魔盾安全分析报告
| 分析类型 | 开始时间 | 结束时间 | 持续时间 | 分析引擎版本 |
|---|---|---|---|---|
| URL | 2018-05-22 00:00:05 | 2018-05-22 00:02:26 | 141 秒 | 1.4-Maldun |
| 虚拟机机器名 | 标签 | 虚拟机管理 | 开机时间 | 关机时间 |
|---|---|---|---|---|
| win7-sp1-x64-shaapp01-1 | win7-sp1-x64-shaapp01-1 | KVM | 2018-05-22 00:00:06 | 2018-05-22 00:02:25 |
| 魔盾分数 |
|---|
0.65正常的 |
URL信息
| URL | http://www.ouba.me |
|---|---|
| VirusTotal | VirusTotal无域名信息 |
特征
投放了一个或多个文件
file: c:\users\test\appdata\local\microsoft\feeds cache\index.dat
魔盾wping.org 域名信誉系统
Neutral: s2.symcb.com
运行截图
网络分析
访问主机记录
| 直接访问 | IP地址 | 国家名 |
|---|---|---|
| 是 | 101.110.118.28 | China |
| 否 | 111.13.105.120 | China |
| 否 | 117.18.237.29 | Asia/Pacific Region |
| 否 | 14.215.138.13 | China |
| 否 | 175.6.249.84 | China |
| 否 | 183.66.105.151 | China |
| 否 | 220.181.7.190 | China |
| 否 | 58.211.137.200 | China |
域名解析
| 域名 | 响应 |
|---|---|
| www.ouba.me | A 58.211.137.200 |
| hm.baidu.com |
CNAME hm.e.shifen.com
A 220.181.7.190 |
| qzonestyle.gtimg.cn |
CNAME p21.tc.qq.com
A 183.66.105.152 A 119.84.106.25 A 183.66.105.151 A 183.66.105.149 A 183.66.103.151 A 183.66.105.147 A 183.66.103.150 A 183.66.105.150 A 183.66.103.152 CNAME p21.tcdn.qq.com A 183.66.103.149 A 119.84.68.159 A 119.84.106.18 CNAME qzonestyle.tcdn.qq.com A 183.66.105.146 CNAME qzonestyle.tc.qq.com A 183.66.103.148 A 183.66.103.147 |
| idm-su.baidu.com |
A 111.13.105.120
CNAME idm-su.baidu.com.cname.yunjiasu-cdn.net A 180.97.93.88 A 14.215.178.159 |
| s2.symcb.com |
CNAME ocsp-ds.ws.symantec.com.edgekey.net
CNAME e8218.dscb1.akamaiedge.net A 23.5.251.27 |
| url.cn |
A 14.215.138.13
A 183.61.38.230 |
| crl.geotrust.com |
CNAME crl-symcprod.digicert.com
CNAME cs9.wac.phicdn.net A 117.18.237.29 |
| g2.symcb.com | |
| img.alicdn.com |
A 175.6.249.84
CNAME img.alicdn.com.danuoyi.alicdn.com A 175.6.249.108 |
| ocsp.globalsign.com |
A 124.232.157.102
CNAME global.prd.cdn.globalsign.com CNAME globalsign.com.w.kunlunar.com |
TCP连接
| IP地址 | 端口 |
|---|---|
| 101.110.118.28 | 80 |
| 111.13.105.120 | 443 |
| 111.13.105.120 | 80 |
| 117.18.237.29 | 80 |
| 117.18.237.29 | 80 |
| 124.232.157.102 | 80 |
| 124.232.157.102 | 80 |
| 124.232.157.102 | 80 |
| 14.215.138.13 | 443 |
| 14.215.138.13 | 443 |
| 175.6.249.84 | 443 |
| 175.6.249.84 | 443 |
| 183.66.105.151 | 80 |
| 192.168.122.1 | 53 |
| 23.5.251.27 | 80 |
| 23.5.251.27 | 80 |
| 23.5.251.27 | 80 |
| 23.5.251.27 | 80 |
| 23.5.251.27 | 80 |
| 23.5.251.27 | 80 |
| 23.5.251.27 | 80 |
| 23.62.109.19 | 80 |
| 58.211.137.200 | 80 |
| 58.211.137.200 | 80 |
| 58.211.137.200 | 80 |
| 58.211.137.200 | 80 |
| 58.211.137.200 | 80 |
| 58.211.137.200 | 80 |
| 58.211.137.200 | 80 |
| 58.211.137.200 | 80 |
| 58.211.137.200 | 80 |
| 58.211.137.200 | 80 |
| 58.211.137.200 | 80 |
UDP连接
| IP地址 | 端口 |
|---|---|
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
HTTP请求
| URL | HTTP数据 |
|---|---|
| http://www.ouba.me/ | GET / HTTP/1.1 Accept: */* Referer: http://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=25&ved=0CCEQfjaWtKb2NxRHJpanlVYnVI&url=http%3A%2F%2Fwww.ouba.me&ei=RGJlTVh4eFN1ZFZm&usg=AFQjUExDdVpVbGF2RVhv Accept-Language: zh-cn User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.ouba.me Connection: Keep-Alive |
| http://www.ouba.me/wp-content/themes/Grace7.0/includes/font-awesome/css/fontello.css?ver=Grace7 | GET /wp-content/themes/Grace7.0/includes/font-awesome/css/fontello.css?ver=Grace7 HTTP/1.1 Accept: */* Referer: http://www.ouba.me/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.ouba.me Connection: Keep-Alive Cookie: __cfduid=de77cf35c731175bfa247e355da8cef8e1526918422 |
| http://www.ouba.me/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 | GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1 Accept: */* Referer: http://www.ouba.me/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.ouba.me Connection: Keep-Alive Cookie: __cfduid=de77cf35c731175bfa247e355da8cef8e1526918422 |
| http://www.ouba.me/wp-content/themes/Grace7.0/js/html5shiv.js?ver=Grace7 | GET /wp-content/themes/Grace7.0/js/html5shiv.js?ver=Grace7 HTTP/1.1 Accept: */* Referer: http://www.ouba.me/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.ouba.me Connection: Keep-Alive Cookie: __cfduid=de77cf35c731175bfa247e355da8cef8e1526918422 |
| http://www.ouba.me/wp-content/themes/Grace7.0/js/respond.min.js?ver=Grace7 | GET /wp-content/themes/Grace7.0/js/respond.min.js?ver=Grace7 HTTP/1.1 Accept: */* Referer: http://www.ouba.me/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.ouba.me Connection: Keep-Alive Cookie: __cfduid=de77cf35c731175bfa247e355da8cef8e1526918422 |
| http://www.ouba.me/wp-content/themes/Grace7.0/includes/font-awesome/font/fontello.eot?99624570 | GET /wp-content/themes/Grace7.0/includes/font-awesome/font/fontello.eot?99624570 HTTP/1.1 Accept: */* Referer: http://www.ouba.me/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.ouba.me Connection: Keep-Alive Cookie: __cfduid=de77cf35c731175bfa247e355da8cef8e1526918422 |
| http://www.ouba.me/wp-content/uploads/2017/09/2017090520094966.jpg | GET /wp-content/uploads/2017/09/2017090520094966.jpg HTTP/1.1 Accept: */* Referer: http://www.ouba.me/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.ouba.me Connection: Keep-Alive Cookie: __cfduid=de77cf35c731175bfa247e355da8cef8e1526918422 |
| http://www.ouba.me/wp-content/plugins/wp-player/assets/css/wp-player.css?ver=2.6.1 | GET /wp-content/plugins/wp-player/assets/css/wp-player.css?ver=2.6.1 HTTP/1.1 Accept: */* Accept-Language: zh-cn Referer: http://www.ouba.me/ Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Host: www.ouba.me Connection: Keep-Alive Cookie: __cfduid=de77cf35c731175bfa247e355da8cef8e1526918422 |
| http://www.ouba.me/wp-content/uploads/2017/08/2017081315373325.jpg | GET /wp-content/uploads/2017/08/2017081315373325.jpg HTTP/1.1 Accept: */* Referer: http://www.ouba.me/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.ouba.me Connection: Keep-Alive Cookie: __cfduid=de77cf35c731175bfa247e355da8cef8e1526918422 |
| http://www.ouba.me/wp-content/uploads/2017/08/2017081313415670.jpg | GET /wp-content/uploads/2017/08/2017081313415670.jpg HTTP/1.1 Accept: */* Referer: http://www.ouba.me/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.ouba.me Connection: Keep-Alive Cookie: __cfduid=de77cf35c731175bfa247e355da8cef8e1526918422 |
| http://qzonestyle.gtimg.cn/qzone/qzact/common/share/share.js?ver=4.9.5 | GET /qzone/qzact/common/share/share.js?ver=4.9.5 HTTP/1.1 Accept: */* Referer: http://www.ouba.me/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: qzonestyle.gtimg.cn Connection: Keep-Alive |
| http://www.ouba.me/wp-content/themes/Grace7.0/includes/css/owl.carousel.css?ver=Grace7 | GET /wp-content/themes/Grace7.0/includes/css/owl.carousel.css?ver=Grace7 HTTP/1.1 Accept: */* Accept-Language: zh-cn Referer: http://www.ouba.me/ Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Host: www.ouba.me Connection: Keep-Alive Cookie: __cfduid=de77cf35c731175bfa247e355da8cef8e1526918422 |
| http://www.ouba.me/wp-admin/admin-ajax.php | POST /wp-admin/admin-ajax.php HTTP/1.1 Accept: */* Accept-Language: zh-cn Referer: http://www.ouba.me/ Content-Type: application/x-www-form-urlencoded Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Host: www.ouba.me Content-Length: 86 Connection: Keep-Alive Cache-Control: no-cache Cookie: __cfduid=de77cf35c731175bfa247e355da8cef8e1526918422 |
| http://www.ouba.me/wp-content/themes/Grace7.0/includes/css/jquery.mCustomScrollbar.min.css?ver=Grace7 | GET /wp-content/themes/Grace7.0/includes/css/jquery.mCustomScrollbar.min.css?ver=Grace7 HTTP/1.1 Accept: */* Accept-Language: zh-cn Referer: http://www.ouba.me/ Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Host: www.ouba.me Connection: Keep-Alive Cookie: __cfduid=de77cf35c731175bfa247e355da8cef8e1526918422 |
| http://www.ouba.me/wp-content/themes/Grace7.0/includes/css/animate.css?ver=Grace7 | GET /wp-content/themes/Grace7.0/includes/css/animate.css?ver=Grace7 HTTP/1.1 Accept: */* Accept-Language: zh-cn Referer: http://www.ouba.me/ Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Host: www.ouba.me Connection: Keep-Alive Cookie: __cfduid=de77cf35c731175bfa247e355da8cef8e1526918422 |
| http://www.ouba.me/wp-content/themes/Grace7.0/includes/css/bootstrap.min.css?ver=Grace7 | GET /wp-content/themes/Grace7.0/includes/css/bootstrap.min.css?ver=Grace7 HTTP/1.1 Accept: */* Accept-Language: zh-cn Referer: http://www.ouba.me/ Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Host: www.ouba.me Connection: Keep-Alive Cookie: __cfduid=de77cf35c731175bfa247e355da8cef8e1526918422 |
| http://www.ouba.me/wp-content/themes/Grace7.0/style.css?ver=Grace7 | GET /wp-content/themes/Grace7.0/style.css?ver=Grace7 HTTP/1.1 Accept: */* Accept-Language: zh-cn Referer: http://www.ouba.me/ Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Host: www.ouba.me Connection: Keep-Alive Cookie: __cfduid=de77cf35c731175bfa247e355da8cef8e1526918422 |
| http://ocsp.verisign.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRIt2RJ89X%2B%2BhEzqoBeQg8PymQ2UQQUANhaTCXBIuWLMe9tuvPMXynxDWECECUM6OAwYS6fK4n3BU18%2BP0%3D | GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBRIt2RJ89X%2B%2BhEzqoBeQg8PymQ2UQQUANhaTCXBIuWLMe9tuvPMXynxDWECECUM6OAwYS6fK4n3BU18%2BP0%3D HTTP/1.1 Cache-Control: max-age = 514622 Connection: Keep-Alive Accept: */* If-Modified-Since: Fri, 01 Sep 2017 15:11:07 GMT User-Agent: Microsoft-CryptoAPI/6.1 Host: ocsp.verisign.com |
| http://s2.symcb.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBS56bKHAoUD%2BOyl%2B0LhPg9JxyQm4gQUf9Nlp8Ld7LvwMAnzQzn6Aq8zMTMCEFE%2FuXQ4cLc0QEGNMJMGmf8%3D | GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBS56bKHAoUD%2BOyl%2B0LhPg9JxyQm4gQUf9Nlp8Ld7LvwMAnzQzn6Aq8zMTMCEFE%2FuXQ4cLc0QEGNMJMGmf8%3D HTTP/1.1 Cache-Control: max-age = 515299 Connection: Keep-Alive Accept: */* If-Modified-Since: Fri, 01 Sep 2017 15:21:09 GMT User-Agent: Microsoft-CryptoAPI/6.1 Host: s2.symcb.com |
| http://ss.symcd.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTRsWSLjJ8N0Wujis0rUBfV%2Bc%2FAZAQUX2DPYZBV34RDFIpgKrL1evRDGO8CEG6PrCxmmU8tZDNcJoriZ80%3D | GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBTRsWSLjJ8N0Wujis0rUBfV%2Bc%2FAZAQUX2DPYZBV34RDFIpgKrL1evRDGO8CEG6PrCxmmU8tZDNcJoriZ80%3D HTTP/1.1 Connection: Keep-Alive Accept: */* User-Agent: Microsoft-CryptoAPI/6.1 Host: ss.symcd.com |
| http://idm-su.baidu.com/su.png?yjs_id=374b1320ddc1a8e3b8f962eadffa35e7&yjs_name= | GET /su.png?yjs_id=374b1320ddc1a8e3b8f962eadffa35e7&yjs_name= HTTP/1.1 Accept: */* Referer: http://www.ouba.me/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: idm-su.baidu.com Connection: Keep-Alive |
| http://crl.geotrust.com/crls/secureca.crl | GET /crls/secureca.crl HTTP/1.1 Connection: Keep-Alive Accept: */* User-Agent: Microsoft-CryptoAPI/6.1 Host: crl.geotrust.com |
| http://101.110.118.28/crl.geotrust.com/crls/secureca.crl | GET /crl.geotrust.com/crls/secureca.crl HTTP/1.1 Connection: Keep-Alive Accept: */* User-Agent: Microsoft-CryptoAPI/6.1 Host: 101.110.118.28 |
| http://g2.symcb.com/MEQwQjBAMD4wPDAJBgUrDgMCGgUABBSxtDkXkBa3l3lQEfFgudSiPNvt7gQUAPkqw0GRtsnCuD5V8sCXEROgByACAwI6bw%3D%3D | GET /MEQwQjBAMD4wPDAJBgUrDgMCGgUABBSxtDkXkBa3l3lQEfFgudSiPNvt7gQUAPkqw0GRtsnCuD5V8sCXEROgByACAwI6bw%3D%3D HTTP/1.1 Cache-Control: max-age = 334385 Connection: Keep-Alive Accept: */* If-Modified-Since: Thu, 31 Aug 2017 00:15:28 GMT User-Agent: Microsoft-CryptoAPI/6.1 Host: g2.symcb.com |
| http://gn.symcd.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSxiwsBl1MHLHQ30p2z4Y2jbM5X4AQU0m%2F3lvSFP3I8MH0j2oV4m6N8WnwCEGhCGMQtsYRCC0IgUSFCoSk%3D | GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBSxiwsBl1MHLHQ30p2z4Y2jbM5X4AQU0m%2F3lvSFP3I8MH0j2oV4m6N8WnwCEGhCGMQtsYRCC0IgUSFCoSk%3D HTTP/1.1 Connection: Keep-Alive Accept: */* User-Agent: Microsoft-CryptoAPI/6.1 Host: gn.symcd.com |
| http://ocsp.globalsign.com/rootr1/MEwwSjBIMEYwRDAJBgUrDgMCGgUABBS3V7W2nAf4FiMTjpDJKg6%2BMgGqMQQUYHtmGkUNl8qJUC99BM00qP%2F8%2FUsCCwQAAAAAAURO8EJH | GET /rootr1/MEwwSjBIMEYwRDAJBgUrDgMCGgUABBS3V7W2nAf4FiMTjpDJKg6%2BMgGqMQQUYHtmGkUNl8qJUC99BM00qP%2F8%2FUsCCwQAAAAAAURO8EJH HTTP/1.1 Connection: Keep-Alive Accept: */* User-Agent: Microsoft-CryptoAPI/6.1 Host: ocsp.globalsign.com |
| http://ocsp2.globalsign.com/gsorganizationvalsha2g2/ME0wSzBJMEcwRTAJBgUrDgMCGgUABBQMnk2cPe3vhNiR6XLHz4QGvBl7BwQUlt5h8b0cFilTHMDMfTuDAEDmGnwCDHa4k1DvtfyLdFUxtg%3D%3D | GET /gsorganizationvalsha2g2/ME0wSzBJMEcwRTAJBgUrDgMCGgUABBQMnk2cPe3vhNiR6XLHz4QGvBl7BwQUlt5h8b0cFilTHMDMfTuDAEDmGnwCDHa4k1DvtfyLdFUxtg%3D%3D HTTP/1.1 Connection: Keep-Alive Accept: */* User-Agent: Microsoft-CryptoAPI/6.1 Host: ocsp2.globalsign.com |
| http://www.ouba.me/wp-content/themes/Grace7.0/img/favicon.ico | GET /wp-content/themes/Grace7.0/img/favicon.ico HTTP/1.1 Accept: */* Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Host: www.ouba.me Connection: Keep-Alive Cookie: __cfduid=de77cf35c731175bfa247e355da8cef8e1526918422; yjs_id=374b1320ddc1a8e3b8f962eadffa35e7; ctrl_time=1 |
| http://crl.microsoft.com/pki/crl/products/tspca.crl | GET /pki/crl/products/tspca.crl HTTP/1.1 Cache-Control: max-age = 900 Connection: Keep-Alive Accept: */* If-Modified-Since: Sat, 24 May 2014 05:04:54 GMT If-None-Match: "8ab194b3d77cf1:0" User-Agent: Microsoft-CryptoAPI/6.1 Host: crl.microsoft.com |
投放文件
0F1583FFF42FFF476A09801ACB69213F_E3F4A8C96454D7D3441D2C1BCE81F875
| 文件名 | 0F1583FFF42FFF476A09801ACB69213F_E3F4A8C96454D7D3441D2C1BCE81F875 |
|---|---|
| 相关文件 |
|
| 文件大小 | 1378 bytes |
| 文件类型 | data |
| MD5 | 697cff4de9a1259f69ea0f2c36b5ff9b |
| SHA1 | 06c9bbfbf8cf3b5b37f4efd176c5bb9f0ba59ac6 |
| SHA256 | fef16b7fec5e188299b231b7cfe9fec4fda649a5f0b398d048dc9da1cc445473 |
| SHA512 | 1107c779c28d784518f372b4157861fd41c8ba97f7bd87a01f226753dea2fc99c391f2480704fd9002473ea433d1f6f71ff27e29f7f2ac419f3fdc0c5f7c8cdd |
| Ssdeep | 24:QRIJVAcrkE1mUUz3ffieGOmxawri7lRVZM2j5LRhp2STa+Ymadcgx6:QlcrJm7z3f6kGau6XVZ3RhNT3wk |
| VirusTotal | 搜索相关分析 |
2017090520094966[1].jpg
| 文件名 | 2017090520094966[1].jpg |
|---|---|
| 相关文件 |
|
| 文件大小 | 13601 bytes |
| 文件类型 | JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, datetime=2017:07:07 13:35:10\344\270\213\345\215\210], baseline, precision 8, 296x81, frames 3 |
| MD5 | 22ee2430187efadd69d64dfe41bf2fff |
| SHA1 | 1b68c7897a1b2a118cc959512141d42f455a121a |
| SHA256 | 1baf5850f1cc56e80e62f0bfd85acd10435ce4160e3ac07928553608bc08af83 |
| SHA512 | 1b0a797b271955970afde12cc9b931dd070126305ff2e7a4283821965b5b18939cda678e1c5b1014f0019e7f39891b015f115820d5457d30cb148c0d8a11cd94 |
| Ssdeep | 192:khzJhRJVS3E/Aeq2g4smjUhIAHBCRCz8mYXCy6cTglfWVQRJM9SKbT8m0VaVo:kRJ3S3ERqN4DUhnWCQmyXgbd2kMo |
| VirusTotal | 搜索相关分析 |
705A76DE71EA2CAEBB8F0907449CE086_611D8AF93D88D61ED8CD55C30E7FC92A
| 文件名 | 705A76DE71EA2CAEBB8F0907449CE086_611D8AF93D88D61ED8CD55C30E7FC92A |
|---|---|
| 相关文件 |
|
| 文件大小 | 394 bytes |
| 文件类型 | data |
| MD5 | b8efb4033cccd1c47b27e9ff4c9d95f7 |
| SHA1 | 974e042a4a5c2fd8ad1003d4be3ce2555b88e3a8 |
| SHA256 | 197be938745f44d6b17d8c90ccd8403974b9c752464e15d976d8a36ceeca4e26 |
| SHA512 | 5d60a30cf7e599c0dfacb29b34d7569b65a00d7e8232386f51a55cd0c0c3abb7ea190b3f76ee9cde2504362e9741bdfaef2ceddc58cf21ad0b77aaa3270744d7 |
| Ssdeep | 6:kKX9xzlIwsqlwGBXivhClroF3hLPwZK10lWr4TZOL3iJn:/9xzlIHqFXiv8sFxLPwZKulTZOjS |
| VirusTotal | 搜索相关分析 |
fontello[1].eot
| 文件名 | fontello[1].eot |
|---|---|
| 相关文件 |
|
| 文件大小 | 146197 bytes |
| 文件类型 | Embedded OpenType (EOT) |
| MD5 | 7d63005b443296048c70e87b07964c3a |
| SHA1 | faa032ae7482c918a903a6f24ac2356671e3224e |
| SHA256 | 2034d24eefa79aced482a0c46b50442677345eac05ac592764c592b80c8255a7 |
| SHA512 | 83898e7baa559e1b6e6555adeef45b636182403118fd01f86e4b22cd76eaa94f064c6616f36bed62eec1b05976469db7fa59eb874c961b6b6f9f35550c8df295 |
| Ssdeep | 3072:1reA46PsT/DytA1A/sV3GSByR4ZSNKgTXe8VwT:c6P+X6sV5ByR4ZSf+T |
| VirusTotal | 搜索相关分析 |
index.dat
| 文件名 | index.dat |
|---|---|
| 相关文件 |
|
| 文件大小 | 32768 bytes |
| 文件类型 | Internet Explorer cache file version Ver 5.2 |
| MD5 | 0aee387ca0a52dcdd8f8a29ea76edb42 |
| SHA1 | 5df81547dcadb2a7b8bc689da8e1383ba1a84cb9 |
| SHA256 | c31bc37e102b70a472837d530ec80bdaea28b0fefda3e9aa8c8cda98c4200c4e |
| SHA512 | 101bdb7178e031b1fbd78d595d778d06174749246cdcb70eb4b92af534910e30e0627147260ec319bccecf7a105c814b6b32c077a777fb5e90bd1459c78dcdf9 |
| Ssdeep | 12:qjtSaFpbZli3zIoYDPO7em4GZj03W/cKYDPOCG5A30WUsOXQDG9YRm4GZ5:qj4avEIoYTCebGZ7ZYTlEJ0oQQ4bGZ |
| VirusTotal | 搜索相关分析 |
jquery-migrate.min[1].js
| 文件名 | jquery-migrate.min[1].js |
|---|---|
| 相关文件 |
|
| 文件大小 | 10056 bytes |
| 文件类型 | ASCII text, with very long lines |
| MD5 | 7121994eec5320fbe6586463bf9651c2 |
| SHA1 | 90532aff6d4121954254cdf04994d834f7ec169b |
| SHA256 | 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d |
| SHA512 | b74a2f03c64e883b9a34de43690429327dfb4aa230a7a6afca8150a16e3d84e98461245ff264c26368d9904562cc34fe219f71f951d364fa5c68c039b76776cd |
| Ssdeep | 192:kZrk/GNyd31svs7wkX8KzJcqSDdAcHX4YE5NLR:srhNyNO0kkMKzFSDdAcIYwLR |
| Yara |
|
| VirusTotal | 搜索相关分析 |
favicon[1].ico
| 文件名 | favicon[1].ico |
|---|---|
| 相关文件 |
|
| 文件大小 | 9662 bytes |
| 文件类型 | MS Windows icon resource - 1 icon, 48x48 |
| MD5 | e5113e68ddd0c9be87d5bbe5e502df71 |
| SHA1 | 550c0d7c2ddf2dd03ca16bc485322579ea638875 |
| SHA256 | 03aca4c7dea82449ec74aee80aec9afdcc887ba72850a853c0eb614829282076 |
| SHA512 | 4d7f6ee76e865bd593478db4461e13f7ca0832f4344fed5297c4e5a636c6d0aa0d2c2fe052e553f2391be978a08b6b0a89bd2ea196931df1a7e029dff5912f26 |
| Ssdeep | 48:92rusdaDzckagKmktYWrOF9lnCNZNREgdp/:92+agpktY0NZNr |
| VirusTotal | 搜索相关分析 |
html5shiv[1].js
| 文件名 | html5shiv[1].js |
|---|---|
| 相关文件 |
|
| 文件大小 | 2376 bytes |
| 文件类型 | HTML document, ASCII text, with very long lines |
| MD5 | 262bb88879efaaf75c74154fe0308952 |
| SHA1 | 2123253519c0bee8a5735958281a73296a66003b |
| SHA256 | b3aa003abf3b6aaf1654fe8669472e3c01dba7bb73be4a8b73a3423cfeeb0e39 |
| SHA512 | d3915b572fce20ce95c1d5a0bb75f424bf3d6f71e726a77afb50e85c457603d60241cb4698227dd3cf071b7133fe444cf2f0e6728913058731173fbbc9ccaac8 |
| Ssdeep | 48:XpBdOftbeR8RkhwZuVNv9VHLlsS+jcvknzrrk08JQDLc:X9OlScYVH9JvarkIc |
| Yara |
|
| VirusTotal | 搜索相关分析 |
A053CFB63FC8E6507871752236B5CCD5_3115B218E8467E1B0447D809911342D7
| 文件名 | A053CFB63FC8E6507871752236B5CCD5_3115B218E8467E1B0447D809911342D7 |
|---|---|
| 相关文件 |
|
| 文件大小 | 532 bytes |
| 文件类型 | data |
| MD5 | 1ba8f6fad0336f40634d5d189daf8a97 |
| SHA1 | b73e1c4ba668e131b0493de5aa3eb209c1f1b772 |
| SHA256 | aa1e2dfbd77aadebd963a2e6c8d6091f4eaa5bf27f8567f7cbd1f7eefcd90164 |
| SHA512 | 6ef6cddf5d66254b4a2f4abb3444fd6e07388056c752e390decdd6747c04b333d1d9949b0a39695a5fe58d5d5737c885e961c05ee692031c8cc32c7696695c45 |
| Ssdeep | 12:1JJzJWzf8ClDC3bgLzK8sFFyOJQlUsyq3NMz6367B:fpJgEme3ELmvPyOJQ6Em2qN |
| VirusTotal | 搜索相关分析 |
test@ouba[1].txt
| 文件名 | test@ouba[1].txt |
|---|---|
| 相关文件 |
|
| 文件大小 | 109 bytes |
| 文件类型 | ASCII text |
| MD5 | a054c816b72fca149d69132224e13200 |
| SHA1 | 94937af153e85b8d0868214b514342d3d8f9bce0 |
| SHA256 | 136801d476b6594070dce871bde39ebf0a15ad694581234c5555bf7342dc78db |
| SHA512 | 89871e0c6a1df020641975b2c55371e82e9d47eebba8f64b6c23afeeb84a6ddd6af1f1aa14ddd6fe7ca3326124bb5f620a639bed8fcf1fa10fd956f06667efcc |
| Ssdeep | 3:GmM/3SUXGlNSxXiO0HRbiv0CCXC4x+W3TV5n:XM/3kliyO0xbSdCXVogTD |
| VirusTotal | 搜索相关分析 |
share[1].js
| 文件名 | share[1].js |
|---|---|
| 相关文件 |
|
| 文件大小 | 4234 bytes |
| 文件类型 | ASCII text |
| MD5 | d85faaad5c2d77fc5ea4dd5d80b285f5 |
| SHA1 | 94922a1c64d646675cb05c279773dbdeebaf6263 |
| SHA256 | 07779948f28510caf8849e64f185a22f59c81dbf0ee2f40cfb54500a03c8a1ed |
| SHA512 | a625a1445d72e8dc62b531380f5b8e816b3a4246fe027c63593f0f145ea25cc8ac7734a96f35e9355870dde6984f03aeec43ffb8e7ce95bb67f4b3f347b5ca27 |
| Ssdeep | 96:BPC41rEyQfGBOtxRksw02H3DL/JPi1H6oSK1y0JRillXzAyicb1:BPl1r5QfPFyjJPi1atqy0nilthic5 |
| Yara |
|
| VirusTotal | 搜索相关分析 |
3388ECC3F7BC4A9271C10ED8621E5A65_AA7B304A848C0A7677C38BD34D320652
| 文件名 | 3388ECC3F7BC4A9271C10ED8621E5A65_AA7B304A848C0A7677C38BD34D320652 |
|---|---|
| 相关文件 |
|
| 文件大小 | 390 bytes |
| 文件类型 | data |
| MD5 | a3b530ed9af59b6c032760553c5925df |
| SHA1 | 0a98f7dd8250b75205c823911f68dee0c6a8249a |
| SHA256 | 42ddf0db0984425e51d86829001fdb70c164b5194f374265b92a0b1d8dd25c21 |
| SHA512 | 9cd44353f942df3635b0c63b06c9cb73ebba61106721f95ecbbfc3c0e99011560bd328fc6892178b3c6bc4e2a83c1cc363aa218f2ea43a1205e330d3406a704b |
| Ssdeep | 6:kKUB/2kHjk/s+nR/aXivhClroFHFglpUvlWil5kMlr6W2tIlf2qlGku7C5KJrn:C/zH4OXiv8sFepU93kZPtIt2qlGkyZr |
| VirusTotal | 搜索相关分析 |
index.dat
| 文件名 | index.dat |
|---|---|
| 相关文件 |
|
| 文件大小 | 32768 bytes |
| 文件类型 | Internet Explorer cache file version Ver 5.2 |
| MD5 | fdcc5acd7d77f5d74c1e9d7068fe7253 |
| SHA1 | 3dbd31457f28fc8779ddc8199303dd06738a7007 |
| SHA256 | 3d9d9b667203c6e7f0214417ce6a1c586eca1bb88003d1b46af938b05d1761d7 |
| SHA512 | 960295c193b911f03c10af445b2d284a612204a3b68cba0cbec6a644bc2459bbb5a5a6fa36e92c0e77185032488b4383efad36290dd7a2c5398a5e29e54b698d |
| Ssdeep | 6:qjyxXKg1y3bx0g/3FAtXBij4ooF3bxdFAtXBi5o:qjRg1y3b1AlBiHoF3bRAlBi5o |
| VirusTotal | 搜索相关分析 |
C46E7B0F942663A1EDC8D9D6D7869173_D9B9F37ECE595B0B7B6AA12451D392CF
| 文件名 | C46E7B0F942663A1EDC8D9D6D7869173_D9B9F37ECE595B0B7B6AA12451D392CF |
|---|---|
| 相关文件 |
|
| 文件大小 | 1754 bytes |
| 文件类型 | data |
| MD5 | e6b48a2b61959ba0846331227546a9fe |
| SHA1 | 0e2beb52d0049f070e3442d299e36a9fccbaf011 |
| SHA256 | 8cf0d52547f55bf30441a7149c330e66df09c1d671e21cd83370220d45e1f6c9 |
| SHA512 | 16780a848d1b6df45f913d2ec496953d9d968733eb74e9d7868521bb6166deccfad9e1174ad3440b0eda87c2f85ad8ff7e94fbb9ea37ba3a06b08b4447be9f26 |
| Ssdeep | 24:4TOQvFA8QQmmV8oyY+wzLL3I7JWod9hL6MIwbK75qw1V5izRdQUT4X8CP7RKKb6i:GxQQmI+ILLoW+6aCzUzbQUT4Xb6yJo6 |
| VirusTotal | 搜索相关分析 |
C46E7B0F942663A1EDC8D9D6D7869173_D9B9F37ECE595B0B7B6AA12451D392CF
| 文件名 | C46E7B0F942663A1EDC8D9D6D7869173_D9B9F37ECE595B0B7B6AA12451D392CF |
|---|---|
| 相关文件 |
|
| 文件大小 | 398 bytes |
| 文件类型 | data |
| MD5 | cc339f1bfa379b22eb996f11e6172651 |
| SHA1 | 153dcdcd8a79c1f59863a9056fb49330f3bc04ce |
| SHA256 | 9264016fa3de5b76dc69362ef554e39c0a730f6f6c06018a2daf208d75809131 |
| SHA512 | 4e5518671fc7a6980cb6ad62f115191d0664e1763ffad345ccd65c29cde29fcb4eccc57d087d45b65fea6ee5420c69b2d1bc4c03426c81c99945421770f2abbb |
| Ssdeep | 6:kKBvIvmg/7lsnCaRGlKpivhClroFHP7jDsczlGSuZrgglilH0ROy0evo4UAlWn:29yRiv8sFzjD9zlUZrggIlHVyt3Z4 |
| VirusTotal | 搜索相关分析 |
{05C9DF44-5D10-11E8-912A-5254001C66F4}.dat
| 文件名 | {05C9DF44-5D10-11E8-912A-5254001C66F4}.dat |
|---|---|
| 相关文件 |
|
| 文件大小 | 4608 bytes |
| 文件类型 | Composite Document File V2 Document, Cannot read section info |
| MD5 | a9ff7bf339151ba033b1918b19258589 |
| SHA1 | c3417486185ecaf13e547f4a50c3a7ea435ec3e9 |
| SHA256 | f1f2d0cd955c52acae9a4cfd3403c727cd8eb107e7eb626b1a46d95b287c4f4e |
| SHA512 | 640a0839cab53fb6b30adc179c8967f63b99d1759c8c3b95573537a00490d5f4f2b72b89d6cc263bc5273c7d2ea937e28ae51c48b180e6ef956f076141592fcc |
| Ssdeep | 12:rlfFeBrEgmfR16F8ADrEgmfR1qjNlYfOo4Nlj9o6:r6BG1UGENljo4Nlxo6 |
| VirusTotal | 搜索相关分析 |
ACF244F1A10D4DBED0D88EBA0C43A9B5_16756CC7371BB76A269719AA1471E96C
| 文件名 | ACF244F1A10D4DBED0D88EBA0C43A9B5_16756CC7371BB76A269719AA1471E96C |
|---|---|
| 相关文件 |
|
| 文件大小 | 492 bytes |
| 文件类型 | data |
| MD5 | e56e969c543847ab470e5861f21d800e |
| SHA1 | cf3dc6cbcc05a30ce0b8c6697273a4fe25c943b9 |
| SHA256 | 1a515f8c747aa6ff5aa4a1aa45299b1cf18cb4672ab69313654886adb5e76b3c |
| SHA512 | 851475a2988fe9aa65f5341cf6f3b4a24fae801b6f1532bc36d05a65166308f8930dd04c55aaecdd9b7c8e28c82910656edd82c1de6644d77f4767b814c55596 |
| Ssdeep | 12:17WzgcPggL7DWzF0Y1oOkksFyR7uE9SsAUOlJCHVydSZci/:17WcVC7DgF0WoLnYRd8JUKYHsYZci/ |
| VirusTotal | 搜索相关分析 |
3388ECC3F7BC4A9271C10ED8621E5A65_AA7B304A848C0A7677C38BD34D320652
| 文件名 | 3388ECC3F7BC4A9271C10ED8621E5A65_AA7B304A848C0A7677C38BD34D320652 |
|---|---|
| 相关文件 |
|
| 文件大小 | 1419 bytes |
| 文件类型 | data |
| MD5 | 358ce374d8c276a4c322eb0f908f1923 |
| SHA1 | 3f4cc54a4c5a4d0f8b18a559dce9a78198bebdca |
| SHA256 | ad0e5a7d7876bd16e875a87be21085ebafbcca3d8f629b2ade751254fe49f990 |
| SHA512 | eb8fab549daebc889c8d4628707180be73e9f4f58b28ed4c1377db95866225a7a979ccfccb0267db8e45e6494fe0d1037877a80890759b0741652acc30acc29c |
| Ssdeep | 24:4NNIVShYZRuVI1oA1K4eZSDmxZCa6v2nK79QbcbBv2IRzhnVWTtN9hr9jnxm9P4j:4UVx0VmoOK4eZSDGZsaC9QgbQIZhnVq1 |
| VirusTotal | 搜索相关分析 |
2017081313415670[1].jpg
| 文件名 | 2017081313415670[1].jpg |
|---|---|
| 相关文件 |
|
| 文件大小 | 60242 bytes |
| 文件类型 | JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 1200x660, frames 3 |
| MD5 | 30f371d0b46b2195c87a8eee2d493a18 |
| SHA1 | 54a6eb7cba9ca0d15127f11d2e1b0e6d081cadd6 |
| SHA256 | ca835dbebe7352ced576e64aaf9ef0f75225408f50c92eeb1ad2892f1b4d1ced |
| SHA512 | 03683305e2fb84e8a36f63c8a79406a02fa6c4a8f53d33e377fb8f946535eac56c029c5b189d79db810a593d5bdc6e1491f6c5f9238c9a5c9aa8f7f3e85be1c8 |
| Ssdeep | 1536:8J2wxGkEFr4fWaF4eexJ6lIuHx9JT98+yU:2BLEFuWu43nenRPW+yU |
| VirusTotal | 搜索相关分析 |
23B523C9E7746F715D33C6527C18EB9D
| 文件名 | 23B523C9E7746F715D33C6527C18EB9D |
|---|---|
| 相关文件 |
|
| 文件大小 | 226 bytes |
| 文件类型 | data |
| MD5 | a28de9dc8ebf089410ddf3eb22aac853 |
| SHA1 | 0e8efb0333d8b362f1d1a279afae675ddd936662 |
| SHA256 | 4d3be58f29e8394267300845ccc6c1a7758deed5a808d2e494d291c63ee9547a |
| SHA512 | 75377ef05b5b8eba9be46a5bb72a2eacb699aad6f36a643005bcec82dc7a3e1bb7d4bca632dd45a59b6e3d7ada6dbbf58d45a8a6e8b52011be5ddcf3749d9a89 |
| Ssdeep | 3:kkFklKPnt32klXMg5/vllEg4l/a/klGnXZRlR84jpU+IGorTl7elPpl2Hl/:kKVn12sXThkg4I/swJRHj21Go2PyF/ |
| VirusTotal | 搜索相关分析 |
A053CFB63FC8E6507871752236B5CCD5_3115B218E8467E1B0447D809911342D7
| 文件名 | A053CFB63FC8E6507871752236B5CCD5_3115B218E8467E1B0447D809911342D7 |
|---|---|
| 相关文件 |
|
| 文件大小 | 1570 bytes |
| 文件类型 | data |
| MD5 | cfb40d97376ad6ea26dce7cc1ae01a12 |
| SHA1 | 116f0f060f283a9ad2d97d89e2d120085ffd6925 |
| SHA256 | fd6a7002d991139ce96421a041f8d004e37b9fff2bee31a888a398844b632054 |
| SHA512 | 4c6b7d2a3d4eeec19fcbc25dbe2cbda683fff351bc74f3d3b9bd8d77811b7146df8900a3fda33a5e1e8ee476bddbc89dd3207607f74d7a8a7c0582e7eaa4cbe3 |
| Ssdeep | 24:C4VGkR9xhP4j0EUAxEk7HXABK76KBgY6kZ9qBeeCpXsAxOsYPMrIpOhZO/K5Gtat:xDxhP4j0Er2GwBCdfjSwIpOhs/Rot |
| VirusTotal | 搜索相关分析 |
index.dat
| 文件名 | index.dat |
|---|---|
| 相关文件 |
|
| 文件大小 | 262144 bytes |
| 文件类型 | Internet Explorer cache file version Ver 5.2 |
| MD5 | fbe6ba880d1f6cadfd771536120f2c73 |
| SHA1 | 34b1a30160c6c7675a5c69b62d98661ab7a494bb |
| SHA256 | a2cdabb3fc43f2e94ca47fac764eea7819768bdf094690a6369be41fc4a5fd01 |
| SHA512 | 6a28d50bc6feeee26b35f014de7c8462d584bea98e9d6c97ebcedd2f22af71c4006cac55583161f4b6e25ad6e7f44f067b3f983113e078104f27ec02b1a4d0ab |
| Ssdeep | 768:pFFwZHojCtOlWNw3nsiMsieuugxdKOri:rFwZIjCtkWm3siMbeuugxdKoi |
| VirusTotal | 搜索相关分析 |
2017081315373325[1].jpg
| 文件名 | 2017081315373325[1].jpg |
|---|---|
| 相关文件 |
|
| 文件大小 | 82520 bytes |
| 文件类型 | JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 1280x1024, frames 3 |
| MD5 | 08649611beff9f33c56efee3bb3c163c |
| SHA1 | 58f38d7a985930837251268f37a60112230dad55 |
| SHA256 | 980e9b0e7559e47e6837ad9f1dd119a4b0880550630843691800015128968d27 |
| SHA512 | b0fd5b646a5f28e2319c6e5082ae6c687169a382c45d2b965eae9c99ca0876f0dd9eda587e3285656801378e64523158430b9731fd3db2cd5088c0b98a6fd8e4 |
| Ssdeep | 1536:WkyhIWwvd/0KVDDF9E5ZkJJTwIutj+KhADCkt+7428ea76O5:/Lvd/0KV/f+Zeyj+CAO+C43z |
| VirusTotal | 搜索相关分析 |
0F1583FFF42FFF476A09801ACB69213F_E3F4A8C96454D7D3441D2C1BCE81F875
| 文件名 | 0F1583FFF42FFF476A09801ACB69213F_E3F4A8C96454D7D3441D2C1BCE81F875 |
|---|---|
| 相关文件 |
|
| 文件大小 | 358 bytes |
| 文件类型 | data |
| MD5 | a908eee8bdf73bf713e7cbcb36aa2e5c |
| SHA1 | 76314f98e3e86305a19a750901b2b9ce8e8cd9be |
| SHA256 | bfc324c77100a48dda2c4816b38bc9ca307ae576d49f3ef486e76ce34d20e44f |
| SHA512 | 8710bada0b1130ddd0b5cb9605f564169a18526ebf4b93f3617c78861b3090f946c0626be172cf0377384ff721234e036dff6dae0cf83997301b87fd095b6184 |
| Ssdeep | 6:kKO/Q/PSSk/fkNaxVAPaRGlK0IqEdMClroFHF9fKprxGfDWDmu86XtlrpSlAMls4:W/OSMmAy7FDsFXC0rAXdHksMJ |
| VirusTotal | 搜索相关分析 |
test@www.ouba[2].txt
| 文件名 | test@www.ouba[2].txt |
|---|---|
| 相关文件 |
|
| 文件大小 | 172 bytes |
| 文件类型 | ASCII text |
| MD5 | 9eb298c4cd2bb71a17985d1ee811b4d2 |
| SHA1 | 62aeaeaa43c5a1cf86cfb2fb969ceb29ab37dc14 |
| SHA256 | 3a248c7b3910298d128b912b007a531f90804d385266e09e786b3baaec728f12 |
| SHA512 | 51de37531994849239932bd565a93026d42210788e4f04a9ac147092b5f97ce3352ed90bc8b8ba911de7953044da494d3160dab4f7af64c553e4c19a4244136c |
| Ssdeep | 3:+uBvr8LKTR1D/Vj1IdtDWcKRLuLTfU6geUVUvWP6MIPJyIdtyRpiTlVLNVRvgeUk:+OvrHD/VjSdYHuLTfU6VUVVPnI7dovwd |
| VirusTotal | 搜索相关分析 |
test@www.ouba[1].txt
| 文件名 | test@www.ouba[1].txt |
|---|---|
| 相关文件 |
|
| 文件大小 | 100 bytes |
| 文件类型 | ASCII text |
| MD5 | eb5729e67cb2f72bf84ff1e2717457e8 |
| SHA1 | c3abeb7dcea02d43748deef0207aadddb950462d |
| SHA256 | 9142af94706d761aad5c123b967086337d82f2667d20e052c4ed5c62aeb8bec8 |
| SHA512 | 488aa635cecb16870b1907d251a35b0782bdaca464ad112a32521ef2a0d16a820f36002635059b3fbf34f3568bd534a5a940229a8302e28049952bd42efe22ec |
| Ssdeep | 3:+uBvr8LKTR1D/Vj1IdtDWcKRLuLTfU6geUVUvX:+OvrHD/VjSdYHuLTfU6VUVy |
| VirusTotal | 搜索相关分析 |
TB2fe9HlHlmpuFjSZFlXXbdQXXa_!!905090405[1].png
| 文件名 | TB2fe9HlHlmpuFjSZFlXXbdQXXa_!!905090405[1].png |
|---|---|
| 相关文件 |
|
| 文件大小 | 8200 bytes |
| 文件类型 | PNG image data, 105 x 40, 8-bit/color RGBA, non-interlaced |
| MD5 | 62a1d0955030cbb9fa7f04b5f222761d |
| SHA1 | ee57c76da4e9b280f37b8e54d54d46d24d36f50b |
| SHA256 | beb4177972e19ce999e47493c4bb48b5e1d581caaa546d8a107ef6891adaff8a |
| SHA512 | ad61170dc32d658555849eb4ab8ef0a6fc28d8d1e9ba132ed96772ba97839585601e9ce7bb1c9e8d0c3340f550d2c99aff88f695d02dec1dc08b7397e2dad7ba |
| Ssdeep | 192:+gUkuBRqb+h069ZLGgoyWWG5Yt0sDLkKX+ttSL:jUku/h0OZq1yWums0KX+t8 |
| VirusTotal | 搜索相关分析 |
TB2QdQsjM0kpuFjSspdXXX4YXXa_!!905090405[1].png
| 文件名 | TB2QdQsjM0kpuFjSspdXXX4YXXa_!!905090405[1].png |
|---|---|
| 相关文件 |
|
| 文件大小 | 3184 bytes |
| 文件类型 | PNG image data, 105 x 40, 8-bit/color RGBA, non-interlaced |
| MD5 | 5b4cd056e4392ff6b476216220a2964f |
| SHA1 | cfebb8c01a6a4b1cd3353fc49477546adb45f9b0 |
| SHA256 | 61d623a363857577725092c29478e37fad90e204c5e43e7e9b599661d3db142f |
| SHA512 | 7ec9b63f665e5b882bec7e9b5aa1041023e323fd64253957cee76e28182cc0584ee65c2fe44d90d55396941f3f37b8b944fc851c5d0db41a8f1b2b5c7212b72f |
| Ssdeep | 48:NCKS2vnyfeJ3hvQgPMb+bevfUwmixHrHdgKTggfz06+fC5:zSe+uIgPMhCixHrHdgoge0C5 |
| VirusTotal | 搜索相关分析 |
RecoveryStore.{05C9DF43-5D10-11E8-912A-5254001C66F4}.dat
| 文件名 | RecoveryStore.{05C9DF43-5D10-11E8-912A-5254001C66F4}.dat |
|---|---|
| 相关文件 |
|
| 文件大小 | 3584 bytes |
| 文件类型 | Composite Document File V2 Document, Cannot read section info |
| MD5 | 2d8cb7f3fca18d1ad2864d45fc340ae2 |
| SHA1 | 628e96e4e656a35d323f41feafc6481cccb68ae7 |
| SHA256 | dabcc8b68597a1e0271914094a6ce20252fbb862274c6feee22365d1706d8ca1 |
| SHA512 | a5074e02535dd1c3bfb7bc6671c4b0ba5161547f2a55c28170c48e71c2f6d9899013ab73774a0791cc9034117438c7e27b3df27062ab77f0bd4329f29d28f05d |
| Ssdeep | 12:rl0YmGF23rEg5+IaCrI017+FlDrEgmf+IaCy8qgQNlTqo+H:rI35/KGv/TQNlWo+ |
| VirusTotal | 搜索相关分析 |
respond.min[1].js
| 文件名 | respond.min[1].js |
|---|---|
| 相关文件 |
|
| 文件大小 | 4035 bytes |
| 文件类型 | HTML document, ASCII text, with very long lines |
| MD5 | 48626676a875709c0d5e7bae93cb02c2 |
| SHA1 | 142a9caa4c384b905702bd5f62f8e6ec617e1e36 |
| SHA256 | 1d733c7b92cb33ecdecfe740c315e0fde44f46b6f3cb3700ded9520aeee1e38e |
| SHA512 | a133ec6ca8b11553f9e940bd30faddeeb2465bd5cc9b48f3431670140c1f4d1d74b2362729e1e907e50d6a2411ea58b2027996ff0ee3e5f7a420526f8efda5d4 |
| Ssdeep | 96:t9gLw0Wmohjt22TT7mLeumYpsQMPNUUOsPzX/gweyy8GAwY:sRWnhjt22T/m8TQMFUUOsbvgweYGvY |
| Yara |
|
| VirusTotal | 搜索相关分析 |
ACF244F1A10D4DBED0D88EBA0C43A9B5_16756CC7371BB76A269719AA1471E96C
| 文件名 | ACF244F1A10D4DBED0D88EBA0C43A9B5_16756CC7371BB76A269719AA1471E96C |
|---|---|
| 相关文件 |
|
| 文件大小 | 1517 bytes |
| 文件类型 | data |
| MD5 | f65ee2ba44e95719685eb683340cf8b8 |
| SHA1 | cf6ff2059c8bcfd6e756f6f9132b9d2916a19c38 |
| SHA256 | d303bb1aad3017b9f76bcf2d05637da2d1d8f2beb7cf1f6ea512c9c5647ca31b |
| SHA512 | 68166563e639c8869548f13301264d6725cbec8a4f0a7c2611ba8cfe5d22455faec76eab6959c54f72ef53925dc30e0b82d7c16db7e5a0c9e4bd34e01fc75807 |
| Ssdeep | 24:IWfaQJVUl0GaTccuH/bNs7EuPPw4FcKaHTKruWl0yVgSp2hWFionwIcC:8TlwwcuH/bNgEuH1FJaHTGuUg1xot |
| VirusTotal | 搜索相关分析 |
D47DBD2F9E3365FBBE008D71FB06716F_D33192D58AA9CA2B9097E848E9FE86DE
| 文件名 | D47DBD2F9E3365FBBE008D71FB06716F_D33192D58AA9CA2B9097E848E9FE86DE |
|---|---|
| 相关文件 |
|
| 文件大小 | 1435 bytes |
| 文件类型 | data |
| MD5 | 85e894ad11126be7290ca7c166558b5b |
| SHA1 | 48d70dba4c2c04dfe1f057efd3a7aca1f620d1bb |
| SHA256 | 9176fdaa77fd1283e54103848d3688b4b863d5c78a92ba9ab6bbac677b20e9e0 |
| SHA512 | f4f32c9149e852f8050ddd09b001c070aadc05497414f0907eef2d8daef188757ab1432c371611cdc8aa9997012e862d251824abfa1406fef856ff6892f421fc |
| Ssdeep | 24:qtUQeEuyVW6bWR0HHK9FcDkhaxQ7N67IuN474xgYOIpJWm3TC68rX+ZziwDPz:kUQiKjaR0K9q8h6JNkiOIjWG0rvwbz |
| VirusTotal | 搜索相关分析 |
su[1].png
| 文件名 | su[1].png |
|---|---|
| 相关文件 |
|
| 文件大小 | 108 bytes |
| 文件类型 | PNG image data, 1 x 1, 8-bit/color RGB, non-interlaced |
| MD5 | d07d5a817491151e728fd6eac976d0c2 |
| SHA1 | aa98cc98526948c5a26469f580587bdfbb4755fa |
| SHA256 | eae0a5e5eb122996c9ce2c47b3e564ec13ce00c1269a157ffdaaba140b69de11 |
| SHA512 | 55a744283402d15fe886af7bdb3c60c1fa73734679e215d2c31006b6d66eb93109b0975db771d5e8e6da6447bef5bfdc8b756f7bde39c42a42676c0ed230e349 |
| Ssdeep | 3:yionv//thPlE+tt1Sc/l8qRthwkBDsTBZtr9QvF8kkZ5lVp:6v/lhPfnYc/l5nDsprevOT5lVp |
| VirusTotal | 搜索相关分析 |
23B523C9E7746F715D33C6527C18EB9D
| 文件名 | 23B523C9E7746F715D33C6527C18EB9D |
|---|---|
| 相关文件 |
|
| 文件大小 | 325 bytes |
| 文件类型 | data |
| MD5 | ca8e22dba8228e50e3fd992f73328e04 |
| SHA1 | d8bbd3f408120652cc5edb178a8143596f8f768d |
| SHA256 | 0b4770f202d0abfea26425447ec1456aaa47a8d3351f322f927946980323526d |
| SHA512 | adb75c3b7df131e4298b97bd908f59b5747f782d22158d3837bf644b159a4405d346a0c12f041c117d99954b5eb25e062308696bae35163ba6efb245f56ca210 |
| Ssdeep | 6:3vMVRQ+mm6/2uT+QGd1fD/utOc6Nf4yzXbnSvegbAn:fMnQu6/5qFDGtkNQyzr4/U |
| VirusTotal | 搜索相关分析 |
index.dat
| 文件名 | index.dat |
|---|---|
| 相关文件 |
|
| 文件大小 | 65536 bytes |
| 文件类型 | Internet Explorer cache file version Ver 5.2 |
| MD5 | 0ee0d92f5ad9cd4d354a120734ae8e5e |
| SHA1 | a3d2338356b933a1240f053b89efe7f1b5e63353 |
| SHA256 | bd15c1573c53ac40e26c307c00be243ace57eb5fd0d2879349b24832d2e7a771 |
| SHA512 | 126b0b6063509b59a2af9fe58d96ea741b3316af252b309000ab14b014dddde0b7bffbd9042bd2ce2194d3294677ae82c5470b8503470102b1b912f8ca309b9d |
| Ssdeep | 384:wEEG/+oo0M7hPfdoW7QRyUEZeluUFyvp64PBhqNLguX3/5YSHYjitk9t7sub/2Iw:wEEG/+Rg |
| VirusTotal | 搜索相关分析 |
MSIMGSIZ.DAT
| 文件名 | MSIMGSIZ.DAT |
|---|---|
| 相关文件 |
|
| 文件大小 | 16384 bytes |
| 文件类型 | data |
| MD5 | 90ff8d27bcbf825222809b35f2fa4d22 |
| SHA1 | ae12af6102f0ba30579515262527c21dfd5b2197 |
| SHA256 | 68d8c2ab8827690d4f7dc6b8d8f93d7756ea61e3baaf8a0a01b7a9639c14ac35 |
| SHA512 | 46be99be65bf1c0c29e7a5d5aa0c7f823b73e86e2d8c0885255f6769a6031f840733c527c25e28aa39080bad5329d4cad92e8742c193c605f278f94d6a7a0f8a |
| Ssdeep | 48:jGQhN7sXHWrVmqESaakqd5PIy+F8JrcVjdS6gP4Y4z7el:CBXHbbSrkK5PID8mJdcPAz76 |
| VirusTotal | 搜索相关分析 |
fontello[1].css
| 文件名 | fontello[1].css |
|---|---|
| 相关文件 |
|
| 文件大小 | 98639 bytes |
| 文件类型 | UTF-8 Unicode text |
| MD5 | eca1aa73fec6e28da816dd340a790691 |
| SHA1 | 44ced933b1478538c58f8660405796496bd60e8b |
| SHA256 | 2046c840438b01d71b6bf01922408a7a254668a1a1df95538a8f1ebe228a6245 |
| SHA512 | 92bcdc03db270cc9c56503b0103b9fe9998f3422f728a75f01dc3127f46bd1063e1c51ccfdf71eb61363f04e71915d991f5e8366aad0bbdf7f39ed3290a0a723 |
| Ssdeep | 768:2am+2ETQby8VHAdmwFk1mh763up+oN7+z32auCXuKDQ011Nx:v/ZQb5adC1Mr+L2ausS011T |
| VirusTotal | 搜索相关分析 |
D47DBD2F9E3365FBBE008D71FB06716F_D33192D58AA9CA2B9097E848E9FE86DE
| 文件名 | D47DBD2F9E3365FBBE008D71FB06716F_D33192D58AA9CA2B9097E848E9FE86DE |
|---|---|
| 相关文件 |
|
| 文件大小 | 408 bytes |
| 文件类型 | data |
| MD5 | 820f3308572857aa171ec696f3194d93 |
| SHA1 | 2ce42fdd21720c70958746f7abce03d4250cb132 |
| SHA256 | 5507ec913c72fb705449fd62c1281034b5efd73144764a84edfd0f6fa580372c |
| SHA512 | a00b9a741263214dc910d5c3eb0d694da2af5dffa49535689456bd6eec65a17b8754e7faa5cbc42453338032b9d41a34bbbc9c36d52cf16e8044ee74666beb99 |
| Ssdeep | 6:kK+mGultKANlsjTBR8MziKpivhClroFNnleuJUPlxojPFcTNTl3Ts8JJn:2mGul0ANQVJzHiv8sFOAUPlJTNT1Y8H |
| VirusTotal | 搜索相关分析 |
行为分析
互斥量(Mutexes)
- Local\!IETld!Mutex
- Local\c:!users!test!appdata!roaming!microsoft!windows!ietldcache!
- Local\c:!users!test!appdata!local!microsoft!feeds cache!
- Local\ZonesCounterMutex
- Local\ZoneAttributeCacheCounterMutex
- Local\ZonesCacheCounterMutex
- Local\ZonesLockedCacheCounterMutex
- Local\!BrowserEmulation!SharedMemory!Mutex
- Local\!IECompat!Mutex
- Local\c:!users!test!appdata!roaming!microsoft!windows!iecompatcache!
- ConnHashTable<1808>_HashTable_Mutex
- Local\WininetStartupMutex
- Groove.Mutex.WebServices.Status
- Groove.Mutex.SystemServices.Lock
- Groove:PathMutex:huJZ0a1oPtB4yGzDQW9lw0niEfg=
- Groove:PathMutex:v1n9odwmzLTGaaFW7PZysBRMqq8=
- Local\MSCTF.Asm.MutexDefault1
- MSIMGSIZECacheMutex
- _!SHMSFTHISTORY!_
- Local\c:!users!test!appdata!local!microsoft!windows!history!history.ie5!mshist012018052220180523!
执行的命令
无信息
创建的服务
无信息
启动的服务
无信息
进程
iexplore.exe PID: 1808, 上一级进程 PID: 1872
iexplore.exe PID: 2280, 上一级进程 PID: 1808
访问的文件
- C:\Windows\Globalization\Sorting\sortdefault.nls
- C:\Program Files (x86)\Internet Explorer\IEShims.dll
- C:\Windows\SysWOW64\shell32.dll
- \Device\KsecDD
- C:\Program Files (x86)\Internet Explorer\sqmapi.dll
- C:\Users\test\Favorites
- C:\
- C:\Users
- C:\Users\test\AppData\Local\Microsoft\Windows\Caches
- C:\Users\test\AppData\Local\Microsoft\Windows\Caches\cversions.1.db
- C:\Users\test\AppData\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x000000000000003c.db
- C:\Users\desktop.ini
- C:\Users\test
- C:\Users\test\Favorites\desktop.ini
- C:\Users\test\Desktop\desktop.ini
- \??\MountPointManager
- C:\Program Files (x86)\Internet Explorer\ieproxy.dll
- C:\Users\test\AppData\Roaming\Microsoft\Windows\IETldCache\
- C:\Users\test\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- C:\Users\test\AppData\Local\Microsoft\Feeds Cache\
- C:\Users\test\AppData\Local\Microsoft\Feeds Cache\index.dat
- C:\Users\test\AppData\Local\Microsoft\Feeds Cache\desktop.ini
- \??\Nsi
- C:\Users\test\AppData\Roaming\Microsoft\Windows\IECompatCache\
- C:\Users\test\AppData\Roaming\Microsoft\Windows\IECompatCache\index.dat
- C:\Windows\Fonts\staticcache.dat
- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
- C:\Program Files (x86)\Common Files\Adobe
- C:\Program Files (x86)\Common Files\Adobe\Acrobat
- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX
- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
- C:\Windows\AppPatch\sysmain.sdb
- C:\Program Files (x86)\Microsoft Office\Office14\
- C:\Program Files (x86)
- C:\Program Files (x86)\Microsoft Office
- C:\Program Files (x86)\Microsoft Office\Office14
- C:\Program Files (x86)\Microsoft Office\Office14\*.*
- C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE
- C:\Users\test\AppData\Local\microsoft\Office\Groove\User\GFSConfig.xml
- C:\Users\test\AppData\Local\microsoft\Office\Groove\User\UnreadMarks.xml
- C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll
- C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
- C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll
- C:\Program Files (x86)\Java
- C:\Program Files (x86)\Java\jre1.8.0_121\bin
- C:\Program Files (x86)\Java\jre1.8.0_121\bin\msvcr100.dll
- C:\Program Files (x86)\Java\jre1.8.0_121\bin\deploy.dll
- C:\Users\test\AppData\Roaming\Microsoft\Windows\Cookies\test@ouba[1].txt
- C:\Program Files (x86)\Java\jre1.8.0_121\lib\plugin.jar
- C:\Program Files (x86)\Java\jre1.8.0_121\bin\javaws.exe
- C:\Users\test\AppData\Local\Temp\JavaDeployReg.log
- C:\Program Files (x86)\Java\jre1.8.0_121
- C:\Program Files (x86)\Java\jre1.8.0_121\bin\java.exe
- C:\Program Files (x86)\Java\jre1.8.0_121\bin\client\jvm.dll
- C:\Program Files (x86)\Java\jre1.8.0_121\bin\server\jvm.dll
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\ouba_me[1].txt
- C:\Windows\SysWOW64\ieframe.dll
- C:\Windows\WindowsShell.manifest
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\ouba_me[1].htm
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\fontello[1].css
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\html5shiv[1].js
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\jquery-migrate.min[1].js
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\respond.min[1].js
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\fontello[1].eot
- C:\Windows\sysnative\C_1250.NLS
- C:\Windows\sysnative\C_1251.NLS
- C:\Windows\sysnative\C_1253.NLS
- C:\Windows\sysnative\C_1254.NLS
- C:\Windows\sysnative\C_1255.NLS
- C:\Windows\sysnative\C_1256.NLS
- C:\Windows\sysnative\C_1257.NLS
- C:\Windows\sysnative\C_1258.NLS
- C:\Windows\sysnative\C_874.NLS
- C:\Windows\sysnative\C_932.NLS
- C:\Windows\sysnative\C_949.NLS
- C:\Windows\sysnative\C_950.NLS
- C:\Windows\sysnative\C_1361.NLS
- C:\Windows\sysnative\C_864.NLS
- C:\Windows\sysnative\C_708.NLS
- C:\Windows\sysnative\C_720.NLS
- C:\Windows\sysnative\C_28596.NLS
- C:\Windows\sysnative\C_10004.NLS
- C:\Windows\sysnative\C_775.NLS
- C:\Windows\sysnative\C_28594.NLS
- C:\Windows\sysnative\C_852.NLS
- C:\Windows\sysnative\C_28592.NLS
- C:\Windows\sysnative\C_10029.NLS
- C:\Windows\sysnative\C_G18030.DLL
- C:\Windows\sysnative\C_20936.NLS
- C:\Windows\sysnative\C_IS2022.DLL
- C:\Windows\sysnative\C_10008.NLS
- C:\Windows\sysnative\C_20000.NLS
- C:\Windows\sysnative\C_20002.NLS
- C:\Windows\sysnative\C_10002.NLS
- C:\Windows\sysnative\C_10082.NLS
- C:\Windows\sysnative\C_866.NLS
- C:\Windows\sysnative\C_28595.NLS
- C:\Windows\sysnative\C_20866.NLS
- C:\Windows\sysnative\C_21866.NLS
- C:\Windows\sysnative\C_10007.NLS
- C:\Windows\sysnative\c_28603.nls
- C:\Windows\sysnative\C_21027.NLS
- C:\Windows\sysnative\C_863.NLS
- C:\Windows\sysnative\C_20106.NLS
- C:\Windows\sysnative\C_737.NLS
- C:\Windows\sysnative\C_28597.NLS
- C:\Windows\sysnative\C_10006.NLS
- C:\Windows\sysnative\C_869.NLS
- C:\Windows\sysnative\C_862.NLS
- C:\Windows\sysnative\C_28598.NLS
- C:\Windows\sysnative\C_10005.NLS
- C:\Windows\sysnative\C_20003.NLS
- C:\Windows\sysnative\C_20420.NLS
- C:\Windows\sysnative\C_20880.NLS
- C:\Windows\sysnative\C_21025.NLS
- C:\Windows\sysnative\C_20277.NLS
- C:\Windows\sysnative\C_1142.NLS
- C:\Windows\sysnative\C_20278.NLS
- C:\Windows\sysnative\C_1143.NLS
- C:\Windows\sysnative\C_20297.NLS
- C:\Windows\sysnative\C_1147.NLS
- C:\Windows\sysnative\C_20273.NLS
- C:\Windows\sysnative\C_1141.NLS
- C:\Windows\sysnative\C_20423.NLS
- C:\Windows\sysnative\C_875.NLS
- C:\Windows\sysnative\C_20424.NLS
- C:\Windows\sysnative\C_20871.NLS
- C:\Windows\sysnative\C_1149.NLS
- C:\Windows\sysnative\C_500.NLS
- C:\Windows\sysnative\C_1148.NLS
- C:\Windows\sysnative\C_20280.NLS
- C:\Windows\sysnative\C_1144.NLS
- C:\Windows\sysnative\C_20290.NLS
- C:\Windows\sysnative\C_20833.NLS
- C:\Windows\sysnative\C_870.NLS
- C:\Windows\sysnative\C_20284.NLS
- C:\Windows\sysnative\C_1145.NLS
- C:\Windows\sysnative\C_20838.NLS
- C:\Windows\sysnative\C_20905.NLS
- C:\Windows\sysnative\C_1026.NLS
- C:\Windows\sysnative\C_20285.NLS
- C:\Windows\sysnative\C_1146.NLS
- C:\Windows\sysnative\C_037.NLS
- C:\Windows\sysnative\C_1140.NLS
- C:\Windows\sysnative\C_1047.NLS
- C:\Windows\sysnative\C_20924.NLS
- C:\Windows\sysnative\C_861.NLS
- C:\Windows\sysnative\C_10079.NLS
- C:\Windows\sysnative\C_ISCII.DLL
- C:\Windows\sysnative\C_20269.NLS
- C:\Windows\sysnative\C_20932.NLS
- C:\Windows\sysnative\C_10001.NLS
- C:\Windows\sysnative\C_20949.NLS
- C:\Windows\sysnative\C_10003.NLS
- C:\Windows\sysnative\C_28593.NLS
- C:\Windows\sysnative\C_28605.NLS
- C:\Windows\sysnative\C_865.NLS
- C:\Windows\sysnative\C_20108.NLS
- C:\Windows\sysnative\C_855.NLS
- C:\Windows\sysnative\C_437.NLS
- C:\Windows\sysnative\C_858.NLS
- C:\Windows\sysnative\C_860.NLS
- C:\Windows\sysnative\C_10010.NLS
- C:\Windows\sysnative\C_20107.NLS
- C:\Windows\sysnative\C_20261.NLS
- C:\Windows\sysnative\C_20001.NLS
- C:\Windows\sysnative\C_20004.NLS
- C:\Windows\sysnative\C_10021.NLS
- C:\Windows\sysnative\C_857.NLS
- C:\Windows\sysnative\C_28599.NLS
- C:\Windows\sysnative\C_10081.NLS
- C:\Windows\sysnative\C_10017.NLS
- C:\Windows\sysnative\C_20005.NLS
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\2017090520094966[1].jpg
- C:\Windows\sysnative\C_850.NLS
- C:\Windows\sysnative\C_20105.NLS
- C:\Windows\sysnative\C_28591.NLS
- C:\Windows\sysnative\C_10000.NLS
- C:\Windows\System32\en-US\MLANG.dll.mui
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\wp-player[1].css
- C:\Users\test\AppData\Local\Microsoft
- C:\Users\test\AppData\Local\Microsoft\Internet Explorer
- C:\Users\test\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\2017081313415670[1].jpg
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\2017081315373325[1].jpg
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\share[1].js
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\owl.carousel[1].css
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\jquery.mCustomScrollbar.min[1].css
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\animate[1].css
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\admin-ajax[1].php
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\bootstrap.min[1].css
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\style[1].css
- C:\Users\test\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\*
- C:\Users\test\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs\*
- C:\Users\test\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs\*
- C:\Users\test\AppData\LocalLow
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\D47DBD2F9E3365FBBE008D71FB06716F_D33192D58AA9CA2B9097E848E9FE86DE
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\D47DBD2F9E3365FBBE008D71FB06716F_D33192D58AA9CA2B9097E848E9FE86DE
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C46E7B0F942663A1EDC8D9D6D7869173_D9B9F37ECE595B0B7B6AA12451D392CF
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C46E7B0F942663A1EDC8D9D6D7869173_D9B9F37ECE595B0B7B6AA12451D392CF
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\705A76DE71EA2CAEBB8F0907449CE086_611D8AF93D88D61ED8CD55C30E7FC92A
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\705A76DE71EA2CAEBB8F0907449CE086_611D8AF93D88D61ED8CD55C30E7FC92A
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\su[1].js
- C:\Windows\SysWOW64\propsys.dll
- C:\Windows\sysnative\propsys.dll
- C:\Windows\System32\tzres.dll
- C:\Users\test\AppData\Roaming\Microsoft\Windows\Cookies\test@www.ouba[1].txt
- C:\Users\test\AppData\Roaming\Microsoft\Windows\Cookies\test@www.ouba[2].txt
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\su[1].png
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\23B523C9E7746F715D33C6527C18EB9D
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\23B523C9E7746F715D33C6527C18EB9D
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0F1583FFF42FFF476A09801ACB69213F_E3F4A8C96454D7D3441D2C1BCE81F875
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0F1583FFF42FFF476A09801ACB69213F_E3F4A8C96454D7D3441D2C1BCE81F875
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3388ECC3F7BC4A9271C10ED8621E5A65_AA7B304A848C0A7677C38BD34D320652
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3388ECC3F7BC4A9271C10ED8621E5A65_AA7B304A848C0A7677C38BD34D320652
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\ACF244F1A10D4DBED0D88EBA0C43A9B5_16756CC7371BB76A269719AA1471E96C
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\ACF244F1A10D4DBED0D88EBA0C43A9B5_16756CC7371BB76A269719AA1471E96C
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A053CFB63FC8E6507871752236B5CCD5_3115B218E8467E1B0447D809911342D7
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A053CFB63FC8E6507871752236B5CCD5_3115B218E8467E1B0447D809911342D7
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\TB2QdQsjM0kpuFjSspdXXX4YXXa_!!905090405[1].png
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\TB2fe9HlHlmpuFjSZFlXXbdQXXa_!!905090405[1].png
- C:\Users\test\AppData\Local\Microsoft\Windows\History\desktop.ini
- C:\Users\test\AppData
- C:\Users\test\AppData\Local
- C:\Users\test\AppData\Local\Microsoft\Windows
- C:\Users\test\AppData\Local\Microsoft\Windows\History
- C:\Users\test\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012018052220180523\
- C:\Users\test\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012018052220180523\index.dat
- C:\Windows\System32\shell32.dll
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\favicon[1].ico
读取的文件
- C:\Windows\Globalization\Sorting\sortdefault.nls
- C:\Program Files (x86)\Internet Explorer\IEShims.dll
- C:\Windows\SysWOW64\shell32.dll
- \Device\KsecDD
- C:\Program Files (x86)\Internet Explorer\sqmapi.dll
- C:\
- C:\Users\test\AppData\Local\Microsoft\Windows\Caches\cversions.1.db
- C:\Users\test\AppData\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x000000000000003c.db
- C:\Users\desktop.ini
- C:\Users
- C:\Users\test
- C:\Users\test\Favorites\desktop.ini
- C:\Users\test\Desktop\desktop.ini
- C:\Program Files (x86)\Internet Explorer\ieproxy.dll
- C:\Users\test\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- C:\Users\test\AppData\Local\Microsoft\Feeds Cache\index.dat
- C:\Users\test\AppData\Roaming\Microsoft\Windows\IECompatCache\index.dat
- C:\Windows\Fonts\staticcache.dat
- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
- C:\Windows\AppPatch\sysmain.sdb
- C:\Program Files (x86)\Microsoft Office\Office14\
- C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll
- C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
- C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll
- C:\Program Files (x86)\Java\jre1.8.0_121\bin\msvcr100.dll
- C:\Program Files (x86)\Java\jre1.8.0_121\bin\deploy.dll
- C:\Users\test\AppData\Local\Temp\JavaDeployReg.log
- C:\Windows\SysWOW64\ieframe.dll
- C:\Windows\WindowsShell.manifest
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\ouba_me[1].htm
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\fontello[1].css
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\html5shiv[1].js
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\jquery-migrate.min[1].js
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\respond.min[1].js
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\fontello[1].eot
- C:\Windows\System32\en-US\MLANG.dll.mui
- C:\Users\test\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\share[1].js
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\D47DBD2F9E3365FBBE008D71FB06716F_D33192D58AA9CA2B9097E848E9FE86DE
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\D47DBD2F9E3365FBBE008D71FB06716F_D33192D58AA9CA2B9097E848E9FE86DE
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C46E7B0F942663A1EDC8D9D6D7869173_D9B9F37ECE595B0B7B6AA12451D392CF
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C46E7B0F942663A1EDC8D9D6D7869173_D9B9F37ECE595B0B7B6AA12451D392CF
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\705A76DE71EA2CAEBB8F0907449CE086_611D8AF93D88D61ED8CD55C30E7FC92A
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\705A76DE71EA2CAEBB8F0907449CE086_611D8AF93D88D61ED8CD55C30E7FC92A
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\su[1].js
- C:\Windows\System32\tzres.dll
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\23B523C9E7746F715D33C6527C18EB9D
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\23B523C9E7746F715D33C6527C18EB9D
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0F1583FFF42FFF476A09801ACB69213F_E3F4A8C96454D7D3441D2C1BCE81F875
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0F1583FFF42FFF476A09801ACB69213F_E3F4A8C96454D7D3441D2C1BCE81F875
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3388ECC3F7BC4A9271C10ED8621E5A65_AA7B304A848C0A7677C38BD34D320652
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3388ECC3F7BC4A9271C10ED8621E5A65_AA7B304A848C0A7677C38BD34D320652
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\ACF244F1A10D4DBED0D88EBA0C43A9B5_16756CC7371BB76A269719AA1471E96C
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\ACF244F1A10D4DBED0D88EBA0C43A9B5_16756CC7371BB76A269719AA1471E96C
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A053CFB63FC8E6507871752236B5CCD5_3115B218E8467E1B0447D809911342D7
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A053CFB63FC8E6507871752236B5CCD5_3115B218E8467E1B0447D809911342D7
- C:\Users\test\AppData
- C:\Users\test\AppData\Local
- C:\Users\test\AppData\Local\Microsoft
- C:\Users\test\AppData\Local\Microsoft\Windows
- C:\Users\test\AppData\Local\Microsoft\Windows\History\desktop.ini
- C:\Users\test\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012018052220180523\index.dat
- C:\Windows\System32\shell32.dll
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\favicon[1].ico
修改的文件
- C:\Users\test\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- C:\Users\test\AppData\Local\Microsoft\Feeds Cache\index.dat
- C:\Users\test\AppData\Roaming\Microsoft\Windows\IECompatCache\index.dat
- C:\Users\test\AppData\Roaming\Microsoft\Windows\Cookies\test@ouba[1].txt
- C:\Users\test\AppData\Local\Temp\JavaDeployReg.log
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\ouba_me[1].txt
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\fontello[1].css
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\html5shiv[1].js
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\jquery-migrate.min[1].js
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\respond.min[1].js
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\fontello[1].eot
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\2017090520094966[1].jpg
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\wp-player[1].css
- C:\Users\test\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\2017081313415670[1].jpg
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\2017081315373325[1].jpg
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\share[1].js
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\owl.carousel[1].css
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\jquery.mCustomScrollbar.min[1].css
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\animate[1].css
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\admin-ajax[1].php
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\bootstrap.min[1].css
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\style[1].css
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\D47DBD2F9E3365FBBE008D71FB06716F_D33192D58AA9CA2B9097E848E9FE86DE
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\D47DBD2F9E3365FBBE008D71FB06716F_D33192D58AA9CA2B9097E848E9FE86DE
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C46E7B0F942663A1EDC8D9D6D7869173_D9B9F37ECE595B0B7B6AA12451D392CF
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C46E7B0F942663A1EDC8D9D6D7869173_D9B9F37ECE595B0B7B6AA12451D392CF
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\705A76DE71EA2CAEBB8F0907449CE086_611D8AF93D88D61ED8CD55C30E7FC92A
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\705A76DE71EA2CAEBB8F0907449CE086_611D8AF93D88D61ED8CD55C30E7FC92A
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\su[1].js
- C:\Users\test\AppData\Roaming\Microsoft\Windows\Cookies\test@www.ouba[1].txt
- C:\Users\test\AppData\Roaming\Microsoft\Windows\Cookies\test@www.ouba[2].txt
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\su[1].png
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\23B523C9E7746F715D33C6527C18EB9D
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\23B523C9E7746F715D33C6527C18EB9D
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0F1583FFF42FFF476A09801ACB69213F_E3F4A8C96454D7D3441D2C1BCE81F875
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0F1583FFF42FFF476A09801ACB69213F_E3F4A8C96454D7D3441D2C1BCE81F875
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3388ECC3F7BC4A9271C10ED8621E5A65_AA7B304A848C0A7677C38BD34D320652
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3388ECC3F7BC4A9271C10ED8621E5A65_AA7B304A848C0A7677C38BD34D320652
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\ACF244F1A10D4DBED0D88EBA0C43A9B5_16756CC7371BB76A269719AA1471E96C
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\ACF244F1A10D4DBED0D88EBA0C43A9B5_16756CC7371BB76A269719AA1471E96C
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A053CFB63FC8E6507871752236B5CCD5_3115B218E8467E1B0447D809911342D7
- C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A053CFB63FC8E6507871752236B5CCD5_3115B218E8467E1B0447D809911342D7
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\TB2QdQsjM0kpuFjSspdXXX4YXXa_!!905090405[1].png
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\TB2fe9HlHlmpuFjSZFlXXbdQXXa_!!905090405[1].png
- C:\Users\test\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012018052220180523\index.dat
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\favicon[1].ico
删除的文件
- C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\share[1].js
- C:\Users\test\AppData\Roaming\Microsoft\Windows\Cookies\test@www.ouba[1].txt
注册表键
- HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main
- HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\DEPOff
- HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Security_HKLM_only
- HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl
- HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLESAFESEARCHPATH_KB963027
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ENABLESAFESEARCHPATH_KB963027
- HKEY_LOCAL_MACHINE\Software\Policies
- HKEY_CURRENT_USER\Software\Policies
- HKEY_CURRENT_USER\Software
- HKEY_LOCAL_MACHINE\Software
- HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Low Rights
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ProtectedModeOffForAllZones
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ProtectedModeOffForAllZones
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\TabProcGrowth
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\TabProcGrowth
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
- HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\LuaOffLoRIEOn
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FrameTabWindow
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FrameTabWindow
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FrameMerging
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FrameMerging
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\SessionMerging
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\SessionMerging
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\AdminTabProcs
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\AdminTabProcs
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer
- HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\DetourDialogs
- HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\New Windows
- HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags
- HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\AcRedir
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPropertiesMyComputer
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPropertiesMyComputer
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPropertiesRecycleBin
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPropertiesRecycleBin
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoControlPanel
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoControlPanel
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetFolders
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetFolders
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoInternetIcon
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoInternetIcon
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Applications\iexplore.exe
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SideBySide
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoCommonGroups
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoCommonGroups
- HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc\Extensions
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\Extensions\RemoteRpcDll
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BFE
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\TabShutdownDelay
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\TabShutdownDelay
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SQM
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SQM\ServerFreezeOnUpload
- HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SQM
- HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\SQMClient\Windows
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SQMClient\Windows\CEIPEnable
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\Category
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\Name
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\ParentFolder
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\Description
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\RelativePath
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\ParsingName
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\InfoTip
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\LocalizedName
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\Icon
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\Security
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\StreamResource
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\StreamResourceType
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\LocalRedirectOnly
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\Roamable
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\PreCreate
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\Stream
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\PublishExpandedPath
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\Attributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\FolderTypeID
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\InitFolderHandler
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\PropertyBag
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\KnownFolders
- HKEY_CURRENT_USER
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Favorites
- HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\Attributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\CallForAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\RestrictedAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsFORDISPLAY
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\HideFolderVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\UseDropHandler
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsFORPARSING
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsParseDisplayName
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\QueryForOverlay
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\MapNetDriveVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\QueryForInfoTip
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\HideInWebView
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\HideOnDesktopPerUser
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsAliasedNotifications
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsUniversalDelegate
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\NoFileFolderJunction
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\PinToNameSpaceTree
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\HasNavigationEnum
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\NonEnum
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\NonEnum
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{20D04FE0-3AEA-1069-A2D8-08002B30309D}
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{372941a4-1bd9-11e5-9838-806e6f6e6963}\
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{372941a4-1bd9-11e5-9838-806e6f6e6963}\Data
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{372941a4-1bd9-11e5-9838-806e6f6e6963}\Generation
- HKEY_CLASSES_ROOT\Drive\shellex\FolderExtensions
- HKEY_CLASSES_ROOT\Drive\shellex\FolderExtensions\{fbeb8a05-beee-4442-804e-409d6c4515e9}
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\FolderExtensions\{fbeb8a05-beee-4442-804e-409d6c4515e9}\DriveMask
- HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Explorer
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Explorer
- HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\LSA\AccessProviders
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\AccessProviders\MartaExtension
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DontShowSuperHidden
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DontShowSuperHidden
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoWebView
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoWebView
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ClassicShell
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\ClassicShell
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\SeparateProcess
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\SeparateProcess
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoNetCrawling
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoNetCrawling
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSimpleStartMenu
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSimpleStartMenu
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Hidden
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowCompColor
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\HideFileExt
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\DontPrettyPath
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowInfoTip
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\HideIcons
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\MapNetDrvBtn
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\WebView
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Filter
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowSuperHidden
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\SeparateProcess
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\NoNetCrawling
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\AutoCheckSelect
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\IconsOnly
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowTypeOverlay
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Shell\RegisteredApplications\UrlAssociations\Directory\OpenWithProgids
- HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\Directory
- HKEY_CLASSES_ROOT\Directory
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\CurVer
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\ShellEx\IconHandler
- HKEY_CLASSES_ROOT\Folder
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\ShellEx\IconHandler
- HKEY_CLASSES_ROOT\AllFilesystemObjects
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\ShellEx\IconHandler
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\DocObject
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\DocObject
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\DocObject
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\BrowseInPlace
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\BrowseInPlace
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\BrowseInPlace
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\Clsid
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\Clsid
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\Clsid
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\IsShortcut
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\IsShortcut
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\IsShortcut
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\AlwaysShowExt
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\NeverShowExt
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\NeverShowExt
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\NeverShowExt
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Category
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Name
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\ParentFolder
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Description
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\RelativePath
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\ParsingName
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\InfoTip
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\LocalizedName
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Icon
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Security
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\StreamResource
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\StreamResourceType
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\LocalRedirectOnly
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Roamable
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\PreCreate
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Stream
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\PublishExpandedPath
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Attributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\FolderTypeID
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\InitFolderHandler
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\PropertyBag
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Desktop
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Category
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Name
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\ParentFolder
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Description
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\RelativePath
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\ParsingName
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\InfoTip
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\LocalizedName
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Icon
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Security
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\StreamResource
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\StreamResourceType
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\LocalRedirectOnly
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Roamable
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\PreCreate
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Stream
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\PublishExpandedPath
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Attributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\FolderTypeID
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\InitFolderHandler
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\PropertyBag
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\Category
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\Name
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\ParentFolder
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\Description
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\RelativePath
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\ParsingName
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\InfoTip
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\LocalizedName
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\Icon
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\Security
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\StreamResource
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\StreamResourceType
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\LocalRedirectOnly
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\Roamable
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\PreCreate
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\Stream
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\PublishExpandedPath
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\Attributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\FolderTypeID
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\InitFolderHandler
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\PropertyBag
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\AppData
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Category
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Name
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\ParentFolder
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Description
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\RelativePath
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\ParsingName
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\InfoTip
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\LocalizedName
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Icon
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Security
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\StreamResource
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\StreamResourceType
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\LocalRedirectOnly
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Roamable
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\PreCreate
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Stream
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\PublishExpandedPath
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Attributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\FolderTypeID
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\InitFolderHandler
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\PropertyBag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-2280033686-3172497658-3481507381-1000
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-2280033686-3172497658-3481507381-1000\ProfileImagePath
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\Category
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\Name
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\ParentFolder
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\Description
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\RelativePath
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\ParsingName
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\InfoTip
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\LocalizedName
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\Icon
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\Security
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\StreamResource
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\StreamResourceType
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\LocalRedirectOnly
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\Roamable
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\PreCreate
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\Stream
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\PublishExpandedPath
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\Attributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\FolderTypeID
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\InitFolderHandler
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\PropertyBag
- HKEY_CLASSES_ROOT\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\Attributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\CallForAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\RestrictedAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\WantsFORDISPLAY
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\HideFolderVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\UseDropHandler
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\WantsFORPARSING
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\WantsParseDisplayName
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\QueryForOverlay
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\MapNetDriveVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\QueryForInfoTip
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\HideInWebView
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\HideOnDesktopPerUser
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\WantsAliasedNotifications
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\WantsUniversalDelegate
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\NoFileFolderJunction
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\PinToNameSpaceTree
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\HasNavigationEnum
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{59031A47-3F72-44A7-89C5-5595FE6B30EE}
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{372941a3-1bd9-11e5-9838-806e6f6e6963}\
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{372941a3-1bd9-11e5-9838-806e6f6e6963}\Data
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{372941a3-1bd9-11e5-9838-806e6f6e6963}\Generation
- HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc\SecurityService
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\SecurityService\DefaultAuthLevel
- HKEY_CURRENT_USER\Software\Classes
- HKEY_CURRENT_USER\Software\Classes\AppID\iexplore.exe
- HKEY_LOCAL_MACHINE\Software\Microsoft\OLE\AppCompat
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLE\AppCompat\RaiseDefaultAuthnLevel
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLE
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLE\DefaultAccessPermission
- HKEY_CURRENT_USER\Software\Classes\Interface\{00000134-0000-0000-C000-000000000046}
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{00000134-0000-0000-C000-000000000046}\ProxyStubClsid32
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{00000134-0000-0000-C000-000000000046}\ProxyStubClsid32\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\Extensions\NdrOleExtDLL
- HKEY_LOCAL_MACHINE\Software\Microsoft\SQMClient\Windows\DisabledProcesses\
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\Windows\DisabledProcesses\74DD1FC8
- HKEY_LOCAL_MACHINE\Software\Microsoft\SQMClient\Windows\DisabledSessions\
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\Windows\DisabledSessions\MachineThrottling
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\Windows\DisabledSessions\GlobalSession
- HKEY_CURRENT_USER\Software\Classes\Interface\{9EC704BA-E1D4-45C5-9B59-BFAE07D9F04E}
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{9EC704BA-E1D4-45C5-9B59-BFAE07D9F04E}\ProxyStubClsid32
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{9EC704BA-E1D4-45C5-9B59-BFAE07D9F04E}\ProxyStubClsid32\(Default)
- HKEY_CURRENT_USER\Software\Classes\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\TreatAs
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\Progid
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\Progid
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InprocServer32
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InProcServer32\InprocServer32
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InProcServer32\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InProcServer32\ThreadingModel
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InprocHandler32
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InprocHandler
- HKEY_CURRENT_USER\Software\Classes\Interface\{B40C43F1-F039-44D2-AEB7-87F5AF8ABC3D}
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{B40C43F1-F039-44D2-AEB7-87F5AF8ABC3D}\ProxyStubClsid32
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{B40C43F1-F039-44D2-AEB7-87F5AF8ABC3D}\ProxyStubClsid32\(Default)
- HKEY_CURRENT_USER\Software\Classes\Interface\{D358F4E1-0465-4965-9DD5-CAE303D2C345}
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{D358F4E1-0465-4965-9DD5-CAE303D2C345}\ProxyStubClsid32
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{D358F4E1-0465-4965-9DD5-CAE303D2C345}\ProxyStubClsid32\(Default)
- HKEY_CURRENT_USER\Software\Classes\Interface\{1AC7516E-E6BB-4A69-B63F-E841904DC5A6}
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1AC7516E-E6BB-4A69-B63F-E841904DC5A6}\ProxyStubClsid32
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1AC7516E-E6BB-4A69-B63F-E841904DC5A6}\ProxyStubClsid32\(Default)
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\App Paths\iexplore.exe
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\iexplore.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\IEXPLORE.EXE\DontUseDesktopChangeRouter
- HKEY_CURRENT_USER\Software\Classes\Interface\{F704B7E0-4760-46FF-BBDB-7439E0A2A814}
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{F704B7E0-4760-46FF-BBDB-7439E0A2A814}\ProxyStubClsid32
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{F704B7E0-4760-46FF-BBDB-7439E0A2A814}\ProxyStubClsid32\(Default)
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\EnablePreBinding
- HKEY_CLASSES_ROOT\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\Attributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\CallForAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\RestrictedAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\WantsFORDISPLAY
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\HideFolderVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\UseDropHandler
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\WantsFORPARSING
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\WantsParseDisplayName
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\QueryForOverlay
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\MapNetDriveVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\QueryForInfoTip
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\HideInWebView
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\HideOnDesktopPerUser
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\WantsAliasedNotifications
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\WantsUniversalDelegate
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\NoFileFolderJunction
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\PinToNameSpaceTree
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\HasNavigationEnum
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\Attributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{871C5380-42A0-1069-A2EA-08002B30309D}
- HKEY_CLASSES_ROOT\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InProcServer32
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InProcServer32\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InProcServer32\LoadWithoutCOM
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked
- HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SafeBoot\Option
- HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\AppCompatibility
- HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\AppCompat
- HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{871c5380-42a0-1069-a2ea-08002b30309d}\InProcServer32
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached\{871C5380-42A0-1069-A2EA-08002B30309D} {000214E6-0000-0000-C000-000000000046} 0xFFFF
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{871C5380-42A0-1069-A2EA-08002B30309D}
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE\iexplore.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE\*
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ALLOW_REVERSE_SOLIDUS_IN_USERINFO_KB932562
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ALLOW_REVERSE_SOLIDUS_IN_USERINFO_KB932562
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_IETLDLIST_FOR_DOMAIN_DETERMINATION
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_USE_IETLDLIST_FOR_DOMAIN_DETERMINATION
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IETld
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IETld\IETldDllVersionLow
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IETld\IETldDllVersionHigh
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IETld\IETldVersionLow
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IETld\IETldVersionHigh
- HKEY_LOCAL_MACHINE\Software\Microsoft\Feeds
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Feeds\UrlCacheVersion
- HKEY_CLASSES_ROOT\PROTOCOLS\Name-Space Handler\
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_FAILED_CONNECT_CONTENT_KB942615
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SHOW_FAILED_CONNECT_CONTENT_KB942615
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\UrlEncoding
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MIME_HANDLING
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MIME_HANDLING\iexplore.exe
- HKEY_CLASSES_ROOT\PROTOCOLS\Name-Space Handler\http\
- HKEY_CLASSES_ROOT\PROTOCOLS\Name-Space Handler\*\
- HKEY_LOCAL_MACHINE\Software\Microsoft\Ole
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLE\MaximumAllowedAllocationSize
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\Feature_Enable_Compat_Logging
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\Feature_Enable_Compat_Logging
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\(Default)
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Compatible
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Compatible
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Version
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Version
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\UA Tokens
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Pre Platform
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Pre Platform
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Pre Platform
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Platform
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Platform
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\iexplore.exe
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\*
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\iexplore.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\*
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ConnectTimeOut
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ConnectTimeOut
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\SendTimeOut
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\SendTimeOut
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ReceiveTimeOut
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ReceiveTimeOut
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER\iexplore.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER\*
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER\iexplore.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER\*
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\UrlMon Settings
- HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_POLICIES_ZONEMAP_IF_ESC_ENABLED_KB918915
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_IGNORE_POLICIES_ZONEMAP_IF_ESC_ENABLED_KB918915
- HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
- HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_UNC_SAVEDFILECHECK
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_UNC_SAVEDFILECHECK\iexplore.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_UNC_SAVEDFILECHECK\*
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONES_CHECK_ZONEMAP_POLICY_KB941001
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ZONES_CHECK_ZONEMAP_POLICY_KB941001
- HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults\
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\alipay.com
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\alisoft.com
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\taobao.com
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Security
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Security\DisableSecuritySettingsCheck
- HKEY_LOCAL_MACHINE\System\Setup
- HKEY_LOCAL_MACHINE\SYSTEM\Setup\SystemSetupInProgress
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4
- HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\
- HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\Flags
- HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\Flags
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\UNCAsIntranet
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect
- HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\Flags
- HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\Flags
- HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\Flags
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\iexplore.exe
- HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0
- HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1
- HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2
- HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3
- HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4
- HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\Location Awareness
- HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\WinSock2\Parameters
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinSock2\Parameters\WinSock_Registry_Version
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinSock2\Parameters\AutodialDLL
- HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnableUTF8
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\AcceptLanguage
- HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\BrowserEmulation
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\BrowserEmulation
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\BrowserEmulation\AllSitesCompatibilityMode
- HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\BrowserEmulation
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\BrowserEmulation\IntranetCompatibilityMode
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\BrowserEmulation\MSCompatibilityMode
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\BrowserEmulation\IECompatVersionLow
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\BrowserEmulation\IECompatVersionHigh
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\BrowserEmulation\ClearableListData
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\BrowserEmulation\UnattendLoaded
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION\iexplore.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION\*
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFileMenu
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFileMenu
- HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Restrictions\NoFavorites
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Restrictions
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Restrictions\NoHelpMenu
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Window Title
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\StatusBarWeb
- HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions
- HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\LinksBar
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\Enabled
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\IEAK
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\IEAK
- HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Toolbar
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Locked
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Enable Browser Extensions
- HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar
- HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\CommandBar
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\CommandBar
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\CommandBar\SmallIcons
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1A10
- HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Locale
- HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Locale\Alternate Sorts
- HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Language Groups
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Locale\00000804
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Language Groups\a
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\ITBar7Height
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoBandCustomize
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoBandCustomize
- HKEY_CURRENT_USER\Software\AppDataLow
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\LowCache
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IntelliForms
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Favorites
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PageSetup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Passport\LowDAMap
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\LowRegistry
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Zoom
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IETld\LowMic
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\ITBar7Layout
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\AlwaysShowMenus
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\DataStore_V1.0
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\DataStore_V1.0\Disable
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\DataStore_V1.0\DataFilePath
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane1
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane2
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane3
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane4
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane5
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane6
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane7
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane8
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane9
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane10
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane11
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane12
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane13
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane14
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane15
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane16
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Marlett
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontLink\SystemLink
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane1
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane2
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane3
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane4
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane5
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane6
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane7
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane8
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane9
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane10
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane11
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane12
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane13
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane14
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane15
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane16
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ADDON_MANAGEMENT
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ADDON_MANAGEMENT\iexplore.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ADDON_MANAGEMENT\*
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Ext
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Ext
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\Flags
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\Version
- HKEY_CURRENT_USER\Software\Classes\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\TreatAs
- HKEY_CLASSES_ROOT\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\InProcServer32
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\InprocServer32\(Default)
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore\Type
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore\Count
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore\Time
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore\Blocked
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\Flags
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}
- HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{72853161-30c5-4d22-b7f9-0bbc1d38a37e}\InProcServer32
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\InprocServer32\(Default)
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Cache
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers
- HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Custom\GROOVEEX.DLL
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\iexplore
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\iexplore\Type
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\iexplore\Count
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\iexplore\Time
- HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Groove
- HKEY_LOCAL_MACHINE\Software\Microsoft\Office\14.0\Groove\InstallRoot
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\14.0\Groove\InstallRoot\Path
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\iexplore
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\iexplore\LoadTime
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\Flags
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
- HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{761497bb-d6f0-462c-b6eb-d4daf1d92d43}\InProcServer32
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\InProcServer32\(Default)
- HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Custom\ssv.dll
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore\Type
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore\Count
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore\Time
- HKEY_CURRENT_USER\SOFTWARE\JavaSoft\DeploymentProperties\pending
- HKEY_CURRENT_USER\SOFTWARE\JavaSoft\DeploymentProperties
- HKEY_CURRENT_USER\Software\JavaSoft\DeploymentProperties\deployment.expiration.decision.11.121.2
- HKEY_CURRENT_USER\Software\JavaSoft\DeploymentProperties\deployment.expiration.decision.suppression.11.121.2
- HKEY_CURRENT_USER\Software\JavaSoft\DeploymentProperties\deployment.expiration.decision.timestamp.11.121.2
- HKEY_CURRENT_USER\Software\JavaSoft\DeploymentProperties\deployment.webjava.enabled
- HKEY_LOCAL_MACHINE\SOFTWARE
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\JavaSoft
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\JavaSoft\Java Plug-in
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\JavaSoft\Java Plug-in\11.121.2
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\JavaSoft\Java Plug-in\11.121.2\UseNewJavaPlugin
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore\LoadTime
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{B4F3A835-0E21-4959-BA22-42B3008E02FF}
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\Flags
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{B4F3A835-0E21-4959-BA22-42B3008E02FF}
- HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{b4f3a835-0e21-4959-ba22-42b3008e02ff}\InProcServer32
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\InprocServer32\(Default)
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Custom\URLREDIR.DLL
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B4F3A835-0E21-4959-BA22-42B3008E02FF}
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore\Type
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore\Count
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore\Time
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore\LoadTime
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{DBC80044-A445-435B-BC74-9C25C1C588A9}
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DBC80044-A445-435B-BC74-9C25C1C588A9}\Flags
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{DBC80044-A445-435B-BC74-9C25C1C588A9}
- HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{dbc80044-a445-435b-bc74-9c25c1c588a9}\InProcServer32
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\InProcServer32\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Custom\jp2ssv.dll
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{DBC80044-A445-435B-BC74-9C25C1C588A9}
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore\Type
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore\Count
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore\Time
- HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Plug-in
- HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Plug-in\11.121.2
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\JavaSoft\Java Plug-in\11.121.2\JavaHome
- HKEY_CLASSES_ROOT\MIME\Database\Content Type\text/html; charset=UTF-8
- HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Web Start\11.121.2
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\JavaSoft\Java Web Start\11.121.2\Home
- HKEY_CLASSES_ROOT\MIME\Database\Content Type\text/html
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\text/html\Extension
- HKEY_CLASSES_ROOT\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\InProcServer32
- HKEY_CLASSES_ROOT\CLSID
- HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\TreatAs
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\TreatAs\(Default)
- HKEY_CURRENT_USER\Software\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}
- HKEY_CURRENT_USER\Software\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
- HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Runtime Environment
- HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Runtime Environment\1.8.0_121
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\JavaSoft\Java Runtime Environment\1.8.0_121\JavaHome
- HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0121-ABCDEFFEDCBA}\InprocServer32
- HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{CAFEEFAC-0018-0000-0121-ABCDEFFEDCBA}\InprocServer32\(Default)
- HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0121-ABCDEFFEDCBB}\InprocServer32
- HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{CAFEEFAC-0018-0000-0121-ABCDEFFEDCBB}\InprocServer32\(Default)
- HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0121-ABCDEFFEDCBC}\InprocServer32
- HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{CAFEEFAC-0018-0000-0121-ABCDEFFEDCBC}\InprocServer32\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\InprocServer32
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\InprocServer32\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0121-ABCDEFFEDCBA}\InprocServer32
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CAFEEFAC-0018-0000-0121-ABCDEFFEDCBA}\InprocServer32\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0121-ABCDEFFEDCBB}\InprocServer32
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CAFEEFAC-0018-0000-0121-ABCDEFFEDCBB}\InprocServer32\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0121-ABCDEFFEDCBC}\InprocServer32
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CAFEEFAC-0018-0000-0121-ABCDEFFEDCBC}\InprocServer32\(Default)
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore\LoadTime
- HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Suggested Sites
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Suggested Sites
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Suggested Sites\Enabled
- HKEY_CURRENT_USER\Software\Classes\TypeLib
- HKEY_CURRENT_USER\Software\Classes\TypeLib\{EAB22AC0-30C1-11CF-A7EB-0000C05BAE0B}
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{EAB22AC0-30C1-11CF-A7EB-0000C05BAE0B}\1.1
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{EAB22AC0-30C1-11CF-A7EB-0000C05BAE0B}\1.1\0
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{EAB22AC0-30C1-11CF-A7EB-0000C05BAE0B}\1.1\0\win32
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{EAB22AC0-30C1-11CF-A7EB-0000C05BAE0B}\1.1\0\win32\(Default)
- HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\Internet
- HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\Internet\OpenDirectlyInApp
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Security
- HKEY_CURRENT_USER\Software\Microsoft\Security
- HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{7b8a2d94-0ac9-11d1-896c-00c04fb6bfc4}
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4}\InsecureQI
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common
- HKEY_CURRENT_USER\Software\Microsoft\Office\Common\AllowConsecutiveSlashesInUrlPathComponent
- HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\Internet\Server Cache
- HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\Internet\OptimisticBHO
- HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\Internet\Server Cache\
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IEDDE_REGISTER_PROTOCOL
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_IEDDE_REGISTER_PROTOCOL
- HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Safety\PrivacIE
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Safety\PrivacIE
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Safety\PrivacIE\DisableInPrivateBlocking
- HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Safety\PrivacIE
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_READ_ZONE_STRINGS_FROM_REGISTRY
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_READ_ZONE_STRINGS_FROM_REGISTRY
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\Icon
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\MinLevel
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\RecommendedLevel
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\CurrentLevel
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\Icon
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\MinLevel
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\RecommendedLevel
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\CurrentLevel
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\Icon
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\MinLevel
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\RecommendedLevel
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\CurrentLevel
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\Icon
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\MinLevel
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\RecommendedLevel
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\CurrentLevel
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\Icon
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\MinLevel
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\RecommendedLevel
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\CurrentLevel
- HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\MediaTypeClass
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Accepted Documents
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Ratings
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ratings\Key
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\No3DBorder
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\No3DBorder
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\UrlEncoding
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\UrlEncoding
- HKEY_CURRENT_USER\Software\Classes\Interface\{00020400-0000-0000-C000-000000000046}
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{00020400-0000-0000-C000-000000000046}\ProxyStubClsid32
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{00020400-0000-0000-C000-000000000046}\ProxyStubClsid32\(Default)
- HKEY_CURRENT_USER\Software\Classes\CLSID\{00020420-0000-0000-C000-000000000046}
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00020420-0000-0000-C000-000000000046}\TreatAs
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00020420-0000-0000-C000-000000000046}\Progid
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00020420-0000-0000-C000-000000000046}\Progid
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00020420-0000-0000-C000-000000000046}\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32\InprocServer32
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32\ThreadingModel
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00020420-0000-0000-C000-000000000046}\InprocHandler32
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00020420-0000-0000-C000-000000000046}\InprocHandler
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TabbedBrowsing
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TabbedBrowsing\ThumbnailBehavior
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\TabbedBrowsing
- HKEY_CURRENT_USER\Software\Classes\Interface\{D30C1661-CDAF-11D0-8A3E-00C04FC9E26E}
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{D30C1661-CDAF-11D0-8A3E-00C04FC9E26E}\ProxyStubClsid32
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{D30C1661-CDAF-11D0-8A3E-00C04FC9E26E}\ProxyStubClsid32\(Default)
- HKEY_CURRENT_USER\Software\Classes\Interface\{D30C1661-CDAF-11D0-8A3E-00C04FC9E26E}\ProxyStubClsid32
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\TravelLog
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\TravelLog
- HKEY_CURRENT_USER\Software\Classes\Interface\{6D5140C1-7436-11CE-8034-00AA006009FA}
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6D5140C1-7436-11CE-8034-00AA006009FA}\ProxyStubClsid32
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6D5140C1-7436-11CE-8034-00AA006009FA}\ProxyStubClsid32\(Default)
- HKEY_CURRENT_USER\Software\Classes\Interface\{48A98A1F-5CDD-47EE-9286-DB04A3EB7CE1}
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{48A98A1F-5CDD-47EE-9286-DB04A3EB7CE1}\ProxyStubClsid32
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{48A98A1F-5CDD-47EE-9286-DB04A3EB7CE1}\ProxyStubClsid32\(Default)
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
- HKEY_CURRENT_USER\SOFTWARE\Classes\PROTOCOLS\Filter\text/html; charset=UTF-8
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\text/html; charset=UTF-8
- HKEY_CURRENT_USER\SOFTWARE\Classes\PROTOCOLS\Filter\text/html
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\text/html
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MIME_SNIFFING\iexplore.exe
- HKEY_CURRENT_USER\Software\Microsoft\windows\CurrentVersion\Internet Settings\Connections
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN\iexplore.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2100
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\IsTextPlainHonored
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_FEEDS\iexplore.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_FEEDS\*
- HKEY_CLASSES_ROOT\.txt
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.txt\Content Type
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SAFE_BINDTOOBJECT\iexplore.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows
- HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\DragScrollInset
- HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\DragScrollDelay
- HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\DragDelay
- HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\DragScrollInterval
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MANAGE_SCRIPT_CIRCULAR_REFS
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MANAGE_SCRIPT_CIRCULAR_REFS
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD\iexplore.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD\*
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Security\Floppy Access
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Security\Adv AddrBar Spoof Detection
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Security\Adv AddrBar Spoof Detection
- HKEY_CLASSES_ROOT\PROTOCOLS\Name-Space Handler\about\
- HKEY_CURRENT_USER\SOFTWARE\Classes\PROTOCOLS\Handler\about
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\about
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\about\CLSID
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DOCUMENT_COMPATIBLE_MODE
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_DOCUMENT_COMPATIBLE_MODE
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2106
- HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Zoom
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Zoom\ZoomDisabled
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Zoom
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Zoom\ResetTextSizeOnStartup
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Zoom\ResetTextSizeOnZoom
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Zoom\ResetZoomOnStartup2
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Zoom\ZoomFactor
- HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\PhishingFilter
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\PhishingFilter\EnabledV8
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Url History
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Url History
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Url History
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Url History
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Url History\DaysToKeep
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IPERSISTMONIKER_LOAD_REDIRECTED_URL_KB976425
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_IPERSISTMONIKER_LOAD_REDIRECTED_URL_KB976425
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\SmartDithering
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SmartDithering
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\RtfConverterFlags
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\UseClearType
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Page_Transitions
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Use_DlgBox_Colors
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Anchor Underline
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\CSS_Compat
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Expand Alt Text
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Display Inline Images
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Display Inline Videos
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\Display Inline Videos
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Play_Background_Sounds
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Play_Animations
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Print_Background
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Use Stylesheets
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\SmoothScroll
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\XMLHTTP
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Show image placeholders
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Disable Script Debugger
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\DisableScriptDebuggerIE
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Move System Caret
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Force Offscreen Composition
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Enable AutoImageResize
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\UseThemes
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\UseHR
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Q300829
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Cleanup HTCs
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\XDomainRequest
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\XDomainRequest
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\DOMStorage
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Default_CodePage
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\AutoDetect
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\International\Scripts
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\Default_IEFontSizePrivate
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\International\Scripts
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Settings
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Anchor Color
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Anchor Color Visited
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Anchor Color Hover
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Settings
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Always Use My Colors
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Always Use My Font Size
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Always Use My Font Face
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Disable Visited Hyperlinks
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Use Anchor Hover Color
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\MiscFlags
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Styles
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Styles\Use My Stylesheet
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Styles\MaxScriptStatements
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Allow Programmatic Cut_Copy_Paste
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\DisableCachingOfSSLPages
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\DisableCachingOfSSLPages
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DisableCachingOfSSLPages
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PageSetup\Print_Background
- HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\en-US
- HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\en-US
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\\xe5\x8f\x91\xe9\x80\x81\xe8\x87\xb3 OneNote(&N)
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\\xe5\x8f\x91\xe9\x80\x81\xe8\x87\xb3 OneNote(&N)\(Default)
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\\xe5\x8f\x91\xe9\x80\x81\xe8\x87\xb3 OneNote(&N)\Flags
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\\xe5\x8f\x91\xe9\x80\x81\xe8\x87\xb3 OneNote(&N)\Contexts
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\\xe5\xaf\xbc\xe5\x87\xba\xe5\x88\xb0 Microsoft Excel(&X)
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\\xe5\xaf\xbc\xe5\x87\xba\xe5\x88\xb0 Microsoft Excel(&X)\(Default)
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\\xe5\xaf\xbc\xe5\x87\xba\xe5\x88\xb0 Microsoft Excel(&X)\Flags
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\\xe5\xaf\xbc\xe5\x87\xba\xe5\x88\xb0 Microsoft Excel(&X)\Contexts
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Nls\CodePage
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\950
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\3
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\3\IEFontSize
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\3\IEFontSizePrivate
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\3\IEPropFontName
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\3\IEFixedFontName
- HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Version Vector
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Version Vector\VML
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Version Vector\IE
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Version Vector\WindowsEdition
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION
- HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ZONE_ELEVATION\iexplore.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2700
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_XSSFILTER
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_XSSFILTER\iexplore.exe
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Safety\PrivacIE\DisableLogging
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1409
- HKEY_CURRENT_USER\Software\Microsoft\windows\CurrentVersion\Internet Settings\Zones
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\SecuritySafe
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\NoProtectedModeBanner
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache
- HKEY_CURRENT_USER\Software\Classes\Interface\{B722BCCB-4E68-101B-A2BC-00AA00404770}
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{B722BCCB-4E68-101B-A2BC-00AA00404770}\ProxyStubClsid32
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{B722BCCB-4E68-101B-A2BC-00AA00404770}\ProxyStubClsid32\(Default)
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME\iexplore.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME\*
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\CoInternetCombineIUriCacheSize
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\CoInternetCombineIUriCacheSize
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\CoInternetCombineIUriCacheSize
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\CoInternetCombineIUriCacheSize
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN\iexplore.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN\*
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\MenuUserExpanded
- HKEY_LOCAL_MACHINE\Software\Microsoft\OleAut
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2301
- HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\DxTrans
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DxTrans
- HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\DxTrans
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS
- HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BEHAVIORS\iexplore.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2000
- HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Default Behaviors
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default Behaviors\discovery
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BINARY_CALLER_SERVICE_PROVIDER
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BINARY_CALLER_SERVICE_PROVIDER
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX
- HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SSLUX\iexplore.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SSLUX\*
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
- HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Restrictions\NoNavButtons
- HKEY_CURRENT_USER\Software\Classes\Interface\{9D973E3B-F610-4F03-83D3-AED90C3237AC}
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{9D973E3B-F610-4F03-83D3-AED90C3237AC}\SynchronousInterface
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{9D973E3B-F610-4F03-83D3-AED90C3237AC}\SynchronousInterface\(Default)
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_STATUS_BAR_THROTTLING
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_STATUS_BAR_THROTTLING
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IEDDE_REGISTER_URLECHO
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_IEDDE_REGISTER_URLECHO
- HKEY_CLASSES_ROOT\MIME\Database\Content Type\text/css
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\text/css\Extension
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_CUSTOM_IMAGE_MIME_TYPES_KB910561
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_CUSTOM_IMAGE_MIME_TYPES_KB910561
- HKEY_CLASSES_ROOT\MIME\Database\Content Type\application/javascript
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\Compatibility\iexplore.exe
- HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{0000897b-83df-4b96-be07-0fb58b01c4a4}\LanguageProfile\0x00000000\{0001bea3-ed56-483d-a2e2-aeae25577436}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{0000897b-83df-4b96-be07-0fb58b01c4a4}\LanguageProfile\0x00000000\{0001bea3-ed56-483d-a2e2-aeae25577436}\Enable
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{0000897b-83df-4b96-be07-0fb58b01c4a4}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{03B5835F-F03C-411B-9CE2-AA23E1171E36}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{07EB03D6-B001-41DF-9192-BF9B841EE71F}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{3697C5FA-60DD-4B56-92D4-74A569205C16}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{3FC47A08-E5C9-4BCA-A2C7-BC9A282AED14}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{531FDEBF-9B4C-4A43-A2AA-960E8FCDC732}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{78CB5B0E-26ED-4FCC-854C-77E8F3D1AA80}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{81D4E9C9-1D3B-41BC-9E6C-4B40BF79E35E}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{8613E14C-D0C0-4161-AC0F-1DD2563286BC}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{A028AE76-01B1-46C2-99C4-ACD9858AE02F}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{AE6BE008-07FB-400D-8BEB-337A64F7051F}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{C1EE01F2-B3B6-4A6A-9DDD-E988C088EC82}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{DCBD6FA8-032F-11D3-B5B1-00C04FC324A1}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{E429B25A-E5D3-4D1F-9BE3-0C608477E3A1}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{F25E9F57-2FC8-4EB3-A41A-CCE5F08541E6}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{F89E9E58-BD2F-4008-9AC2-0F816C09F4EE}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90}
- HKEY_CURRENT_USER\Keyboard Layout\Toggle
- HKEY_CURRENT_USER\Keyboard Layout\Toggle\Language Hotkey
- HKEY_CURRENT_USER\Keyboard Layout\Toggle\Hotkey
- HKEY_CURRENT_USER\Keyboard Layout\Toggle\Layout Hotkey
- HKEY_CURRENT_USER\Software\Microsoft\CTF\DirectSwitchHotkeys
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\CTF\EnableAnchorContext
- HKEY_CLASSES_ROOT\Interface\{618736E0-3C3D-11CF-810C-00AA00389B71}\ProxyStubClsid32
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{618736E0-3C3D-11CF-810C-00AA00389B71}\ProxyStubClsid32\(Default)
- HKEY_CURRENT_USER\Software\Classes\Interface\{332C4425-26CB-11D0-B483-00C04FD90119}
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{332C4425-26CB-11D0-B483-00C04FD90119}\ProxyStubClsid32
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{332C4425-26CB-11D0-B483-00C04FD90119}\ProxyStubClsid32\(Default)
- HKEY_CURRENT_USER\Software\Classes\Interface\{332C4425-26CB-11D0-B483-00C04FD90119}\ProxyStubClsid32
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_Cross_Domain_Redirect_Mitigation
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_Cross_Domain_Redirect_Mitigation
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1604
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1400
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1201
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESPECT_OBJECTSAFETY_POLICY_KB905547
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_RESPECT_OBJECTSAFETY_POLICY_KB905547
- HKEY_LOCAL_MACHINE\Software\Microsoft\COM3
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\COM3\COM+Enabled
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT\iexplore.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT\*
- HKEY_CLASSES_ROOT\MIME\Database\Content Type\application/vnd.ms-fontobject
- HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Codepage
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1250
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1251
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1253
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1254
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1255
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1256
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1257
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1258
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\874
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\932
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\949
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1361
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SCRIPTURL_MITIGATION
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SCRIPTURL_MITIGATION
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\26
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\26\IEFontSize
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\26\IEFontSizePrivate
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\26\IEPropFontName
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\26\IEFixedFontName
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\864
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\708
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\51256
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\720
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28596
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10004
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50001
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\775
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28594
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\852
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28592
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10029
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50936
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\51936
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\54936
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20936
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\52936
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50227
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10008
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50950
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20000
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20002
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50229
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10002
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10082
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\51251
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\866
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28595
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20866
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\21866
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10007
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28603
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\29001
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\21027
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\863
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20106
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\51253
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\737
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28597
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10006
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\869
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\862
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\38598
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28598
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10005
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20003
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20420
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20880
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\21025
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20277
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1142
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20278
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1143
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20297
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1147
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20273
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1141
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20423
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\875
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20424
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20871
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1149
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\500
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1148
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20280
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1144
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50930
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50939
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50931
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20290
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50933
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20833
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\870
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50935
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20284
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1145
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20838
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50937
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20905
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1026
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20285
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1146
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\37
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1140
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1047
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20924
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\861
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10079
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57006
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57003
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57002
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57010
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57008
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57009
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57007
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57011
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57004
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57005
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20269
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50932
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\51932
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50220
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20932
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50221
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50222
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10001
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50949
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\51949
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50225
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10003
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20949
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28593
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28605
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\865
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20108
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\855
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\437
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\858
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\860
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10010
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20107
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20261
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20001
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20004
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10021
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\857
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28599
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10081
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10017
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1201
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20005
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\850
- HKEY_CLASSES_ROOT\MIME\Database\Content Type\image/jpeg
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\image/jpeg\Extension
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20105
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28591
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10000
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BLOCK_LMZ_IMG
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BLOCK_LMZ_IMG\iexplore.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BLOCK_LMZ_IMG\*
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\MS PGothic
- HKEY_CLASSES_ROOT\MIME\Database\Content Type\application/x-javascript
- HKEY_CURRENT_USER\SOFTWARE\Classes\PROTOCOLS\Filter\text/css
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\text/css
- HKEY_CURRENT_USER\Software\Microsoft\CTF\LayoutIcon\0804\00000804
- HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\LsaExtensionConfig\SspiCli
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\LsaExtensionConfig\SspiCli\CheckSignatureDll
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\LsaExtensionConfig\SspiCli\CheckSignatureRoutine
- HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SecurityProviders
- HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\SspiCache
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\Name
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\Comment
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\Capabilities
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\RpcId
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\Version
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\Type
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\TokenSize
- HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders\SaslProfiles
- HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders\Schannel
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL\UserContextLockCount
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL\UserContextListCount
- HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\My\Certificates
- HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\My\CRLs
- HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\My\CTLs
- HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Providers\Trust\Certificate\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$DLL
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$Function
- HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$DLL
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$Function
- HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Providers\Trust\Initialization\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$DLL
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$Function
- HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Providers\Trust\Message\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\Message\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$DLL
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\Message\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$Function
- HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Providers\Trust\Signature\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$DLL
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$Function
- HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Providers\Trust\CertCheck\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\CertCheck\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$DLL
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\CertCheck\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$Function
- HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Providers\Trust\DiagnosticPolicy\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Providers\Trust\Cleanup\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\Cleanup\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$DLL
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\Cleanup\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$Function
- HKEY_USERS\S-1-5-21-2280033686-3172497658-3481507381-1000
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\State
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Security
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Security\Safety Warning Level
- HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\SystemCertificates\TrustedPublisher\Safer
- HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\TrustedPublisher\Safer
- HKEY_LOCAL_MACHINE\Software\Microsoft\SystemCertificates\TrustedPublisher\Safer
- HKEY_LOCAL_MACHINE\Software\Microsoft\windows\CurrentVersion\Internet Settings\Connections
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\WinHttpSettings
- HKEY_USERS\S-1-5-21-2280033686-3172497658-3481507381-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Local AppData
- HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\SystemCertificates\ChainEngine\Config
- HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 0\CertDllCreateCertificateChainEngine\Config
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CertDllCreateCertificateChainEngine\Config\EnableInetUnknownAuth
- HKEY_CURRENT_USER\Software\Microsoft\Windows Script\Settings
- HKEY_CURRENT_USER\Software\Microsoft\Windows Script\Settings\JITDebug
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\KindMap
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\KindMap\.htm
- HKEY_CLASSES_ROOT\.htm
- HKEY_CURRENT_USER\Software\Classes\.htm\(Default)
- HKEY_CLASSES_ROOT\.htm\OpenWithProgids
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\OpenWithProgids
- HKEY_CLASSES_ROOT\htmlfile
- HKEY_CLASSES_ROOT\FirefoxHTML
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice\Progid
- HKEY_CLASSES_ROOT\IE.AssocFile.HTM
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.HTM\CurVer
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.HTM\
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.HTM\IsShortcut
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.HTM\NoStaticDefaultVerb
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.HTM\shell
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.HTM\shell\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.HTM\shell\opennew
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.HTM\shell\opennew\NeverDefault
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.HTM\shell\edit
- HKEY_CLASSES_ROOT\.htm\OpenWithList
- HKEY_CLASSES_ROOT\Applications\Excel.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Excel.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Excel.exe\
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Excel.exe\shell\edit
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Excel.exe\shell\edit\command
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Excel.exe\shell\edit\command\(Default)
- HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Default HTML Editor
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default HTML Editor\Stubs
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Shell\RegisteredApplications\UrlAssociations\Excel.Sheet\OpenWithProgids
- HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\Excel.Sheet
- HKEY_CLASSES_ROOT\Excel.Sheet
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Excel.Sheet\CurVer
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Excel.Sheet\CurVer\(Default)
- HKEY_CLASSES_ROOT\Excel.Sheet.12
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Excel.Sheet.12\shell
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Excel.Sheet.12\
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Excel.Sheet.12\NoStaticDefaultVerb
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Excel.Sheet.12\shell\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Excel.Sheet.12\shell\Open
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Excel.Sheet.12\shell\Open\NeverDefault
- HKEY_CLASSES_ROOT\Applications\Microsoft Excel
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Microsoft Excel
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Microsoft Excel\
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Microsoft Excel\shell\edit
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Microsoft Excel\shell\edit\command
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Microsoft Excel\shell\edit\command\(Default)
- HKEY_CLASSES_ROOT\Applications\Microsoft Publisher
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Microsoft Publisher
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Microsoft Publisher\
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Microsoft Publisher\shell\edit
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Microsoft Publisher\shell\edit\command
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Microsoft Publisher\shell\edit\command\(Default)
- HKEY_CLASSES_ROOT\Applications\Microsoft Word
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Microsoft Word
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Microsoft Word\
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Microsoft Word\shell\edit
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Microsoft Word\shell\edit\command
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Microsoft Word\shell\edit\command\(Default)
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Shell\RegisteredApplications\UrlAssociations\Word.Document\OpenWithProgids
- HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\Word.Document
- HKEY_CLASSES_ROOT\Word.Document
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Word.Document\CurVer
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Word.Document\CurVer\(Default)
- HKEY_CLASSES_ROOT\Word.Document.12
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Word.Document.12\shell
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Word.Document.12\
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Word.Document.12\NoStaticDefaultVerb
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Word.Document.12\shell\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Word.Document.12\shell\Open
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Word.Document.12\shell\Open\NeverDefault
- HKEY_CLASSES_ROOT\Applications\MSPub.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.htm\OpenWithList\MSPub.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.htm\OpenWithList\MSPub.exe\
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.htm\OpenWithList\MSPub.exe\shell\edit
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.htm\OpenWithList\MSPub.exe\shell\edit\command
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.htm\OpenWithList\MSPub.exe\shell\edit\command\(Default)
- HKEY_CLASSES_ROOT\Applications\notepad.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\notepad.exe\
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\notepad.exe\shell\edit
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\notepad.exe\shell\edit\command
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\notepad.exe\shell\edit\command\(Default)
- HKEY_CLASSES_ROOT\Applications\WinWord.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\Winword.exe\
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\Winword.exe\shell\edit
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\Winword.exe\shell\edit\command
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\Winword.exe\shell\edit\command\(Default)
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\CheckDocumentForProgID
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\CheckDocumentForProgID
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Feed Discovery
- HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Feed Discovery
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Feed Discovery\Sound
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Feed Discovery
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Feed Discovery
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Feed Discovery\Enabled
- HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Feed Discovery\
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Feed Discovery\
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Feeds
- HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Feeds
- HKEY_CURRENT_USER\Software\Microsoft\Ftp
- HKEY_CURRENT_USER\Software\Microsoft\FTP\Use Web Based FTP
- HKEY_CLASSES_ROOT\MIME\Database\Content Type\image/png
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\image/png\Extension
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DOCTYPE_FOCUS_SCROLLBAR_KB838386
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_DOCTYPE_FOCUS_SCROLLBAR_KB838386
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2101
- HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Services
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Services
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Services\SelectionActivityButtonDisable
- HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Activities
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Activities
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Activities
- HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions
- HKEY_CLASSES_ROOT\CLSID\{FF393560-C2A7-11CF-BFF4-444553540000}
- HKEY_CLASSES_ROOT\CLSID\{FF393560-C2A7-11CF-BFF4-444553540000}\InProcServer32
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{FF393560-C2A7-11CF-BFF4-444553540000}\InProcServer32\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{FF393560-C2A7-11CF-BFF4-444553540000}\InProcServer32\LoadWithoutCOM
- HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{ff393560-c2a7-11cf-bff4-444553540000}\InProcServer32
- HKEY_CLASSES_ROOT\CLSID\{FF393560-C2A7-11CF-BFF4-444553540000}\ShellFolder
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached\{FF393560-C2A7-11CF-BFF4-444553540000} {000214E6-0000-0000-C000-000000000046} 0xFFFF
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{FF393560-C2A7-11CF-BFF4-444553540000}
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\DOMStore
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\DOMStore\CachePath
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\feedplat
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\feedplat\CachePath
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\iecompat
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\iecompat\CachePath
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\ietld
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\ietld\CachePath
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\PrivacIE:
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\PrivacIE:\CachePath
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\UserData
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\UserData\CachePath
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012018052220180523
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012018052220180523\CachePath
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012018052220180523\CachePrefix
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012018052220180523\CacheLimit
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012018052220180523\CacheOptions
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\DOMStore\CacheRepair
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\DOMStore\CachePrefix
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\DOMStore\CacheLimit
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\DOMStore\CacheOptions
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\feedplat\CacheRepair
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\feedplat\CachePrefix
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\feedplat\CacheLimit
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\feedplat\CacheOptions
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\iecompat\CacheRepair
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\iecompat\CachePrefix
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\iecompat\CacheLimit
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\iecompat\CacheOptions
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\ietld\CacheRepair
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\ietld\CachePrefix
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\ietld\CacheLimit
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\ietld\CacheOptions
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012018052220180523\CacheRepair
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\PrivacIE:\CacheRepair
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\PrivacIE:\CachePrefix
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\PrivacIE:\CacheLimit
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\PrivacIE:\CacheOptions
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\UserData\CacheRepair
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\UserData\CachePrefix
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\UserData\CacheLimit
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\UserData\CacheOptions
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\(Default)
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\Desktop\NameSpace\NameCustomizations
- HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\LocalizedString
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\WindowsSearch
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\WindowsSearch\EnabledScopes
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Feeds
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Feeds
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Search
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows Search\CurrentVersion
- HKEY_CLASSES_ROOT\MIME\Database\Content Type\image/x-icon
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\image/x-icon\Extension
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_OM_SCREEN_ORIGIN_DISPLAY_PIXELS
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ENABLE_OM_SCREEN_ORIGIN_DISPLAY_PIXELS
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\FontSubstitutes
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\\xe5\xae\x8b\xe4\xbd\x93
- HKEY_CURRENT_USER\Control Panel\Desktop
- HKEY_CURRENT_USER\Control Panel\Desktop\SmoothScroll
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\EnableBalloonTips
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ListviewAlphaSelect
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ListviewShadow
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\TurnOffSPIAnimations
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\TurnOffSPIAnimations
- HKEY_CURRENT_USER\Software\Classes\Interface\{02BA3B52-0547-11D1-B833-00C04FC9B31F}
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{02BA3B52-0547-11D1-B833-00C04FC9B31F}\ProxyStubClsid32
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{02BA3B52-0547-11D1-B833-00C04FC9B31F}\ProxyStubClsid32\(Default)
- HKEY_CURRENT_USER\Software\Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\TreatAs
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\Progid
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\Progid
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InProcServer32\InprocServer32
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InProcServer32\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InProcServer32\ThreadingModel
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocHandler32
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocHandler
- HKEY_CURRENT_USER\Software\Classes\Interface\{66A9CB08-4802-11D2-A561-00A0C92DBFE8}
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{66A9CB08-4802-11D2-A561-00A0C92DBFE8}\ProxyStubClsid32
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{66A9CB08-4802-11D2-A561-00A0C92DBFE8}\ProxyStubClsid32\(Default)
读取的注册表键
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\DEPOff
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Security_HKLM_only
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ProtectedModeOffForAllZones
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ProtectedModeOffForAllZones
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\TabProcGrowth
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\TabProcGrowth
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\LuaOffLoRIEOn
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FrameTabWindow
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FrameTabWindow
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FrameMerging
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FrameMerging
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\SessionMerging
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\SessionMerging
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\AdminTabProcs
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\AdminTabProcs
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\DetourDialogs
- HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\AcRedir
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPropertiesMyComputer
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPropertiesMyComputer
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPropertiesRecycleBin
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPropertiesRecycleBin
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoControlPanel
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoControlPanel
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetFolders
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetFolders
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoInternetIcon
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoInternetIcon
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoCommonGroups
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoCommonGroups
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\Extensions\RemoteRpcDll
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\TabShutdownDelay
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\TabShutdownDelay
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SQM\ServerFreezeOnUpload
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SQMClient\Windows\CEIPEnable
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\Category
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\Name
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\ParentFolder
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\Description
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\RelativePath
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\ParsingName
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\InfoTip
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\LocalizedName
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\Icon
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\Security
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\StreamResource
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\StreamResourceType
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\LocalRedirectOnly
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\Roamable
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\PreCreate
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\Stream
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\PublishExpandedPath
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\Attributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\FolderTypeID
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\InitFolderHandler
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Favorites
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\Attributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\CallForAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\RestrictedAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsFORDISPLAY
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\HideFolderVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\UseDropHandler
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsFORPARSING
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsParseDisplayName
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\QueryForOverlay
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\MapNetDriveVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\QueryForInfoTip
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\HideInWebView
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\HideOnDesktopPerUser
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsAliasedNotifications
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsUniversalDelegate
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\NoFileFolderJunction
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\PinToNameSpaceTree
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\HasNavigationEnum
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{20D04FE0-3AEA-1069-A2D8-08002B30309D}
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{372941a4-1bd9-11e5-9838-806e6f6e6963}\Data
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{372941a4-1bd9-11e5-9838-806e6f6e6963}\Generation
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\FolderExtensions\{fbeb8a05-beee-4442-804e-409d6c4515e9}\DriveMask
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\AccessProviders\MartaExtension
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DontShowSuperHidden
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DontShowSuperHidden
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoWebView
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoWebView
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ClassicShell
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\ClassicShell
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\SeparateProcess
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\SeparateProcess
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoNetCrawling
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoNetCrawling
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSimpleStartMenu
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSimpleStartMenu
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Hidden
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowCompColor
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\HideFileExt
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\DontPrettyPath
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowInfoTip
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\HideIcons
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\MapNetDrvBtn
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\WebView
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Filter
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowSuperHidden
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\SeparateProcess
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\NoNetCrawling
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\AutoCheckSelect
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\IconsOnly
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowTypeOverlay
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\DocObject
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\DocObject
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\DocObject
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\BrowseInPlace
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\BrowseInPlace
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\BrowseInPlace
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\IsShortcut
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\IsShortcut
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\IsShortcut
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\AlwaysShowExt
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\NeverShowExt
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\NeverShowExt
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\NeverShowExt
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Category
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Name
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\ParentFolder
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Description
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\RelativePath
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\ParsingName
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\InfoTip
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\LocalizedName
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Icon
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Security
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\StreamResource
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\StreamResourceType
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\LocalRedirectOnly
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Roamable
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\PreCreate
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Stream
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\PublishExpandedPath
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Attributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\FolderTypeID
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\InitFolderHandler
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Desktop
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Category
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Name
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\ParentFolder
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Description
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\RelativePath
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\ParsingName
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\InfoTip
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\LocalizedName
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Icon
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Security
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\StreamResource
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\StreamResourceType
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\LocalRedirectOnly
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Roamable
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\PreCreate
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Stream
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\PublishExpandedPath
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Attributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\FolderTypeID
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\InitFolderHandler
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\Category
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\Name
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\ParentFolder
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\Description
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\RelativePath
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\ParsingName
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\InfoTip
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\LocalizedName
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\Icon
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\Security
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\StreamResource
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\StreamResourceType
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\LocalRedirectOnly
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\Roamable
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\PreCreate
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\Stream
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\PublishExpandedPath
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\Attributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\FolderTypeID
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}\InitFolderHandler
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\AppData
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Category
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Name
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\ParentFolder
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Description
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\RelativePath
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\ParsingName
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\InfoTip
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\LocalizedName
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Icon
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Security
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\StreamResource
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\StreamResourceType
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\LocalRedirectOnly
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Roamable
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\PreCreate
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Stream
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\PublishExpandedPath
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Attributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\FolderTypeID
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\InitFolderHandler
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-2280033686-3172497658-3481507381-1000\ProfileImagePath
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\Category
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\Name
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\ParentFolder
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\Description
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\RelativePath
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\ParsingName
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\InfoTip
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\LocalizedName
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\Icon
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\Security
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\StreamResource
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\StreamResourceType
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\LocalRedirectOnly
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\Roamable
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\PreCreate
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\Stream
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\PublishExpandedPath
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\Attributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\FolderTypeID
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\InitFolderHandler
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\Attributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\CallForAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\RestrictedAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\WantsFORDISPLAY
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\HideFolderVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\UseDropHandler
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\WantsFORPARSING
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\WantsParseDisplayName
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\QueryForOverlay
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\MapNetDriveVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\QueryForInfoTip
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\HideInWebView
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\HideOnDesktopPerUser
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\WantsAliasedNotifications
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\WantsUniversalDelegate
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\NoFileFolderJunction
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\PinToNameSpaceTree
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\HasNavigationEnum
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{59031A47-3F72-44A7-89C5-5595FE6B30EE}
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{372941a3-1bd9-11e5-9838-806e6f6e6963}\Data
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{372941a3-1bd9-11e5-9838-806e6f6e6963}\Generation
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\SecurityService\DefaultAuthLevel
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLE\AppCompat\RaiseDefaultAuthnLevel
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLE\DefaultAccessPermission
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{00000134-0000-0000-C000-000000000046}\ProxyStubClsid32\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\Extensions\NdrOleExtDLL
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\Windows\DisabledProcesses\74DD1FC8
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\Windows\DisabledSessions\MachineThrottling
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\Windows\DisabledSessions\GlobalSession
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{9EC704BA-E1D4-45C5-9B59-BFAE07D9F04E}\ProxyStubClsid32\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InProcServer32\InprocServer32
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InProcServer32\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InProcServer32\ThreadingModel
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{B40C43F1-F039-44D2-AEB7-87F5AF8ABC3D}\ProxyStubClsid32\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{D358F4E1-0465-4965-9DD5-CAE303D2C345}\ProxyStubClsid32\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1AC7516E-E6BB-4A69-B63F-E841904DC5A6}\ProxyStubClsid32\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\IEXPLORE.EXE\DontUseDesktopChangeRouter
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{F704B7E0-4760-46FF-BBDB-7439E0A2A814}\ProxyStubClsid32\(Default)
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\EnablePreBinding
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\Attributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\CallForAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\RestrictedAttributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\WantsFORDISPLAY
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\HideFolderVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\UseDropHandler
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\WantsFORPARSING
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\WantsParseDisplayName
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\QueryForOverlay
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\MapNetDriveVerbs
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\QueryForInfoTip
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\HideInWebView
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\HideOnDesktopPerUser
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\WantsAliasedNotifications
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\WantsUniversalDelegate
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\NoFileFolderJunction
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\PinToNameSpaceTree
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\HasNavigationEnum
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder\Attributes
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{871C5380-42A0-1069-A2EA-08002B30309D}
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InProcServer32\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InProcServer32\LoadWithoutCOM
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached\{871C5380-42A0-1069-A2EA-08002B30309D} {000214E6-0000-0000-C000-000000000046} 0xFFFF
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE\iexplore.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE\*
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IETld\IETldDllVersionLow
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IETld\IETldDllVersionHigh
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IETld\IETldVersionLow
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IETld\IETldVersionHigh
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Feeds\UrlCacheVersion
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\UrlEncoding
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MIME_HANDLING\iexplore.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLE\MaximumAllowedAllocationSize
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\(Default)
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Compatible
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Compatible
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Version
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Version
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Platform
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Platform
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\iexplore.exe
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\*
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\iexplore.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\*
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ConnectTimeOut
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ConnectTimeOut
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\SendTimeOut
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\SendTimeOut
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ReceiveTimeOut
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ReceiveTimeOut
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER\iexplore.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER\*
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER\iexplore.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER\*
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_UNC_SAVEDFILECHECK\iexplore.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_UNC_SAVEDFILECHECK\*
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Security\DisableSecuritySettingsCheck
- HKEY_LOCAL_MACHINE\SYSTEM\Setup\SystemSetupInProgress
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\Flags
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\Flags
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\Flags
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\Flags
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\Flags
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\iexplore.exe
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinSock2\Parameters\WinSock_Registry_Version
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinSock2\Parameters\AutodialDLL
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnableUTF8
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\AcceptLanguage
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\BrowserEmulation\AllSitesCompatibilityMode
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\BrowserEmulation\IntranetCompatibilityMode
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\BrowserEmulation\MSCompatibilityMode
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\BrowserEmulation\IECompatVersionLow
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\BrowserEmulation\IECompatVersionHigh
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\BrowserEmulation\UnattendLoaded
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION\iexplore.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION\*
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFileMenu
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFileMenu
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Restrictions\NoFavorites
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Restrictions\NoHelpMenu
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Window Title
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\StatusBarWeb
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\Enabled
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Locked
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Enable Browser Extensions
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\CommandBar\SmallIcons
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1A10
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Locale\00000804
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Language Groups\a
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\ITBar7Height
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoBandCustomize
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoBandCustomize
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\ITBar7Layout
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\AlwaysShowMenus
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\DataStore_V1.0\Disable
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\DataStore_V1.0\DataFilePath
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane1
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane2
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane3
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane4
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane5
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane6
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane7
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane8
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane9
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane10
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane11
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane12
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane13
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane14
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane15
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane16
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane1
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane2
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane3
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane4
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane5
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane6
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane7
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane8
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane9
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane10
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane11
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane12
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane13
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane14
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane15
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\SimSun\Plane16
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ADDON_MANAGEMENT\iexplore.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ADDON_MANAGEMENT\*
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\Flags
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\Version
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\InprocServer32\(Default)
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore\Count
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore\Blocked
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\Flags
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\InprocServer32\(Default)
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Cache
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\iexplore\Count
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\14.0\Groove\InstallRoot\Path
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\iexplore\LoadTime
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\Flags
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\InProcServer32\(Default)
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore\Count
- HKEY_CURRENT_USER\Software\JavaSoft\DeploymentProperties\deployment.expiration.decision.11.121.2
- HKEY_CURRENT_USER\Software\JavaSoft\DeploymentProperties\deployment.expiration.decision.suppression.11.121.2
- HKEY_CURRENT_USER\Software\JavaSoft\DeploymentProperties\deployment.expiration.decision.timestamp.11.121.2
- HKEY_CURRENT_USER\Software\JavaSoft\DeploymentProperties\deployment.webjava.enabled
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\JavaSoft\Java Plug-in\11.121.2\UseNewJavaPlugin
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore\LoadTime
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\Flags
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\InprocServer32\(Default)
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore\Count
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore\LoadTime
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DBC80044-A445-435B-BC74-9C25C1C588A9}\Flags
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\InProcServer32\(Default)
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore\Count
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\JavaSoft\Java Plug-in\11.121.2\JavaHome
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\JavaSoft\Java Web Start\11.121.2\Home
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\text/html\Extension
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\TreatAs\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\JavaSoft\Java Runtime Environment\1.8.0_121\JavaHome
- HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{CAFEEFAC-0018-0000-0121-ABCDEFFEDCBA}\InprocServer32\(Default)
- HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{CAFEEFAC-0018-0000-0121-ABCDEFFEDCBB}\InprocServer32\(Default)
- HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{CAFEEFAC-0018-0000-0121-ABCDEFFEDCBC}\InprocServer32\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\InprocServer32\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CAFEEFAC-0018-0000-0121-ABCDEFFEDCBA}\InprocServer32\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CAFEEFAC-0018-0000-0121-ABCDEFFEDCBB}\InprocServer32\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CAFEEFAC-0018-0000-0121-ABCDEFFEDCBC}\InprocServer32\(Default)
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore\LoadTime
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Suggested Sites\Enabled
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{EAB22AC0-30C1-11CF-A7EB-0000C05BAE0B}\1.1\0\win32\(Default)
- HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\Internet\OpenDirectlyInApp
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4}\InsecureQI
- HKEY_CURRENT_USER\Software\Microsoft\Office\Common\AllowConsecutiveSlashesInUrlPathComponent
- HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\Internet\OptimisticBHO
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Safety\PrivacIE\DisableInPrivateBlocking
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\Icon
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\MinLevel
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\RecommendedLevel
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\CurrentLevel
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\Icon
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\MinLevel
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\RecommendedLevel
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\CurrentLevel
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\Icon
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\MinLevel
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\RecommendedLevel
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\CurrentLevel
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\Icon
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\MinLevel
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\RecommendedLevel
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\CurrentLevel
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\Icon
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\MinLevel
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\RecommendedLevel
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\CurrentLevel
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ratings\Key
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\No3DBorder
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\No3DBorder
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\UrlEncoding
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\UrlEncoding
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{00020400-0000-0000-C000-000000000046}\ProxyStubClsid32\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00020420-0000-0000-C000-000000000046}\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32\InprocServer32
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32\ThreadingModel
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TabbedBrowsing\ThumbnailBehavior
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{D30C1661-CDAF-11D0-8A3E-00C04FC9E26E}\ProxyStubClsid32\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6D5140C1-7436-11CE-8034-00AA006009FA}\ProxyStubClsid32\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{48A98A1F-5CDD-47EE-9286-DB04A3EB7CE1}\ProxyStubClsid32\(Default)
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MIME_SNIFFING\iexplore.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN\iexplore.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2100
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\IsTextPlainHonored
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_FEEDS\iexplore.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_FEEDS\*
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.txt\Content Type
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SAFE_BINDTOOBJECT\iexplore.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\DragScrollInset
- HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\DragScrollDelay
- HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\DragDelay
- HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\DragScrollInterval
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD\iexplore.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD\*
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\about\CLSID
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2106
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Zoom\ZoomDisabled
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Zoom\ResetTextSizeOnStartup
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Zoom\ResetTextSizeOnZoom
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Zoom\ResetZoomOnStartup2
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Zoom\ZoomFactor
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\PhishingFilter\EnabledV8
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Url History\DaysToKeep
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\SmartDithering
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SmartDithering
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\RtfConverterFlags
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\UseClearType
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Page_Transitions
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Use_DlgBox_Colors
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Anchor Underline
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\CSS_Compat
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Expand Alt Text
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Display Inline Images
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Display Inline Videos
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\Display Inline Videos
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Play_Background_Sounds
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Play_Animations
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Print_Background
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Use Stylesheets
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\SmoothScroll
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\XMLHTTP
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Show image placeholders
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Disable Script Debugger
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\DisableScriptDebuggerIE
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Move System Caret
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Force Offscreen Composition
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Enable AutoImageResize
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\UseThemes
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\UseHR
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Q300829
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Cleanup HTCs
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\XDomainRequest
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\XDomainRequest
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\DOMStorage
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Default_CodePage
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\AutoDetect
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\Default_IEFontSizePrivate
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Anchor Color
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Anchor Color Visited
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Anchor Color Hover
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Always Use My Colors
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Always Use My Font Size
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Always Use My Font Face
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Disable Visited Hyperlinks
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Use Anchor Hover Color
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\MiscFlags
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Styles\Use My Stylesheet
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Styles\MaxScriptStatements
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Allow Programmatic Cut_Copy_Paste
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\DisableCachingOfSSLPages
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\DisableCachingOfSSLPages
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DisableCachingOfSSLPages
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PageSetup\Print_Background
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\en-US
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\en-US
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\\xe5\x8f\x91\xe9\x80\x81\xe8\x87\xb3 OneNote(&N)\(Default)
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\\xe5\x8f\x91\xe9\x80\x81\xe8\x87\xb3 OneNote(&N)\Flags
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\\xe5\x8f\x91\xe9\x80\x81\xe8\x87\xb3 OneNote(&N)\Contexts
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\\xe5\xaf\xbc\xe5\x87\xba\xe5\x88\xb0 Microsoft Excel(&X)\(Default)
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\\xe5\xaf\xbc\xe5\x87\xba\xe5\x88\xb0 Microsoft Excel(&X)\Flags
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\\xe5\xaf\xbc\xe5\x87\xba\xe5\x88\xb0 Microsoft Excel(&X)\Contexts
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\950
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\3\IEFontSize
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\3\IEFontSizePrivate
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\3\IEPropFontName
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\3\IEFixedFontName
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Version Vector\VML
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Version Vector\IE
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Version Vector\WindowsEdition
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ZONE_ELEVATION\iexplore.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2700
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_XSSFILTER\iexplore.exe
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Safety\PrivacIE\DisableLogging
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1409
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\SecuritySafe
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\NoProtectedModeBanner
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{B722BCCB-4E68-101B-A2BC-00AA00404770}\ProxyStubClsid32\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME\iexplore.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME\*
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\CoInternetCombineIUriCacheSize
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\CoInternetCombineIUriCacheSize
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\CoInternetCombineIUriCacheSize
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\CoInternetCombineIUriCacheSize
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN\iexplore.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN\*
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\MenuUserExpanded
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2301
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BEHAVIORS\iexplore.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2000
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default Behaviors\discovery
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SSLUX\iexplore.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SSLUX\*
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
- HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Restrictions\NoNavButtons
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{9D973E3B-F610-4F03-83D3-AED90C3237AC}\SynchronousInterface\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\text/css\Extension
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{0000897b-83df-4b96-be07-0fb58b01c4a4}\LanguageProfile\0x00000000\{0001bea3-ed56-483d-a2e2-aeae25577436}\Enable
- HKEY_CURRENT_USER\Keyboard Layout\Toggle\Language Hotkey
- HKEY_CURRENT_USER\Keyboard Layout\Toggle\Hotkey
- HKEY_CURRENT_USER\Keyboard Layout\Toggle\Layout Hotkey
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\CTF\EnableAnchorContext
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{618736E0-3C3D-11CF-810C-00AA00389B71}\ProxyStubClsid32\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{332C4425-26CB-11D0-B483-00C04FD90119}\ProxyStubClsid32\(Default)
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1604
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1400
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1201
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\COM3\COM+Enabled
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT\iexplore.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT\*
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1250
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1251
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1253
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1254
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1255
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1256
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1257
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1258
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\874
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\932
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\949
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1361
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\26\IEFontSize
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\26\IEFontSizePrivate
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\26\IEPropFontName
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\26\IEFixedFontName
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\864
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\708
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\51256
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\720
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28596
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10004
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50001
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\775
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28594
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\852
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28592
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10029
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50936
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\51936
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\54936
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20936
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\52936
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50227
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10008
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50950
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20000
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20002
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50229
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10002
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10082
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\51251
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\866
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28595
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20866
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\21866
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10007
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28603
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\29001
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\21027
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\863
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20106
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\51253
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\737
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28597
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10006
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\869
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\862
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\38598
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28598
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10005
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20003
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20420
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20880
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\21025
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20277
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1142
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20278
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1143
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20297
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1147
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20273
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1141
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20423
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\875
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20424
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20871
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1149
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\500
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1148
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20280
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1144
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50930
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50939
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50931
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20290
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50933
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20833
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\870
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50935
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20284
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1145
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20838
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50937
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20905
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1026
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20285
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1146
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\37
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1140
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1047
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20924
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\861
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10079
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57006
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57003
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57002
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57010
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57008
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57009
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57007
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57011
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57004
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\57005
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20269
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50932
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\51932
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50220
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20932
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50221
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50222
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10001
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50949
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\51949
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\50225
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10003
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20949
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28593
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28605
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\865
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20108
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\855
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\437
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\858
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\860
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10010
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20107
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20261
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20001
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20004
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10021
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\857
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28599
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10081
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10017
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\1201
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20005
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\850
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\image/jpeg\Extension
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\20105
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\28591
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\10000
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BLOCK_LMZ_IMG\iexplore.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BLOCK_LMZ_IMG\*
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\LsaExtensionConfig\SspiCli\CheckSignatureDll
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\LsaExtensionConfig\SspiCli\CheckSignatureRoutine
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SecurityProviders
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\Name
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\Comment
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\Capabilities
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\RpcId
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\Version
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\Type
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\TokenSize
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL\UserContextLockCount
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SCHANNEL\UserContextListCount
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$DLL
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$Function
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$DLL
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$Function
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$DLL
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$Function
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\Message\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$DLL
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\Message\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$Function
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$DLL
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$Function
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\CertCheck\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$DLL
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\CertCheck\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$Function
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\Cleanup\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$DLL
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\Cleanup\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$Function
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\State
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Security\Safety Warning Level
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\WinHttpSettings
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Local AppData
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CertDllCreateCertificateChainEngine\Config\EnableInetUnknownAuth
- HKEY_CURRENT_USER\Software\Microsoft\Windows Script\Settings\JITDebug
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\KindMap\.htm
- HKEY_CURRENT_USER\Software\Classes\.htm\(Default)
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice\Progid
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.HTM\IsShortcut
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.HTM\NoStaticDefaultVerb
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.HTM\shell\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.HTM\shell\opennew\NeverDefault
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Excel.exe\shell\edit\command\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default HTML Editor\Stubs
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Excel.Sheet\CurVer\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Excel.Sheet.12\NoStaticDefaultVerb
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Excel.Sheet.12\shell\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Excel.Sheet.12\shell\Open\NeverDefault
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Microsoft Excel\shell\edit\command\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Microsoft Publisher\shell\edit\command\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Microsoft Word\shell\edit\command\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Word.Document\CurVer\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Word.Document.12\NoStaticDefaultVerb
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Word.Document.12\shell\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Word.Document.12\shell\Open\NeverDefault
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.htm\OpenWithList\MSPub.exe\shell\edit\command\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\notepad.exe\shell\edit\command\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\Winword.exe\shell\edit\command\(Default)
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\CheckDocumentForProgID
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\CheckDocumentForProgID
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Feed Discovery\Sound
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Feed Discovery\Enabled
- HKEY_CURRENT_USER\Software\Microsoft\FTP\Use Web Based FTP
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\image/png\Extension
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2101
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Services\SelectionActivityButtonDisable
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{FF393560-C2A7-11CF-BFF4-444553540000}\InProcServer32\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{FF393560-C2A7-11CF-BFF4-444553540000}\InProcServer32\LoadWithoutCOM
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached\{FF393560-C2A7-11CF-BFF4-444553540000} {000214E6-0000-0000-C000-000000000046} 0xFFFF
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\DOMStore\CachePath
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\feedplat\CachePath
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\iecompat\CachePath
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\ietld\CachePath
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\PrivacIE:\CachePath
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\UserData\CachePath
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\DOMStore\CacheRepair
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\DOMStore\CachePrefix
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\DOMStore\CacheLimit
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\DOMStore\CacheOptions
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\feedplat\CacheRepair
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\feedplat\CachePrefix
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\feedplat\CacheLimit
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\feedplat\CacheOptions
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\iecompat\CacheRepair
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\iecompat\CachePrefix
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\iecompat\CacheLimit
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\iecompat\CacheOptions
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\ietld\CacheRepair
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\ietld\CachePrefix
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\ietld\CacheLimit
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\ietld\CacheOptions
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012018052220180523\CacheRepair
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012018052220180523\CachePath
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012018052220180523\CachePrefix
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012018052220180523\CacheLimit
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012018052220180523\CacheOptions
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\PrivacIE:\CacheRepair
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\PrivacIE:\CachePrefix
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\PrivacIE:\CacheLimit
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\PrivacIE:\CacheOptions
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\UserData\CacheRepair
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\UserData\CachePrefix
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\UserData\CacheLimit
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\UserData\CacheOptions
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\LocalizedString
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\WindowsSearch\EnabledScopes
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows Search\CurrentVersion
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\image/x-icon\Extension
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\\xe5\xae\x8b\xe4\xbd\x93
- HKEY_CURRENT_USER\Control Panel\Desktop\SmoothScroll
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\EnableBalloonTips
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ListviewAlphaSelect
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ListviewShadow
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\TurnOffSPIAnimations
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\TurnOffSPIAnimations
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{02BA3B52-0547-11D1-B833-00C04FC9B31F}\ProxyStubClsid32\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InProcServer32\InprocServer32
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InProcServer32\(Default)
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InProcServer32\ThreadingModel
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{66A9CB08-4802-11D2-A561-00A0C92DBFE8}\ProxyStubClsid32\(Default)
修改的注册表键
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\UNCAsIntranet
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore\Type
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore\Count
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore\Time
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore\Blocked
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\iexplore\Type
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\iexplore\Count
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\iexplore\Time
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\iexplore\LoadTime
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore\Type
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore\Count
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore\Time
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore\LoadTime
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore\Type
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore\Count
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore\Time
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore\LoadTime
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore\Type
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore\Count
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore\Time
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore\LoadTime
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012018052220180523
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012018052220180523\CachePath
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012018052220180523\CachePrefix
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012018052220180523\CacheLimit
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012018052220180523\CacheOptions
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012018052220180523\CacheRepair
删除的注册表键
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName
- HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName
API解析
- advapi32.dll.EventWrite
- advapi32.dll.EventRegister
- advapi32.dll.EventUnregister
- kernel32.dll.InitializeSRWLock
- kernel32.dll.AcquireSRWLockExclusive
- kernel32.dll.AcquireSRWLockShared
- kernel32.dll.ReleaseSRWLockExclusive
- kernel32.dll.ReleaseSRWLockShared
- kernel32.dll.SetProcessDEPPolicy
- user32.dll.SetProcessDPIAware
- shell32.dll.SetCurrentProcessExplicitAppUserModelID
- user32.dll.GetShellWindow
- user32.dll.GetWindowThreadProcessId
- kernel32.dll.SortGetHandle
- kernel32.dll.SortCloseHandle
- ieframe.dll.#251
- kernel32.dll.WerSetFlags
- comctl32.dll.PropertySheetW
- comctl32.dll.PropertySheetA
- comdlg32.dll.PageSetupDlgW
- comdlg32.dll.PrintDlgW
- ieshims.dll.IEShims_Initialize
- kernel32.dll.VirtualProtect
- user32.dll.SetWindowsHookExW
- user32.dll.FindWindowExA
- kernel32.dll.WaitForSingleObject
- kernel32.dll.CreateProcessW
- kernel32.dll.CreateProcessA
- advapi32.dll.RegQueryValueA
- ntdll.dll.LdrRegisterDllNotification
- ole32.dll.CoGetApartmentType
- ole32.dll.CoTaskMemFree
- comctl32.dll.#236
- oleaut32.dll.#6
- ole32.dll.CoTaskMemAlloc
- ole32.dll.CoGetMalloc
- cryptbase.dll.SystemFunction036
- kernel32.dll.WerRegisterMemoryBlock
- kernel32.dll.WerUnregisterMemoryBlock
- user32.dll.RegisterWindowMessageW
- rpcrt4.dll.RpcServerUseProtseqW
- rpcrt4.dll.RpcServerRegisterIfEx
- rpcrtremote.dll.I_RpcExtInitializeExtensionPoint
- rpcrt4.dll.RpcServerInqBindings
- rpcrt4.dll.RpcEpRegisterW
- rpcrt4.dll.RpcServerListen
- shell32.dll.SHGetInstanceExplorer
- user32.dll.RegisterClassExW
- user32.dll.CreateWindowExW
- user32.dll.DefWindowProcW
- user32.dll.SetWindowLongW
- ole32.dll.CoInitializeEx
- user32.dll.MsgWaitForMultipleObjectsEx
- urlmon.dll.#400
- shell32.dll.SHGetFolderPathW
- advapi32.dll.TraceMessage
- advapi32.dll.TraceMessageVa
- kernel32.dll.IsWow64Process
- sqmapi.dll.SqmGetSession
- sqmapi.dll.SqmEndSession
- sqmapi.dll.SqmStartSession
- sqmapi.dll.SqmStartUpload
- sqmapi.dll.SqmWaitForUploadComplete
- sqmapi.dll.SqmSet
- sqmapi.dll.SqmSetBool
- sqmapi.dll.SqmSetBits
- sqmapi.dll.SqmSetString
- sqmapi.dll.SqmIncrement
- sqmapi.dll.SqmSetIfMax
- sqmapi.dll.SqmSetIfMin
- sqmapi.dll.SqmAddToAverage
- sqmapi.dll.SqmAddToStreamDWord
- sqmapi.dll.SqmAddToStreamString
- sqmapi.dll.SqmSetAppId
- sqmapi.dll.SqmSetAppVersion
- sqmapi.dll.SqmSetMachineId
- sqmapi.dll.SqmSetUserId
- sqmapi.dll.SqmCreateNewId
- sqmapi.dll.SqmReadSharedMachineId
- sqmapi.dll.SqmReadSharedUserId
- sqmapi.dll.SqmWriteSharedMachineId
- sqmapi.dll.SqmWriteSharedUserId
- sqmapi.dll.SqmIsWindowsOptedIn
- advapi32.dll.OpenThreadToken
- ole32.dll.CreateBindCtx
- ole32.dll.CoRegisterInitializeSpy
- comctl32.dll.#320
- comctl32.dll.#324
- comctl32.dll.#323
- comctl32.dll.#328
- comctl32.dll.#334
- advapi32.dll.RegEnumKeyW
- oleaut32.dll.#2
- ole32.dll.CoCreateInstance
- advapi32.dll.InitializeSecurityDescriptor
- advapi32.dll.SetEntriesInAclW
- ntmarta.dll.GetMartaExtensionInterface
- advapi32.dll.SetSecurityDescriptorDacl
- advapi32.dll.IsTextUnicode
- comctl32.dll.#332
- comctl32.dll.#338
- comctl32.dll.#339
- shell32.dll.#102
- ole32.dll.CoUninitialize
- sechost.dll.ConvertSidToStringSidW
- profapi.dll.#104
- propsys.dll.PSCreateMemoryPropertyStore
- propsys.dll.PSPropertyBag_WriteStr
- ole32.dll.PropVariantClear
- oleaut32.dll.#9
- propsys.dll.PSPropertyBag_WriteGUID
- propsys.dll.PSPropertyBag_ReadGUID
- setupapi.dll.CM_Get_Device_Interface_List_Size_ExW
- setupapi.dll.CM_Get_Device_Interface_List_ExW
- comctl32.dll.#386
- rpcrt4.dll.RpcStringBindingComposeW
- rpcrt4.dll.RpcBindingFromStringBindingW
- rpcrt4.dll.RpcBindingSetAuthInfoExW
- rpcrt4.dll.RpcStringFreeW
- rpcrt4.dll.NdrClientCall2
- user32.dll.PostMessageW
- user32.dll.PeekMessageW
- user32.dll.TranslateMessage
- user32.dll.DispatchMessageW
- user32.dll.GetWindowLongW
- wininet.dll.InternetSetOptionW
- ole32.dll.CoUnmarshalInterface
- sechost.dll.LookupAccountNameLocalW
- rpcrt4.dll.RpcBindingFree
- advapi32.dll.LookupAccountSidW
- sechost.dll.LookupAccountSidLocalW
- cryptsp.dll.CryptAcquireContextW
- cryptsp.dll.CryptGenRandom
- ole32.dll.NdrOleInitializeExtension
- ole32.dll.CoGetClassObject
- ole32.dll.CoGetMarshalSizeMax
- ole32.dll.CoMarshalInterface
- ole32.dll.StringFromIID
- ole32.dll.CoGetPSClsid
- ole32.dll.CoReleaseMarshalData
- ole32.dll.DcomChannelSetHResult
- ieproxy.dll.DllGetClassObject
- ieproxy.dll.DllCanUnloadNow
- shell32.dll.SHChangeNotifyRegisterThread
- comctl32.dll.#4
- rpcrt4.dll.RpcBindingToStringBindingW
- rpcrt4.dll.RpcStringBindingParseW
- rpcrt4.dll.I_RpcBindingInqLocalClientPID
- rpcrt4.dll.RpcServerInqCallAttributesW
- rpcrt4.dll.RpcImpersonateClient
- rpcrt4.dll.RpcRevertToSelf
- rpcrt4.dll.NdrServerCall2
- rpcrt4.dll.RpcBindingInqObject
- ieshims.dll.IEShims_SetRedirectRegistryForThread
- apphelp.dll.ApphelpCheckShellObject
- urlmon.dll.CreateUri
- advapi32.dll.AddMandatoryAce
- version.dll.GetFileVersionInfoSizeW
- version.dll.GetFileVersionInfoW
- version.dll.VerQueryValueW
- wininet.dll.GetUrlCacheEntryInfoW
- urlmon.dll.CreateURLMonikerEx
- urlmon.dll.CreateAsyncBindCtxEx
- urlmon.dll.RegisterBindStatusCallback
- urlmon.dll.UrlMkGetSessionOption
- rasapi32.dll.RasConnectionNotificationW
- sechost.dll.NotifyServiceStatusChangeA
- nlaapi.dll.NSPStartup
- iphlpapi.dll.GetAdapterIndex
- rasadhlp.dll.WSAttemptAutodialAddr
- rasadhlp.dll.WSAttemptAutodialName
- rasadhlp.dll.WSNoteSuccessfulHostentLookup
- mlang.dll.#121
- urlmon.dll.CoInternetCreateSecurityManager
- urlmon.dll.#444
- urlmon.dll.#445
- urlmon.dll.CoInternetCreateZoneManager
- urlmon.dll.CoInternetIsFeatureEnabledForUrl
- comctl32.dll.ImageList_Destroy
- comctl32.dll.ImageList_LoadImageW
- comctl32.dll.ImageList_Add
- wininet.dll.GetUrlCacheEntryInfoExW
- mlang.dll.#112
- wininet.dll.GetUrlCacheEntryInfoExA
- uxtheme.dll.OpenThemeData
- comctl32.dll.#410
- uxtheme.dll.IsAppThemed
- comctl32.dll.#413
- uxtheme.dll.SetWindowTheme
- wininet.dll.InternetQueryOptionA
- ole32.dll.CoInitialize
- ole32.dll.RegisterDragDrop
- uxtheme.dll.IsThemeActive
- gdi32.dll.GetLayout
- gdi32.dll.GdiRealizationInfo
- gdi32.dll.FontIsLinked
- advapi32.dll.RegOpenKeyExW
- advapi32.dll.RegQueryValueExW
- advapi32.dll.RegCloseKey
- gdi32.dll.GetFontAssocStatus
- advapi32.dll.RegQueryValueExA
- advapi32.dll.RegQueryInfoKeyW
- advapi32.dll.RegEnumKeyExW
- gdi32.dll.GetTextFaceAliasW
- gdi32.dll.GetTextExtentExPointWPri
- advapi32.dll.RegEnumValueW
- urlmon.dll.#104
- kernel32.dll.InterlockedPushEntrySList
- kernel32.dll.InterlockedPopEntrySList
- user32.dll.MsgWaitForMultipleObjects
- user32.dll.IsWindowUnicode
- user32.dll.GetMessageW
- advapi32.dll.RegOpenKeyExA
- advapi32.dll.RegEnumKeyA
- kernel32.dll.FlsAlloc
- kernel32.dll.FlsGetValue
- kernel32.dll.FlsSetValue
- kernel32.dll.FlsFree
- deploy.dll.getLatestInstalledVersion
- advapi32.dll.RegEnumKeyExA
- shlwapi.dll.PathFileExistsA
- sxs.dll.SxsOleAut32RedirectTypeLibrary
- advapi32.dll.RegOpenKeyW
- advapi32.dll.RegQueryValueW
- sxs.dll.SxsOleAut32MapConfiguredClsidToReferenceClsid
- comctl32.dll.ImageList_Create
- comctl32.dll.#8
- comctl32.dll.ImageList_AddMasked
- comctl32.dll.LoadIconWithScaleDown
- comctl32.dll.ImageList_ReplaceIcon
- urlmon.dll.RevokeBindStatusCallback
- urlmon.dll.CreateFormatEnumerator
- oleaut32.dll.DllGetClassObject
- oleaut32.dll.DllCanUnloadNow
- urlmon.dll.CreateIUriBuilder
- urlmon.dll.IntlPercentEncodeNormalize
- user32.dll.ChangeWindowMessageFilter
- dwmapi.dll.DwmSetWindowAttribute
- oleaut32.dll.#500
- wininet.dll.GetUrlCacheEntryInfoA
- urlmon.dll.CoInternetQueryInfo
- wininet.dll.CommitUrlCacheEntryA
- oleaut32.dll.#7
- oleaut32.dll.#8
- ieframe.dll.#302
- urlmon.dll.RegisterFormatEnumerator
- urlmon.dll.#101
- user32.dll.IsWindow
- user32.dll.SendMessageW
- oleaut32.dll.VariantClear
- oleaut32.dll.#4
- urlmon.dll.CoInternetIsFeatureEnabled
- urlmon.dll.#441
- urlmon.dll.#335
- oleaut32.dll.#19
- oleaut32.dll.#17
- oleaut32.dll.#20
- oleaut32.dll.#23
- oleaut32.dll.#22
- oleaut32.dll.BSTR_UserSize
- oleaut32.dll.BSTR_UserMarshal
- oleaut32.dll.BSTR_UserUnmarshal
- oleaut32.dll.BSTR_UserFree
- oleaut32.dll.VARIANT_UserSize
- oleaut32.dll.VARIANT_UserMarshal
- oleaut32.dll.VARIANT_UserUnmarshal
- oleaut32.dll.VARIANT_UserFree
- oleaut32.dll.LPSAFEARRAY_UserSize
- oleaut32.dll.LPSAFEARRAY_UserMarshal
- oleaut32.dll.LPSAFEARRAY_UserUnmarshal
- oleaut32.dll.LPSAFEARRAY_UserFree
- ole32.dll.CoRevokeInitializeSpy
- oleacc.dll.LresultFromObject
- user32.dll.GetGUIThreadInfo
- user32.dll.GetCursorInfo
- user32.dll.GetWindowInfo
- user32.dll.GetTitleBarInfo
- user32.dll.GetScrollBarInfo
- user32.dll.GetComboBoxInfo
- user32.dll.GetAncestor
- user32.dll.RealChildWindowFromPoint
- user32.dll.RealGetWindowClassW
- user32.dll.GetAltTabInfoW
- user32.dll.GetListBoxInfo
- user32.dll.GetMenuBarInfo
- user32.dll.SendInput
- user32.dll.BlockInput
- user32.dll.LogicalToPhysicalPoint
- user32.dll.PhysicalToLogicalPoint
- user32.dll.WindowFromPhysicalPoint
- user32.dll.GetPhysicalCursorPos
- kernel32.dll.GetModuleFileNameW
- kernel32.dll.VirtualAllocEx
- kernel32.dll.VirtualFreeEx
- ntdll.dll.NtQueryInformationProcess
- ntdll.dll.NtAllocateVirtualMemory
- ntdll.dll.NtFreeVirtualMemory
- oleacc.dll.ObjectFromLresult
- msimtf.dll.MsimtfIsWindowFiltered
- imm32.dll.ImmGetContext
- imm32.dll.ImmGetCompositionWindow
- imm32.dll.ImmGetCandidateWindow
- t2embed.dll.TTLoadEmbeddedFont
- wininet.dll.InternetUnlockRequestFile
- ole32.dll.CoGetObjectContext
- urlmon.dll.#330
- oleaut32.dll.SysAllocString
- oleaut32.dll.SysStringLen
- oleaut32.dll.SysFreeString
- cryptsp.dll.SystemFunction035
- schannel.dll.SpUserModeInitialize
- advapi32.dll.RegCreateKeyExW
- crypt32.dll.CertDuplicateStore
- crypt32.dll.CertControlStore
- crypt32.dll.CertCloseStore
- secur32.dll.FreeContextBuffer
- ncrypt.dll.SslOpenProvider
- ncrypt.dll.GetSChannelInterface
- bcryptprimitives.dll.GetHashInterface
- ncrypt.dll.SslIncrementProviderReferenceCount
- ncrypt.dll.SslImportKey
- bcryptprimitives.dll.GetCipherInterface
- ncrypt.dll.SslLookupCipherSuiteInfo
- crypt32.dll.CertDuplicateCertificateContext
- wintrust.dll.HTTPSCertificateTrust
- wintrust.dll.HTTPSFinalProv
- wintrust.dll.SoftpubInitialize
- wintrust.dll.SoftpubLoadMessage
- wintrust.dll.SoftpubLoadSignature
- wintrust.dll.SoftpubCheckCert
- wintrust.dll.SoftpubCleanup
- cryptsp.dll.CryptAcquireContextA
- winhttp.dll.WinHttpOpen
- winhttp.dll.WinHttpSetTimeouts
- winhttp.dll.WinHttpSetOption
- winhttp.dll.WinHttpCrackUrl
- shlwapi.dll.StrCmpNW
- winhttp.dll.WinHttpConnect
- winhttp.dll.WinHttpOpenRequest
- winhttp.dll.WinHttpGetDefaultProxyConfiguration
- winhttp.dll.WinHttpGetIEProxyConfigForCurrentUser
- winhttp.dll.WinHttpTimeFromSystemTime
- winhttp.dll.WinHttpSendRequest
- ws2_32.dll.GetAddrInfoW
- ws2_32.dll.WSASocketW
- ws2_32.dll.#2
- ws2_32.dll.#21
- ws2_32.dll.#9
- ws2_32.dll.WSAIoctl
- ws2_32.dll.FreeAddrInfoW
- ws2_32.dll.#6
- ws2_32.dll.#5
- ws2_32.dll.WSARecv
- ws2_32.dll.WSASend
- winhttp.dll.WinHttpReceiveResponse
- winhttp.dll.WinHttpQueryHeaders
- shlwapi.dll.StrStrIW
- winhttp.dll.WinHttpQueryDataAvailable
- winhttp.dll.WinHttpReadData
- winhttp.dll.WinHttpCloseHandle
- advapi32.dll.RegCreateKeyA
- crypt32.dll.CertDuplicateCertificateChain
- crypt32.dll.CertGetCertificateContextProperty
- cryptsp.dll.CryptReleaseContext
- crypt32.dll.CertFreeCertificateChain
- crypt32.dll.CertFreeCertificateContext
- ncrypt.dll.SslLookupCipherLengths
- ncrypt.dll.SslEncryptPacket
- ncrypt.dll.SslDecryptPacket
- propsys.dll.#430
- advapi32.dll.RegGetValueW
- propsys.dll.InitPropVariantFromStringAsVector
- propsys.dll.PSCoerceToCanonicalValue
- propsys.dll.PropVariantToStringAlloc
- wininet.dll.InternetGetCookieExW
- wininet.dll.InternetSetCookieExW
- imgutil.dll.DecodeImage
- ncrypt.dll.SslDecrementProviderReferenceCount
- ncrypt.dll.SslFreeObject
- ws2_32.dll.#22
- ws2_32.dll.#3
- wininet.dll.FindFirstUrlCacheContainerA
- wininet.dll.FindNextUrlCacheContainerA
- wininet.dll.FindCloseUrlCache
- wininet.dll.CreateUrlCacheContainerA
- wininet.dll.CommitUrlCacheEntryW
- urlmon.dll.#414
- dwmapi.dll.DwmInvalidateIconicBitmaps
- wininet.dll.InternetGetConnectedState
- urlmon.dll.#395
- urlmon.dll.URLDownloadToCacheFileW
- wininet.dll.SetUrlCacheEntryGroupW
- urlmon.dll.#327
- urlmon.dll.#351
- urlmon.dll.#325
- msimg32.dll.AlphaBlend
- comctl32.dll.#17
- comctl32.dll.DllGetVersion
- ws2_32.dll.#116
- actxprxy.dll.DllGetClassObject
- actxprxy.dll.DllCanUnloadNow