791815822f22342796cebd602a9f96d910ad46e54ce44f997925100bd58bd001e92ebf5f05edb72
Ssdeep 1536:rV/7RrUAJ1Y0EWYOaaZ4JmIEhXaeovexfz9iWDOX32c7M9efr4jTYWVdrikA3dD7:xdTTJwlewUZR4Dqk
Yara 无匹配
VirusTotal 搜索相关分析

jquery.min[2].js

文件名 jquery.min[2].js
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\jquery.min[2].js
文件大小 97163 bytes
文件类型 ASCII text, with very long lines
MD5 4f252523d4af0b478c810c2547a63e19
SHA1 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb
SHA256 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
SHA512 8c6b0c1fcde829ef5ab02a643959019d4ac30d3a7cc25f9a7640760fefff26d9713b84ab2e825d85b3b2b08150265a10143f82e05975accb10645efa26357479
Ssdeep 1536:GYE1JVoiB9JqZdXXe2pD3PgoIiulrUdTJSFk/zkZ4HjL5o8srOaS9TwD6b7/Jp9i:t4J+R3jL5TCOauTwD6FdnCVQNea98HrV
Yara 无匹配
VirusTotal 搜索相关分析

flexicontent[1].css

文件名 flexicontent[1].css
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\flexicontent[1].css
文件大小 57972 bytes
文件类型 ASCII text
MD5 69cf2455f91615410ac3c88b8ae9127e
SHA1 c08f12eb38c3e3706778cb9266209fbfe2428cdd
SHA256 d19cd1587af7cb0e8156d78f5136c06b4c6d0686082c1a594cee35b92ee0f7a7
SHA512 6c0ee34ae1c661362fd957379673f43288436fac2789ef20bd818120d6d6d58f41c2019f02edbace7b16095ec3c09e5123aaf7af10bfa6fc78ac02729a1c6fd6
Ssdeep 768:HYFDYOPtKyBH0xwML8rM4aS2qNXhb+LoQMLCaLWLLcops:CKyaxwML8rM4aS2qNxb+L4LCaLWLIoq
Yara 无匹配
VirusTotal 搜索相关分析

script.min[1].js

文件名 script.min[1].js
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\script.min[1].js
文件大小 1956 bytes
文件类型 UTF-8 Unicode text, with very long lines
MD5 e37add673f38a96ade40b249a7fb4c5f
SHA1 3855c62d90328825f6e2e007f08c02b73ca985ea
SHA256 c4e9cdcc3d4416d07e1cca93da8d80d11742e69e618380c965f7282afd402d17
SHA512 0e15f92873678f8cdd1cd8781fd3a84a7718a6296fbe61a6441db3e65e5f9515826391cb6e22fbf92c28615d0d1f9403d5e6f23b2b45c54c6370797f786d83c1
Ssdeep 48:BcIKt7YWXfmTyE+730cA05JmZmsY8yJGYMw2x/ouV:BS7YWx7k9MQ1
Yara 无匹配
VirusTotal 搜索相关分析

k2[1].css

文件名 k2[1].css
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\k2[1].css
文件大小 51361 bytes
文件类型 assembler source text
MD5 cf87ea18cd7737e8974bbc0619556317
SHA1 6f60a9fd13c23c9b782f490418763809b1312a2b
SHA256 7c63a691f3ebdebdb86d52d24e0f19f307713b83861194e16d82b42d06f28697
SHA512 c3239bcc8a66e1270ca4a0050968b79704a15826fda631d4e78f4e6e1dc5c0ca1e0c8f84e46a260d6f0c75c3cc9912f8896b819732914d24b74903c78dfc7ce4
Ssdeep 768:1zZTgUjOpha+aDh6GyeH1HTYH84cbm37iRgu7Om0/PH2CWyOH7uNKEMvGjsft1L1:1NTgF7XruN
Yara 无匹配
VirusTotal 搜索相关分析

mootools-more[1].js

文件名 mootools-more[1].js
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\mootools-more[1].js
文件大小 236825 bytes
文件类型 UTF-8 Unicode text, with very long lines
MD5 471d5cbdf6786206310da0448076a9ea
SHA1 a5124b0be4decb1ebca72e44531c3da85f0170f6
SHA256 9db43e4a687084df93038c3d02cc4c149dff1210727059b82a7aac112a486eda
SHA512 94a264749922685e13845e9f7dce94f36d20cbbd7b79b02df692b3c97817448a24acf57bef9b2af430450968eb001d75b122490c0256c3822224aab1b14801c4
Ssdeep 6144:NB3n48LkfG3vBNOwFgi9xIfpWqM8SoeNB7b:NVhFIfVM8SoCn
Yara 无匹配
VirusTotal 搜索相关分析

rokbox[1].css

文件名 rokbox[1].css
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\rokbox[1].css
文件大小 29994 bytes
文件类型 ASCII text, with very long lines
MD5 4628ca51aab46aaba342331d04b3b445
SHA1 d948fa28751e62388d7f044e207a2e4f14880a3a
SHA256 a1d75f6db7c4306ca96bcc028fc8b49ca7b885c4cbccddc37521339b0f022334
SHA512 80ffc786942e6aa03acc296d577746c458c5dfef9bca15358449896dc5f961c18f7c74d4c98c1a9b719981a0705987cd80223d991715f45c6a5fa3aad8ff59a5
Ssdeep 384:5DyJuZ36AsvVDAZZWExsvSG3c8/woj1k3k:5DyJuZ3kiWExs9R/wojq3k
Yara 无匹配
VirusTotal 搜索相关分析

tquote[1].css

文件名 tquote[1].css
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\tquote[1].css
文件大小 1280 bytes
文件类型 ASCII text
MD5 0f7402c4619134655f2285eba64c9a6e
SHA1 c3eee03ca8a07981fae264b6510264c3261d5f1e
SHA256 45e753f4f52c00e71b0d8d43023fa85e724808696d3277b89dd39326b69a2878
SHA512 f59105a8fc01b5ed43bfc136a39a55761453a291dad3b739f703d80afe38aba9a45e6f7fff088d8509b5225c36b3105cc5afad09567afb67292b4c0fdad31cce
Ssdeep 24:HQTSENG0g8zH2E8DIG0HjLXH5EKxIGF3BjL:0xG0g8z1rG0DLXmzG5JL
Yara 无匹配
VirusTotal 搜索相关分析

tquote1[1].css

文件名 tquote1[1].css
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\tquote1[1].css
文件大小 1563 bytes
文件类型 ASCII text
MD5 900689bed9c323b997f1656bbb120a79
SHA1 e88f5230db55c3f58f75da98135b9513564798b9
SHA256 55568524514f076a3cbb2a94cee0d3e0c7d57e985a59f7e1650e27e24d46ed60
SHA512 5a14df8fead2ea346d499143396f4480f2d729437dcc2f458df6740a300b9dc0be8c52d1b4126c34f3f6a8a27a6112575501f2c511a9e2fc58fbaa5e19864bd9
Ssdeep 48:Uy9+4vN8MLbG0g8LYHrG0DeLXAzG+bV/7:UgNN/7PLsSsh7
Yara 无匹配
VirusTotal 搜索相关分析

jquery-noconflict[1].js

文件名 jquery-noconflict[1].js
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\jquery-noconflict[1].js
文件大小 21 bytes
文件类型 ASCII text
MD5 e2060c4e5e5955c824723b13a212d3ec
SHA1 18420ce484978f8ba3d7371febf1638828bb7a67
SHA256 5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6
SHA512 dcc2117e42859d51017047b468a99f65d74d45ac2e86ae1cc5605e39041ff2164e562756d93a89fa1f71cbd331f958b351c5afe952a47a560120e080d63bd623
Ssdeep 3:RAK+mK1RNH:1+91RNH
Yara 无匹配
VirusTotal 搜索相关分析

functions[1].css

文件名 functions[1].css
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\functions[1].css
文件大小 1303 bytes
文件类型 ASCII text, with CRLF line terminators
MD5 e052441b59e02a63d203a3e6339edf11
SHA1 b5f4ce649ee1176bdb8007556fc3ff5f89db5549
SHA256 3fb09f0318b7ff06008a216ca9123bc564165adb422849c40cc3049ac4f30b12
SHA512 60ffdc083c85b31ad6d559e5b0207e2337d38db5f901630cffc138888b600658849935bb40ac63c69e67826b02294c5afffd2cec04cc07e03841fb28be488aed
Ssdeep 24:jtyBbclirQlJC4BhB5eL6x5lnl/p70Jw4llAE3ZvV08JgO8q2NEEL:jtyBYlirQlJ1BXsWx5lnl/GJlllAE3No
Yara 无匹配
VirusTotal 搜索相关分析

freichatcss[1].php

文件名 freichatcss[1].php
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\freichatcss[1].php
文件大小 11412 bytes
文件类型 ASCII text, with very long lines
MD5 1c1bee41465632da02a66c5addb9c89f
SHA1 b2d86deaeb621976d11eedcf8ee448511c843d8a
SHA256 30e07f54e4c7ac26ffcb3fb2694c83481584b9752c454890f54f55b2396c6dd3
SHA512 9a9d27744ed85df528d5210d20c9776e1367fdc8667657d10160d03d3144b14d836264ada6ddd9a8cea9111d697b6558d17b594f3547917e38b53eff94ed0742
Ssdeep 192:u5Q8814XC3F+94OgnyFoFJFBJOK39000bFXQqMvMvxFZkmD:L14XC5GFoFJFBJD38bFXLFZf
Yara 无匹配
VirusTotal 搜索相关分析

styles[1].css

文件名 styles[1].css
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\styles[1].css
文件大小 41193 bytes
文件类型 ASCII text
MD5 5fb4bff4ceff48099be2f6f98484791d
SHA1 65aa4a2984ebd9240cddeab631e4da2d92f44662
SHA256 f3adff78c96b552c742f8f9d1259edd295fc0d8d7c627a2614d3ec5f07f0e283
SHA512 2594e22bd1954d21797545781f59677ebffb0d6a403236662bc23e3f9c1764c9e60a55a75bfff020ef48205a130f8f6609129fa9b30b1f447775cd8d50eb8d7e
Ssdeep 768:qhVOY0WlzD3wPLIZDcx6F771vj/FtylNRFXV3Xv1KF9FVAXyNFzZPdFpXTFdK9:Uzm34F9FLhf3DK9
Yara 无匹配
VirusTotal 搜索相关分析

rokbox[1].js

文件名 rokbox[1].js
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\rokbox[1].js
文件大小 49761 bytes
文件类型 ASCII text, with very long lines
MD5 6e41268daf4ae38531030f91db880328
SHA1 b80f5087cfbda6dc9e6f34dd5c5e9d4a80b1f875
SHA256 865361971366aa5e39256e7410bbb0c28e6404ce65b8a6931539ef990126de18
SHA512 525b6a10ba2293eb37ce091a610d5574f10aecfb5ad7641d209433381ba50dcec7a0a1e30629aadc8de8a8fdaf7eb9f48f6324b2f27ec728291ba36b7fbb8718
Ssdeep 1536:M2lrA/HO/Kij74yP2oUuuAUUyDw3brlW5W9lXniXv:M2lrA/zCuAUUyAhny
Yara 无匹配
VirusTotal 搜索相关分析

22TLRN_sb7eGnW3UzCoN7w[1].eot

文件名 22TLRN_sb7eGnW3UzCoN7w[1].eot
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\22TLRN_sb7eGnW3UzCoN7w[1].eot
文件大小 15765 bytes
文件类型 Embedded OpenType (EOT)
MD5 9ceb737e42d6514c9f23740f9af9932f
SHA1 2f3c92a126632c7ab6303f05497b01f394bd6e92
SHA256 fa98677f692d60ec05c658d1ecab608550c3d7ac0cb16045f1e9b09fb258af8d
SHA512 900b686ead5ff2968d546b8af4f666bf4d38a371b86a962635ad834e76987a6422578150303a988baabc13e860af83b105ae18cc6ec4855e5393892e7077aa31
Ssdeep 384:AbBnvZpyp97uMvsKxdRTRGUFkuNlI8KXEvQ3xo3yJ2IT2:A9vZ3Mv3TTRVFBNOEvIgI
Yara 无匹配
VirusTotal 搜索相关分析

jquery.placeholder[1].js

文件名 jquery.placeholder[1].js
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\jquery.placeholder[1].js
文件大小 5298 bytes
文件类型 UTF-8 Unicode text
MD5 4d31bddbdfef5ee800cee220298d498f
SHA1 692dc0313509bd586b61f1d208bcc5632ac9814b
SHA256 4b639442b6a9fd222290671200fb453976834730c2eda764acf5a89e594d132c
SHA512 efe6c63e1e9254e3d6867f86f759a2cfb2680c491ab12e7e31b359edc88b652cd66d74f5662026c291abcaefd53a0a0e3ce5ec2d296c3408cd6ab60199c51697
Ssdeep 96:aMu0h8hA+ShvTMOq++bqxFuqxlyq8omyq00qxkJzBHrCI09bvFqS8E4QqxRt/8BK:HuWzZHTT8o2eWyLEfuC
Yara 无匹配
VirusTotal 搜索相关分析

-vGerp1w0ZI2FbLjP6XX__esZW2xOQ-xsNqO47m55DA[1].eot

文件名 -vGerp1w0ZI2FbLjP6XX__esZW2xOQ-xsNqO47m55DA[1].eot
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\-vGerp1w0ZI2FbLjP6XX__esZW2xOQ-xsNqO47m55DA[1].eot
文件大小 24045 bytes
文件类型 Embedded OpenType (EOT)
MD5 a3d229a5f9f46359aac3bb729504908c
SHA1 175ad078b40f7ffe3833b69ab3923dd0d360e1d0
SHA256 6ea5d0f49ef240060aa9c80beecce155fdb067b776fb0601f304914b54503c54
SHA512 a557ac8705c9f76eaeaf0b3dc7aaf5722cf3844c67835d622e6bf1ac3c3ea8376a42e8325a5bf80c52b2ff07bc1844cbb49749dbf6bb66c2ffa2ad8ec2008ddf
Ssdeep 384:cwNK3MyfOyb++NHA3Et2+rh+V8sR9YYwWYAnmpka2W6T5qmpiNgFy2z4DU:JNK3tfOUUdK+OsRG+mpku6tvTA
Yara 无匹配
VirusTotal 搜索相关分析

rokbox[1].eot

文件名 rokbox[1].eot
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\rokbox[1].eot
文件大小 2128 bytes
文件类型 Embedded OpenType (EOT)
MD5 962ec02cfe3ec4ad5b6e4e1cde547d02
SHA1 8d029312ba1bda955864e53d1b086702187e7f13
SHA256 b99d51b2a70f932e2d107f82ae52337c7da4f8cec8584ed0956c71ee3282bb3a
SHA512 b4ef5962022b84b39cfc2b856a57231a0999929dfc10487fb2680625aa1644030b44e89e42f19a8875ca239316d84cefb7c7940ce9366e4a95779790a93e77db
Ssdeep 24:g6QjW8c8Nnx2Dora0tra/rYeSoqb9DEtxfm43l/l8x2c8uFg9wD0ULoGo8fhX:g6jddortV+YR9WtV/l42Ig9wDrIM
Yara 无匹配
VirusTotal 搜索相关分析

mthash[1].js

文件名 mthash[1].js
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\mthash[1].js
文件大小 6199 bytes
文件类型 ASCII text
MD5 7ce7df262648c9bce6497005469f46c8
SHA1 d6f9ccc1cbaf4b5e606a20c45e6bee1f22262a34
SHA256 a1437037b001cd9495b13eee94d63c6a35e4c00a8db1534fd1b282d567d8dc51
SHA512 3a133890488fc50a1a72d4da030c75de23bd9623f93100eb61c49da36a5be9d35d7a2c8e45ee073f7d27ee93516261e0280d09e99e2864762c4078df94cc1593
Ssdeep 96:jk0+NNzMiWMSJXnw2s0gbVLXuzeJddKcqfO1mXi9XOmYzfxAVmMPz+fyYGULGDP:jfaNzMRA2sv1O+Dqlz5ABPzaJxA
Yara 无匹配
VirusTotal 搜索相关分析

index.dat

文件名 index.dat
相关文件
  • C:\Users\test\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
文件大小 32768 bytes
文件类型 Internet Explorer cache file version Ver 5.2
MD5 2c1ca2a857ac261dfc821d69a6610d99
SHA1 cc2ec0266c617ecc9fa094d7b9b408330f7c1d7d
SHA256 8916d2dea1954ec333b82e5be6998042074965b6a23bcf1d3bca7b07f3d76fe8
SHA512 f727bc3e6445bb02175955364bb70de5d1a3bb3353713d29223d7ed659a7b69db5b415c62447e0230f42f9b5ae10632701b952c13cca7f3687fe59676d2aaae0
Ssdeep 96:q5/PdVvLf3lSW6OjgG7IYo6on+YH1N4544KlzSGnzZn:SPdVz391sgIAg+YV66J
Yara 无匹配
VirusTotal 搜索相关分析

select2[1].js

文件名 select2[1].js
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\select2[1].js
文件大小 104906 bytes
文件类型 ASCII text
MD5 1253fda17118b06b4fb998a1bb3e56c7
SHA1 0ae305a2de5937de55fdb3e283d6ca5d13019265
SHA256 f614eaf7db014aae93259c479b9e9df68c7ae94e016593ed57599eb7d48369e1
SHA512 82e495b3435b7bf58a7ce7ea576b87a6d90d0d54832e1fa5a7ba9e4aadf4c963a721a21374416d76c992366cf7272fdaa32df4eaa8fe81506edfd945b4b890ec
Ssdeep 1536:7LKw7KGyMNtYOOBG7bciaJpyS8ODL53h1KUhJcf0pV3jjz:7GE8MNtOqQ5yE
Yara 无匹配
VirusTotal 搜索相关分析

typography2[1].php

文件名 typography2[1].php
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\typography2[1].php
文件大小 22789 bytes
文件类型 UTF-8 Unicode (with BOM) text, with very long lines, with no line terminators
MD5 c3b2d333444c16c40203ae39b9c0ad6b
SHA1 76a624a4d5da4b4146fe225f81dbd4a3553b9b56
SHA256 dfe827c4f247d3c468d2724a879c6d5c21ef6d2831aaec433c32d72aa3cad301
SHA512 6d7c589fafec99148bdf49a46ebd848be2972c248f9b4e40dcefccb364709c463c40ca2c316c283141f17990d28507a39b708040e3a988d48a22c5f04037803f
Ssdeep 192:t8T6oDTJoC8hZwnj9k/GpkIeN9XTNXAWbl+8vIYW/zfoyNNVitDEu2vH6tNgq+7L:Hh3NXAuYYOqtNg2Kv
Yara 无匹配
VirusTotal 搜索相关分析

module[1].css

文件名 module[1].css
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\module[1].css
文件大小 2938 bytes
文件类型 ASCII text
MD5 67d6f32c9bdb18a1723ddf635a2e5b2a
SHA1 dacc1e22066665e2e070f7a3acff8232d930ebe8
SHA256 5dfd137b485cec1a7395ec6d1491a42e46ec9a2604bf5f8224c1a26c3e8ae0b0
SHA512 c1855067672934817f6c4911fb3649529bbe4b3070e999d08b5efbe63948e10ef71a54fa1f8b04640aa9c6620493480d667695642329dde7f0b31b44a31d76c1
Ssdeep 48:dYdiL/OCYyuokMbs5HK1gT795Yji5Kjj5yj8:O4L2CcMb2cSzYjQKj9yj8
Yara 无匹配
VirusTotal 搜索相关分析

select2[1].css

文件名 select2[1].css
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\select2[1].css
文件大小 24938 bytes
文件类型 ASCII text
MD5 4545ad068f1db97d85355dc963b5cd2f
SHA1 6a6712a9d261ac751ec092fc98b9292e0afe88cf
SHA256 ea9cab11a876e7e6fbe95860ea9954159ff2605619d8a553efae6ae1e31a5239
SHA512 d8fc7000f9a37c83649fa47a619dd81605bd51033070c536a87317eae389f973c6c32c4626654a7619e47f26cd9899297378a6e96f3ca91b4efa9c6f4385a237
Ssdeep 192:Gui2TWIjfVST5V889hDOP2nS76Pq/sio1+44e8ePYFCcWlbTh+77UFpZfitBAth6:tplC5Vh9MenS7N0wFCA7Upfit6gIi
Yara 无匹配
VirusTotal 搜索相关分析

bootstrap.min[1].js

文件名 bootstrap.min[1].js
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\bootstrap.min[1].js
文件大小 29156 bytes
文件类型 ASCII text, with very long lines
MD5 94935933a620fef61d4b0c15c664f8b3
SHA1 e879415d9cdda4ae99767995f49560440025ad74
SHA256 6ebe64de8e1c2f92400a03a97250c8b2f7443025d53fa42df90cb0589350c233
SHA512 cc5abf82a7160881fa8efa8c31af480ab65fa72d5826de66946d1cc9b28845c1146c19f0549459fc8be67acde4dfa6a94f173f26bbb654e2721fd7f619d11035
Ssdeep 768:s7S57QFwktDm0INVIPWr8gJBQcqYn0SUs8q:p0OfNs+0WT
Yara 无匹配
VirusTotal 搜索相关分析

jquery-migrate.min[1].js

文件名 jquery-migrate.min[1].js
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\jquery-migrate.min[1].js
文件大小 10056 bytes
文件类型 ASCII text, with very long lines
MD5 7121994eec5320fbe6586463bf9651c2
SHA1 90532aff6d4121954254cdf04994d834f7ec169b
SHA256 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
SHA512 b74a2f03c64e883b9a34de43690429327dfb4aa230a7a6afca8150a16e3d84e98461245ff264c26368d9904562cc34fe219f71f951d364fa5c68c039b76776cd
Ssdeep 192:kZrk/GNyd31svs7wkX8KzJcqSDdAcHX4YE5NLR:srhNyNO0kkMKzFSDdAcIYwLR
Yara 无匹配
VirusTotal 搜索相关分析

jquery.ui.core.min[1].js

文件名 jquery.ui.core.min[1].js
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\jquery.ui.core.min[1].js
文件大小 21214 bytes
文件类型 ASCII text, with very long lines
MD5 9356f6f9ce5aa7dd0e8a31c305839d06
SHA1 7aa54ceb8525d86cfc22177156d16f3bf2853ee5
SHA256 4d1feda979ec3b8a0952f18e6346cd4b51ef5bea614f328216b3bae504573bf3
SHA512 6ee48af88b8a47e9bc0b389ccfd42e54688781594d965bd7a494c00b1e2c72ad9b989082246e7f14f44f27b43ac1bc6a1eeeeba056ce862839f6be8c296d6fd1
Ssdeep 384:j0UydSQ1yJTlvPz6Dn5QPO0JHanOpvv0/eZkr9Tf8jc4H:C0JRLInw7pvv0/jh8jcO
Yara 无匹配
VirusTotal 搜索相关分析

jquery-1.6.min[1].js

文件名 jquery-1.6.min[1].js
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\jquery-1.6.min[1].js
文件大小 90518 bytes
文件类型 HTML document, UTF-8 Unicode text, with very long lines
MD5 3c379d07fafbaafecb78c98dd8630d0a
SHA1 cf36297804ca93709e18a7f9de289610bc97f9c5
SHA256 e58da58b314ccdeefa3c4865b4b8aa3153e890d7904e04483481d8fff2c27eaa
SHA512 4bbb12347c52f542f620686903f6229297d0aa8c0d5a567de71fa0486a0d4f34f490ad55fa750f699030d3dd5ce7016bb2502ee6c205a7a99757f7c074169ccf
Ssdeep 1536:hv9lIQqvb6l+HXGQvoXEkuetWUOco1z/z34yfb0TXYActjaO7fz5XAB6Edh35KRS:R6bm7ErepMFvx6xeYZp8+N
Yara 无匹配
VirusTotal 搜索相关分析

jquery.ui.sortable.min[1].js

文件名 jquery.ui.sortable.min[1].js
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\jquery.ui.sortable.min[1].js
文件大小 24419 bytes
文件类型 ASCII text, with very long lines
MD5 dff795dbc36141b4ac6d2fcda25ee333
SHA1 3ebfa0c205cdb3b90e6858aea5c05607b57e93c8
SHA256 c05bdf112d79b26949a058e6c4a47a48a98c3429b3d4b73dfafb5a9f3a993c0c
SHA512 db9ae20199e5ae8dda9de219c4e90fb107f71ab49f4826270ff31e0cd41ea88c8971d87f46779d5267f1d44f7420cf3d138d618fa2616915c7a17675f15ef7e6
Ssdeep 384:U9Ryw+SCxEfLZHoh4HfNMpwwJjJVampDOHYndY6CKSYTsYRW9ds6eEMD:gyODjFNMpww3VYHwpCKS8/D
Yara 无匹配
VirusTotal 搜索相关分析

index.dat

文件名 index.dat
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Feeds Cache\index.dat
文件大小 32768 bytes
文件类型 Internet Explorer cache file version Ver 5.2
MD5 0aee387ca0a52dcdd8f8a29ea76edb42
SHA1 5df81547dcadb2a7b8bc689da8e1383ba1a84cb9
SHA256 c31bc37e102b70a472837d530ec80bdaea28b0fefda3e9aa8c8cda98c4200c4e
SHA512 101bdb7178e031b1fbd78d595d778d06174749246cdcb70eb4b92af534910e30e0627147260ec319bccecf7a105c814b6b32c077a777fb5e90bd1459c78dcdf9
Ssdeep 12:qjtSaFpbZli3zIoYDPO7em4GZj03W/cKYDPOCG5A30WUsOXQDG9YRm4GZ5:qj4avEIoYTCebGZ7ZYTlEJ0oQQ4bGZ
Yara 无匹配
VirusTotal 搜索相关分析

iframe-height.min[1].js

文件名 iframe-height.min[1].js
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\iframe-height.min[1].js
文件大小 312 bytes
文件类型 ASCII text, with very long lines
MD5 7b753dad87630b50a2bc3bea0ffcfc31
SHA1 6b94ee31f7850dbefa79daf52f1a721dcb3444a8
SHA256 bb72281e8ab02c4bb26292e20f2017e924136e0854ff6f1bcc170abe8e69f322
SHA512 1c1ced389d3ca69c4121edc57cded9ab3f40c50aed4f4d35a65f221b50fdc8a4102ac54f97247ce232bccc83ac940a2c23cd69fcb0b7a8fed1f266a1d6ac94e2
Ssdeep 6:AtJs/BbDRd7HpK06YbDRd7HpK0ckKEPErduBxUAXL19HTuR4KEPYIr:A3sZDRRJK0DRRJKIKEayhpLKE5r
Yara 无匹配
VirusTotal 搜索相关分析

CA1k7SlXcY5kvI81M_R28RWp_va1cOkgzoB8dfDAF9k[1].eot

文件名 CA1k7SlXcY5kvI81M_R28RWp_va1cOkgzoB8dfDAF9k[1].eot
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\CA1k7SlXcY5kvI81M_R28RWp_va1cOkgzoB8dfDAF9k[1].eot
文件大小 19295 bytes
文件类型 Embedded OpenType (EOT)
MD5 36a430e7961c5d025c29e0f4f304fb87
SHA1 be85bc337cf038674c211c3cba559093ffc12129
SHA256 47bff97476670817ed7d1b1513d4bf6da6e2b0349892b9fe19029394aefcc313
SHA512 55e5867952459be964bb0bb5efe1c22c59e03d2062b32c74279452d545a4a08224c03b565238895fb8818a0ee8127aa65a6c8bbd9d375a473a5801d6aadf55ac
Ssdeep 384:uLGkD4HxZxk/82wltR9rsjCS8CcG/8UxiAPtWNrqnq5Q:uLGFxUE2wx9rsulC58cP+5W
Yara 无匹配
VirusTotal 搜索相关分析

RecoveryStore.{EA803A83-3864-11E6-8AD3-525400BD8512}.dat

文件名 RecoveryStore.{EA803A83-3864-11E6-8AD3-525400BD8512}.dat
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{EA803A83-3864-11E6-8AD3-525400BD8512}.dat
文件大小 3584 bytes
文件类型 Composite Document File V2 Document, No summary info
MD5 81d9576ef630268b76a9111c2133a817
SHA1 de1848327ba636a810ec85850dde1b357a229202
SHA256 3821d586cac6aba39cac2d83b45ebe11d171243b5f33c155a3163ab8ea80670b
SHA512 231b8fe539e8337153ea1c63a17b8f09eb0b9d265948320516f078ecf709445520e1159dac3bf02b863ab01e907e7aea55b9da8934f5b668d5492279a72d907f
Ssdeep 12:rl0YmGF2G1yQrEg5+IaCrI017+FrDrEgmf+IaCy8qgQNlTqoL4y6ySy:rIGkQ5/cGv/TQNlWoLFD7
Yara 无匹配
VirusTotal 搜索相关分析

zgcqY-au-yAst5CiOkK_e_esZW2xOQ-xsNqO47m55DA[1].eot

文件名 zgcqY-au-yAst5CiOkK_e_esZW2xOQ-xsNqO47m55DA[1].eot
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\zgcqY-au-yAst5CiOkK_e_esZW2xOQ-xsNqO47m55DA[1].eot
文件大小 8285 bytes
文件类型 Embedded OpenType (EOT)
MD5 0f6a4b00e6008d99adbc2c163b9a7f54
SHA1 5c662c3ac574cfcb330655bd57c56b38fc468cf4
SHA256 ff0b7b859641cd9b7596d726de0e804fbf7453c66d5ff4b2e2e5abc2381c49a4
SHA512 7cbba90cb6f06919b5fe17b5a2c18cb12facb6a85ea5995b68e847a452f5ae63b1c15d04574a26b7a615c4f8e103b39968d934b9e0c6659893bb21e60454eb6b
Ssdeep 192:d4nVnB3MnzJcE/7MH40SibJwMK0AaLsB:d4VB36zJd/7Mt9saL
Yara 无匹配
VirusTotal 搜索相关分析

default[1].css

文件名 default[1].css
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\default[1].css
文件大小 2790 bytes
文件类型 ASCII text
MD5 adbc5619972c4308e44b852f4ac7dd7b
SHA1 cf2f9eb7d202b5573024dc820875abe0f3aa7170
SHA256 5fe469eb9857ced2f961bb11212e5ab4720a2431b51cd29ff3a034898ab254f3
SHA512 49aaeb6d190762c4c3d3b2dcef252e58369a080f5b1588603208b4849a1ccab50f8618877b78fbbfe9ff9be3fe7cd518ca070cdf69ea42db840c6aac15f5c9a2
Ssdeep 48:QbDjHKJJxEHKHf9+RxDwf8zC9gxsat8lPAQ2Ih4DIF:6jHKLeylf8O6t8X2rDIF
Yara 无匹配
VirusTotal 搜索相关分析

main[1].php

文件名 main[1].php
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\main[1].php
文件大小 329497 bytes
文件类型 UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
MD5 c3c7772442ab7ff5500f51bb8f530ea7
SHA1 db2fb679b4613ff9562f694650124b324dd1b9be
SHA256 0128c41ccc7c3f0706fe5064fba14a37c867660e2c0043a1b9d1a89ca4b8d437
SHA512 6ed5d37f905f43947e01d8785ea884776be070c13823964dd1f0cc85a354628eff9549cca1bef59bbe047f229015fc77a15204346b442803388912741f1d2385
Ssdeep 3072:0+vIklosn/BLXjxzMhsSny4Ei9GlSnxxdAiHUyDacx8aZec+VCn+97wYtyvWsivi:0+vbosn5KhsS+GGlSnxYoaI86y/wLi5E
Yara 无匹配
VirusTotal 搜索相关分析

videobox[1].js

文件名 videobox[1].js
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\videobox[1].js
文件大小 6785 bytes
文件类型 ASCII text, with very long lines
MD5 e93945a7b34ac846317ef6d7af88b514
SHA1 774baf3ffe9128ae6c2e295c2d55cf581cea753f
SHA256 fb01968841e322f7e90461b647b9f46eb7659fc28354fe8495cef956d90fffea
SHA512 53c848cabdbaef39b1a62abaed39ad379dd94b458c6887b009e249e26811bf8f69290626e41e5eee548ccf996f369b6bfc9a6bf0e74107adb4c9c16952c101a0
Ssdeep 96:pHGy66g+57zMmw4lGFjVmNhpygaVSvx/dRfubsKzyf7j6ja6oK+:Q6v5UmTlqZmLxaVAxcAPoa7K+
Yara 无匹配
VirusTotal 搜索相关分析

common[1].css

文件名 common[1].css
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\common[1].css
文件大小 1923 bytes
文件类型 ASCII text
MD5 ab5206570d235211e180e01d79c9a25b
SHA1 accfcc8777bb5e76cca918b686319e997ad7a02c
SHA256 742ca1dd8d9900e4e4ccd371d6c1d8fe12558d73069f4dfabb92569394fdb653
SHA512 a6964ca03b222a2e8f678738da8317f7406a08dc8bffb30ef36010ee0cb4be5a7fbefe8b10484f81d317af9d6d3a03ca7a6b988cf4e6eab611139cc35debd304
Ssdeep 24:4z5xvIlH8VL1RagRFIK0FxHdjYArH9muc7Zou7aSFHYH0Hg6lugkDyFr1XFYLLlv:4z5xvIl8Lt8BdzrH9RSdcIDJjY1Yaht
Yara 无匹配
VirusTotal 搜索相关分析

jquery.min[1].js

文件名 jquery.min[1].js
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\jquery.min[1].js
文件大小 96390 bytes
文件类型 ASCII text, with very long lines
MD5 29942c1418eb584df8fd1833bd5b9a1f
SHA1 eef016a40ae17d346b7a921be30e67c709b2725c
SHA256 8f4773e845e4ead260344e6bb53d4006fc25e132e4898b4986f92edfa34efe62
SHA512 66e698c2070e7871ef1051ac09707c8a46ed6502f668de225e83559cf9ab57d25a775c08ee1e2fcb71a4da8860a8393f4fba4531c31de5aa8a05bc75ba5b4406
Ssdeep 1536:PPpEy5BMibZGOj/bEe8v+/UWf4IhvAuCh/jqkODZ2D5N9Rag0MOIdSZAgtgoX5Yn:mIO/e2D5c4LgtImLja98HrK
Yara 无匹配
VirusTotal 搜索相关分析

index.dat

文件名 index.dat
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
文件大小 49152 bytes
文件类型 Internet Explorer cache file version Ver 5.2
MD5 0ce0042725d32b61dfd7dda14a4c179e
SHA1 eb3e5b722d189bc08537bec66a44bd35889f5012
SHA256 e4c284e47478576eaad04b33f91b6ddf0b2435cb498b8bfa5b75632d3f5ede5d
SHA512 e10dbc61372d435cad86ab4ba5e4abd8a19df7d5b8264de4dc28891f29daedf9da1d427aa10c9374de63540c7bb842488dd801afcfab9c7539a908ac3a0ee62f
Ssdeep 96:q82k40UBqgICd93MUvwuv5vXRWV44vRlcJJLZL8qJd9:zxJbgHHMFSRkhUdJ
Yara 无匹配
VirusTotal 搜索相关分析

jquery.corner[1].js

文件名 jquery.corner[1].js
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\jquery.corner[1].js
文件大小 11267 bytes
文件类型 ASCII text
MD5 2083e9bc622f726f7370d868d548c225
SHA1 c2ef4d46288274c0e992839b36651044cf149b2d
SHA256 889d47810d0d587da27974141099942146949673f5ec9db15478b7cf0b700123
SHA512 107391881536b56fb4053653d48a068b1d5f6d41da8a18c4c50f8518973dcd82dfb32cce7b8aa73a611e01afe480b69425949c9a1e272be1f3544f588465d943
Ssdeep 192:PkmdAoP/UQxZVXgaGNSDQHMGxuN5lUug/3JS51RzsvEoD6Pjp474v89Gav+1PVTL:Pkm+oD6M4f/M5wqSN90hZ7H
Yara 无匹配
VirusTotal 搜索相关分析

tquote2[1].css

文件名 tquote2[1].css
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\tquote2[1].css
文件大小 1379 bytes
文件类型 ASCII text
MD5 f4a8af65332459f01645ec964c4e0ffe
SHA1 cfd561d2b19f9a629257518f2695ea8a84c2da62
SHA256 e4dff662c9dac65993a584f419ffa8802073e70a854c6a60b293a7e1cfc64e16
SHA512 9fdc8a5ff65e3bf436078802317fb5ff125ef3492ce5fa927856b6bf04806e6fff194fd024a85244ccad1e78ecfded7b53819098e57f6af2922c06a5b2aa07f4
Ssdeep 12:F880M6vgdWeySOG0g8sMcAw2ZEmbD0VG0HjRXcA552ZULx0VGBt+wQThtCnsF:shSOG0g8bc2E8DIG0HjRXc5MxIGBYfj7
Yara 无匹配
VirusTotal 搜索相关分析

functions[1].js

文件名 functions[1].js
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\functions[1].js
文件大小 3511 bytes
文件类型 HTML document, ASCII text, with very long lines, with CRLF line terminators
MD5 ce8f288caf126fd0a5d8b866abac4964
SHA1 7b051af049094689552f8f85ff248061326518a8
SHA256 ef0f6ef968c538d4709424c92d81bd63287d144d62864d44cba08b00a8086387
SHA512 07be4cd448259d59cd00bf39b5bd58d726028222e86f177405fc25eaa6fb1e9127e64098f7692579c7e95739ea21a054c42e06a529f94ffa181877d5c7fd3b51
Ssdeep 96:RUXEySpMNqy/Gc0CCVgIFE0tlqtJfy+kvl:RUdNqyecwVgKuJWl
Yara 无匹配
VirusTotal 搜索相关分析

socialstyle[1].css

文件名 socialstyle[1].css
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\socialstyle[1].css
文件大小 5648 bytes
文件类型 ASCII text, with CRLF line terminators
MD5 eba67a2cbeb90bf261575f7c2aee0744
SHA1 2df4ec7d9f0669cf4d81d50952065f043f520d97
SHA256 882e4652a0687ccacb3404773d5748b9f3a03a605d14cdc9c32a86d9c5557ebf
SHA512 220a16bf734bddd7782e7dda42e4d8c6a0f1e558ff60e6d81614487336193eab1915b4af19e2ec11ce32b09e3579097647a03d1007ebb4302b3647fc29299539
Ssdeep 96:Fug6iwQ4yX/NtBpVqChDnR67kJLDc2/mcRucN8cw:FKvatBpVqChDnRdLDc2/mcRucN8cw
Yara 无匹配
VirusTotal 搜索相关分析

videobox[1].css

文件名 videobox[1].css
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\videobox[1].css
文件大小 2531 bytes
文件类型 ASCII text
MD5 9c7bac14bb07233111d17a613d86d710
SHA1 07c92ec5a834e372e24bee4f49cc26c85f9fe1b5
SHA256 1e2221c364c21ce7beec4e666c32459d9c5f1696179a0df27d6aec7966938e59
SHA512 9a939e87d790daf539a57da7abeedeaafab16c6e0d4c340d5a1f3e6956956febfdb0e43c28092ba20fe3354500f760f8994a81a13d1560006ae74d8df0f96f46
Ssdeep 24:FKC65DKkMyOa57HdMJDgoaKdP0CPLySsAm23qyQcGI8cAZjk6udIp2FrK7kabt+S:w3tdwaRWJka20LSmMhkxOpaJa5/ewxOC
Yara 无匹配
VirusTotal 搜索相关分析

jquery.ui.autocomplete.min[1].js

文件名 jquery.ui.autocomplete.min[1].js
相关文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\jquery.ui.autocomplete.min[1].js
文件大小 9038 bytes
文件类型 ASCII text, with very long lines
MD5 b11706f9465dbd338e5b13df5766d902
SHA1 08c4ecd2a62357ff09cb30848c151a8b22b5334a
SHA256 7e1d815cfb67c2d5e13b2845c6e57f15ae753f85337cbc74e99819bc6451815b
SHA512 fbc5a021301de4ee568c13072f0c6dc2ed6cbe716785fc630a8e163c0404549d058dd89576aaf5878ba2318d2d3812845f381ff3318f1598b77642f23d1ed7a7
Ssdeep 192:Llg5O03I8eSC7oZjjNdsQOh8hYLMoA1LJvDrb:Llgo03IKC7oZPNdsth8hWMoA1LJ7n
Yara 无匹配
VirusTotal 搜索相关分析

行为分析

互斥量(Mutexes)
  • Local\WininetStartupMutex
  • Global\ARM Update Mutex
  • Global\Acro Update Mutex
  • Groove:PathMutex:huJZ0a1oPtB4yGzDQW9lw0niEfg=
  • Groove.Mutex.WebServices.Status
  • Groove.Mutex.SystemServices.Lock
  • Groove:PathMutex:v1n9odwmzLTGaaFW7PZysBRMqq8=
  • Local\c:!users!test!appdata!local!microsoft!feeds cache!
  • Local\ZoneAttributeCacheCounterMutex
  • Local\ZonesCacheCounterMutex
  • Local\ZonesLockedCacheCounterMutex
  • Local\!BrowserEmulation!SharedMemory!Mutex
  • IESQMMUTEX_0_208
  • ConnHashTable<2788>_HashTable_Mutex
  • Local\MSCTF.Asm.MutexDefault1
  • DBWinMutex
  • {1B655094-FE2A-433c-A877-FF9793445069}
执行的命令 无信息
创建的服务 无信息
启动的服务 无信息

进程

iexplore.exe PID: 2788, 上一级进程 PID: 2312

iexplore.exe PID: 1552, 上一级进程 PID: 2788

访问的文件
  • C:\Windows\Globalization\Sorting\sortdefault.nls
  • C:\Program Files (x86)\Internet Explorer\IEShims.dll
  • C:\Windows\SysWOW64\shell32.dll
  • \Device\KsecDD
  • C:\Program Files (x86)\Internet Explorer\sqmapi.dll
  • C:\Users\test\Favorites
  • C:\
  • C:\Users
  • C:\Users\test\AppData\Local\Microsoft\Windows\Caches
  • C:\Users\test\AppData\Local\Microsoft\Windows\Caches\cversions.1.db
  • C:\Users\test\AppData\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000006.db
  • C:\Users\desktop.ini
  • C:\Users\test
  • C:\Users\test\Favorites\desktop.ini
  • C:\Users\test\Desktop\desktop.ini
  • \??\MountPointManager
  • C:\Program Files (x86)\Internet Explorer\ieproxy.dll
  • C:\Windows\Fonts\staticcache.dat
  • C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
  • C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
  • C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
  • C:\Windows\AppPatch\sysmain.sdb
  • C:\Program Files (x86)\Microsoft Office\Office14\
  • C:\Program Files (x86)
  • C:\Program Files (x86)\Microsoft Office
  • C:\Program Files (x86)\Microsoft Office\Office14
  • C:\Program Files (x86)\Microsoft Office\Office14\*.*
  • C:\ProgramData
  • C:\Users\test\AppData\Local
  • C:\Users\test\AppData\Local\microsoft\Office\Groove\User\GFSConfig.xml
  • C:\Users\test\AppData\Local\microsoft\Office\Groove\User\UnreadMarks.xml
  • C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll
  • C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE
  • C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
  • C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll
  • C:\Program Files (x86)\Java
  • C:\Program Files (x86)\Java\jre1.8.0_101\bin
  • C:\Program Files (x86)\Java\jre1.8.0_101\bin\msvcr100.dll
  • C:\Program Files (x86)\Java\jre1.8.0_101\bin\deploy.dll
  • C:\Program Files (x86)\Java\jre1.8.0_101\lib\plugin.jar
  • C:\Program Files (x86)\Java\jre1.8.0_101\bin\javaws.exe
  • C:\Users\test\AppData\Local\Temp\JavaDeployReg.log
  • C:\Program Files (x86)\Java\jre1.8.0_101
  • C:\Program Files (x86)\Java\jre1.8.0_101\bin\java.exe
  • C:\Program Files (x86)\Java\jre1.8.0_101\bin\client\jvm.dll
  • C:\Program Files (x86)\Java\jre1.8.0_101\bin\server\jvm.dll
  • C:\Users\test\AppData\Local\Microsoft\Feeds Cache\
  • C:\Users\test\AppData\Local\Microsoft\Feeds Cache\index.dat
  • C:\Users\test\AppData\Local\Microsoft\Feeds Cache\desktop.ini
  • C:\Windows\SysWOW64\ieframe.dll
  • C:\Users\test\AppData\Local\Temp\143741d7ec789d40c632f9994772854d.html
  • C:\Users\test\AppData
  • C:\Users\test\AppData\Local\Temp
  • C:\Users\test\AppData\Local\Temp\143741d7ec789d40c632f9994772854d.html:Zone.Identifier
  • C:\Windows\WindowsShell.manifest
  • C:\Windows\sysnative\C_1256.NLS
  • C:\Windows\sysnative\C_864.NLS
  • C:\Windows\sysnative\C_708.NLS
  • C:\Windows\sysnative\C_720.NLS
  • C:\Windows\sysnative\C_28596.NLS
  • C:\Windows\sysnative\C_10004.NLS
  • C:\Windows\sysnative\C_1257.NLS
  • C:\Windows\sysnative\C_775.NLS
  • C:\Windows\sysnative\C_28594.NLS
  • C:\Windows\sysnative\C_1250.NLS
  • C:\Windows\sysnative\C_852.NLS
  • C:\Windows\sysnative\C_28592.NLS
  • C:\Windows\sysnative\C_10029.NLS
  • C:\Windows\sysnative\C_G18030.DLL
  • C:\Windows\sysnative\C_20936.NLS
  • C:\Windows\sysnative\C_IS2022.DLL
  • C:\Windows\sysnative\C_10008.NLS
  • C:\Windows\sysnative\C_950.NLS
  • C:\Windows\sysnative\C_20000.NLS
  • C:\Windows\sysnative\C_20002.NLS
  • C:\Windows\sysnative\C_10002.NLS
  • C:\Windows\sysnative\C_10082.NLS
  • C:\Windows\sysnative\C_1251.NLS
  • C:\Windows\sysnative\C_866.NLS
  • C:\Windows\sysnative\C_28595.NLS
  • C:\Windows\sysnative\C_20866.NLS
  • C:\Windows\sysnative\C_21866.NLS
  • C:\Windows\sysnative\C_10007.NLS
  • C:\Windows\sysnative\c_28603.nls
  • C:\Windows\sysnative\C_21027.NLS
  • C:\Windows\sysnative\C_863.NLS
  • C:\Windows\sysnative\C_20106.NLS
  • C:\Windows\sysnative\C_1253.NLS
  • C:\Windows\sysnative\C_737.NLS
  • C:\Windows\sysnative\C_28597.NLS
  • C:\Windows\sysnative\C_10006.NLS
  • C:\Windows\sysnative\C_869.NLS
  • C:\Windows\sysnative\C_1255.NLS
  • C:\Windows\sysnative\C_862.NLS
  • C:\Windows\sysnative\C_28598.NLS
  • C:\Windows\sysnative\C_10005.NLS
  • C:\Windows\sysnative\C_20003.NLS
  • C:\Windows\sysnative\C_20420.NLS
  • C:\Windows\sysnative\C_20880.NLS
  • C:\Windows\sysnative\C_21025.NLS
  • C:\Windows\sysnative\C_20277.NLS
  • C:\Windows\sysnative\C_1142.NLS
  • C:\Windows\sysnative\C_20278.NLS
  • C:\Windows\sysnative\C_1143.NLS
  • C:\Windows\sysnative\C_20297.NLS
  • C:\Windows\sysnative\C_1147.NLS
  • C:\Windows\sysnative\C_20273.NLS
  • C:\Windows\sysnative\C_1141.NLS
  • C:\Windows\sysnative\C_20423.NLS
  • C:\Windows\sysnative\C_875.NLS
  • C:\Windows\sysnative\C_20424.NLS
  • C:\Windows\sysnative\C_20871.NLS
  • C:\Windows\sysnative\C_1149.NLS
  • C:\Windows\sysnative\C_500.NLS
  • C:\Windows\sysnative\C_1148.NLS
  • C:\Windows\sysnative\C_20280.NLS
  • C:\Windows\sysnative\C_1144.NLS
  • C:\Windows\sysnative\C_932.NLS
  • C:\Windows\sysnative\C_20290.NLS
  • C:\Windows\sysnative\C_949.NLS
  • C:\Windows\sysnative\C_20833.NLS
  • C:\Windows\sysnative\C_870.NLS
  • C:\Windows\sysnative\C_20284.NLS
  • C:\Windows\sysnative\C_1145.NLS
  • C:\Windows\sysnative\C_874.NLS
  • C:\Windows\sysnative\C_20838.NLS
  • C:\Windows\sysnative\C_1254.NLS
  • C:\Windows\sysnative\C_20905.NLS
  • C:\Windows\sysnative\C_1026.NLS
  • C:\Windows\sysnative\C_20285.NLS
  • C:\Windows\sysnative\C_1146.NLS
  • C:\Windows\sysnative\C_037.NLS
  • C:\Windows\sysnative\C_1140.NLS
  • C:\Windows\sysnative\C_1047.NLS
  • C:\Windows\sysnative\C_20924.NLS
  • C:\Windows\sysnative\C_861.NLS
  • C:\Windows\sysnative\C_10079.NLS
  • C:\Windows\sysnative\C_ISCII.DLL
  • C:\Windows\sysnative\C_20269.NLS
  • C:\Windows\sysnative\C_20932.NLS
  • C:\Windows\sysnative\C_10001.NLS
  • C:\Windows\sysnative\C_20949.NLS
  • C:\Windows\sysnative\C_1361.NLS
  • C:\Windows\sysnative\C_10003.NLS
  • C:\Windows\sysnative\C_28593.NLS
  • C:\Windows\sysnative\C_28605.NLS
  • C:\Windows\sysnative\C_865.NLS
  • C:\Windows\sysnative\C_20108.NLS
  • C:\Windows\sysnative\C_855.NLS
  • C:\Windows\sysnative\C_437.NLS
  • C:\Windows\sysnative\C_858.NLS
  • C:\Windows\sysnative\C_860.NLS
  • C:\Windows\sysnative\C_10010.NLS
  • C:\Windows\sysnative\C_20107.NLS
  • C:\Windows\sysnative\C_20261.NLS
  • C:\Windows\sysnative\C_20001.NLS
  • C:\Windows\sysnative\C_20004.NLS
  • C:\Windows\sysnative\C_10021.NLS
  • C:\Windows\sysnative\C_857.NLS
  • C:\Windows\sysnative\C_28599.NLS
  • C:\Windows\sysnative\C_10081.NLS
  • C:\Windows\sysnative\C_10017.NLS
  • C:\Windows\sysnative\C_20127.NLS
  • C:\Windows\sysnative\C_1258.NLS
  • C:\Windows\sysnative\C_20005.NLS
  • C:\Windows\sysnative\C_850.NLS
  • C:\Windows\sysnative\C_20105.NLS
  • C:\Windows\sysnative\C_28591.NLS
  • C:\Windows\sysnative\C_10000.NLS
  • C:\Windows\System32\en-US\MLANG.dll.mui
  • \??\Nsi
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\css[1].txt
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\modal[1].css
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\module[1].css
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\socialstyle[1].css
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\k2[1].css
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\tquote2[1].css
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\sc_bootstrap[1].css
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\tquote[1].css
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\default[1].css
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\mootools-core[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\tquote1[1].css
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\select2[1].css
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\typography2[1].php
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\flexicontent[1].css
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\bootstrap.min[1].css
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\rokbox[1].css
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\common[1].css
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\freichatcss[1].php
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\rokbox[1].eot
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\styles[1].css
  • C:\Windows\SysWOW64\Macromed\Flash\ss.sgn
  • C:\Windows\SysWOW64\Macromed\Flash\ss.cfg
  • C:\Windows\SysWOW64\Macromed\Flash\mms.cfg
  • C:\Windows\SysWOW64\Macromed\Flash\oem.cfg
  • C:\Windows\SysWOW64\oem.cfg
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache
  • C:\Users\test\AppData\Local\Temp\
  • C:\Users\test\AppData\Roaming\Adobe\FLASH PLAYER\NATIVECACHE\
  • C:\Users\test\AppData\Roaming\Adobe\FLASH PLAYER\
  • C:\Users\test\AppData\Roaming\Adobe\
  • C:\Users\test\AppData\Roaming\
  • C:\Users\test\AppData\
  • C:\Users\test\
  • C:\Users\
  • C:\Users\test\AppData\Roaming
  • C:\Users\test\AppData\Roaming\Adobe
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\NativeCache.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\94D901CE4AD8BABEF1A9F51A72BF8CE8.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\D19A124A63BC3E484EE0CC12F63FFE86\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\14FE212574D1C626E7D9F8D9E261A62B\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\58D75590E211D1B0C26C176059D52D75\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\DE89D1447AB1E99DD87F51CA87C52655\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\9DCB33E1CFD76DD078ED1898ECBAEFEE\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\668D0A067F2436E1D58EA37A2D7DAF2E\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\396B667C011CF74AFE66D655E875014B\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\7FCDFC8C65295F95F1B2B94C4B4AC6BF\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\BF4BB2C7EE96F73EC15D03471A3C7190\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\24FB7F8BF29F9D5B1BA5F5BD986D6BDB\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\27B164FB036E31553875E83C0CEADD7C\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\E5617A3A2E52B334393316C9AF28E65D\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\74C6CC968D46AD77ED26CD2279AFAD4A\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\5E1695CF661F2AC6997BB8E3D81DF826\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\53C2449AF5289A3021851A926C9292AE\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\2B9A81C6A66630E584CDC25504552597\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\46ED9160074E9FE80B68B8F4635E1E1F\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\7624407C79FD148BD154961B5C878D06\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\52A424DE7FAAAC541C1DDDCE9E5AB317\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\915E84FE7E8929AA0AF1E491D8AA8669\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\A0B83912A1953D21B712724637B8789A\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\824E0FF07F7744CEBFDAF4FF92BE9E8F\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\63241689DE8DD5590FBBFA84AD7D116C\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\5F01BA1496F8B8F767931AACBF93267B\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\340EE80BB6C2BDC03A237663EA24C806\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\B8A777454276EE030F7A5FF3F6E693DC\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\AssetCache
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\AssetCache\*
  • C:\Users\test\.telemetry.cfg
  • C:\Users\test\telemetry.cfg
  • C:\Windows\SysWOW64\Macromed\Flash\activex.vch
  • C:\Windows\SysWOW64\Macromed\Flash\Flash32_20_0_0_286.ocx
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\CA1k7SlXcY5kvI81M_R28RWp_va1cOkgzoB8dfDAF9k[1].eot
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\HGfsyCL5WASpHOFnouG-RPY6323mHUZFJMgTvxaG2iE[1].eot
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\IcataThX2txXS5f602ccTA[1].eot
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\-vGerp1w0ZI2FbLjP6XX__esZW2xOQ-xsNqO47m55DA[1].eot
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\22TLRN_sb7eGnW3UzCoN7w[1].eot
  • C:\Windows\SysWOW64\mshtml.tlb
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\zgcqY-au-yAst5CiOkK_e_esZW2xOQ-xsNqO47m55DA[1].eot
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\core[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\jquery.min[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\jquery.min[2].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\jquery-noconflict[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\jquery-migrate.min[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\mootools-more[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\jquery.ui.core.min[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\jquery.ui.sortable.min[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\jquery.ui.autocomplete.min[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\select2[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\tmpl-common[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\bootstrap.min[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\jquery.colorbox-min[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\script.min[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\rokbox[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\modal[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\mthash[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\eprivacy[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\main[1].php
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\iframe-height.min[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\mod_sclogin[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\videobox[1].css
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\jquery.min[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\functions[1].css
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\videobox[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\functions[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\jquery.placeholder[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\jquery-1.6.min[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\jquery.corner[1].js
读取的文件
  • C:\Windows\Globalization\Sorting\sortdefault.nls
  • C:\Program Files (x86)\Internet Explorer\IEShims.dll
  • C:\Windows\SysWOW64\shell32.dll
  • \Device\KsecDD
  • C:\Program Files (x86)\Internet Explorer\sqmapi.dll
  • C:\
  • C:\Users\test\AppData\Local\Microsoft\Windows\Caches\cversions.1.db
  • C:\Users\test\AppData\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000006.db
  • C:\Users\desktop.ini
  • C:\Users
  • C:\Users\test
  • C:\Users\test\Favorites\desktop.ini
  • C:\Users\test\Desktop\desktop.ini
  • C:\Program Files (x86)\Internet Explorer\ieproxy.dll
  • C:\Windows\Fonts\staticcache.dat
  • C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
  • C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
  • C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
  • C:\Windows\AppPatch\sysmain.sdb
  • C:\Program Files (x86)\Microsoft Office\Office14\
  • C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll
  • C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
  • C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll
  • C:\Program Files (x86)\Java\jre1.8.0_101\bin\msvcr100.dll
  • C:\Program Files (x86)\Java\jre1.8.0_101\bin\deploy.dll
  • C:\Users\test\AppData\Local\Temp\JavaDeployReg.log
  • C:\Users\test\AppData\Local\Microsoft\Feeds Cache\index.dat
  • C:\Windows\SysWOW64\ieframe.dll
  • C:\Users\test\AppData\Local\Temp\143741d7ec789d40c632f9994772854d.html
  • C:\Windows\WindowsShell.manifest
  • C:\Windows\System32\en-US\MLANG.dll.mui
  • C:\Users\test\AppData
  • C:\Users\test\AppData\Local
  • C:\Users\test\AppData\Local\Temp
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\css[1].txt
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\modal[1].css
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\module[1].css
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\socialstyle[1].css
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\k2[1].css
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\tquote2[1].css
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\sc_bootstrap[1].css
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\tquote[1].css
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\default[1].css
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\mootools-core[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\tquote1[1].css
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\select2[1].css
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\typography2[1].php
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\flexicontent[1].css
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\bootstrap.min[1].css
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\rokbox[1].css
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\common[1].css
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\freichatcss[1].php
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\rokbox[1].eot
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\styles[1].css
  • C:\Windows\SysWOW64\Macromed\Flash\mms.cfg
  • C:\Windows\SysWOW64\Macromed\Flash\oem.cfg
  • C:\Windows\SysWOW64\oem.cfg
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\94D901CE4AD8BABEF1A9F51A72BF8CE8.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\NativeCache.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\D19A124A63BC3E484EE0CC12F63FFE86\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\14FE212574D1C626E7D9F8D9E261A62B\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\58D75590E211D1B0C26C176059D52D75\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\DE89D1447AB1E99DD87F51CA87C52655\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\9DCB33E1CFD76DD078ED1898ECBAEFEE\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\668D0A067F2436E1D58EA37A2D7DAF2E\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\396B667C011CF74AFE66D655E875014B\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\7FCDFC8C65295F95F1B2B94C4B4AC6BF\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\BF4BB2C7EE96F73EC15D03471A3C7190\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\24FB7F8BF29F9D5B1BA5F5BD986D6BDB\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\27B164FB036E31553875E83C0CEADD7C\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\E5617A3A2E52B334393316C9AF28E65D\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\74C6CC968D46AD77ED26CD2279AFAD4A\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\5E1695CF661F2AC6997BB8E3D81DF826\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\53C2449AF5289A3021851A926C9292AE\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\2B9A81C6A66630E584CDC25504552597\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\46ED9160074E9FE80B68B8F4635E1E1F\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\7624407C79FD148BD154961B5C878D06\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\52A424DE7FAAAC541C1DDDCE9E5AB317\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\915E84FE7E8929AA0AF1E491D8AA8669\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\A0B83912A1953D21B712724637B8789A\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\824E0FF07F7744CEBFDAF4FF92BE9E8F\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\63241689DE8DD5590FBBFA84AD7D116C\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\5F01BA1496F8B8F767931AACBF93267B\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\340EE80BB6C2BDC03A237663EA24C806\Info.directory
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\B8A777454276EE030F7A5FF3F6E693DC\Info.directory
  • C:\Users\test\.telemetry.cfg
  • C:\Users\test\telemetry.cfg
  • C:\Windows\SysWOW64\Macromed\Flash\activex.vch
  • C:\Windows\SysWOW64\Macromed\Flash\Flash32_20_0_0_286.ocx
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\IcataThX2txXS5f602ccTA[1].eot
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\CA1k7SlXcY5kvI81M_R28RWp_va1cOkgzoB8dfDAF9k[1].eot
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\HGfsyCL5WASpHOFnouG-RPY6323mHUZFJMgTvxaG2iE[1].eot
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\-vGerp1w0ZI2FbLjP6XX__esZW2xOQ-xsNqO47m55DA[1].eot
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\22TLRN_sb7eGnW3UzCoN7w[1].eot
  • C:\Windows\SysWOW64\mshtml.tlb
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\zgcqY-au-yAst5CiOkK_e_esZW2xOQ-xsNqO47m55DA[1].eot
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\core[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\jquery.min[2].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\jquery-noconflict[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\jquery-migrate.min[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\mootools-more[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\jquery.ui.core.min[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\jquery.ui.sortable.min[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\jquery.ui.autocomplete.min[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\select2[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\tmpl-common[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\bootstrap.min[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\jquery.colorbox-min[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\script.min[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\rokbox[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\modal[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\mthash[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\eprivacy[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\main[1].php
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\iframe-height.min[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\mod_sclogin[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\videobox[1].css
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\jquery.min[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\functions[1].css
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\videobox[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\functions[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\jquery.placeholder[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\jquery-1.6.min[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\jquery.corner[1].js
修改的文件
  • C:\Users\test\AppData\Local\Temp\JavaDeployReg.log
  • C:\Users\test\AppData\Local\Microsoft\Feeds Cache\index.dat
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\css[1].txt
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\modal[1].css
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\module[1].css
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\socialstyle[1].css
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\k2[1].css
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\tquote2[1].css
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\sc_bootstrap[1].css
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\tquote[1].css
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\default[1].css
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\mootools-core[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\tquote1[1].css
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\select2[1].css
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\typography2[1].php
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\flexicontent[1].css
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\bootstrap.min[1].css
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\rokbox[1].css
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\common[1].css
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\freichatcss[1].php
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\rokbox[1].eot
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\styles[1].css
  • C:\Users\test\AppData\Roaming\Adobe\Flash Player\NativeCache\NativeCache.directory
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\CA1k7SlXcY5kvI81M_R28RWp_va1cOkgzoB8dfDAF9k[1].eot
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\HGfsyCL5WASpHOFnouG-RPY6323mHUZFJMgTvxaG2iE[1].eot
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\IcataThX2txXS5f602ccTA[1].eot
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\-vGerp1w0ZI2FbLjP6XX__esZW2xOQ-xsNqO47m55DA[1].eot
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\22TLRN_sb7eGnW3UzCoN7w[1].eot
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\zgcqY-au-yAst5CiOkK_e_esZW2xOQ-xsNqO47m55DA[1].eot
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\core[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\jquery.min[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\jquery.min[2].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\jquery-noconflict[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\jquery-migrate.min[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\mootools-more[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\jquery.ui.core.min[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\jquery.ui.sortable.min[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\jquery.ui.autocomplete.min[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\select2[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\tmpl-common[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\bootstrap.min[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\jquery.colorbox-min[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\script.min[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\rokbox[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\modal[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\mthash[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\eprivacy[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\main[1].php
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\iframe-height.min[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\mod_sclogin[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\videobox[1].css
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\jquery.min[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\functions[1].css
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\videobox[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\functions[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\jquery.placeholder[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\jquery-1.6.min[1].js
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\jquery.corner[1].js
删除的文件
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\freichatcss[1].php
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\main[1].php
注册表键
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\DEPOff
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Security_HKLM_only
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLESAFESEARCHPATH_KB963027
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ENABLESAFESEARCHPATH_KB963027
  • HKEY_LOCAL_MACHINE\Software\Policies
  • HKEY_CURRENT_USER\Software\Policies
  • HKEY_CURRENT_USER\Software
  • HKEY_LOCAL_MACHINE\Software
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Low Rights
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ProtectedModeOffForAllZones
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\TabProcGrowth
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\TabProcGrowth
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\LuaOffLoRIEOn
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FrameTabWindow
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FrameTabWindow
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FrameMerging
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FrameMerging
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\SessionMerging
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\SessionMerging
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\AdminTabProcs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\AdminTabProcs
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\DetourDialogs
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\New Windows
  • HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags
  • HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\AcRedir
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPropertiesMyComputer
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPropertiesRecycleBin
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoControlPanel
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetFolders
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoInternetIcon
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Applications\iexplore.exe
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SideBySide
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoCommonGroups
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc\Extensions
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\Extensions\RemoteRpcDll
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BFE
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\TabShutdownDelay
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\TabShutdownDelay
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SQM
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SQM\ServerFreezeOnUpload
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SQM
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\SQMClient\Windows
  • HKEY_LOCAL_MACHINE\Software\Microsoft\SQMClient\Windows
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\Windows\CEIPEnable
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\Category
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\ParentFolder
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\Description
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\RelativePath
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\ParsingName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\InfoTip
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\LocalizedName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\Icon
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\Security
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\StreamResource
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\StreamResourceType
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\LocalRedirectOnly
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\Roamable
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\PreCreate
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\Stream
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\PublishExpandedPath
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\Attributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\FolderTypeID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\InitFolderHandler
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\PropertyBag
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\KnownFolders
  • HKEY_CURRENT_USER
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Favorites
  • HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\Attributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\CallForAttributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\RestrictedAttributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsFORDISPLAY
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\HideFolderVerbs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\UseDropHandler
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsFORPARSING
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsParseDisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\QueryForOverlay
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\MapNetDriveVerbs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\QueryForInfoTip
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\HideInWebView
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\HideOnDesktopPerUser
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsAliasedNotifications
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsUniversalDelegate
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\NoFileFolderJunction
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\PinToNameSpaceTree
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\HasNavigationEnum
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\NonEnum
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\NonEnum
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{20D04FE0-3AEA-1069-A2D8-08002B30309D}
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{372941a4-1bd9-11e5-9838-806e6f6e6963}\
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{372941a4-1bd9-11e5-9838-806e6f6e6963}\Data
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{372941a4-1bd9-11e5-9838-806e6f6e6963}\Generation
  • HKEY_CLASSES_ROOT\Drive\shellex\FolderExtensions
  • HKEY_CLASSES_ROOT\Drive\shellex\FolderExtensions\{fbeb8a05-beee-4442-804e-409d6c4515e9}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\FolderExtensions\{fbeb8a05-beee-4442-804e-409d6c4515e9}\DriveMask
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Explorer
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Explorer
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\LSA\AccessProviders
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\AccessProviders\MartaExtension
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DontShowSuperHidden
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoWebView
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ClassicShell
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\SeparateProcess
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoNetCrawling
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSimpleStartMenu
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Hidden
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowCompColor
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\HideFileExt
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\DontPrettyPath
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowInfoTip
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\HideIcons
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\MapNetDrvBtn
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\WebView
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Filter
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowSuperHidden
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\SeparateProcess
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\NoNetCrawling
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\AutoCheckSelect
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\IconsOnly
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowTypeOverlay
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Shell\RegisteredApplications\UrlAssociations\Directory\OpenWithProgids
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\Directory
  • HKEY_CLASSES_ROOT\Directory
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\CurVer
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\ShellEx\IconHandler
  • HKEY_CLASSES_ROOT\Folder
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\ShellEx\IconHandler
  • HKEY_CLASSES_ROOT\AllFilesystemObjects
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\ShellEx\IconHandler
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\DocObject
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\DocObject
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\DocObject
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\BrowseInPlace
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\BrowseInPlace
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\BrowseInPlace
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\Clsid
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\Clsid
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\Clsid
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\IsShortcut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\IsShortcut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\IsShortcut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\AlwaysShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\NeverShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\NeverShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\NeverShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Category
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\ParentFolder
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Description
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\RelativePath
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\ParsingName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\InfoTip
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\LocalizedName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Icon
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Security
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\StreamResource
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\StreamResourceType
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\LocalRedirectOnly
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Roamable
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\PreCreate
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Stream
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\PublishExpandedPath
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Attributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\FolderTypeID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\InitFolderHandler
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\PropertyBag
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Desktop
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Category
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\ParentFolder
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Description
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\RelativePath
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\ParsingName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\InfoTip
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\LocalizedName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Icon
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Security
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\StreamResource
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\StreamResourceType
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\LocalRedirectOnly
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Roamable
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\PreCreate
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Stream
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\PublishExpandedPath
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Attributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\FolderTypeID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\InitFolderHandler
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\PropertyBag
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\Category
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\ParentFolder
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\Description
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\RelativePath
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\ParsingName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\InfoTip
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\LocalizedName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\Icon
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\Security
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\StreamResource
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\StreamResourceType
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\LocalRedirectOnly
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\Roamable
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\PreCreate
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\Stream
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\PublishExpandedPath
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\Attributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\FolderTypeID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\InitFolderHandler
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\PropertyBag
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\AppData
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Category
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\ParentFolder
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Description
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\RelativePath
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\ParsingName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\InfoTip
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\LocalizedName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Icon
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Security
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\StreamResource
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\StreamResourceType
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\LocalRedirectOnly
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Roamable
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\PreCreate
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Stream
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\PublishExpandedPath
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Attributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\FolderTypeID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\InitFolderHandler
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\PropertyBag
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-2280033686-3172497658-3481507381-1000
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-2280033686-3172497658-3481507381-1000\ProfileImagePath
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\Category
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\ParentFolder
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\Description
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\RelativePath
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\ParsingName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\InfoTip
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\LocalizedName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\Icon
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\Security
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\StreamResource
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\StreamResourceType
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\LocalRedirectOnly
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\Roamable
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\PreCreate
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\Stream
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\PublishExpandedPath
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\Attributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\FolderTypeID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\InitFolderHandler
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\PropertyBag
  • HKEY_CLASSES_ROOT\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\Attributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\CallForAttributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\RestrictedAttributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\WantsFORDISPLAY
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\HideFolderVerbs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\UseDropHandler
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\WantsFORPARSING
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\WantsParseDisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\QueryForOverlay
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\MapNetDriveVerbs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\QueryForInfoTip
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\HideInWebView
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\HideOnDesktopPerUser
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\WantsAliasedNotifications
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\WantsUniversalDelegate
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\NoFileFolderJunction
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\PinToNameSpaceTree
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\HasNavigationEnum
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{59031A47-3F72-44A7-89C5-5595FE6B30EE}
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{372941a3-1bd9-11e5-9838-806e6f6e6963}\
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{372941a3-1bd9-11e5-9838-806e6f6e6963}\Data
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{372941a3-1bd9-11e5-9838-806e6f6e6963}\Generation
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc\SecurityService
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\SecurityService\DefaultAuthLevel
  • HKEY_CURRENT_USER\Software\Classes
  • HKEY_CURRENT_USER\Software\Classes\AppID\iexplore.exe
  • HKEY_LOCAL_MACHINE\Software\Microsoft\OLE\AppCompat
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLE\AppCompat\RaiseDefaultAuthnLevel
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLE
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLE\DefaultAccessPermission
  • HKEY_CURRENT_USER\Software\Classes\Interface\{00000134-0000-0000-C000-000000000046}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{00000134-0000-0000-C000-000000000046}\ProxyStubClsid32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{00000134-0000-0000-C000-000000000046}\ProxyStubClsid32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\Extensions\NdrOleExtDLL
  • HKEY_LOCAL_MACHINE\Software\Microsoft\SQMClient\Windows\DisabledProcesses\
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\Windows\DisabledProcesses\74DD1FC8
  • HKEY_LOCAL_MACHINE\Software\Microsoft\SQMClient\Windows\DisabledSessions\
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\Windows\DisabledSessions\MachineThrottling
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\Windows\DisabledSessions\GlobalSession
  • HKEY_CURRENT_USER\Software\Classes\Interface\{9EC704BA-E1D4-45C5-9B59-BFAE07D9F04E}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{9EC704BA-E1D4-45C5-9B59-BFAE07D9F04E}\ProxyStubClsid32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{9EC704BA-E1D4-45C5-9B59-BFAE07D9F04E}\ProxyStubClsid32\(Default)
  • HKEY_CURRENT_USER\Software\Classes\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\TreatAs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\Progid
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\Progid
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InprocServer32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InProcServer32\InprocServer32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InProcServer32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InProcServer32\ThreadingModel
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InprocHandler32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InprocHandler
  • HKEY_CURRENT_USER\Software\Classes\Interface\{B40C43F1-F039-44D2-AEB7-87F5AF8ABC3D}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{B40C43F1-F039-44D2-AEB7-87F5AF8ABC3D}\ProxyStubClsid32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{B40C43F1-F039-44D2-AEB7-87F5AF8ABC3D}\ProxyStubClsid32\(Default)
  • HKEY_CURRENT_USER\Software\Classes\Interface\{D358F4E1-0465-4965-9DD5-CAE303D2C345}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{D358F4E1-0465-4965-9DD5-CAE303D2C345}\ProxyStubClsid32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{D358F4E1-0465-4965-9DD5-CAE303D2C345}\ProxyStubClsid32\(Default)
  • HKEY_CURRENT_USER\Software\Classes\Interface\{1AC7516E-E6BB-4A69-B63F-E841904DC5A6}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1AC7516E-E6BB-4A69-B63F-E841904DC5A6}\ProxyStubClsid32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1AC7516E-E6BB-4A69-B63F-E841904DC5A6}\ProxyStubClsid32\(Default)
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\App Paths\iexplore.exe
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\iexplore.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\IEXPLORE.EXE\DontUseDesktopChangeRouter
  • HKEY_CURRENT_USER\Software\Classes\Interface\{F704B7E0-4760-46FF-BBDB-7439E0A2A814}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{F704B7E0-4760-46FF-BBDB-7439E0A2A814}\ProxyStubClsid32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{F704B7E0-4760-46FF-BBDB-7439E0A2A814}\ProxyStubClsid32\(Default)
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\EnablePreBinding
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\AllowFileCLSIDJunctions
  • HKEY_CLASSES_ROOT\.html
  • HKEY_CURRENT_USER\Software\Classes\.html\(Default)
  • HKEY_CLASSES_ROOT\.html\OpenWithProgids
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\OpenWithProgids
  • HKEY_CLASSES_ROOT\htmlfile
  • HKEY_CLASSES_ROOT\FirefoxHTML
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice\Progid
  • HKEY_CLASSES_ROOT\IE.AssocFile.HTM
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.HTM\CurVer
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.HTM\
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.HTM\ShellEx\IconHandler
  • HKEY_CLASSES_ROOT\SystemFileAssociations\.html
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.html\ShellEx\IconHandler
  • HKEY_CLASSES_ROOT\SystemFileAssociations\document
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.HTM\DocObject
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.html\DocObject
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.HTM\BrowseInPlace
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.html\BrowseInPlace
  • HKEY_CURRENT_USER\Software\Classes\.html\Content Type
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.HTM\Clsid
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.html\Clsid
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.HTM\IsShortcut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.html\IsShortcut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.HTM\AlwaysShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.html\AlwaysShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.HTM\NeverShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.html\NeverShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFileMenu
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Restrictions\NoFavorites
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Restrictions
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Restrictions\NoHelpMenu
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Window Title
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\StatusBarWeb
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\LinksBar
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\Enabled
  • HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\IEAK
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\IEAK
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Toolbar
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Locked
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Enable Browser Extensions
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\CommandBar
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\CommandBar
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\CommandBar\SmallIcons
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Locale
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Locale\Alternate Sorts
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Language Groups
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Locale\00000804
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Language Groups\a
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\ITBar7Height
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoBandCustomize
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache
  • HKEY_CURRENT_USER\Software\AppDataLow
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\LowCache
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IntelliForms
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Favorites
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PageSetup
  • HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Passport\LowDAMap
  • HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\LowRegistry
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Zoom
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IETld\LowMic
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\ITBar7Layout
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\AlwaysShowMenus
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\DataStore_V1.0
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\DataStore_V1.0\Disable
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\DataStore_V1.0\DataFilePath
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane1
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane2
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane3
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane4
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane5
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane6
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane7
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane8
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane9
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane10
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane11
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane12
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane13
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane14
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane15
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane16
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Marlett
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontLink\SystemLink
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\\xe5\xbe\xae\xe8\xbd\xaf\xe9\x9b\x85\xe9\xbb\x91
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ADDON_MANAGEMENT
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ADDON_MANAGEMENT\iexplore.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ADDON_MANAGEMENT\*
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Ext
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Ext
  • HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SafeBoot\Option
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\AppCompatibility
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\AppCompat
  • HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{18df081c-e8ad-4283-a596-fa578c2ebdc3}\InProcServer32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\InprocServer32\(Default)
  • HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion
  • HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Custom\AcroIEHelperShim.dll
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
  • HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore\Type
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore\Count
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore\Time
  • HKEY_CLASSES_ROOT\CLSID\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\InprocServer32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\InprocServer32\(Default)
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore\LoadTime
  • HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}
  • HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{72853161-30c5-4d22-b7f9-0bbc1d38a37e}\InProcServer32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\InprocServer32\(Default)
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Cache
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Custom\GROOVEEX.DLL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}
  • HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\iexplore
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\iexplore\Type
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\iexplore\Count
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\iexplore\Time
  • HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Groove
  • HKEY_CURRENT_USER\SOFTWARE\Groove Networks, Inc.\Groove
  • HKEY_LOCAL_MACHINE\SOFTWARE\Groove Networks, Inc.\Groove
  • HKEY_LOCAL_MACHINE\SOFTWARE\Groove.OldData
  • HKEY_CURRENT_USER\SOFTWARE\Groove.OldData
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Office\14.0\Groove\InstallRoot
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\Category
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\ParentFolder
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\Description
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\RelativePath
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\ParsingName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\InfoTip
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\LocalizedName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\Icon
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\Security
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\StreamResource
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\StreamResourceType
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\LocalRedirectOnly
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\Roamable
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\PreCreate
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\Stream
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\PublishExpandedPath
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\Attributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\FolderTypeID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\InitFolderHandler
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\PropertyBag
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\ProgramData
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Office\14.0\Groove
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Defaults\Provider Types\Type 001
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Defaults\Provider\Microsoft Strong Cryptographic Provider
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\MachineGuid
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Offload
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\iexplore
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\iexplore\LoadTime
  • HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
  • HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{761497bb-d6f0-462c-b6eb-d4daf1d92d43}\InProcServer32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\InProcServer32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Custom\ssv.dll
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
  • HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore\Type
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore\Count
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore\Time
  • HKEY_CURRENT_USER\SOFTWARE\JavaSoft\DeploymentProperties\pending
  • HKEY_CURRENT_USER\SOFTWARE\JavaSoft\DeploymentProperties
  • HKEY_CURRENT_USER\Software\JavaSoft\DeploymentProperties\deployment.expiration.decision.11.101.2
  • HKEY_CURRENT_USER\Software\JavaSoft\DeploymentProperties\deployment.expiration.decision.suppression.11.101.2
  • HKEY_CURRENT_USER\Software\JavaSoft\DeploymentProperties\deployment.expiration.decision.timestamp.11.101.2
  • HKEY_CURRENT_USER\Software\JavaSoft\DeploymentProperties\deployment.webjava.enabled
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\14.0\Groove\InstallRoot\Path
  • HKEY_LOCAL_MACHINE\SOFTWARE
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\JavaSoft
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\JavaSoft\Java Plug-in
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\JavaSoft\Java Plug-in\11.101.2
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\JavaSoft\Java Plug-in\11.101.2\UseNewJavaPlugin
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore\LoadTime
  • HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{B4F3A835-0E21-4959-BA22-42B3008E02FF}
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{B4F3A835-0E21-4959-BA22-42B3008E02FF}
  • HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{b4f3a835-0e21-4959-ba22-42b3008e02ff}\InProcServer32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\InprocServer32\(Default)
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Custom\URLREDIR.DLL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B4F3A835-0E21-4959-BA22-42B3008E02FF}
  • HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore\Type
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore\Count
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore\Time
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore\LoadTime
  • HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{DBC80044-A445-435B-BC74-9C25C1C588A9}
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DBC80044-A445-435B-BC74-9C25C1C588A9}\Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{DBC80044-A445-435B-BC74-9C25C1C588A9}
  • HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{dbc80044-a445-435b-bc74-9c25c1c588a9}\InProcServer32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DBC80044-A445-435B-BC74-9C25C1C588A9}\InProcServer32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Custom\jp2ssv.dll
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{DBC80044-A445-435B-BC74-9C25C1C588A9}
  • HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore\Type
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore\Count
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore\Time
  • HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Plug-in
  • HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Plug-in\11.101.2
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\JavaSoft\Java Plug-in\11.101.2\JavaHome
  • HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Web Start\11.101.2
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\JavaSoft\Java Web Start\11.101.2\Home
  • HKEY_CLASSES_ROOT\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\InProcServer32
  • HKEY_CLASSES_ROOT\CLSID
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Ole
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLE\MaximumAllowedAllocationSize
  • HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\TreatAs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\TreatAs\(Default)
  • HKEY_CURRENT_USER\Software\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}
  • HKEY_CURRENT_USER\Software\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
  • HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Runtime Environment
  • HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Runtime Environment\1.8.0_101
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\JavaSoft\Java Runtime Environment\1.8.0_101\JavaHome
  • HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0101-ABCDEFFEDCBA}\InprocServer32
  • HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{CAFEEFAC-0018-0000-0101-ABCDEFFEDCBA}\InprocServer32\(Default)
  • HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0101-ABCDEFFEDCBB}\InprocServer32
  • HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{CAFEEFAC-0018-0000-0101-ABCDEFFEDCBB}\InprocServer32\(Default)
  • HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0101-ABCDEFFEDCBC}\InprocServer32
  • HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{CAFEEFAC-0018-0000-0101-ABCDEFFEDCBC}\InprocServer32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\InprocServer32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\InprocServer32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0101-ABCDEFFEDCBA}\InprocServer32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CAFEEFAC-0018-0000-0101-ABCDEFFEDCBA}\InprocServer32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0101-ABCDEFFEDCBB}\InprocServer32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CAFEEFAC-0018-0000-0101-ABCDEFFEDCBB}\InprocServer32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0101-ABCDEFFEDCBC}\InprocServer32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CAFEEFAC-0018-0000-0101-ABCDEFFEDCBC}\InprocServer32\(Default)
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore\LoadTime
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE\iexplore.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE\*
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ALLOW_REVERSE_SOLIDUS_IN_USERINFO_KB932562
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ALLOW_REVERSE_SOLIDUS_IN_USERINFO_KB932562
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Feeds
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Feeds\UrlCacheVersion
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Suggested Sites
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Suggested Sites
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Suggested Sites\Enabled
  • HKEY_CURRENT_USER\Software\Classes\TypeLib
  • HKEY_CURRENT_USER\Software\Classes\TypeLib\{5F226421-415D-408D-9A09-0DCD94E25B48}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5F226421-415D-408D-9A09-0DCD94E25B48}\1.0
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5F226421-415D-408D-9A09-0DCD94E25B48}\1.0\0
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5F226421-415D-408D-9A09-0DCD94E25B48}\1.0\0\win32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5F226421-415D-408D-9A09-0DCD94E25B48}\1.0\0\win32\(Default)
  • HKEY_CURRENT_USER\Software\Classes\TypeLib\{EAB22AC0-30C1-11CF-A7EB-0000C05BAE0B}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{EAB22AC0-30C1-11CF-A7EB-0000C05BAE0B}\1.1
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{EAB22AC0-30C1-11CF-A7EB-0000C05BAE0B}\1.1\0
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{EAB22AC0-30C1-11CF-A7EB-0000C05BAE0B}\1.1\0\win32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{EAB22AC0-30C1-11CF-A7EB-0000C05BAE0B}\1.1\0\win32\(Default)
  • HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\Internet
  • HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\Internet\OpenDirectlyInApp
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Security
  • HKEY_CURRENT_USER\Software\Microsoft\Security
  • HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{7b8a2d94-0ac9-11d1-896c-00c04fb6bfc4}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4}\InsecureQI
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Security
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Security\DisableSecuritySettingsCheck
  • HKEY_LOCAL_MACHINE\System\Setup
  • HKEY_LOCAL_MACHINE\SYSTEM\Setup\SystemSetupInProgress
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\Flags
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\Flags
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\UNCAsIntranet
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\Flags
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\Flags
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\Flags
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\iexplore.exe
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONES_DEFAULT_DRIVE_INTRANET_KB941000
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ZONES_DEFAULT_DRIVE_INTRANET_KB941000
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\SpecialFoldersCacheSize
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\SpecialFoldersCacheSize
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\SpecialFoldersCacheSize
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\SpecialFoldersCacheSize
  • HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common
  • HKEY_CURRENT_USER\Software\Microsoft\Office\Common\AllowConsecutiveSlashesInUrlPathComponent
  • HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\Internet\Server Cache
  • HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\Internet\OptimisticBHO
  • HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\Internet\Server Cache\
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IEDDE_REGISTER_PROTOCOL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_IEDDE_REGISTER_PROTOCOL
  • HKEY_CLASSES_ROOT\CLSID\{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}\InProcServer32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}\InProcServer32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}\InProcServer32\LoadWithoutCOM
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked
  • HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{e7e4bc40-e76a-11ce-a9bb-00aa004ae837}\InProcServer32
  • HKEY_CLASSES_ROOT\CLSID\{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}\ShellFolder
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached\{E7E4BC40-E76A-11CE-A9BB-00AA004AE837} {000214E6-0000-0000-C000-000000000046} 0xFFFF
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\BrowserEmulation
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Safety\PrivacIE
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Safety\PrivacIE
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Safety\PrivacIE
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_READ_ZONE_STRINGS_FROM_REGISTRY
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_READ_ZONE_STRINGS_FROM_REGISTRY
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\Icon
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\MinLevel
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\RecommendedLevel
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\CurrentLevel
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\Icon
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\MinLevel
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\RecommendedLevel
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\CurrentLevel
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\Icon
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\MinLevel
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\RecommendedLevel
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\CurrentLevel
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\Icon
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\MinLevel
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\RecommendedLevel
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\CurrentLevel
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\Icon
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\MinLevel
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\RecommendedLevel
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\CurrentLevel
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\Feature_Enable_Compat_Logging
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\Feature_Enable_Compat_Logging
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\MediaTypeClass
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Accepted Documents
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Ratings
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ratings\Key
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_FAILED_CONNECT_CONTENT_KB942615
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SHOW_FAILED_CONNECT_CONTENT_KB942615
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\UrlEncoding
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\No3DBorder
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\No3DBorder
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\UrlEncoding
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\UrlEncoding
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MIME_HANDLING\iexplore.exe
  • HKEY_CLASSES_ROOT\PROTOCOLS\Name-Space Handler\
  • HKEY_CLASSES_ROOT\PROTOCOLS\Name-Space Handler\file\
  • HKEY_CLASSES_ROOT\PROTOCOLS\Name-Space Handler\*\
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
  • HKEY_CURRENT_USER\SOFTWARE\Classes\PROTOCOLS\Filter\text/html
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\text/html
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MIME_SNIFFING\iexplore.exe
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN\iexplore.exe
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\2100
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\2100
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\IsTextPlainHonored
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SAFE_BINDTOOBJECT\iexplore.exe
  • HKEY_CURRENT_USER\Software\Classes\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\TreatAs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\Progid
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\ProgID\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InprocServer32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InProcServer32\InprocServer32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InProcServer32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InProcServer32\ThreadingModel
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InprocHandler32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InprocHandler
  • HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows
  • HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\DragScrollInset
  • HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\DragScrollDelay
  • HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\DragDelay
  • HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\DragScrollInterval
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MANAGE_SCRIPT_CIRCULAR_REFS
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MANAGE_SCRIPT_CIRCULAR_REFS
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD\iexplore.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD\*
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Security\Floppy Access
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Security\Adv AddrBar Spoof Detection
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Security\Adv AddrBar Spoof Detection
  • HKEY_CLASSES_ROOT\PROTOCOLS\Name-Space Handler\about\
  • HKEY_CURRENT_USER\SOFTWARE\Classes\PROTOCOLS\Handler\about
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\about
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\about\CLSID
  • HKEY_CURRENT_USER\Software\Classes\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B}\TreatAs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B}\Progid
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B}\Progid
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B}\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B}\InprocServer32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B}\InProcServer32\InprocServer32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B}\InProcServer32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B}\InProcServer32\ThreadingModel
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B}\InprocHandler32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B}\InprocHandler
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DOCUMENT_COMPATIBLE_MODE
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_DOCUMENT_COMPATIBLE_MODE
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2106
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Zoom
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Zoom\ZoomDisabled
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Zoom
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Zoom\ResetTextSizeOnStartup
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Zoom\ResetTextSizeOnZoom
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Zoom\ResetZoomOnStartup2
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Zoom\ZoomFactor
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\PhishingFilter
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\PhishingFilter\EnabledV8
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IPERSISTMONIKER_LOAD_REDIRECTED_URL_KB976425
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_IPERSISTMONIKER_LOAD_REDIRECTED_URL_KB976425
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\SmartDithering
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SmartDithering
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\RtfConverterFlags
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\UseClearType
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Page_Transitions
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Use_DlgBox_Colors
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Anchor Underline
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\CSS_Compat
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Expand Alt Text
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Display Inline Images
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Display Inline Videos
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\Display Inline Videos
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Play_Background_Sounds
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Play_Animations
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Print_Background
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Use Stylesheets
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\SmoothScroll
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\XMLHTTP
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Show image placeholders
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Disable Script Debugger
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\DisableScriptDebuggerIE
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Move System Caret
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Force Offscreen Composition
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Enable AutoImageResize
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\UseThemes
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\UseHR
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Q300829
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Cleanup HTCs
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\XDomainRequest
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\XDomainRequest
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\DOMStorage
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Default_CodePage
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\AutoDetect
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\International\Scripts
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\Default_IEFontSizePrivate
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\International\Scripts
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Settings
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Anchor Color
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Anchor Color Visited
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Anchor Color Hover
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Settings
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Always Use My Colors
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Always Use My Font Size
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Always Use My Font Face
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Disable Visited Hyperlinks
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Use Anchor Hover Color
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\MiscFlags
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Styles
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Styles\Use My Stylesheet
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Styles\MaxScriptStatements
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Allow Programmatic Cut_Copy_Paste
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\DisableCachingOfSSLPages
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\DisableCachingOfSSLPages
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DisableCachingOfSSLPages
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PageSetup\Print_Background
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\\xe5\x8f\x91\xe9\x80\x81\xe8\x87\xb3 OneNote(&N)
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\\xe5\x8f\x91\xe9\x80\x81\xe8\x87\xb3 OneNote(&N)\(Default)
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\\xe5\x8f\x91\xe9\x80\x81\xe8\x87\xb3 OneNote(&N)\Flags
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\\xe5\x8f\x91\xe9\x80\x81\xe8\x87\xb3 OneNote(&N)\Contexts
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\\xe5\xaf\xbc\xe5\x87\xba\xe5\x88\xb0 Microsoft Excel(&X)
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\\xe5\xaf\xbc\xe5\x87\xba\xe5\x88\xb0 Microsoft Excel(&X)\(Default)
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\\xe5\xaf\xbc\xe5\x87\xba\xe5\x88\xb0 Microsoft Excel(&X)\Flags
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\\xe5\xaf\xbc\xe5\x87\xba\xe5\x88\xb0 Microsoft Excel(&X)\Contexts
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Nls\CodePage
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\950
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Codepage
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1256
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\864
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\708
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\51256
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\720
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28596
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10004
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50001
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1257
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\775
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28594
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1250
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\852
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28592
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10029
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50936
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\51936
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\54936
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20936
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\52936
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50227
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10008
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50950
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20000
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20002
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50229
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10002
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10082
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1251
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\51251
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\866
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28595
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20866
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\21866
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10007
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28603
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\29001
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\21027
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\863
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20106
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1253
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\51253
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\737
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28597
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10006
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\869
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1255
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\862
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\38598
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28598
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10005
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20003
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20420
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20880
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\21025
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20277
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1142
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20278
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1143
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20297
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1147
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20273
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1141
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20423
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\875
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20424
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20871
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1149
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\500
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1148
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20280
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1144
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\932
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50930
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50939
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50931
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20290
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\949
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50933
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20833
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\870
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50935
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20284
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1145
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\874
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20838
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50937
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1254
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20905
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1026
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20285
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1146
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\37
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1140
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1047
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20924
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\861
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10079
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57006
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57003
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57002
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57010
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57008
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57009
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57007
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57011
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57004
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57005
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20269
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50932
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\51932
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50220
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20932
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50221
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50222
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10001
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50949
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\51949
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50225
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1361
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10003
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20949
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28593
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28605
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\865
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20108
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\855
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\437
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\858
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\860
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10010
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20107
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20261
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20001
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20004
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10021
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\857
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28599
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10081
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10017
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1201
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20127
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1258
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20005
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\850
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20105
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28591
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10000
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\26
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\26\IEFontSize
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\26\IEFontSizePrivate
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\26\IEPropFontName
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\26\IEFixedFontName
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\AcceptLanguage
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\en-US
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\en-US
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\TravelLog
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\TravelLog
  • HKEY_CURRENT_USER\Software\Classes\Interface\{48A98A1F-5CDD-47EE-9286-DB04A3EB7CE1}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{48A98A1F-5CDD-47EE-9286-DB04A3EB7CE1}\ProxyStubClsid32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{48A98A1F-5CDD-47EE-9286-DB04A3EB7CE1}\ProxyStubClsid32\(Default)
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Version Vector
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Version Vector\VML
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Version Vector\IE
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Version Vector\WindowsEdition
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ZONE_ELEVATION\iexplore.exe
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SSLUX\iexplore.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SSLUX\*
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\iexplore.exe
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\*
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\iexplore.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\*
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\BrowserEmulation
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\BrowserEmulation\AllSitesCompatibilityMode
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\BrowserEmulation
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\BrowserEmulation\IntranetCompatibilityMode
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\BrowserEmulation\LocalMachineCompatibilityMode
  • HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
  • HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\(Default)
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Compatible
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Compatible
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Version
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Version
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\UA Tokens
  • HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Pre Platform
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Pre Platform
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Pre Platform
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Platform
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Platform
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\2700
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\2700
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_XSSFILTER
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_XSSFILTER\iexplore.exe
  • HKEY_CURRENT_USER\Software\Microsoft\windows\CurrentVersion\Internet Settings\Zones
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\SecuritySafe
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\NoProtectedModeBanner
  • HKEY_CURRENT_USER\Software\Classes\Interface\{00020400-0000-0000-C000-000000000046}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{00020400-0000-0000-C000-000000000046}\ProxyStubClsid32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{00020400-0000-0000-C000-000000000046}\ProxyStubClsid32\(Default)
  • HKEY_CURRENT_USER\Software\Classes\CLSID\{00020420-0000-0000-C000-000000000046}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00020420-0000-0000-C000-000000000046}\TreatAs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00020420-0000-0000-C000-000000000046}\Progid
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00020420-0000-0000-C000-000000000046}\Progid
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00020420-0000-0000-C000-000000000046}\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32\InprocServer32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32\ThreadingModel
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00020420-0000-0000-C000-000000000046}\InprocHandler32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00020420-0000-0000-C000-000000000046}\InprocHandler
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TabbedBrowsing
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TabbedBrowsing\ThumbnailBehavior
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\TabbedBrowsing
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_CONVERT_A3A0INGB2312
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_CONVERT_A3A0INGB2312
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\CoInternetCombineIUriCacheSize
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\CoInternetCombineIUriCacheSize
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\CoInternetCombineIUriCacheSize
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\CoInternetCombineIUriCacheSize
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN\iexplore.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN\*
  • HKEY_CURRENT_USER\Software\Classes\PROTOCOLS\Name-Space Handler\
  • HKEY_LOCAL_MACHINE\Software\Classes\PROTOCOLS\Name-Space Handler
  • HKEY_CURRENT_USER\Software\Classes\PROTOCOLS\Name-Space Handler
  • HKEY_CLASSES_ROOT\PROTOCOLS\Name-Space Handler\http\
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ConnectTimeOut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ConnectTimeOut
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\SendTimeOut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\SendTimeOut
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ReceiveTimeOut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ReceiveTimeOut
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME\iexplore.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME\*
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\2106
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\2106
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\2301
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\2301
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\DxTrans
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DxTrans
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\DxTrans
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\3
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\3\IEFontSize
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\3\IEFontSizePrivate
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\3\IEPropFontName
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\3\IEFixedFontName
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDITIONAL_IE8_MEMORY_CLEANUP
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ADDITIONAL_IE8_MEMORY_CLEANUP
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iexplore_RASMANCS
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\iexplore_RASMANCS\EnableFileTracing
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\iexplore_RASMANCS\FileTracingMask
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\iexplore_RASMANCS\EnableConsoleTracing
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\iexplore_RASMANCS\ConsoleTracingMask
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\iexplore_RASMANCS\MaxFileSize
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\iexplore_RASMANCS\FileDirectory
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\iexplore_RASAPI32\EnableFileTracing
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\iexplore_RASAPI32\FileTracingMask
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\iexplore_RASAPI32\EnableConsoleTracing
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\iexplore_RASAPI32\ConsoleTracingMask
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\iexplore_RASAPI32\MaxFileSize
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\iexplore_RASAPI32\FileDirectory
  • HKEY_CURRENT_USER\Software\Classes\Interface\{D30C1661-CDAF-11D0-8A3E-00C04FC9E26E}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{D30C1661-CDAF-11D0-8A3E-00C04FC9E26E}\ProxyStubClsid32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{D30C1661-CDAF-11D0-8A3E-00C04FC9E26E}\ProxyStubClsid32\(Default)
  • HKEY_CURRENT_USER\Software\Classes\Interface\{D30C1661-CDAF-11D0-8A3E-00C04FC9E26E}\ProxyStubClsid32
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER\iexplore.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER\*
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER\iexplore.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER\*
  • HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\UrlMon Settings
  • HKEY_CURRENT_USER\Software\Microsoft\windows\CurrentVersion\Internet Settings\Connections
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings
  • HKEY_CURRENT_USER\Software\Classes\Interface\{6D5140C1-7436-11CE-8034-00AA006009FA}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6D5140C1-7436-11CE-8034-00AA006009FA}\ProxyStubClsid32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6D5140C1-7436-11CE-8034-00AA006009FA}\ProxyStubClsid32\(Default)
  • HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\Location Awareness
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\WinSock2\Parameters
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinSock2\Parameters\WinSock_Registry_Version
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinSock2\Parameters\AutodialDLL
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\DnsCache\Parameters
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Hostname
  • HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnableUTF8
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\SecurityIdIUriCacheSize
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\SecurityIdIUriCacheSize
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\SecurityIdIUriCacheSize
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\SecurityIdIUriCacheSize
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION\iexplore.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION\*
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BEHAVIORS\iexplore.exe
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\2000
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\2000
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default Behaviors
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default Behaviors\discovery
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BINARY_CALLER_SERVICE_PROVIDER
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BINARY_CALLER_SERVICE_PROVIDER
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\MenuUserExpanded
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Restrictions\NoNavButtons
  • HKEY_CURRENT_USER\Software\Classes\Interface\{9D973E3B-F610-4F03-83D3-AED90C3237AC}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{9D973E3B-F610-4F03-83D3-AED90C3237AC}\SynchronousInterface
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{9D973E3B-F610-4F03-83D3-AED90C3237AC}\SynchronousInterface\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.HTM\ShellEx\{000214F9-0000-0000-C000-000000000046}
  • HKEY_CURRENT_USER\Software\Classes\.html\ShellEx\{000214F9-0000-0000-C000-000000000046}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.html\ShellEx\{000214F9-0000-0000-C000-000000000046}
  • HKEY_CLASSES_ROOT\*
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\ShellEx\{000214F9-0000-0000-C000-000000000046}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\ShellEx\{000214F9-0000-0000-C000-000000000046}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Safety\PrivacIE
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_STATUS_BAR_THROTTLING
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_STATUS_BAR_THROTTLING
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IEDDE_REGISTER_URLECHO
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_IEDDE_REGISTER_URLECHO
  • HKEY_CURRENT_USER\Software\Classes\Interface\{B722BCCB-4E68-101B-A2BC-00AA00404770}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{B722BCCB-4E68-101B-A2BC-00AA00404770}\ProxyStubClsid32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{B722BCCB-4E68-101B-A2BC-00AA00404770}\ProxyStubClsid32\(Default)
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1A10
  • HKEY_LOCAL_MACHINE\Software\Microsoft\OleAut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\Compatibility\iexplore.exe
  • HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{0000897b-83df-4b96-be07-0fb58b01c4a4}\LanguageProfile\0x00000000\{0001bea3-ed56-483d-a2e2-aeae25577436}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{0000897b-83df-4b96-be07-0fb58b01c4a4}\LanguageProfile\0x00000000\{0001bea3-ed56-483d-a2e2-aeae25577436}\Enable
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{0000897b-83df-4b96-be07-0fb58b01c4a4}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{03B5835F-F03C-411B-9CE2-AA23E1171E36}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{07EB03D6-B001-41DF-9192-BF9B841EE71F}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{3697C5FA-60DD-4B56-92D4-74A569205C16}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{3FC47A08-E5C9-4BCA-A2C7-BC9A282AED14}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{531FDEBF-9B4C-4A43-A2AA-960E8FCDC732}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{78CB5B0E-26ED-4FCC-854C-77E8F3D1AA80}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{81D4E9C9-1D3B-41BC-9E6C-4B40BF79E35E}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{8613E14C-D0C0-4161-AC0F-1DD2563286BC}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{A028AE76-01B1-46C2-99C4-ACD9858AE02F}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{AE6BE008-07FB-400D-8BEB-337A64F7051F}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{C1EE01F2-B3B6-4A6A-9DDD-E988C088EC82}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{DCBD6FA8-032F-11D3-B5B1-00C04FC324A1}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{E429B25A-E5D3-4D1F-9BE3-0C608477E3A1}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{F25E9F57-2FC8-4EB3-A41A-CCE5F08541E6}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{F89E9E58-BD2F-4008-9AC2-0F816C09F4EE}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{FA445657-9379-11D6-B41A-00065B83EE53}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90}
  • HKEY_CURRENT_USER\Keyboard Layout\Toggle
  • HKEY_CURRENT_USER\Keyboard Layout\Toggle\Language Hotkey
  • HKEY_CURRENT_USER\Keyboard Layout\Toggle\Hotkey
  • HKEY_CURRENT_USER\Keyboard Layout\Toggle\Layout Hotkey
  • HKEY_CURRENT_USER\Software\Microsoft\CTF\DirectSwitchHotkeys
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\CTF\EnableAnchorContext
  • HKEY_CLASSES_ROOT\MIME\Database\Content Type\text/css; charset=utf-8
  • HKEY_CLASSES_ROOT\MIME\Database\Content Type\text/css
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\text/css\Extension
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_CUSTOM_IMAGE_MIME_TYPES_KB910561
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_CUSTOM_IMAGE_MIME_TYPES_KB910561
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\TurnOffSPIAnimations
  • HKEY_CLASSES_ROOT\MIME\Database\Content Type\application/javascript
  • HKEY_CLASSES_ROOT\MIME\Database\Content Type\text/css;charset=UTF-8
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_Cross_Domain_Redirect_Mitigation
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_Cross_Domain_Redirect_Mitigation
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1604
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1604
  • HKEY_CLASSES_ROOT\PROTOCOLS\Name-Space Handler\data\
  • HKEY_CURRENT_USER\SOFTWARE\Classes\PROTOCOLS\Handler\data
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\data
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DATAURI
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_DATAURI
  • HKEY_CLASSES_ROOT\MIME\Database\Content Type\application/vnd.ms-fontobject
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1400
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1400
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT\iexplore.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT\*
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1201
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1201
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESPECT_OBJECTSAFETY_POLICY_KB905547
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_RESPECT_OBJECTSAFETY_POLICY_KB905547
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{F414C260-6AC0-11CF-B6D1-00AA00BBBB58}
  • HKEY_LOCAL_MACHINE\Software\Microsoft\COM3
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\COM3\COM+Enabled
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XMLHTTP
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XMLHTTP
  • HKEY_CURRENT_USER\Software\Classes\ShockwaveFlash.ShockwaveFlash
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShockwaveFlash.ShockwaveFlash\CLSID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShockwaveFlash.ShockwaveFlash\CLSID\(Default)
  • HKEY_CURRENT_USER\Software\Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\TreatAs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\Progid
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ProgID\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\InprocServer32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\InprocServer32\InprocServer32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\InprocServer32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\InprocServer32\ThreadingModel
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\InprocHandler32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\InprocHandler
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{D27CDB6E-AE6D-11CF-96B8-444553540000}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{D27CDB6E-AE6D-11CF-96B8-444553540000}\Compatibility Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{D27CDB6E-AE6D-11CF-96B8-444553540000}\MiscStatus Flags
  • HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{D27CDB6E-AE6D-11CF-96B8-444553540000}
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D27CDB6E-AE6D-11CF-96B8-444553540000}\Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{D27CDB6E-AE6D-11CF-96B8-444553540000}
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION\iexplore.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION\*
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1207
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1207
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ALLOWEDDOMAINLIST
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ALLOWEDDOMAINLIST
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\120B
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\120B
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1208
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1208
  • HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D27CDB6E-AE6D-11CF-96B8-444553540000}\iexplore
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D27CDB6E-AE6D-11CF-96B8-444553540000}\iexplore\Count
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1200
  • HKEY_LOCAL_MACHINE\Hardware\Description\System\CentralProcessor\0
  • HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\{10200490-FA38-11D0-AC0E-00A0C90FFFC0}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\{10200490-FA38-11D0-AC0E-00A0C90FFFC0}
  • HKEY_CURRENT_USER\Software\Classes\CLSID
  • HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}
  • HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}
  • HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}{D27CDB6E-AE6D-11CF-96B8-444553540000}\Required Categories\
  • HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}{D27CDB6E-AE6D-11CF-96B8-444553540000}\Required Categories
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1405
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1405
  • HKEY_CURRENT_USER\Software\Classes\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0\409
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0\9
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0\0
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0\0\win32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0\0\win32\(Default)
  • HKEY_CLASSES_ROOT\MIME\Database\Content Type\font/eot
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\160A
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\160A
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL\iexplore.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL\*
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchProviders\
  • HKEY_CURRENT_USER\Software\Classes\Microsoft.XMLHTTP
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Microsoft.XMLHTTP\CLSID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Microsoft.XMLHTTP\CLSID\(Default)
  • HKEY_CURRENT_USER\Software\Classes\CLSID\{ED8C108E-4349-11D2-91A4-00C04F7969E8}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED8C108E-4349-11D2-91A4-00C04F7969E8}\TreatAs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED8C108E-4349-11D2-91A4-00C04F7969E8}\Progid
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED8C108E-4349-11D2-91A4-00C04F7969E8}\ProgID\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED8C108E-4349-11D2-91A4-00C04F7969E8}\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED8C108E-4349-11D2-91A4-00C04F7969E8}\InprocServer32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED8C108E-4349-11D2-91A4-00C04F7969E8}\InProcServer32\InprocServer32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED8C108E-4349-11D2-91A4-00C04F7969E8}\InProcServer32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED8C108E-4349-11D2-91A4-00C04F7969E8}\InProcServer32\ThreadingModel
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED8C108E-4349-11D2-91A4-00C04F7969E8}\InprocHandler32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED8C108E-4349-11D2-91A4-00C04F7969E8}\InprocHandler
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{ED8C108E-4349-11D2-91A4-00C04F7969E8}
  • HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{ED8C108E-4349-11D2-91A4-00C04F7969E8}\iexplore
  • HKEY_CURRENT_USER\SOFTWARE
  • HKEY_CURRENT_USER\Software\Microsoft
  • HKEY_CURRENT_USER\Software\Microsoft\Windows
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ED8C108E-4349-11D2-91A4-00C04F7969E8}
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ED8C108E-4349-11D2-91A4-00C04F7969E8}\iexplore
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ED8C108E-4349-11D2-91A4-00C04F7969E8}\iexplore\Type
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ED8C108E-4349-11D2-91A4-00C04F7969E8}\iexplore\Flags
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ED8C108E-4349-11D2-91A4-00C04F7969E8}\iexplore\Count
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ED8C108E-4349-11D2-91A4-00C04F7969E8}\iexplore\Time
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_CREATE_URL_MONIKER_DISABLE_LEGACY_COMPAT
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_CREATE_URL_MONIKER_DISABLE_LEGACY_COMPAT
  • HKEY_CURRENT_USER\Software\Classes\CLSID\{3050F285-98B5-11CF-BB82-00AA00BDCE0B}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{3050F285-98B5-11CF-BB82-00AA00BDCE0B}\TreatAs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{3050F285-98B5-11CF-BB82-00AA00BDCE0B}\Progid
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{3050F285-98B5-11CF-BB82-00AA00BDCE0B}\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{3050F285-98B5-11CF-BB82-00AA00BDCE0B}\InprocServer32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{3050F285-98B5-11CF-BB82-00AA00BDCE0B}\InprocServer32\InprocServer32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{3050F285-98B5-11CF-BB82-00AA00BDCE0B}\InprocServer32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{3050F285-98B5-11CF-BB82-00AA00BDCE0B}\InprocServer32\ThreadingModel
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{3050F285-98B5-11CF-BB82-00AA00BDCE0B}\InprocHandler32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{3050F285-98B5-11CF-BB82-00AA00BDCE0B}\InprocHandler
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{3050F285-98B5-11CF-BB82-00AA00BDCE0B}\ProgID
  • HKEY_CLASSES_ROOT\MIME\Database\Content Type\application/x-javascript
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1A10
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1A10
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\AccUserInitOnClick
读取的注册表键
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\DEPOff
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Security_HKLM_only
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ProtectedModeOffForAllZones
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\TabProcGrowth
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\TabProcGrowth
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\LuaOffLoRIEOn
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FrameTabWindow
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FrameTabWindow
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FrameMerging
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FrameMerging
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\SessionMerging
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\SessionMerging
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\AdminTabProcs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\AdminTabProcs
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\DetourDialogs
  • HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\AcRedir
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPropertiesMyComputer
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPropertiesRecycleBin
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoControlPanel
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetFolders
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoInternetIcon
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoCommonGroups
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\Extensions\RemoteRpcDll
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\TabShutdownDelay
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\TabShutdownDelay
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SQM\ServerFreezeOnUpload
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\Windows\CEIPEnable
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\Category
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\ParentFolder
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\Description
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\RelativePath
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\ParsingName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\InfoTip
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\LocalizedName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\Icon
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\Security
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\StreamResource
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\StreamResourceType
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\LocalRedirectOnly
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\Roamable
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\PreCreate
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\Stream
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\PublishExpandedPath
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\Attributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\FolderTypeID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\InitFolderHandler
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Favorites
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\Attributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\CallForAttributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\RestrictedAttributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsFORDISPLAY
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\HideFolderVerbs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\UseDropHandler
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsFORPARSING
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsParseDisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\QueryForOverlay
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\MapNetDriveVerbs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\QueryForInfoTip
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\HideInWebView
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\HideOnDesktopPerUser
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsAliasedNotifications
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsUniversalDelegate
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\NoFileFolderJunction
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\PinToNameSpaceTree
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\HasNavigationEnum
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{20D04FE0-3AEA-1069-A2D8-08002B30309D}
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{372941a4-1bd9-11e5-9838-806e6f6e6963}\Data
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{372941a4-1bd9-11e5-9838-806e6f6e6963}\Generation
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\FolderExtensions\{fbeb8a05-beee-4442-804e-409d6c4515e9}\DriveMask
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\AccessProviders\MartaExtension
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DontShowSuperHidden
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoWebView
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ClassicShell
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\SeparateProcess
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoNetCrawling
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSimpleStartMenu
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Hidden
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowCompColor
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\HideFileExt
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\DontPrettyPath
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowInfoTip
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\HideIcons
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\MapNetDrvBtn
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\WebView
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Filter
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowSuperHidden
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\SeparateProcess
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\NoNetCrawling
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\AutoCheckSelect
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\IconsOnly
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowTypeOverlay
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\DocObject
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\DocObject
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\DocObject
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\BrowseInPlace
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\BrowseInPlace
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\BrowseInPlace
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\IsShortcut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\IsShortcut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\IsShortcut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\AlwaysShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\NeverShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\NeverShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\NeverShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Category
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\ParentFolder
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Description
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\RelativePath
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\ParsingName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\InfoTip
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\LocalizedName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Icon
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Security
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\StreamResource
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\StreamResourceType
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\LocalRedirectOnly
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Roamable
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\PreCreate
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Stream
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\PublishExpandedPath
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Attributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\FolderTypeID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\InitFolderHandler
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Desktop
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Category
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\ParentFolder
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Description
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\RelativePath
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\ParsingName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\InfoTip
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\LocalizedName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Icon
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Security
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\StreamResource
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\StreamResourceType
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\LocalRedirectOnly
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Roamable
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\PreCreate
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Stream
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\PublishExpandedPath
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Attributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\FolderTypeID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\InitFolderHandler
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\Category
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\ParentFolder
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\Description
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\RelativePath
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\ParsingName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\InfoTip
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\LocalizedName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\Icon
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\Security
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\StreamResource
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\StreamResourceType
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\LocalRedirectOnly
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\Roamable
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\PreCreate
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\Stream
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\PublishExpandedPath
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\Attributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\FolderTypeID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\InitFolderHandler
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\AppData
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Category
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\ParentFolder
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Description
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\RelativePath
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\ParsingName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\InfoTip
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\LocalizedName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Icon
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Security
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\StreamResource
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\StreamResourceType
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\LocalRedirectOnly
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Roamable
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\PreCreate
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Stream
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\PublishExpandedPath
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Attributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\FolderTypeID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\InitFolderHandler
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-2280033686-3172497658-3481507381-1000\ProfileImagePath
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\Category
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\ParentFolder
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\Description
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\RelativePath
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\ParsingName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\InfoTip
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\LocalizedName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\Icon
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\Security
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\StreamResource
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\StreamResourceType
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\LocalRedirectOnly
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\Roamable
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\PreCreate
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\Stream
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\PublishExpandedPath
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\Attributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\FolderTypeID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\InitFolderHandler
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\Attributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\CallForAttributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\RestrictedAttributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\WantsFORDISPLAY
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\HideFolderVerbs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\UseDropHandler
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\WantsFORPARSING
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\WantsParseDisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\QueryForOverlay
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\MapNetDriveVerbs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\QueryForInfoTip
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\HideInWebView
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\HideOnDesktopPerUser
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\WantsAliasedNotifications
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\WantsUniversalDelegate
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\NoFileFolderJunction
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\PinToNameSpaceTree
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\HasNavigationEnum
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{59031A47-3F72-44A7-89C5-5595FE6B30EE}
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{372941a3-1bd9-11e5-9838-806e6f6e6963}\Data
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{372941a3-1bd9-11e5-9838-806e6f6e6963}\Generation
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\SecurityService\DefaultAuthLevel
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLE\AppCompat\RaiseDefaultAuthnLevel
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLE\DefaultAccessPermission
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{00000134-0000-0000-C000-000000000046}\ProxyStubClsid32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\Extensions\NdrOleExtDLL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\Windows\DisabledProcesses\74DD1FC8
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\Windows\DisabledSessions\MachineThrottling
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\Windows\DisabledSessions\GlobalSession
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{9EC704BA-E1D4-45C5-9B59-BFAE07D9F04E}\ProxyStubClsid32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InProcServer32\InprocServer32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InProcServer32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InProcServer32\ThreadingModel
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{B40C43F1-F039-44D2-AEB7-87F5AF8ABC3D}\ProxyStubClsid32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{D358F4E1-0465-4965-9DD5-CAE303D2C345}\ProxyStubClsid32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1AC7516E-E6BB-4A69-B63F-E841904DC5A6}\ProxyStubClsid32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\IEXPLORE.EXE\DontUseDesktopChangeRouter
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{F704B7E0-4760-46FF-BBDB-7439E0A2A814}\ProxyStubClsid32\(Default)
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\EnablePreBinding
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\AllowFileCLSIDJunctions
  • HKEY_CURRENT_USER\Software\Classes\.html\(Default)
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice\Progid
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.HTM\DocObject
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.html\DocObject
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.HTM\BrowseInPlace
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.html\BrowseInPlace
  • HKEY_CURRENT_USER\Software\Classes\.html\Content Type
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.HTM\IsShortcut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.html\IsShortcut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.HTM\AlwaysShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.html\AlwaysShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.HTM\NeverShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.html\NeverShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFileMenu
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Restrictions\NoFavorites
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Restrictions\NoHelpMenu
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Window Title
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\StatusBarWeb
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\Enabled
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Locked
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Enable Browser Extensions
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\CommandBar\SmallIcons
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Locale\00000804
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Language Groups\a
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\ITBar7Height
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoBandCustomize
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\ITBar7Layout
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\AlwaysShowMenus
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\DataStore_V1.0\Disable
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\DataStore_V1.0\DataFilePath
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane1
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane2
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane3
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane4
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane5
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane6
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane7
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane8
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane9
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane10
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane11
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane12
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane13
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane14
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane15
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane16
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ADDON_MANAGEMENT\iexplore.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ADDON_MANAGEMENT\*
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\InprocServer32\(Default)
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore\Count
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\InprocServer32\(Default)
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore\LoadTime
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\InprocServer32\(Default)
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Cache
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\iexplore\Count
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\Category
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\ParentFolder
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\Description
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\RelativePath
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\ParsingName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\InfoTip
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\LocalizedName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\Icon
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\Security
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\StreamResource
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\StreamResourceType
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\LocalRedirectOnly
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\Roamable
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\PreCreate
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\Stream
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\PublishExpandedPath
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\Attributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\FolderTypeID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\InitFolderHandler
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\ProgramData
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\MachineGuid
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\iexplore\LoadTime
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\InProcServer32\(Default)
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore\Count
  • HKEY_CURRENT_USER\Software\JavaSoft\DeploymentProperties\deployment.expiration.decision.11.101.2
  • HKEY_CURRENT_USER\Software\JavaSoft\DeploymentProperties\deployment.expiration.decision.suppression.11.101.2
  • HKEY_CURRENT_USER\Software\JavaSoft\DeploymentProperties\deployment.expiration.decision.timestamp.11.101.2
  • HKEY_CURRENT_USER\Software\JavaSoft\DeploymentProperties\deployment.webjava.enabled
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\14.0\Groove\InstallRoot\Path
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\JavaSoft\Java Plug-in\11.101.2\UseNewJavaPlugin
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore\LoadTime
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\InprocServer32\(Default)
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore\Count
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore\LoadTime
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DBC80044-A445-435B-BC74-9C25C1C588A9}\Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DBC80044-A445-435B-BC74-9C25C1C588A9}\InProcServer32\(Default)
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore\Count
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\JavaSoft\Java Plug-in\11.101.2\JavaHome
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\JavaSoft\Java Web Start\11.101.2\Home
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLE\MaximumAllowedAllocationSize
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\TreatAs\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\JavaSoft\Java Runtime Environment\1.8.0_101\JavaHome
  • HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{CAFEEFAC-0018-0000-0101-ABCDEFFEDCBA}\InprocServer32\(Default)
  • HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{CAFEEFAC-0018-0000-0101-ABCDEFFEDCBB}\InprocServer32\(Default)
  • HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{CAFEEFAC-0018-0000-0101-ABCDEFFEDCBC}\InprocServer32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\InprocServer32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CAFEEFAC-0018-0000-0101-ABCDEFFEDCBA}\InprocServer32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CAFEEFAC-0018-0000-0101-ABCDEFFEDCBB}\InprocServer32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CAFEEFAC-0018-0000-0101-ABCDEFFEDCBC}\InprocServer32\(Default)
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore\LoadTime
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE\iexplore.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE\*
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Feeds\UrlCacheVersion
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Suggested Sites\Enabled
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5F226421-415D-408D-9A09-0DCD94E25B48}\1.0\0\win32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{EAB22AC0-30C1-11CF-A7EB-0000C05BAE0B}\1.1\0\win32\(Default)
  • HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\Internet\OpenDirectlyInApp
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4}\InsecureQI
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Security\DisableSecuritySettingsCheck
  • HKEY_LOCAL_MACHINE\SYSTEM\Setup\SystemSetupInProgress
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\Flags
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\Flags
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\Flags
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\Flags
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\Flags
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\iexplore.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\SpecialFoldersCacheSize
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\SpecialFoldersCacheSize
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\SpecialFoldersCacheSize
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\SpecialFoldersCacheSize
  • HKEY_CURRENT_USER\Software\Microsoft\Office\Common\AllowConsecutiveSlashesInUrlPathComponent
  • HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\Internet\OptimisticBHO
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}\InProcServer32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}\InProcServer32\LoadWithoutCOM
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached\{E7E4BC40-E76A-11CE-A9BB-00AA004AE837} {000214E6-0000-0000-C000-000000000046} 0xFFFF
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\Icon
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\MinLevel
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\RecommendedLevel
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\CurrentLevel
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\Icon
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\MinLevel
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\RecommendedLevel
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\CurrentLevel
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\Icon
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\MinLevel
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\RecommendedLevel
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\CurrentLevel
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\Icon
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\MinLevel
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\RecommendedLevel
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\CurrentLevel
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\Icon
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\MinLevel
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\RecommendedLevel
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\CurrentLevel
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ratings\Key
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\UrlEncoding
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\No3DBorder
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\No3DBorder
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\UrlEncoding
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\UrlEncoding
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MIME_HANDLING\iexplore.exe
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MIME_SNIFFING\iexplore.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN\iexplore.exe
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\2100
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\2100
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\IsTextPlainHonored
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SAFE_BINDTOOBJECT\iexplore.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\ProgID\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InProcServer32\InprocServer32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InProcServer32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InProcServer32\ThreadingModel
  • HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\DragScrollInset
  • HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\DragScrollDelay
  • HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\DragDelay
  • HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\DragScrollInterval
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD\iexplore.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD\*
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\about\CLSID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B}\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B}\InProcServer32\InprocServer32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B}\InProcServer32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B}\InProcServer32\ThreadingModel
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2106
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Zoom\ZoomDisabled
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Zoom\ResetTextSizeOnStartup
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Zoom\ResetTextSizeOnZoom
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Zoom\ResetZoomOnStartup2
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Zoom\ZoomFactor
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\PhishingFilter\EnabledV8
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\SmartDithering
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SmartDithering
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\RtfConverterFlags
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\UseClearType
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Page_Transitions
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Use_DlgBox_Colors
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Anchor Underline
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\CSS_Compat
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Expand Alt Text
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Display Inline Images
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Display Inline Videos
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\Display Inline Videos
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Play_Background_Sounds
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Play_Animations
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Print_Background
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Use Stylesheets
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\SmoothScroll
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\XMLHTTP
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Show image placeholders
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Disable Script Debugger
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\DisableScriptDebuggerIE
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Move System Caret
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Force Offscreen Composition
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Enable AutoImageResize
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\UseThemes
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\UseHR
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Q300829
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Cleanup HTCs
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\XDomainRequest
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\XDomainRequest
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\DOMStorage
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Default_CodePage
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\AutoDetect
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\Default_IEFontSizePrivate
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Anchor Color
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Anchor Color Visited
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Anchor Color Hover
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Always Use My Colors
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Always Use My Font Size
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Always Use My Font Face
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Disable Visited Hyperlinks
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Use Anchor Hover Color
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\MiscFlags
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Styles\Use My Stylesheet
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Styles\MaxScriptStatements
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Allow Programmatic Cut_Copy_Paste
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\DisableCachingOfSSLPages
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\DisableCachingOfSSLPages
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DisableCachingOfSSLPages
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PageSetup\Print_Background
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\\xe5\x8f\x91\xe9\x80\x81\xe8\x87\xb3 OneNote(&N)\(Default)
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\\xe5\x8f\x91\xe9\x80\x81\xe8\x87\xb3 OneNote(&N)\Flags
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\\xe5\x8f\x91\xe9\x80\x81\xe8\x87\xb3 OneNote(&N)\Contexts
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\\xe5\xaf\xbc\xe5\x87\xba\xe5\x88\xb0 Microsoft Excel(&X)\(Default)
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\\xe5\xaf\xbc\xe5\x87\xba\xe5\x88\xb0 Microsoft Excel(&X)\Flags
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\\xe5\xaf\xbc\xe5\x87\xba\xe5\x88\xb0 Microsoft Excel(&X)\Contexts
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\950
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1256
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\864
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\708
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\51256
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\720
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28596
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10004
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50001
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1257
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\775
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28594
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1250
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\852
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28592
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10029
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50936
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\51936
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\54936
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20936
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\52936
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50227
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10008
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50950
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20000
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20002
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50229
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10002
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10082
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1251
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\51251
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\866
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28595
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20866
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\21866
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10007
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28603
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\29001
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\21027
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\863
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20106
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1253
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\51253
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\737
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28597
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10006
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\869
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1255
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\862
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\38598
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28598
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10005
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20003
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20420
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20880
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\21025
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20277
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1142
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20278
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1143
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20297
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1147
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20273
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1141
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20423
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\875
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20424
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20871
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1149
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\500
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1148
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20280
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1144
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\932
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50930
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50939
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50931
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20290
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\949
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50933
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20833
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\870
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50935
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20284
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1145
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\874
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20838
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50937
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1254
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20905
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1026
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20285
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1146
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\37
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1140
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1047
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20924
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\861
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10079
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57006
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57003
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57002
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57010
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57008
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57009
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57007
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57011
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57004
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57005
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20269
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50932
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\51932
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50220
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20932
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50221
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50222
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10001
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50949
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\51949
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50225
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1361
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10003
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20949
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28593
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28605
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\865
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20108
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\855
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\437
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\858
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\860
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10010
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20107
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20261
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20001
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20004
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10021
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\857
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28599
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10081
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10017
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1201
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20127
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1258
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20005
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\850
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20105
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28591
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10000
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\26\IEFontSize
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\26\IEFontSizePrivate
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\26\IEPropFontName
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\26\IEFixedFontName
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\AcceptLanguage
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\en-US
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\en-US
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{48A98A1F-5CDD-47EE-9286-DB04A3EB7CE1}\ProxyStubClsid32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Version Vector\VML
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Version Vector\IE
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Version Vector\WindowsEdition
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ZONE_ELEVATION\iexplore.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SSLUX\iexplore.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SSLUX\*
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\iexplore.exe
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\*
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\iexplore.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\*
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\BrowserEmulation\AllSitesCompatibilityMode
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\BrowserEmulation\IntranetCompatibilityMode
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\BrowserEmulation\LocalMachineCompatibilityMode
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\(Default)
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Compatible
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Compatible
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Version
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Version
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Platform
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Platform
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\2700
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\2700
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_XSSFILTER\iexplore.exe
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\SecuritySafe
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\NoProtectedModeBanner
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{00020400-0000-0000-C000-000000000046}\ProxyStubClsid32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00020420-0000-0000-C000-000000000046}\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32\InprocServer32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32\ThreadingModel
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TabbedBrowsing\ThumbnailBehavior
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\CoInternetCombineIUriCacheSize
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\CoInternetCombineIUriCacheSize
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\CoInternetCombineIUriCacheSize
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\CoInternetCombineIUriCacheSize
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN\iexplore.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN\*
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ConnectTimeOut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ConnectTimeOut
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\SendTimeOut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\SendTimeOut
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ReceiveTimeOut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ReceiveTimeOut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME\iexplore.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME\*
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\2106
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\2106
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\2301
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\2301
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\3\IEFontSize
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\3\IEFontSizePrivate
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\3\IEPropFontName
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\3\IEFixedFontName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\iexplore_RASMANCS\EnableFileTracing
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\iexplore_RASMANCS\FileTracingMask
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\iexplore_RASMANCS\EnableConsoleTracing
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\iexplore_RASMANCS\ConsoleTracingMask
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\iexplore_RASMANCS\MaxFileSize
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\iexplore_RASMANCS\FileDirectory
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\iexplore_RASAPI32\EnableFileTracing
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\iexplore_RASAPI32\FileTracingMask
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\iexplore_RASAPI32\EnableConsoleTracing
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\iexplore_RASAPI32\ConsoleTracingMask
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\iexplore_RASAPI32\MaxFileSize
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\iexplore_RASAPI32\FileDirectory
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{D30C1661-CDAF-11D0-8A3E-00C04FC9E26E}\ProxyStubClsid32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER\iexplore.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER\*
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER\iexplore.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER\*
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6D5140C1-7436-11CE-8034-00AA006009FA}\ProxyStubClsid32\(Default)
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinSock2\Parameters\WinSock_Registry_Version
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinSock2\Parameters\AutodialDLL
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Hostname
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnableUTF8
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\SecurityIdIUriCacheSize
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\SecurityIdIUriCacheSize
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\SecurityIdIUriCacheSize
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\SecurityIdIUriCacheSize
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION\iexplore.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION\*
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BEHAVIORS\iexplore.exe
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\2000
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\2000
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default Behaviors\discovery
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\MenuUserExpanded
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Restrictions\NoNavButtons
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{9D973E3B-F610-4F03-83D3-AED90C3237AC}\SynchronousInterface\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{B722BCCB-4E68-101B-A2BC-00AA00404770}\ProxyStubClsid32\(Default)
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1A10
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{0000897b-83df-4b96-be07-0fb58b01c4a4}\LanguageProfile\0x00000000\{0001bea3-ed56-483d-a2e2-aeae25577436}\Enable
  • HKEY_CURRENT_USER\Keyboard Layout\Toggle\Language Hotkey
  • HKEY_CURRENT_USER\Keyboard Layout\Toggle\Hotkey
  • HKEY_CURRENT_USER\Keyboard Layout\Toggle\Layout Hotkey
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\CTF\EnableAnchorContext
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\text/css\Extension
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\TurnOffSPIAnimations
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1604
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1604
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1400
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1400
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT\iexplore.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT\*
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1201
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1201
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\COM3\COM+Enabled
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShockwaveFlash.ShockwaveFlash\CLSID\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ProgID\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\InprocServer32\InprocServer32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\InprocServer32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\InprocServer32\ThreadingModel
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{D27CDB6E-AE6D-11CF-96B8-444553540000}\Compatibility Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{D27CDB6E-AE6D-11CF-96B8-444553540000}\MiscStatus Flags
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D27CDB6E-AE6D-11CF-96B8-444553540000}\Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION\iexplore.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION\*
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1207
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1207
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\120B
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\120B
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1208
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1208
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D27CDB6E-AE6D-11CF-96B8-444553540000}\iexplore\Count
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1200
  • HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\{10200490-FA38-11D0-AC0E-00A0C90FFFC0}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\{10200490-FA38-11D0-AC0E-00A0C90FFFC0}
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1405
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1405
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0\0\win32\(Default)
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\160A
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\160A
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL\iexplore.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL\*
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Microsoft.XMLHTTP\CLSID\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED8C108E-4349-11D2-91A4-00C04F7969E8}\ProgID\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED8C108E-4349-11D2-91A4-00C04F7969E8}\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED8C108E-4349-11D2-91A4-00C04F7969E8}\InProcServer32\InprocServer32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED8C108E-4349-11D2-91A4-00C04F7969E8}\InProcServer32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED8C108E-4349-11D2-91A4-00C04F7969E8}\InProcServer32\ThreadingModel
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ED8C108E-4349-11D2-91A4-00C04F7969E8}\iexplore\Count
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{3050F285-98B5-11CF-BB82-00AA00BDCE0B}\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{3050F285-98B5-11CF-BB82-00AA00BDCE0B}\InprocServer32\InprocServer32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{3050F285-98B5-11CF-BB82-00AA00BDCE0B}\InprocServer32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{3050F285-98B5-11CF-BB82-00AA00BDCE0B}\InprocServer32\ThreadingModel
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1A10
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1A10
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\AccUserInitOnClick
修改的注册表键
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore\Type
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore\Count
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore\Time
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore\LoadTime
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\iexplore\Type
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\iexplore\Count
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\iexplore\Time
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\iexplore\LoadTime
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore\Type
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore\Count
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore\Time
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore\LoadTime
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore\Type
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore\Count
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore\Time
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore\LoadTime
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore\Type
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore\Count
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore\Time
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore\LoadTime
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\UNCAsIntranet
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D27CDB6E-AE6D-11CF-96B8-444553540000}\iexplore\Count
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ED8C108E-4349-11D2-91A4-00C04F7969E8}
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ED8C108E-4349-11D2-91A4-00C04F7969E8}\iexplore
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ED8C108E-4349-11D2-91A4-00C04F7969E8}\iexplore\Type
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ED8C108E-4349-11D2-91A4-00C04F7969E8}\iexplore\Flags
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ED8C108E-4349-11D2-91A4-00C04F7969E8}\iexplore\Count
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ED8C108E-4349-11D2-91A4-00C04F7969E8}\iexplore\Time
删除的注册表键
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName
API解析
  • advapi32.dll.EventWrite
  • advapi32.dll.EventRegister
  • advapi32.dll.EventUnregister
  • kernel32.dll.InitializeSRWLock
  • kernel32.dll.AcquireSRWLockExclusive
  • kernel32.dll.AcquireSRWLockShared
  • kernel32.dll.ReleaseSRWLockExclusive
  • kernel32.dll.ReleaseSRWLockShared
  • kernel32.dll.SetProcessDEPPolicy
  • user32.dll.SetProcessDPIAware
  • shell32.dll.SetCurrentProcessExplicitAppUserModelID
  • user32.dll.GetShellWindow
  • user32.dll.GetWindowThreadProcessId
  • kernel32.dll.SortGetHandle
  • kernel32.dll.SortCloseHandle
  • ieframe.dll.#251
  • kernel32.dll.WerSetFlags
  • comctl32.dll.PropertySheetW
  • comctl32.dll.PropertySheetA
  • comdlg32.dll.PageSetupDlgW
  • comdlg32.dll.PrintDlgW
  • ieshims.dll.IEShims_Initialize
  • kernel32.dll.VirtualProtect
  • user32.dll.SetWindowsHookExW
  • user32.dll.FindWindowExA
  • kernel32.dll.WaitForSingleObject
  • kernel32.dll.CreateProcessW
  • kernel32.dll.CreateProcessA
  • advapi32.dll.RegQueryValueA
  • ntdll.dll.LdrRegisterDllNotification
  • ole32.dll.CoGetApartmentType
  • ole32.dll.CoTaskMemFree
  • comctl32.dll.#236
  • oleaut32.dll.#6
  • ole32.dll.CoTaskMemAlloc
  • ole32.dll.CoGetMalloc
  • cryptbase.dll.SystemFunction036
  • uxtheme.dll.ThemeInitApiHook
  • user32.dll.IsProcessDPIAware
  • kernel32.dll.WerRegisterMemoryBlock
  • kernel32.dll.WerUnregisterMemoryBlock
  • user32.dll.RegisterWindowMessageW
  • rpcrt4.dll.RpcServerUseProtseqW
  • rpcrt4.dll.RpcServerRegisterIfEx
  • rpcrtremote.dll.I_RpcExtInitializeExtensionPoint
  • rpcrt4.dll.RpcServerInqBindings
  • rpcrt4.dll.RpcEpRegisterW
  • rpcrt4.dll.RpcServerListen
  • shell32.dll.SHGetInstanceExplorer
  • user32.dll.RegisterClassExW
  • user32.dll.CreateWindowExW
  • user32.dll.DefWindowProcW
  • user32.dll.SetWindowLongW
  • ole32.dll.CoInitializeEx
  • user32.dll.MsgWaitForMultipleObjectsEx
  • dwmapi.dll.DwmIsCompositionEnabled
  • urlmon.dll.#400
  • shell32.dll.SHGetFolderPathW
  • advapi32.dll.TraceMessage
  • advapi32.dll.TraceMessageVa
  • kernel32.dll.IsWow64Process
  • sqmapi.dll.SqmGetSession
  • sqmapi.dll.SqmEndSession
  • sqmapi.dll.SqmStartSession
  • sqmapi.dll.SqmStartUpload
  • sqmapi.dll.SqmWaitForUploadComplete
  • sqmapi.dll.SqmSet
  • sqmapi.dll.SqmSetBool
  • sqmapi.dll.SqmSetBits
  • sqmapi.dll.SqmSetString
  • sqmapi.dll.SqmIncrement
  • sqmapi.dll.SqmSetIfMax
  • sqmapi.dll.SqmSetIfMin
  • sqmapi.dll.SqmAddToAverage
  • sqmapi.dll.SqmAddToStreamDWord
  • sqmapi.dll.SqmAddToStreamString
  • sqmapi.dll.SqmSetAppId
  • sqmapi.dll.SqmSetAppVersion
  • sqmapi.dll.SqmSetMachineId
  • sqmapi.dll.SqmSetUserId
  • sqmapi.dll.SqmCreateNewId
  • sqmapi.dll.SqmReadSharedMachineId
  • sqmapi.dll.SqmReadSharedUserId
  • sqmapi.dll.SqmWriteSharedMachineId
  • sqmapi.dll.SqmWriteSharedUserId
  • sqmapi.dll.SqmIsWindowsOptedIn
  • advapi32.dll.OpenThreadToken
  • ole32.dll.CreateBindCtx
  • ole32.dll.CoRegisterInitializeSpy
  • comctl32.dll.#320
  • comctl32.dll.#324
  • comctl32.dll.#323
  • comctl32.dll.#328
  • comctl32.dll.#334
  • advapi32.dll.RegEnumKeyW
  • oleaut32.dll.#2
  • ole32.dll.CoCreateInstance
  • advapi32.dll.InitializeSecurityDescriptor
  • advapi32.dll.SetEntriesInAclW
  • ntmarta.dll.GetMartaExtensionInterface
  • advapi32.dll.SetSecurityDescriptorDacl
  • advapi32.dll.IsTextUnicode
  • comctl32.dll.#332
  • comctl32.dll.#338
  • comctl32.dll.#339
  • shell32.dll.#102
  • ole32.dll.CoUninitialize
  • sechost.dll.ConvertSidToStringSidW
  • profapi.dll.#104
  • propsys.dll.PSCreateMemoryPropertyStore
  • propsys.dll.PSPropertyBag_WriteStr
  • ole32.dll.PropVariantClear
  • oleaut32.dll.#9
  • propsys.dll.PSPropertyBag_WriteGUID
  • propsys.dll.PSPropertyBag_ReadGUID
  • setupapi.dll.CM_Get_Device_Interface_List_Size_ExW
  • setupapi.dll.CM_Get_Device_Interface_List_ExW
  • comctl32.dll.#386
  • rpcrt4.dll.RpcStringBindingComposeW
  • rpcrt4.dll.RpcBindingFromStringBindingW
  • rpcrt4.dll.RpcBindingSetAuthInfoExW
  • rpcrt4.dll.RpcStringFreeW
  • rpcrt4.dll.NdrClientCall2
  • user32.dll.PostMessageW
  • user32.dll.PeekMessageW
  • user32.dll.TranslateMessage
  • user32.dll.DispatchMessageW
  • user32.dll.GetWindowLongW
  • wininet.dll.InternetSetOptionW
  • ole32.dll.CoUnmarshalInterface
  • sechost.dll.LookupAccountNameLocalW
  • rpcrt4.dll.RpcBindingFree
  • advapi32.dll.LookupAccountSidW
  • sechost.dll.LookupAccountSidLocalW
  • cryptsp.dll.CryptAcquireContextW
  • cryptsp.dll.CryptGenRandom
  • ole32.dll.NdrOleInitializeExtension
  • ole32.dll.CoGetClassObject
  • ole32.dll.CoGetMarshalSizeMax
  • ole32.dll.CoMarshalInterface
  • ole32.dll.StringFromIID
  • ole32.dll.CoGetPSClsid
  • ole32.dll.CoReleaseMarshalData
  • ole32.dll.DcomChannelSetHResult
  • ieproxy.dll.DllGetClassObject
  • ieproxy.dll.DllCanUnloadNow
  • shell32.dll.SHChangeNotifyRegisterThread
  • comctl32.dll.#4
  • ieshims.dll.IEShims_SetRedirectRegistryForThread
  • comctl32.dll.ImageList_Destroy
  • comctl32.dll.ImageList_LoadImageW
  • comctl32.dll.ImageList_Add
  • rpcrt4.dll.RpcBindingToStringBindingW
  • rpcrt4.dll.RpcStringBindingParseW
  • rpcrt4.dll.I_RpcBindingInqLocalClientPID
  • rpcrt4.dll.RpcServerInqCallAttributesW
  • rpcrt4.dll.RpcImpersonateClient
  • rpcrt4.dll.RpcRevertToSelf
  • rpcrt4.dll.NdrServerCall2
  • rpcrt4.dll.RpcBindingInqObject
  • wininet.dll.GetUrlCacheEntryInfoExW
  • mlang.dll.#112
  • wininet.dll.GetUrlCacheEntryInfoExA
  • uxtheme.dll.OpenThemeData
  • uxtheme.dll.GetThemeMargins
  • uxtheme.dll.GetThemePartSize
  • uxtheme.dll.GetThemeTextMetrics
  • uxtheme.dll.GetThemeBool
  • comctl32.dll.#410
  • uxtheme.dll.IsAppThemed
  • uxtheme.dll.SetWindowTheme
  • uxtheme.dll.CloseThemeData
  • wininet.dll.InternetQueryOptionA
  • uxtheme.dll.GetThemeBackgroundExtent
  • ole32.dll.CoInitialize
  • ole32.dll.RegisterDragDrop
  • uxtheme.dll.IsThemeActive
  • gdi32.dll.GetLayout
  • gdi32.dll.GdiRealizationInfo
  • gdi32.dll.FontIsLinked
  • advapi32.dll.RegOpenKeyExW
  • advapi32.dll.RegQueryValueExW
  • advapi32.dll.RegCloseKey
  • gdi32.dll.GetFontAssocStatus
  • advapi32.dll.RegQueryValueExA
  • advapi32.dll.RegQueryInfoKeyW
  • advapi32.dll.RegEnumKeyExW
  • gdi32.dll.GetTextFaceAliasW
  • gdi32.dll.GetTextExtentExPointWPri
  • advapi32.dll.RegEnumValueW
  • urlmon.dll.#104
  • apphelp.dll.ApphelpCheckShellObject
  • acroiehelper.dll.DllMain
  • acroiehelper.dll.StubInit
  • acroiehelper.dll.StubSetSite
  • acroiehelper.dll.StubOnQuit
  • kernel32.dll.QueryActCtxW
  • kernel32.dll.ActivateActCtx
  • kernel32.dll.FindActCtxSectionStringW
  • kernel32.dll.DeactivateActCtx
  • kernel32.dll.InterlockedPushEntrySList
  • kernel32.dll.InterlockedPopEntrySList
  • user32.dll.MsgWaitForMultipleObjects
  • advapi32.dll.RegOpenKeyExA
  • user32.dll.IsWindowUnicode
  • user32.dll.GetMessageW
  • advapi32.dll.RegEnumKeyA
  • kernel32.dll.FlsAlloc
  • kernel32.dll.FlsGetValue
  • kernel32.dll.FlsSetValue
  • kernel32.dll.FlsFree
  • deploy.dll.getLatestInstalledVersion
  • advapi32.dll.RegEnumKeyExA
  • shlwapi.dll.PathFileExistsA
  • urlmon.dll.CreateUri
  • urlmon.dll.CreateIUriBuilder
  • wininet.dll.GetUrlCacheEntryInfoW
  • sxs.dll.SxsOleAut32RedirectTypeLibrary
  • advapi32.dll.RegOpenKeyW
  • advapi32.dll.RegQueryValueW
  • sxs.dll.SxsOleAut32MapConfiguredClsidToReferenceClsid
  • comctl32.dll.ImageList_Create
  • comctl32.dll.#8
  • comctl32.dll.ImageList_AddMasked
  • uxtheme.dll.GetThemeTextExtent
  • uxtheme.dll.GetThemeFont
  • comctl32.dll.LoadIconWithScaleDown
  • comctl32.dll.ImageList_ReplaceIcon
  • uxtheme.dll.GetThemeInt
  • urlmon.dll.CreateURLMonikerEx
  • urlmon.dll.CreateAsyncBindCtxEx
  • urlmon.dll.RegisterBindStatusCallback
  • urlmon.dll.CreateFormatEnumerator
  • urlmon.dll.UrlMkGetSessionOption
  • urlmon.dll.CoInternetCreateSecurityManager
  • urlmon.dll.CoInternetIsFeatureEnabled
  • mshtml.dll.DllGetClassObject
  • mshtml.dll.DllCanUnloadNow
  • kernel32.dll.GetThreadUILanguage
  • oleaut32.dll.#7
  • oleaut32.dll.#8
  • ieframe.dll.#302
  • urlmon.dll.RegisterFormatEnumerator
  • urlmon.dll.RevokeBindStatusCallback
  • urlmon.dll.#101
  • oleaut32.dll.DllGetClassObject
  • oleaut32.dll.DllCanUnloadNow
  • user32.dll.ChangeWindowMessageFilter
  • dwmapi.dll.DwmSetWindowAttribute
  • oleaut32.dll.VariantClear
  • rasapi32.dll.RasConnectionNotificationW
  • ieframe.dll.#234
  • rasman.dll.RasPortClearStatistics
  • rasman.dll.RasBundleClearStatistics
  • rasman.dll.RasBundleClearStatisticsEx
  • rasman.dll.RasDeviceEnum
  • rasman.dll.RasDeviceGetInfo
  • rasman.dll.RasFreeBuffer
  • rasman.dll.RasGetBuffer
  • rasman.dll.RasGetInfo
  • rasman.dll.RasGetDialMachineEventContext
  • rasman.dll.RasSetDialMachineEventHandle
  • rasman.dll.RasGetNdiswanDriverCaps
  • rasman.dll.RasInitialize
  • rasman.dll.RasInitializeNoWait
  • rasman.dll.RasPortCancelReceive
  • rasman.dll.RasPortEnum
  • rasman.dll.RasPortGetInfo
  • rasman.dll.RasPortGetFramingEx
  • rasman.dll.RasPortGetStatistics
  • rasman.dll.RasBundleGetStatistics
  • rasman.dll.RasPortGetStatisticsEx
  • rasman.dll.RasBundleGetStatisticsEx
  • rasman.dll.RasPortReceive
  • rasman.dll.RasPortReceiveEx
  • rasman.dll.RasPortSend
  • rasman.dll.RasPortGetBundle
  • rasman.dll.RasGetDevConfig
  • rasman.dll.RasGetDevConfigEx
  • rasman.dll.RasSetDevConfig
  • rasman.dll.RasPortClose
  • rasman.dll.RasPortListen
  • rasman.dll.RasPortConnectComplete
  • rasman.dll.RasPortDisconnect
  • rasman.dll.RasRequestNotification
  • rasman.dll.RasPortEnumProtocols
  • rasman.dll.RasPortSetFraming
  • rasman.dll.RasPortSetFramingEx
  • rasman.dll.RasSetCachedCredentials
  • rasman.dll.RasGetDialParams
  • rasman.dll.RasSetDialParams
  • rasman.dll.RasCreateConnection
  • rasman.dll.RasDestroyConnection
  • rasman.dll.RasConnectionEnum
  • rasman.dll.RasAddConnectionPort
  • rasman.dll.RasEnumConnectionPorts
  • rasman.dll.RasGetConnectionParams
  • rasman.dll.RasSetConnectionParams
  • rasman.dll.RasGetConnectionUserData
  • rasman.dll.RasSetConnectionUserData
  • rasman.dll.RasGetPortUserData
  • rasman.dll.RasSetPortUserData
  • rasman.dll.RasAddNotification
  • rasman.dll.RasSignalNewConnection
  • rasman.dll.RasApplyPostConnectActions
  • rasman.dll.RasProtocolStop
  • rasman.dll.RasProtocolCallback
  • rasman.dll.RasProtocolChangePassword
  • rasman.dll.RasProtocolGetInfo
  • rasman.dll.RasProtocolRetry
  • rasman.dll.RasProtocolStart
  • rasman.dll.RasPortOpen
  • rasman.dll.RasAllocateRoute
  • rasman.dll.RasActivateRoute
  • rasman.dll.RasActivateRouteEx
  • rasman.dll.RasDeviceSetInfo
  • rasman.dll.RasDeviceSetInfoSafe
  • rasman.dll.RasDeviceConnect
  • rasman.dll.RasPortSetInfo
  • rasman.dll.RasSendProtocolResultToRasman
  • rasman.dll.RasSetEapInfo
  • rasman.dll.RasRpcConnect
  • rasman.dll.RasRpcDisconnect
  • rasman.dll.RasGetNumPortOpen
  • rasman.dll.RasRefConnection
  • rasman.dll.RasSetEapUIData
  • rasman.dll.RasGetEapUIData
  • rasman.dll.RasFindPrerequisiteEntry
  • rasman.dll.RasPortOpenEx
  • rasman.dll.RasLinkGetStatistics
  • rasman.dll.RasConnectionGetStatistics
  • rasman.dll.RasGetHportFromConnection
  • rasman.dll.RasRPCBind
  • rasman.dll.RasReferenceCustomCount
  • rasman.dll.RasGetHConnFromEntry
  • rasman.dll.RasGetDeviceName
  • rasman.dll.RasEnableIpSec
  • rasman.dll.RasSetTunnelEndPoints
  • rasman.dll.RasStartRasAutoIfRequired
  • rasman.dll.RasStartProtocolRenegotiation
  • rasman.dll.RasSendNotification
  • rasman.dll.RasGetDeviceNameW
  • rasman.dll.RasGetUnicodeDeviceName
  • rasman.dll.RasRpcGetVersion
  • rasman.dll.RasRpcPortEnum
  • rasman.dll.RasRpcDeviceEnum
  • rasman.dll.RasRpcGetDevConfig
  • rasman.dll.RasRpcPortGetInfo
  • rasman.dll.RasRpcGetInstalledProtocols
  • rasman.dll.RasRpcGetInstalledProtocolsEx
  • rasman.dll.RasRpcGetSystemDirectory
  • rasman.dll.RasRpcGetUserPreferences
  • rasman.dll.RasRpcDeleteEntry
  • rasman.dll.RasRpcEnumConnections
  • rasman.dll.RasRpcGetCountryInfo
  • rasman.dll.RasRpcGetErrorString
  • rasman.dll.RasRpcSetUserPreferences
  • rasman.dll.RasProtocolUpdateConnection
  • rasman.dll.RasAddNotificationEx
  • rasman.dll.RasRemoveNotificationEx
  • rasman.dll.RasGetNotificationEntry
  • rasman.dll.RasSignalMonitorThreadExit
  • rasman.dll.RasmanUninitialize
  • rtutils.dll.TraceRegisterExA
  • rtutils.dll.TracePrintfExA
  • user32.dll.IsWindow
  • user32.dll.SendMessageW
  • sechost.dll.OpenSCManagerA
  • sechost.dll.OpenServiceA
  • sechost.dll.QueryServiceStatus
  • sechost.dll.CloseServiceHandle
  • sechost.dll.NotifyServiceStatusChangeA
  • nlaapi.dll.NSPStartup
  • oleaut32.dll.#500
  • iphlpapi.dll.GetAdapterIndex
  • rasadhlp.dll.WSAttemptAutodialAddr
  • rasadhlp.dll.WSAttemptAutodialName
  • rasadhlp.dll.WSNoteSuccessfulHostentLookup
  • advapi32.dll.RegDeleteTreeA
  • advapi32.dll.RegDeleteTreeW
  • napinsp.dll.NSPStartup
  • sechost.dll.ConvertStringSecurityDescriptorToSecurityDescriptorW
  • pnrpnsp.dll.NSPStartup
  • mswsock.dll.NSPStartup
  • winrnr.dll.NSPStartup
  • ws2_32.dll.#112
  • ws2_32.dll.#111
  • dnsapi.dll.DnsApiAlloc
  • dnsapi.dll.DnsApiFree
  • oleaut32.dll.#4
  • urlmon.dll.#441
  • urlmon.dll.#335
  • oleaut32.dll.#19
  • oleaut32.dll.#17
  • oleaut32.dll.#20
  • oleaut32.dll.#23
  • oleaut32.dll.#22
  • oleaut32.dll.BSTR_UserSize
  • oleaut32.dll.BSTR_UserMarshal
  • oleaut32.dll.BSTR_UserUnmarshal
  • oleaut32.dll.BSTR_UserFree
  • oleaut32.dll.VARIANT_UserSize
  • oleaut32.dll.VARIANT_UserMarshal
  • oleaut32.dll.VARIANT_UserUnmarshal
  • oleaut32.dll.VARIANT_UserFree
  • oleaut32.dll.LPSAFEARRAY_UserSize
  • oleaut32.dll.LPSAFEARRAY_UserMarshal
  • oleaut32.dll.LPSAFEARRAY_UserUnmarshal
  • oleaut32.dll.LPSAFEARRAY_UserFree
  • urlmon.dll.CoInternetCreateZoneManager
  • urlmon.dll.CoInternetIsFeatureEnabledForUrl
  • imm32.dll.ImmGetContext
  • imm32.dll.ImmGetCompositionWindow
  • ole32.dll.CoRevokeInitializeSpy
  • imm32.dll.ImmGetCandidateWindow
  • urlmon.dll.#330
  • wininet.dll.InternetUnlockRequestFile
  • t2embed.dll.TTLoadEmbeddedFont
  • ole32.dll.CoGetObjectContext
  • advapi32.dll.CryptAcquireContextA
  • advapi32.dll.CryptGenRandom
  • advapi32.dll.CryptReleaseContext
  • cryptsp.dll.CryptReleaseContext
  • flash32_20_0_0_286.ocx.DllGetClassObject
  • flash32_20_0_0_286.ocx.DllCanUnloadNow
  • kernel32.dll.GetUserDefaultUILanguage
  • kernel32.dll.CreateDirectoryW
  • kernel32.dll.CreateFileW
  • kernel32.dll.DeleteFileW
  • kernel32.dll.GetModuleFileNameW
  • kernel32.dll.MoveFileExA
  • kernel32.dll.MoveFileExW
  • kernel32.dll.RemoveDirectoryW
  • kernel32.dll.GetSystemDirectoryW
  • kernel32.dll.ExpandEnvironmentStringsW
  • kernel32.dll.FindFirstFileW
  • kernel32.dll.FindNextFileW
  • kernel32.dll.GetFileAttributesW
  • kernel32.dll.SetFileAttributesW
  • kernel32.dll.GetFileAttributesExW
  • kernel32.dll.GetCurrentDirectoryW
  • kernel32.dll.SetCurrentDirectoryW
  • kernel32.dll.GetTempPathW
  • kernel32.dll.GetTempFileNameW
  • kernel32.dll.CopyFileW
  • kernel32.dll.GetFullPathNameW
  • kernel32.dll.GetVolumeInformationW
  • kernel32.dll.QueryFullProcessImageNameW
  • user32.dll.CharUpperBuffW
  • shell32.dll.ShellExecuteExW
  • version.dll.GetFileVersionInfoSizeW
  • version.dll.GetFileVersionInfoW
  • version.dll.VerQueryValueW
  • ieframe.dll.IEIsProtectedModeProcess
  • ieframe.dll.IECancelSaveFile
  • ieframe.dll.IESaveFile
  • ieframe.dll.IEShowSaveFileDialog
  • ieframe.dll.IEGetWriteableFolderPath
  • kernel32.dll.SetWaitableTimerEx
  • ntdll.dll.RtlInitUnicodeString
  • ntdll.dll.NtOpenSymbolicLinkObject
  • ntdll.dll.NtQuerySymbolicLinkObject
  • kernel32.dll.GetNativeSystemInfo
  • ieframe.dll.IEIsInPrivateBrowsing
  • oleaut32.dll.VariantCopy
  • kernel32.dll.PowerCreateRequest
  • kernel32.dll.PowerSetRequest
  • kernel32.dll.PowerClearRequest
  • oleaut32.dll.#201
  • oleaut32.dll.#200
  • oleaut32.dll.#161
  • uxtheme.dll.#61
  • msxml3.dll.DllGetClassObject
  • msxml3.dll.DllCanUnloadNow
  • kernel32.dll.GetModuleHandleW
  • urlmon.dll.DllCanUnloadNow
  • urlmon.dll.IEDllLoader
  • urlmon.dll.CoInternetGetSession
  • urlmon.dll.CopyBindInfo
  • urlmon.dll.CreateURLMoniker
  • urlmon.dll.ReleaseBindInfo
  • urlmon.dll.CoInternetCombineUrl
  • urlmon.dll.CoInternetGetSecurityUrl
  • urlmon.dll.IsValidURL
  • wininet.dll.InternetCrackUrlW
  • wininet.dll.InternetCreateUrlW