MalScore
100/100
MalFamily
Malicious

poo.exe

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 52/70 Related 2805
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
File size: 282.50 KB (289280 bytes)
Compile time: 2019-11-29 07:31:09
MD5: 309ace2ac7606a1f061780c588a12585
SHA1: 0ca3ab5bbef7cf294448118965b5a6a13ce4c2f5
SHA256: f8c6fa5f9549f1e041c342f16a652d1f96fa9c5c5778f7617640d80cbeb69c1b
Import hash: f34d5f2d4577ed6d9ceec516c1f5a744
Sections 3 .text .rsrc .reloc
Directories 3 import resource relocation
First submission: 2019-12-04 08:54:06
Last submission: 2019-12-04 08:54:06
Filename detected: - poo.exe (1)
URL file hosting
hXXp://[www].teorija.rs/vendor/league/poo.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2019-12-03 13:48:50 [52/70] VirusTotal
PE Sections 1 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x2000 0x46154 287232 f1021f35d5b58cda5cc7a1f0732a29be 8849da09c19065558c9e373590107100f193bd75
.rsrc 0x4a000 0x300 1024 1623c8e2f3c7be297a12021e7bc05132 0a41aa9cd34d2e5cae9aec0c86a2cc20c2e9f24a
.reloc 0x4c000 0xc 512 d2d6c7685394fba6f915d147481036c2 73ce37ba64bd1d51faf1fe33f0d97ed0f20dee37
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Microsoft Visual C# / Basic .NET
Microsoft Visual Studio .NET
.NET executable
Microsoft Visual C# v7.0 / Basic .NET
File found
FIle type: XML
System.Xml
FIle type: Library
USER32.dll
psapi.dll
mscoree.dll
vaultcli.dll
IP Found
0.1.2.3
URL(s)
No URL found
Behavior analysis details
Machine name Machine label Machine manager Started Ended Duration
Seven03b_64 Seven03b_64 VirtualBox 2019-12-04 08:51:06 2019-12-04 08:54:23 197

17 Behaviors detected by system signatures

Behavior analysis details
Machine name Machine label Machine manager Started Ended Duration
Seven03b_64 Seven03b_64 VirtualBox 2019-12-04 08:51:06 2019-12-04 08:54:23 197

12 Summary items with data

Files

C:\Windows\System32\MSCOREE.DLL.local
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
C:\Windows\Microsoft.NET\Framework\*
C:\Windows\Microsoft.NET\Framework\v1.0.3705\clr.dll
C:\Windows\Microsoft.NET\Framework\v1.0.3705\mscorwks.dll
C:\Windows\Microsoft.NET\Framework\v1.1.4322\clr.dll
C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
C:\Windows\Microsoft.NET\Framework\v2.0.50727\clr.dll
C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
C:\Users\Seven01\AppData\Local\Temp\poo.exe.config
C:\Users\Seven01\AppData\Local\Temp\poo.exe
C:\Users\Seven01\AppData\Local\Temp\api-ms-win-appmodel-runtime-l1-1-0.dll
C:\Windows\System32\api-ms-win-appmodel-runtime-l1-1-0.dll
C:\Windows\system\api-ms-win-appmodel-runtime-l1-1-0.dll
C:\Windows\api-ms-win-appmodel-runtime-l1-1-0.dll
C:\ProgramData\Oracle\Java\javapath\api-ms-win-appmodel-runtime-l1-1-0.dll
C:\Windows\System32\wbem\api-ms-win-appmodel-runtime-l1-1-0.dll
C:\Windows\System32\WindowsPowerShell\v1.0\api-ms-win-appmodel-runtime-l1-1-0.dll
C:\Users\Seven01\AppData\Local\Temp\poo.exe.Local\
C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6229_none_d089f796442de10e
C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6229_none_d089f796442de10e\msvcr80.dll
C:\Windows
C:\Windows\winsxs
C:\Windows\Microsoft.NET\Framework\v4.0.30319
C:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\machine.config
C:\Windows\Microsoft.NET\Framework\v2.0.50727\fusion.localgac
C:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\security.config
C:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\security.config.cch
C:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\enterprisesec.config
C:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\enterprisesec.config.cch
C:\Users\Seven01\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\security.config
C:\Users\Seven01\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\security.config.cch
C:\Windows\assembly\NativeImages_v2.0.50727_32\index126.dat
C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62a0b3e4b40ec0e8c5cfaa0c8848e64a\mscorlib.ni.dll
C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.INI
C:\Users
C:\Users\Seven01
C:\Users\Seven01\AppData
C:\Users\Seven01\AppData\Local
C:\Users\Seven01\AppData\Local\Temp
C:\Windows\Microsoft.NET\Framework\v2.0.50727\ole32.dll
\Device\KsecDD
C:\Windows\System32\l_intl.nls
C:\Users\Seven01\AppData\Local\Temp\poo.INI
C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
C:\Windows\assembly\pubpol28.dat
C:\Windows\assembly\GAC\PublisherPolicy.tme
C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9e0a3b9b9f457233a335d7fba8f95419\System.ni.dll
C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dbfe8642a8ed7b2b103ad28e0c96418a\System.Drawing.ni.dll
C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3afcd5168c7a6cb02eab99d7fd71e102\System.Windows.Forms.ni.dll
C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.INI
C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.INI
C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.INI
C:\Windows\Globalization\it-it.nlp
C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\sorttbls.nlp
C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\sortkey.nlp
C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\bcrypt.dll
C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\08d608378aa405adc844f3cf36974b8c\Microsoft.VisualBasic.ni.dll
C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.INI
C:\Windows\System32\wbem\wbemdisp.tlb
C:\Windows\SysWOW64\it-IT\KERNELBASE.dll.mui
C:\Windows\Microsoft.NET\Framework\v2.0.50727\OLEAUT32.dll
C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\bf7e7494e75e32979c7824a07570a8a9\CustomMarshalers.ni.dll
C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.INI
C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\oleaut32.DLL
C:\Windows\SysWOW64\stdole2.tlb
C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\6f3b99ed0b791ff4d8aa52f2f0cd0bcf\System.Management.ni.dll
C:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.INI
C:\Windows\Microsoft.NET\Framework\v2.0.50727\wminet_utils.dll
C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\oleaut32.dll
C:\Windows\Globalization\en-us.nlp
C:\Windows\assembly\GAC_32\mscorlib.resources\2.0.0.0_it-IT_b77a5c561934e089
C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_it-IT_b77a5c561934e089
C:\Windows\assembly\GAC\mscorlib.resources\2.0.0.0_it-IT_b77a5c561934e089
C:\Users\Seven01\AppData\Local\Temp\it-IT\mscorlib.resources.dll
C:\Users\Seven01\AppData\Local\Temp\it-IT\mscorlib.resources\mscorlib.resources.dll
C:\Users\Seven01\AppData\Local\Temp\it-IT\mscorlib.resources.exe
C:\Users\Seven01\AppData\Local\Temp\it-IT\mscorlib.resources\mscorlib.resources.exe
C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
C:\Windows\Microsoft.NET\Framework\v2.0.50727\it-IT\mscorrc.dll
C:\Windows\Microsoft.NET\Framework\v2.0.50727\it-IT\mscorrc.dll.DLL
C:\Windows\Microsoft.NET\Framework\v2.0.50727\it\mscorrc.dll
C:\Windows\Globalization\it.nlp
C:\Windows\assembly\GAC_32\mscorlib.resources\2.0.0.0_it_b77a5c561934e089
C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_it_b77a5c561934e089
C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_it_b77a5c561934e089\mscorlib.resources.dll
C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_it_b77a5c561934e089\mscorlib.resources.INI
C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\ntdll.dll
C:\%insfolder%\%insname%
C:\Users\Seven01\AppData\Local\Google\Chrome\User Data\
C:\Users\Seven01\AppData\Roaming\Mozilla\Firefox\profiles.ini
C:\Users\Seven01\AppData\Local\Temp\vaultcli.dll
C:\Windows\System32\tzres.dll
C:\Windows\System32\it-IT\tzres.dll.mui
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\plutil.exe
C:\Users\Seven01\AppData\Local\Tencent\QQBrowser\User Data
C:\Users\Seven01\AppData\Local\Tencent\QQBrowser\User Data\Default\EncryptedStorage
C:\Users\Seven01\AppData\Roaming\Opera Software\Opera Stable\Login Data
C:\Users\Seven01\AppData\Local\Yandex\YandexBrowser\User Data
C:\Users\Seven01\AppData\Local\360Chrome\Chrome\User Data
C:\Users\Seven01\AppData\Local\Iridium\User Data
C:\Users\Seven01\AppData\Local\Comodo\Dragon\User Data
C:\Users\Seven01\AppData\Local\MapleStudio\ChromePlus\User Data
C:\Users\Seven01\AppData\Local\Chromium\User Data
C:\Users\Seven01\AppData\Local\Torch\User Data
C:\Users\Seven01\AppData\Local\7Star\7Star\User Data
C:\Users\Seven01\AppData\Local\Amigo\User Data
C:\Users\Seven01\AppData\Local\BraveSoftware\Brave-Browser\User Data
C:\Users\Seven01\AppData\Local\CentBrowser\User Data
C:\Users\Seven01\AppData\Local\Chedot\User Data
C:\Users\Seven01\AppData\Local\CocCoc\Browser\User Data
C:\Users\Seven01\AppData\Local\Elements Browser\User Data
C:\Users\Seven01\AppData\Local\Epic Privacy Browser\User Data
C:\Users\Seven01\AppData\Local\Kometa\User Data
C:\Users\Seven01\AppData\Local\Orbitum\User Data
C:\Users\Seven01\AppData\Local\Sputnik\Sputnik\User Data
C:\Users\Seven01\AppData\Local\uCozMedia\Uran\User Data
C:\Users\Seven01\AppData\Local\Vivaldi\User Data
C:\Users\Seven01\AppData\Local\CatalinaGroup\Citrio\User Data
C:\Users\Seven01\AppData\Local\liebao\User Data
C:\Users\Seven01\AppData\Local\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer
C:\Users\Seven01\AppData\Local\QIP Surf\User Data
C:\Users\Seven01\AppData\Local\Coowon\Coowon\User Data
C:\Users\Seven01\AppData\Roaming\Mozilla\SeaMonkey\profiles.ini
C:\Users\Seven01\AppData\Roaming\Flock\Browser\profiles.ini
C:\Windows\assembly\GAC_32\Microsoft.VisualBasic.resources\8.0.0.0_it-IT_b03f5f7f11d50a3a
C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_it-IT_b03f5f7f11d50a3a
C:\Windows\assembly\GAC\Microsoft.VisualBasic.resources\8.0.0.0_it-IT_b03f5f7f11d50a3a
C:\Users\Seven01\AppData\Local\Temp\it-IT\Microsoft.VisualBasic.resources.dll
C:\Users\Seven01\AppData\Local\Temp\it-IT\Microsoft.VisualBasic.resources\Microsoft.VisualBasic.resources.dll
C:\Users\Seven01\AppData\Local\Temp\it-IT\Microsoft.VisualBasic.resources.exe
C:\Users\Seven01\AppData\Local\Temp\it-IT\Microsoft.VisualBasic.resources\Microsoft.VisualBasic.resources.exe
C:\Windows\assembly\GAC_32\Microsoft.VisualBasic.resources\8.0.0.0_it_b03f5f7f11d50a3a
C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_it_b03f5f7f11d50a3a
C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_it_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll
C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_it_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.INI
C:\Users\Seven01\AppData\Local\UCBrowser\*
C:\Users\Seven01\AppData\Roaming\NETGATE Technologies\BlackHawk\profiles.ini
C:\Users\Seven01\AppData\Roaming\8pecxstudios\Cyberfox\profiles.ini
C:\Users\Seven01\AppData\Roaming\K-Meleon\profiles.ini
C:\Users\Seven01\AppData\Roaming\Mozilla\icecat\profiles.ini
C:\Users\Seven01\AppData\Roaming\Comodo\IceDragon\profiles.ini
C:\Users\Seven01\AppData\Roaming\Moonchild Productions\Pale Moon\profiles.ini
C:\Users\Seven01\AppData\Roaming\Waterfox\profiles.ini
C:\Users\Seven01\AppData\Local\falkon\profiles\profiles.ini
C:\Users\Seven01\AppData\Roaming\Thunderbird\profiles.ini
C:\Storage\
C:\mail\
C:\Users\Seven01\AppData\Local\VirtualStore\Program Files\Foxmail\mail\
C:\Users\Seven01\AppData\Local\VirtualStore\Program Files (x86)\Foxmail\mail\
C:\Users\Seven01\AppData\Roaming\Opera Mail\Opera Mail\wand.dat
C:\Users\Seven01\AppData\Roaming\Pocomail\accounts.ini
C:\Users\Seven01\AppData\Roaming\The Bat!
C:\Users\Seven01\AppData\Roaming\Postbox\profiles.ini
C:\Users\Seven01\AppData\Roaming\Claws-mail
C:\Users\Seven01\AppData\Roaming\Claws-mail\clawsrc
C:\Users\Seven01\AppData\Local\Temp\Folder.lst
C:\Users\Seven01\AppData\Roaming\Trillian\users\global\accounts.dat
C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\461d3b6b3f43e6fbe6c897d5936e17e4\System.Xml.ni.dll
C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.INI
C:\Users\Seven01\AppData\Roaming\Psi\profiles
C:\Users\Seven01\AppData\Roaming\Psi+\profiles
C:\Users\Seven01\AppData\Roaming\FileZilla\recentservers.xml
C:\Users\Seven01\AppData\Roaming\Ipswitch\WS_FTP\Sites\ws_ftp.ini
C:\Users\Seven01\AppData\Roaming\CoreFTP\sites.idx
C:\Windows\SysWOW64\wshom.ocx
\??\PIPE\NETLOGON
C:\Windows\SysWOW64\it-IT\wshom.ocx.mui
C:\FTP Navigator\Ftplist.txt
C:\Users\All Users\AppData\Roaming\FlashFXP\3quick.dat
C:\Users\Seven01\AppData\Roaming\SmartFTP\Client 2.0\Favorites\Quick Connect\*.xml
C:\Users\Seven01\AppData\Roaming\SmartFTP\Client 2.0\Favorites\Quick Connect\
C:\cftp\Ftplist.txt
C:\Users\Seven01\AppData\Roaming\FTPGetter\servers.xml
C:\Program Files (x86)\jDownloader\config\database.script
C:\Windows\sysnative\wbem\WmiPrvSE.exe
\??\MountPointManager
C:\Windows\sysnative
C:\Windows\sysnative\wbem
C:\Windows\appcompat\Programs\RecentFileCache.bcf
C:\Windows\AppPatch\AppPatch64\sysmain.sdb
C:\Windows\sysnative\wbem\
C:\Windows\SysWOW64\sc.exe
C:\Windows\SysWOW64
C:\Windows\AppPatch\sysmain.sdb
C:\Windows\SysWOW64\
C:\Windows\SysWOW64\*.*
C:\Windows\SysWOW64\it-IT\sc.exe.mui
C:\Windows\SysWOW64\ui\SwDRM.dll
C:\Windows\sysnative\Tasks\Microsoft\Windows\WDI\ResolutionHost
C:\Windows\Globalization\Sorting\sortdefault.nls
C:\Windows\sysnative\it-IT\USER32.dll.mui
\??\pipe\PIPE_EVENTROOT\CIMV2PROVIDERSUBSYSTEM
\??\WMIDataDevice
C:\Windows\sysnative\wbem\it-IT\cimwin32.dll.mui
C:\Windows\Temp
C:\Windows\sysnative\LogFiles\Scm\9435f817-fed2-454e-88cd-7f78fda62c48
\??\PIPE\srvsvc
C:\Windows\sysnative\LogFiles\Scm\eaca24ff-236c-401d-a1e7-b3d5267b8a50
C:\Windows\sysnative\LogFiles\Scm\5f5a18eb-dc73-4e45-a11c-b59043598412
C:\Windows\sysnative\LogFiles\Scm\6dd68ac2-29d2-4ff8-a7c8-4faf5bfa0e39
C:\Windows\sysnative\LogFiles\Scm\72db7465-bc54-491b-a92a-4637a28c9bbf
C:\Windows\sysnative\LogFiles\Scm\994c86ad-a929-4b2c-88a0-4e25a107a029
C:\Windows\sysnative\LogFiles\Scm\d7b6e81d-3cf4-432c-84d2-24213f4316e6
C:\Windows\sysnative\LogFiles\Scm\eb02381f-d652-4b1c-894a-712498c62c51
C:\Windows\sysnative\LogFiles\Scm\01ae1cd5-23d1-4b8c-b118-6f70e4b13019
C:\Windows\sysnative\LogFiles\Scm\0e0931af-7911-4ae5-8fdb-971e157234b3
C:\Windows\sysnative\LogFiles\Scm\2470470f-2634-478e-b181-571e98a789bb
C:\Windows\sysnative\LogFiles\Scm\28011108-68df-4c73-b91b-57427d501bba
C:\Windows\sysnative\LogFiles\Scm\2c513e04-9757-4167-a0cd-5b485ed9abc6
C:\Windows\sysnative\LogFiles\Scm\458ad310-8828-4e4a-976e-55b7f1724152
C:\Windows\sysnative\LogFiles\Scm\486d715e-6aa2-44cf-bc48-b6990cbb53c6
C:\Windows\sysnative\LogFiles\Scm\4c8b01a2-11ff-4c41-848f-508ef4f00cf7
C:\Windows\sysnative\LogFiles\Scm\5b42dd9c-5a26-4f27-bb95-34603f0997e5
C:\Windows\sysnative\LogFiles\Scm\613612ba-897d-44ce-8dc1-8fc283f9fd51
C:\Windows\sysnative\LogFiles\Scm\7afcc0ca-7121-422a-ab45-b0e8d599ff08
C:\Windows\sysnative\LogFiles\Scm\7bb9ab04-19c4-4ed4-9e39-842ee25e4f34
C:\Windows\sysnative\LogFiles\Scm\90f611e2-877d-473d-bc36-5623044532ae
C:\Windows\sysnative\LogFiles\Scm\a35bb7a6-5f0c-4c9f-8450-2b3bed532d51
C:\Windows\sysnative\LogFiles\Scm\d0250f3f-6480-484f-b719-42f659ac64d5
C:\Windows\sysnative\LogFiles\Scm\eb97bac0-e76f-421d-bfe3-12eaa69ce705
C:\Windows\sysnative\LogFiles\Scm\044a6734-e90e-4f8f-b357-b2dc8ab3b5ec
C:\Windows\sysnative\LogFiles\Scm\046fbef8-2dd6-4a92-a08e-608464edcc44
C:\Windows\sysnative\LogFiles\Scm\088482fa-65b8-4e17-9abf-1dcd48e8d373
C:\Windows\sysnative\LogFiles\Scm\09f06bfe-a3c8-40e3-846a-6e6f4000c238
C:\Windows\sysnative\LogFiles\Scm\1af4338f-6c18-4fc7-9691-7bf990a00048
C:\Windows\sysnative\LogFiles\Scm\1f7b7221-ae8f-44f3-ba82-f7d260f51964
C:\Windows\sysnative\LogFiles\Scm\2171d673-da91-42eb-99aa-8377558033a6
C:\Windows\sysnative\LogFiles\Scm\2f57269b-1e09-4e2d-ab1e-b0fdac7d279c
C:\Windows\sysnative\LogFiles\Scm\384d247e-5044-403e-8815-663857f019e4
C:\Windows\sysnative\LogFiles\Scm\47536d45-eeec-4bdc-8183-a4dc1f8da9e4
C:\Windows\sysnative\LogFiles\Scm\4f50e1b5-2f4b-4efe-ae7a-842b3315f32f
C:\Windows\sysnative\LogFiles\Scm\4f7cc921-910f-4928-a3c6-140c6114a475
C:\Windows\sysnative\LogFiles\Scm\502cd1f9-96cb-4a12-a9b3-b6e0b1a39f24
C:\Windows\sysnative\LogFiles\Scm\5a40e926-9e86-4b89-9cfd-b12311724371
C:\Windows\sysnative\LogFiles\Scm\5c0aeeea-c154-45be-8499-bea5f11baff6
C:\Windows\sysnative\LogFiles\Scm\6738ba6e-ea75-4b6b-b8b8-71f0336dd8ef
C:\Windows\sysnative\LogFiles\Scm\6e0caa7b-b2e3-426e-9ebc-d2e0f803ce6b
C:\Windows\sysnative\LogFiles\Scm\753c47ae-ec5e-44b3-95a9-2c8e553f0e39
C:\Windows\sysnative\LogFiles\Scm\786f5419-95a1-4b6a-82de-32ef997c5bd9
C:\Windows\sysnative\LogFiles\Scm\7c6fa9f4-69a9-419c-8646-ad6f7ec02d09
C:\Windows\sysnative\LogFiles\Scm\81540b9f-b5bf-47eb-9c95-be195bf2c664
C:\Windows\sysnative\LogFiles\Scm\82e14523-e495-4d88-ba3a-2bc274ef1200
C:\Windows\sysnative\LogFiles\Scm\83687e64-03cd-4a47-8cbb-508dd54b726e
C:\Windows\sysnative\LogFiles\Scm\888700e2-603d-461e-bc12-c17dfe30776f
C:\Windows\sysnative\LogFiles\Scm\8c04a2af-1dc1-4b64-8b32-fe6389548119
C:\Windows\sysnative\it-IT\radarrs.dll.mui
C:\Windows\Fonts\staticcache.dat
C:\Windows\Prefetch\OQOPKLIB.EXE-1684F61E.pf
C:\Windows\Prefetch\SVCHOST.EXE-80F4A784.pf
\Device\FileInfo
\Device\Csc\.\.
C:\Windows\Prefetch\SC.EXE-1CF1DE92.pf
C:\Windows\Prefetch\CONHOST.EXE-1F3E9D7E.pf
\Device\Mup\.\.
C:\Windows\Prefetch\SVCHOST.EXE-A1476A17.pf
C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-0CB8CADE.pf
C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-77482212.pf
C:\Windows\Prefetch\DLLHOST.EXE-5E46FA0D.pf
C:\Windows\Prefetch\WERFAULT.EXE-E69F695A.pf
C:\Windows\sysnative\winevt\Logs\System.evtx
C:\Windows\sysnative\RacEngn.dll
C:\Windows\sysnative\winevt\Logs\Microsoft-Windows-ReliabilityAnalysisComponent%4Operational.evtx
C:\Windows\sysnative\schedsvc.dll
C:\Windows\sysnative\WerFault.exe
C:\Windows\sysnative\winevt\Logs\Microsoft-Windows-WER-Diag%4Operational.evtx
C:\Windows\sysnative\winevt\Logs\Application.evtx
C:\Windows\sysnative\fthsvc.dll
C:\Windows\sysnative\winevt\Logs\Microsoft-Windows-Fault-Tolerant-Heap%4Operational.evtx
C:\Windows\sysnative\shell32.dll
C:\Windows\sysnative\winevt\Logs\Microsoft-Windows-Known Folders API Service.evtx
C:\Windows\sysnative\oleres.dll
C:\ProgramData\Microsoft\Windows\WER\ReportQueue
C:\ProgramData\Microsoft\Network\
C:\ProgramData\Microsoft\Network\Downloader\
\Device\PcwDrv
C:\Windows\sysnative\it-IT\NETMSG.DLL.mui
C:\Windows\sysnative\tzres.dll
C:\DfsServer
C:\Windows\sysnative\it-IT\tzres.dll.mui
C:\Windows\sysnative\Tasks
\Device\LanmanRedirector
\Device\SrvAdmin
C:\Windows\
C:
\Device\LanmanServer
\Device\Srv2
C:\Windows\sysnative\it-IT\taskcomp.dll.mui
C:\Windows\Tasks
C:\Windows\Tasks\SCHEDLGU.TXT
\??\PIPE\lsarpc
C:\DosDevices\pipe\
C:\Windows\resources\Themes\Aero\Aero.msstyles
\??\IDE#CdRomVBOX_CD-ROM_____________________________1.0_____#5&106af171&0&1.0.0#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
C:\
\??\IDE#DiskVBOX_HARDDISK___________________________1.0_____#5&33d1638a&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}
\??\IDE#CdRomVBOX_CD-ROM_____________________________1.0_____#5&106af171&0&1.0.0#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}
C:\Windows\Tasks\
\??\Volume{3512230a-fb0b-11e5-b945-806e6f6e6963}\
A:
B:
E:
F:
G:
H:
I:
J:
K:
L:
M:
N:
O:
P:
Q:
R:
S:
T:
U:
V:
\??\Volume{3512230a-fb0b-11e5-b945-806e6f6e6963}\autorun.inf
\??\Volume{3512230a-fb0b-11e5-b945-806e6f6e6963}\desktop.ini
\??\Volume{3512230a-fb0b-11e5-b945-806e6f6e6963}\video_ts\video_ts.ifo
W:
\??\Volume{3512230a-fb0b-11e5-b945-806e6f6e6963}\dvd_rtav\vr_mangr.ifo
\??\Volume{3512230a-fb0b-11e5-b945-806e6f6e6963}\audio_ts\audio_ts.ifo
X:
Y:
Z:
\??\Volume{3512230a-fb0b-11e5-b945-806e6f6e6963}\VCD\entries.vcd
C:\Windows\sysnative\Tasks\Microsoft\Windows\CertificateServicesClient\SystemTask
\??\Volume{3512230a-fb0b-11e5-b945-806e6f6e6963}\SVCD\entries.svd
\??\Volume{3512230a-fb0b-11e5-b945-806e6f6e6963}\SVCD\entries.vcd
\??\Volume{3512230a-fb0b-11e5-b945-806e6f6e6963}\DCIM
\??\Volume{3512230a-fb0b-11e5-b945-806e6f6e6963}\BDMV
\??\Volume{3512230a-fb0b-11e5-b945-806e6f6e6963}\BDAV
\??\STORAGE#Volume#{35122303-fb0b-11e5-b945-806e6f6e6963}#0000000000100000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
\??\Volume{35122306-fb0b-11e5-b945-806e6f6e6963}\
\??\Volume{35122306-fb0b-11e5-b945-806e6f6e6963}\autorun.inf
\??\Volume{35122306-fb0b-11e5-b945-806e6f6e6963}\desktop.ini
\??\Volume{35122306-fb0b-11e5-b945-806e6f6e6963}\video_ts\video_ts.ifo
\??\Volume{35122306-fb0b-11e5-b945-806e6f6e6963}\dvd_rtav\vr_mangr.ifo
\??\Volume{35122306-fb0b-11e5-b945-806e6f6e6963}\audio_ts\audio_ts.ifo
\??\Volume{35122306-fb0b-11e5-b945-806e6f6e6963}\VCD\entries.vcd
\??\Volume{35122306-fb0b-11e5-b945-806e6f6e6963}\SVCD\entries.svd
\??\Volume{35122306-fb0b-11e5-b945-806e6f6e6963}\SVCD\entries.vcd
\??\Volume{35122306-fb0b-11e5-b945-806e6f6e6963}\DCIM
\??\Volume{35122306-fb0b-11e5-b945-806e6f6e6963}\BDMV
\??\Volume{35122306-fb0b-11e5-b945-806e6f6e6963}\BDAV
\??\Volume{35122306-fb0b-11e5-b945-806e6f6e6963}
C:\ProgramData\Microsoft\Network\Downloader\qmgr0.dat
C:\ProgramData\Microsoft\Network\Downloader\qmgr1.dat
C:\Windows\sysnative\Tasks\Microsoft\Windows\Media Center\RecordingRestart
\??\STORAGE#Volume#{35122303-fb0b-11e5-b945-806e6f6e6963}#0000000006500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
C:\Windows\ehome\ehrec
C:\Windows\ehome\ehrec.COM
C:\Windows\ehome\ehrec.exe
\??\Volume{35122307-fb0b-11e5-b945-806e6f6e6963}\
\??\Volume{35122307-fb0b-11e5-b945-806e6f6e6963}\autorun.inf
\??\Volume{35122307-fb0b-11e5-b945-806e6f6e6963}\desktop.ini
\??\Volume{35122307-fb0b-11e5-b945-806e6f6e6963}\video_ts\video_ts.ifo
\??\Volume{35122307-fb0b-11e5-b945-806e6f6e6963}\dvd_rtav\vr_mangr.ifo
\??\Volume{35122307-fb0b-11e5-b945-806e6f6e6963}\audio_ts\audio_ts.ifo
\??\Volume{35122307-fb0b-11e5-b945-806e6f6e6963}\VCD\entries.vcd
\??\Volume{35122307-fb0b-11e5-b945-806e6f6e6963}\SVCD\entries.svd
\??\Volume{35122307-fb0b-11e5-b945-806e6f6e6963}\SVCD\entries.vcd
\??\Volume{35122307-fb0b-11e5-b945-806e6f6e6963}\DCIM
\??\Volume{35122307-fb0b-11e5-b945-806e6f6e6963}\BDMV
\??\Volume{35122307-fb0b-11e5-b945-806e6f6e6963}\BDAV
\??\Volume{35122307-fb0b-11e5-b945-806e6f6e6963}
\??\GLOBALROOT\Device\HarddiskVolume1\
C:\Windows\sysnative\Tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck
C:\Windows\sysnative\vssapi.dll
C:\Windows\sysnative\Tasks\Microsoft\Windows\SystemRestore\SR
C:\Windows\sysnative\atl.dll
C:\Windows\sysnative\Tasks\Microsoft\Windows\Autochk\Proxy
C:\Windows\sysnative\vsstrace.dll
C:\Windows\sysnative\Tasks\Microsoft\Windows\MUI\LPRemove
C:\Windows\sysnative\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver
C:\Windows\sysnative\Tasks\Microsoft\Windows\SideShow\GadgetManager
C:\Windows\sysnative\Tasks\Microsoft\Windows\Multimedia\SystemSoundsService
C:\Windows\sysnative\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual)
C:\Windows\sysnative\Tasks\Microsoft\Windows\SideShow\SystemDataProviders
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Windows\sysnative\Tasks\Microsoft\Windows\SideShow\AutoWake
C:\Program Files (x86)\Windows Media Player\
C:\Program Files (x86)\Windows Media Player\*.*
C:\Program Files (x86)\Windows Media Player\it-IT\wmplayer.exe.mui
C:\Program Files (x86)\Windows Media Player\ui\SwDRM.dll
C:\Windows\sysnative\it-IT\VssTrace.DLL.mui
C:\Windows\sysnative\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration
C:\Windows\sysnative\Tasks\Microsoft\Windows\TextServicesFramework\MsCtfMonitor
C:\Windows\sysnative\Tasks\Microsoft\Windows\Shell\WindowsParentalControls
\??\PIPE\samr
\??\ide#diskvbox_harddisk___________________________1.0_____#5&33d1638a&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}
C:\Windows\sysnative\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated)
C:\Windows\sysnative\Tasks\Microsoft\Windows\CertificateServicesClient\UserTask
C:\Windows\sysnative\Tasks\Microsoft\Windows\Offline Files\Logon Synchronization
C:\Windows\sysnative\Tasks\Microsoft\Windows\SideShow\SessionAgent
C:\Windows\sysnative\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
C:\Windows\sysnative\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting
C:\Windows\sysnative\Tasks\Microsoft\Windows\MobilePC\HotStart
C:\Windows\sysnative\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime
C:\Windows\sysnative\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector
C:\Windows\sysnative\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict1
C:\Windows\sysnative\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict2
C:\Windows\sysnative\Tasks\Microsoft\Windows Defender\MpIdleTask
C:\Windows\sysnative\Tasks\Microsoft\Windows\Task Manager\Interactive
C:\Windows\sysnative\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask
C:\Windows\sysnative\Tasks\Microsoft\Windows\WindowsBackup\ConfigNotification
C:\Windows\sysnative\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService
C:\Windows\sysnative\Tasks\Microsoft\Windows\Customer Experience Improvement Program\UsbCeip
C:\Windows\sysnative\Tasks\Microsoft\Windows\Offline Files\Background Synchronization
C:\Windows\sysnative\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch
C:\Windows\sysnative\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry
C:\Windows\sysnative\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig
C:\Windows\sysnative\Tasks\Microsoft\Windows\Defrag\ScheduledDefrag
C:\Windows\sysnative\Tasks\Microsoft\Windows\User Profile Service\HiveUploadTask
C:\Windows\sysnative\Tasks\Microsoft\Windows\Media Center\mcupdate
C:\Windows\ehome\mcupdate
C:\Windows\ehome\mcupdate.COM
C:\Windows\ehome\mcupdate.exe
C:\Windows\sysnative\Tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary
C:\Windows\sysnative\Tasks\Microsoft\Windows\Media Center\PBDADiscovery
C:\Windows\sysnative\Tasks\Microsoft\Windows\Media Center\OCURActivate
C:\Windows\sysnative\Tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo
C:\Windows\sysnative\$(Arg1)
C:\Windows\sysnative\gatherNetworkInfo.vbs
C:\Windows\SysWOW64\propsys.dll
C:\Windows\sysnative\propsys.dll
C:\Windows\sysnative\it-IT\PROPSYS.dll.mui
C:\Windows\sysnative\
C:\Windows\sysnative\wscript.exe
C:\Windows\sysnative\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask
C:\Windows\sysnative\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2
C:\Windows\sysnative\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1
C:\Windows\sysnative\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath
C:\Windows\sysnative\it-IT\faultrep.dll.mui
C:\Windows\sysnative\winxp\triage.ini
C:\Windows\sysnative\WINXP
C:\Windows\sysnative\winext
C:\Windows\sysnative\winext\arcade
C:\Windows\sysnative\pri
C:\ProgramData\Oracle\Java\javapath
C:\ProgramData\Oracle\Java\javapath\
C:\Windows\sysnative\WindowsPowerShell\v1.0
C:\Windows\sysnative\WindowsPowerShell\v1.0\
C:\Windows\sysnative\WINXP\dbghelp.dll
C:\Windows\sysnative\winext\dbghelp.dll
C:\Windows\sysnative\winext\arcade\dbghelp.dll
C:\Windows\sysnative\pri\dbghelp.dll
C:\Windows\sysnative\dbghelp.dll
C:\Windows\sysnative\WINXP\ext.dll
C:\Windows\sysnative\winext\ext.dll
C:\Windows\sysnative\winext\arcade\ext.dll
C:\Windows\sysnative\pri\ext.dll
C:\Windows\sysnative\ext.dll
C:\ProgramData\Oracle\Java\javapath\ext.dll
C:\Windows\ext.dll
C:\Windows\sysnative\wbem\ext.dll
C:\Windows\sysnative\WindowsPowerShell\v1.0\ext.dll
C:\Windows\sysnative\it-IT\KERNELBASE.dll.mui
C:\Windows\sysnative\WINXP\exts.dll
C:\Windows\sysnative\winext\exts.dll
C:\Windows\sysnative\winext\arcade\exts.dll
C:\Windows\sysnative\pri\exts.dll
C:\Windows\sysnative\exts.dll
C:\ProgramData\Oracle\Java\javapath\exts.dll
C:\Windows\exts.dll
C:\Windows\sysnative\wbem\exts.dll
C:\Windows\sysnative\WindowsPowerShell\v1.0\exts.dll
C:\Windows\sysnative\WINXP\uext.dll
C:\Windows\sysnative\winext\uext.dll
C:\Windows\sysnative\winext\arcade\uext.dll
C:\Windows\sysnative\pri\uext.dll
C:\Windows\sysnative\uext.dll
C:\ProgramData\Oracle\Java\javapath\uext.dll
C:\Windows\uext.dll
C:\Windows\sysnative\wbem\uext.dll
C:\Windows\sysnative\WindowsPowerShell\v1.0\uext.dll
C:\Windows\sysnative\WINXP\ntsdexts.dll
C:\Windows\sysnative\winext\ntsdexts.dll
C:\Windows\sysnative\winext\arcade\ntsdexts.dll
C:\Windows\sysnative\pri\ntsdexts.dll
C:\Windows\sysnative\ntsdexts.dll
C:\ProgramData\Oracle\Java\javapath\ntsdexts.dll
C:\Windows\ntsdexts.dll
C:\Windows\sysnative\wbem\ntsdexts.dll
C:\Windows\sysnative\WindowsPowerShell\v1.0\ntsdexts.dll
C:\Windows\sysnative\it-IT\wer.dll.mui
C:\Windows\sysnative\dllhost.exe
C:\Windows\sysnative\it-IT\werui.dll.mui
C:\Windows\sysnative\werui.dll
C:\Windows\sysnative\it-IT\DUser.dll.mui
C:\Windows\sysnative\WerFault.exe.Local\
C:\Windows\winsxs\amd64_microsoft.windows.c..-controls.resources_6595b64144ccf1df_6.0.7600.16385_it-it_9d1a65120dd4a268
C:\Windows\winsxs\amd64_microsoft.windows.c..-controls.resources_6595b64144ccf1df_6.0.7600.16385_it-it_9d1a65120dd4a268\COMCTL32.dll.mui
C:\Windows\win.ini
C:\Windows\sysnative\uxtheme.dll.Config
C:\Windows\sysnative\uxtheme.dll
C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac
C:\Windows\sysnative\it-IT\erofflps.txt
C:\Users\Seven01\AppData\Local\Temp\
C:\Users\Seven01\AppData\Local\Temp\WERE933.tmp
C:\Users\Seven01\AppData\Local\Temp\WERE933.tmp.WERInternalMetadata.xml
C:\Windows\sysnative\drivers\*.mrk
C:\Users\Seven01\AppData\Local\Microsoft\Windows\WER\ReportArchive
C:\Users\Seven01\AppData\Local\Microsoft\Windows\WER\ReportArchive\*_*_*_*
C:\Users\Seven01\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_DllHost.exe_ad2fe429ca869d486e10545d81227099bd96a4c8_0272fbdd
C:\Users\Seven01\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_DllHost.exe_ad2fe429ca869d486e10545d81227099bd96a4c8_0272fbdd\Report.wer

Read Files

C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
C:\Users\Seven01\AppData\Local\Temp\poo.exe.config
C:\Users\Seven01\AppData\Local\Temp\poo.exe
C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6229_none_d089f796442de10e\msvcr80.dll
C:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\machine.config
C:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\security.config
C:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\security.config.cch
C:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\enterprisesec.config
C:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\enterprisesec.config.cch
C:\Users\Seven01\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\security.config
C:\Users\Seven01\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\security.config.cch
C:\Windows\assembly\NativeImages_v2.0.50727_32\index126.dat
C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62a0b3e4b40ec0e8c5cfaa0c8848e64a\mscorlib.ni.dll
\Device\KsecDD
C:\Windows\System32\l_intl.nls
C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
C:\Windows\assembly\pubpol28.dat
C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9e0a3b9b9f457233a335d7fba8f95419\System.ni.dll
C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dbfe8642a8ed7b2b103ad28e0c96418a\System.Drawing.ni.dll
C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3afcd5168c7a6cb02eab99d7fd71e102\System.Windows.Forms.ni.dll
C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\sorttbls.nlp
C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\sortkey.nlp
C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\08d608378aa405adc844f3cf36974b8c\Microsoft.VisualBasic.ni.dll
C:\Windows\System32\wbem\wbemdisp.tlb
C:\Windows\SysWOW64\it-IT\KERNELBASE.dll.mui
C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\bf7e7494e75e32979c7824a07570a8a9\CustomMarshalers.ni.dll
C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
C:\Windows\SysWOW64\stdole2.tlb
C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\6f3b99ed0b791ff4d8aa52f2f0cd0bcf\System.Management.ni.dll
C:\Windows\Microsoft.NET\Framework\v2.0.50727\wminet_utils.dll
C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
C:\Windows\Microsoft.NET\Framework\v2.0.50727\it\mscorrc.dll
C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_it_b77a5c561934e089\mscorlib.resources.dll
C:\Users\Seven01\AppData\Roaming\Mozilla\Firefox\profiles.ini
C:\Windows\System32\tzres.dll
C:\Windows\System32\it-IT\tzres.dll.mui
C:\Users\Seven01\AppData\Roaming\Mozilla\SeaMonkey\profiles.ini
C:\Users\Seven01\AppData\Roaming\Flock\Browser\profiles.ini
C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_it_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll
C:\Users\Seven01\AppData\Roaming\NETGATE Technologies\BlackHawk\profiles.ini
C:\Users\Seven01\AppData\Roaming\8pecxstudios\Cyberfox\profiles.ini
C:\Users\Seven01\AppData\Roaming\K-Meleon\profiles.ini
C:\Users\Seven01\AppData\Roaming\Mozilla\icecat\profiles.ini
C:\Users\Seven01\AppData\Roaming\Comodo\IceDragon\profiles.ini
C:\Users\Seven01\AppData\Roaming\Moonchild Productions\Pale Moon\profiles.ini
C:\Users\Seven01\AppData\Roaming\Waterfox\profiles.ini
C:\Users\Seven01\AppData\Local\falkon\profiles\profiles.ini
C:\Users\Seven01\AppData\Roaming\Thunderbird\profiles.ini
C:\Users\Seven01\AppData\Roaming\Postbox\profiles.ini
C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\461d3b6b3f43e6fbe6c897d5936e17e4\System.Xml.ni.dll
C:\Users\Seven01\AppData\Roaming\FileZilla\recentservers.xml
C:\Users\Seven01\AppData\Roaming\CoreFTP\sites.idx
C:\Windows\SysWOW64\wshom.ocx
\??\PIPE\NETLOGON
C:\Windows\SysWOW64\it-IT\wshom.ocx.mui
C:\FTP Navigator\Ftplist.txt
C:\Windows\sysnative\wbem\WmiPrvSE.exe
C:\Windows\appcompat\Programs\RecentFileCache.bcf
C:\Windows\AppPatch\AppPatch64\sysmain.sdb
C:\Windows\sysnative\wbem\
C:\Windows\SysWOW64\sc.exe
C:\Windows\AppPatch\sysmain.sdb
C:\Windows\SysWOW64\
C:\Windows\SysWOW64\it-IT\sc.exe.mui
C:\Windows\sysnative\Tasks\Microsoft\Windows\WDI\ResolutionHost
C:\Windows\Globalization\Sorting\sortdefault.nls
C:\Windows\sysnative\it-IT\USER32.dll.mui
\??\pipe\PIPE_EVENTROOT\CIMV2PROVIDERSUBSYSTEM
\??\WMIDataDevice
C:\Windows\sysnative\wbem\it-IT\cimwin32.dll.mui
\??\PIPE\srvsvc
C:\Windows\sysnative\LogFiles\Scm\eaca24ff-236c-401d-a1e7-b3d5267b8a50
C:\Windows\sysnative\LogFiles\Scm\5f5a18eb-dc73-4e45-a11c-b59043598412
C:\Windows\sysnative\LogFiles\Scm\6dd68ac2-29d2-4ff8-a7c8-4faf5bfa0e39
C:\Windows\sysnative\LogFiles\Scm\72db7465-bc54-491b-a92a-4637a28c9bbf
C:\Windows\sysnative\LogFiles\Scm\994c86ad-a929-4b2c-88a0-4e25a107a029
C:\Windows\sysnative\LogFiles\Scm\d7b6e81d-3cf4-432c-84d2-24213f4316e6
C:\Windows\sysnative\LogFiles\Scm\eb02381f-d652-4b1c-894a-712498c62c51
C:\Windows\sysnative\LogFiles\Scm\01ae1cd5-23d1-4b8c-b118-6f70e4b13019
C:\Windows\sysnative\LogFiles\Scm\0e0931af-7911-4ae5-8fdb-971e157234b3
C:\Windows\sysnative\LogFiles\Scm\2470470f-2634-478e-b181-571e98a789bb
C:\Windows\sysnative\LogFiles\Scm\28011108-68df-4c73-b91b-57427d501bba
C:\Windows\sysnative\LogFiles\Scm\2c513e04-9757-4167-a0cd-5b485ed9abc6
C:\Windows\sysnative\LogFiles\Scm\458ad310-8828-4e4a-976e-55b7f1724152
C:\Windows\sysnative\LogFiles\Scm\486d715e-6aa2-44cf-bc48-b6990cbb53c6
C:\Windows\sysnative\LogFiles\Scm\4c8b01a2-11ff-4c41-848f-508ef4f00cf7
C:\Windows\sysnative\LogFiles\Scm\5b42dd9c-5a26-4f27-bb95-34603f0997e5
C:\Windows\sysnative\LogFiles\Scm\613612ba-897d-44ce-8dc1-8fc283f9fd51
C:\Windows\sysnative\LogFiles\Scm\7afcc0ca-7121-422a-ab45-b0e8d599ff08
C:\Windows\sysnative\LogFiles\Scm\7bb9ab04-19c4-4ed4-9e39-842ee25e4f34
C:\Windows\sysnative\LogFiles\Scm\90f611e2-877d-473d-bc36-5623044532ae
C:\Windows\sysnative\LogFiles\Scm\a35bb7a6-5f0c-4c9f-8450-2b3bed532d51
C:\Windows\sysnative\LogFiles\Scm\d0250f3f-6480-484f-b719-42f659ac64d5
C:\Windows\sysnative\LogFiles\Scm\eb97bac0-e76f-421d-bfe3-12eaa69ce705
C:\Windows\sysnative\LogFiles\Scm\044a6734-e90e-4f8f-b357-b2dc8ab3b5ec
C:\Windows\sysnative\LogFiles\Scm\046fbef8-2dd6-4a92-a08e-608464edcc44
C:\Windows\sysnative\LogFiles\Scm\088482fa-65b8-4e17-9abf-1dcd48e8d373
C:\Windows\sysnative\LogFiles\Scm\09f06bfe-a3c8-40e3-846a-6e6f4000c238
C:\Windows\sysnative\LogFiles\Scm\1af4338f-6c18-4fc7-9691-7bf990a00048
C:\Windows\sysnative\LogFiles\Scm\1f7b7221-ae8f-44f3-ba82-f7d260f51964
C:\Windows\sysnative\LogFiles\Scm\2171d673-da91-42eb-99aa-8377558033a6
C:\Windows\sysnative\LogFiles\Scm\2f57269b-1e09-4e2d-ab1e-b0fdac7d279c
C:\Windows\sysnative\LogFiles\Scm\384d247e-5044-403e-8815-663857f019e4
C:\Windows\sysnative\LogFiles\Scm\47536d45-eeec-4bdc-8183-a4dc1f8da9e4
C:\Windows\sysnative\LogFiles\Scm\4f50e1b5-2f4b-4efe-ae7a-842b3315f32f
C:\Windows\sysnative\LogFiles\Scm\4f7cc921-910f-4928-a3c6-140c6114a475
C:\Windows\sysnative\LogFiles\Scm\502cd1f9-96cb-4a12-a9b3-b6e0b1a39f24
C:\Windows\sysnative\LogFiles\Scm\5a40e926-9e86-4b89-9cfd-b12311724371
C:\Windows\sysnative\LogFiles\Scm\5c0aeeea-c154-45be-8499-bea5f11baff6
C:\Windows\sysnative\LogFiles\Scm\6738ba6e-ea75-4b6b-b8b8-71f0336dd8ef
C:\Windows\sysnative\LogFiles\Scm\6e0caa7b-b2e3-426e-9ebc-d2e0f803ce6b
C:\Windows\sysnative\LogFiles\Scm\753c47ae-ec5e-44b3-95a9-2c8e553f0e39
C:\Windows\sysnative\LogFiles\Scm\786f5419-95a1-4b6a-82de-32ef997c5bd9
C:\Windows\sysnative\LogFiles\Scm\7c6fa9f4-69a9-419c-8646-ad6f7ec02d09
C:\Windows\sysnative\LogFiles\Scm\81540b9f-b5bf-47eb-9c95-be195bf2c664
C:\Windows\sysnative\LogFiles\Scm\82e14523-e495-4d88-ba3a-2bc274ef1200
C:\Windows\sysnative\LogFiles\Scm\83687e64-03cd-4a47-8cbb-508dd54b726e
C:\Windows\sysnative\LogFiles\Scm\888700e2-603d-461e-bc12-c17dfe30776f
C:\Windows\sysnative\LogFiles\Scm\8c04a2af-1dc1-4b64-8b32-fe6389548119
C:\Windows\sysnative\LogFiles\Scm\9435f817-fed2-454e-88cd-7f78fda62c48
C:\Windows\sysnative\it-IT\radarrs.dll.mui
C:\Windows\Fonts\staticcache.dat
C:\Windows\Prefetch\OQOPKLIB.EXE-1684F61E.pf
C:\Windows\Prefetch\SVCHOST.EXE-80F4A784.pf
\Device\FileInfo
\Device\Csc\.\.
C:\Windows\Prefetch\SC.EXE-1CF1DE92.pf
C:\Windows\Prefetch\CONHOST.EXE-1F3E9D7E.pf
C:\Windows\Prefetch\SVCHOST.EXE-A1476A17.pf
C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-0CB8CADE.pf
C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-77482212.pf
C:\Windows\Prefetch\DLLHOST.EXE-5E46FA0D.pf
C:\Windows\Prefetch\WERFAULT.EXE-E69F695A.pf
C:\Windows\sysnative\RacEngn.dll
C:\Windows\sysnative\winevt\Logs\Microsoft-Windows-ReliabilityAnalysisComponent%4Operational.evtx
C:\Windows\sysnative\schedsvc.dll
C:\Windows\sysnative\WerFault.exe
C:\Windows\sysnative\winevt\Logs\Microsoft-Windows-WER-Diag%4Operational.evtx
C:\Windows\sysnative\fthsvc.dll
C:\Windows\sysnative\winevt\Logs\Microsoft-Windows-Fault-Tolerant-Heap%4Operational.evtx
C:\Windows\sysnative\shell32.dll
C:\Windows\sysnative\winevt\Logs\Microsoft-Windows-Known Folders API Service.evtx
C:\Windows\sysnative\oleres.dll
\Device\PcwDrv
C:\Windows\sysnative\it-IT\NETMSG.DLL.mui
C:\Windows\sysnative\tzres.dll
C:\Windows\sysnative\it-IT\tzres.dll.mui
\Device\LanmanRedirector
\Device\SrvAdmin
\Device\LanmanServer
\Device\Srv2
C:\Windows\sysnative\it-IT\taskcomp.dll.mui
C:\Windows\Tasks\SCHEDLGU.TXT
\??\PIPE\lsarpc
C:\Windows\resources\Themes\Aero\Aero.msstyles
\??\IDE#CdRomVBOX_CD-ROM_____________________________1.0_____#5&106af171&0&1.0.0#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
C:
C:\Windows\Tasks
C:\Windows\sysnative\Tasks\Microsoft\Windows\CertificateServicesClient\SystemTask
C:\
\??\Volume{35122306-fb0b-11e5-b945-806e6f6e6963}
C:\ProgramData\Microsoft\Network\Downloader\qmgr0.dat
C:\ProgramData\Microsoft\Network\Downloader\qmgr1.dat
C:\Windows\sysnative\Tasks\Microsoft\Windows\Media Center\RecordingRestart
\??\Volume{35122307-fb0b-11e5-b945-806e6f6e6963}
C:\Windows\sysnative\Tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck
C:\Windows\sysnative\vssapi.dll
C:\Windows\sysnative\Tasks\Microsoft\Windows\SystemRestore\SR
C:\Windows\sysnative\atl.dll
C:\Windows\sysnative\Tasks\Microsoft\Windows\Autochk\Proxy
C:\Windows\sysnative\vsstrace.dll
C:\Windows\sysnative\Tasks\Microsoft\Windows\MUI\LPRemove
C:\Windows\sysnative\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver
C:\Windows\sysnative\Tasks\Microsoft\Windows\SideShow\GadgetManager
C:\Windows\sysnative\Tasks\Microsoft\Windows\Multimedia\SystemSoundsService
C:\Windows\sysnative\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual)
C:\Windows\sysnative\Tasks\Microsoft\Windows\SideShow\SystemDataProviders
C:\Windows\sysnative\Tasks\Microsoft\Windows\SideShow\AutoWake
C:\Program Files (x86)\Windows Media Player\
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Windows Media Player\it-IT\wmplayer.exe.mui
C:\Windows\sysnative\it-IT\VssTrace.DLL.mui
C:\Windows\sysnative\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration
C:\Windows\sysnative\Tasks\Microsoft\Windows\TextServicesFramework\MsCtfMonitor
C:\Windows\sysnative\Tasks\Microsoft\Windows\Shell\WindowsParentalControls
\??\PIPE\samr
C:\Windows\sysnative\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated)
C:\Windows\sysnative\Tasks\Microsoft\Windows\CertificateServicesClient\UserTask
C:\Windows\sysnative\Tasks\Microsoft\Windows\Offline Files\Logon Synchronization
C:\Windows\sysnative\Tasks\Microsoft\Windows\SideShow\SessionAgent
C:\Windows\sysnative\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
C:\Windows\sysnative\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting
C:\Windows\sysnative\Tasks\Microsoft\Windows\MobilePC\HotStart
C:\Windows\sysnative\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime
C:\Windows\sysnative\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector
C:\Windows\sysnative\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict1
C:\Windows\sysnative\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict2
C:\Windows\sysnative\Tasks\Microsoft\Windows Defender\MpIdleTask
C:\Windows\sysnative\Tasks\Microsoft\Windows\Task Manager\Interactive
C:\Windows\sysnative\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask
C:\Windows\sysnative\Tasks\Microsoft\Windows\WindowsBackup\ConfigNotification
C:\Windows\sysnative\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService
C:\Windows\sysnative\Tasks\Microsoft\Windows\Customer Experience Improvement Program\UsbCeip
C:\Windows\sysnative\Tasks\Microsoft\Windows\Offline Files\Background Synchronization
C:\Windows\sysnative\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch
C:\Windows\sysnative\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry
C:\Windows\sysnative\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig
C:\Windows\sysnative\Tasks\Microsoft\Windows\Defrag\ScheduledDefrag
C:\Windows\sysnative\Tasks\Microsoft\Windows\User Profile Service\HiveUploadTask
C:\Windows\sysnative\Tasks\Microsoft\Windows\Media Center\mcupdate
C:\Windows\sysnative\Tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary
C:\Windows\sysnative\Tasks\Microsoft\Windows\Media Center\PBDADiscovery
C:\Windows\sysnative\Tasks\Microsoft\Windows\Media Center\OCURActivate
C:\Windows\sysnative\Tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo
C:\Windows\sysnative\it-IT\PROPSYS.dll.mui
C:\Windows\sysnative\
C:\Windows\sysnative\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask
C:\Windows\sysnative\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2
C:\Windows\sysnative\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1
C:\Windows\sysnative\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath
C:\Windows\sysnative\it-IT\faultrep.dll.mui
C:\Windows\sysnative\winxp\triage.ini
C:\Windows\sysnative\it-IT\KERNELBASE.dll.mui
C:\Windows\sysnative\it-IT\wer.dll.mui
C:\Windows\sysnative\it-IT\werui.dll.mui
C:\Windows\sysnative\werui.dll
C:\Windows\sysnative\dllhost.exe
C:\Windows\sysnative\it-IT\DUser.dll.mui
C:\Windows\winsxs\amd64_microsoft.windows.c..-controls.resources_6595b64144ccf1df_6.0.7600.16385_it-it_9d1a65120dd4a268\COMCTL32.dll.mui
C:\Windows\win.ini
C:\Windows\sysnative\uxtheme.dll.Config
C:\Windows\sysnative\uxtheme.dll
C:\Windows\sysnative\it-IT\erofflps.txt
C:\Users\Seven01\AppData\Local\Temp\WERE933.tmp
C:\Users\Seven01\AppData\Local\Temp\WERE933.tmp.WERInternalMetadata.xml

Write Files

\??\PIPE\NETLOGON
C:\Windows\appcompat\Programs\RecentFileCache.bcf
\??\pipe\PIPE_EVENTROOT\CIMV2PROVIDERSUBSYSTEM
\??\WMIDataDevice
C:\Windows\sysnative\LogFiles\Scm\9435f817-fed2-454e-88cd-7f78fda62c48
\??\PIPE\srvsvc
C:\Windows\sysnative\LogFiles\Scm\5f5a18eb-dc73-4e45-a11c-b59043598412
C:\Windows\sysnative\LogFiles\Scm\2470470f-2634-478e-b181-571e98a789bb
C:\Windows\sysnative\LogFiles\Scm\4c8b01a2-11ff-4c41-848f-508ef4f00cf7
C:\Windows\sysnative\LogFiles\Scm\7afcc0ca-7121-422a-ab45-b0e8d599ff08
C:\Windows\sysnative\LogFiles\Scm\d0250f3f-6480-484f-b719-42f659ac64d5
C:\Windows\sysnative\LogFiles\Scm\eb97bac0-e76f-421d-bfe3-12eaa69ce705
C:\Windows\sysnative\LogFiles\Scm\044a6734-e90e-4f8f-b357-b2dc8ab3b5ec
C:\Windows\sysnative\LogFiles\Scm\046fbef8-2dd6-4a92-a08e-608464edcc44
C:\Windows\sysnative\LogFiles\Scm\2f57269b-1e09-4e2d-ab1e-b0fdac7d279c
C:\Windows\sysnative\LogFiles\Scm\47536d45-eeec-4bdc-8183-a4dc1f8da9e4
C:\Windows\Prefetch\CONHOST.EXE-1F3E9D7E.pf
C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-0CB8CADE.pf
C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-77482212.pf
C:\Windows\Prefetch\DLLHOST.EXE-5E46FA0D.pf
C:\Windows\sysnative\winevt\Logs\Microsoft-Windows-ReliabilityAnalysisComponent%4Operational.evtx
C:\Windows\sysnative\winevt\Logs\Microsoft-Windows-WER-Diag%4Operational.evtx
C:\Windows\sysnative\winevt\Logs\Microsoft-Windows-Fault-Tolerant-Heap%4Operational.evtx
C:\Windows\sysnative\winevt\Logs\Microsoft-Windows-Known Folders API Service.evtx
C:\DfsServer
\Device\LanmanRedirector
\Device\SrvAdmin
\Device\LanmanServer
\Device\Srv2
C:\Windows\Tasks\SCHEDLGU.TXT
\??\PIPE\lsarpc
C:\ProgramData\Microsoft\Network\Downloader\qmgr0.dat
C:\ProgramData\Microsoft\Network\Downloader\qmgr1.dat
\??\PIPE\samr
C:\Users\Seven01\AppData\Local\Temp\WERE933.tmp.WERInternalMetadata.xml
C:\Users\Seven01\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_DllHost.exe_ad2fe429ca869d486e10545d81227099bd96a4c8_0272fbdd\Report.wer

Delete Files

C:\Users\Seven01\AppData\Local\Temp\WERE933.tmp
C:\Users\Seven01\AppData\Local\Temp\WERE933.tmp.WERInternalMetadata.xml

Keys

HKEY_LOCAL_MACHINE\Software\Microsoft\.NETFramework\Policy\
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\Policy\v4.0
HKEY_LOCAL_MACHINE\Software\Microsoft\.NETFramework
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\InstallRoot
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\CLRLoadLogDir
HKEY_CURRENT_USER\Software\Microsoft\.NETFramework
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\UseLegacyV2RuntimeActivationPolicyDefaultValue
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\OnlyUseLatestCLR
Policy\Standards
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\Policy\Standards
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\Policy\Standards\v2.0.50727
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Fusion\NoClientChecks
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SideBySide
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SideBySide\PreferExternalManifest
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SideBySide\AssemblyStorageRoots
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\GCStressStart
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\GCStressStartAtJit
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\DisableConfigCache
HKEY_LOCAL_MACHINE\Software\Microsoft\.NETFramework\Policy\AppPatch
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\Policy\AppPatch\v4.0.30319.00000
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\Policy\AppPatch\v4.0.30319.00000\mscorwks.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Fusion
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\poo.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\CacheLocation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\DownloadCacheQuotaInKB
HKEY_CURRENT_USER\Software\Microsoft\Fusion
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\EnableLog
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\LoggingLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\ForceLog
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\LogFailures
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\VersioningLog
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\LogResourceBinds
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\UseLegacyIdentityFormat
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\DisableMSIPeek
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NoClientChecks
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DevOverrideEnable
HKEY_LOCAL_MACHINE\Software\Microsoft\.NETFramework\Security\Policy\Extensions\NamedPermissionSets
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\Security\Policy\Extensions\NamedPermissionSets\Internet
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\Security\Policy\Extensions\NamedPermissionSets\LocalIntranet
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-1822907384-1282624486-319450072-1000
HKEY_LOCAL_MACHINE\Software\Microsoft\.NETFramework\v2.0.50727\Security\Policy
HKEY_LOCAL_MACHINE\Software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\LatestIndex
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\index126
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\index126\NIUsageMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\index126\ILUsageMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\181938c6\7950e2c5
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\181938c6\7950e2c5\83
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\181938c6\7950e2c5\83\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\181938c6\7950e2c5\83\ConfigMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\181938c6\7950e2c5\83\ConfigString
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\181938c6\7950e2c5\83\MVID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\181938c6\7950e2c5\83\EvalationData
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\181938c6\7950e2c5\83\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\181938c6\7950e2c5\83\ILDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\181938c6\7950e2c5\83\NIDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\181938c6\7950e2c5\83\MissingDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\7950e2c5\183e33de\83
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\7950e2c5\183e33de\83\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\7950e2c5\183e33de\83\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\7950e2c5\183e33de\83\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\7950e2c5\183e33de\83\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\7950e2c5\183e33de\83\LastModTime
HKEY_LOCAL_MACHINE\Software\Microsoft\Fusion\GACChangeNotification\Default
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\mscorlib,2.0.0.0,,b77a5c561934e089,x86
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\455c8148\123e3348
HKEY_LOCAL_MACHINE\Software\Microsoft\StrongName
HKEY_LOCAL_MACHINE\Software\Microsoft\Fusion\PublisherPolicy\Default
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\Latest
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\index28
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\LegacyPolicyTimeStamp
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.2.0.System.Windows.Forms__b77a5c561934e089
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\61e7e666\c991064
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\61e7e666\c991064\7a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\61e7e666\c991064\7a\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\61e7e666\c991064\7a\ConfigMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\61e7e666\c991064\7a\ConfigString
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\61e7e666\c991064\7a\MVID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\61e7e666\c991064\7a\EvalationData
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\61e7e666\c991064\7a\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\61e7e666\c991064\7a\ILDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\61e7e666\c991064\7a\NIDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\61e7e666\c991064\7a\MissingDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\475dce40\2d382ce6\85
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\475dce40\2d382ce6\85\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\475dce40\2d382ce6\85\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\475dce40\2d382ce6\85\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\475dce40\2d382ce6\85\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\475dce40\2d382ce6\85\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\19ab8d57\1bd7b0d8\87
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\19ab8d57\1bd7b0d8\87\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\19ab8d57\1bd7b0d8\87\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\19ab8d57\1bd7b0d8\87\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\19ab8d57\1bd7b0d8\87\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\19ab8d57\1bd7b0d8\87\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\2dd6ac50\163e1f5e\80
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\2dd6ac50\163e1f5e\80\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\2dd6ac50\163e1f5e\80\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\2dd6ac50\163e1f5e\80\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\2dd6ac50\163e1f5e\80\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\2dd6ac50\163e1f5e\80\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\424bd4d8\1c83327b\86
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\424bd4d8\1c83327b\86\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\424bd4d8\1c83327b\86\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\424bd4d8\1c83327b\86\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\424bd4d8\1c83327b\86\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\424bd4d8\1c83327b\86\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\41c04c7e\7f3b6ac4\78
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\41c04c7e\7f3b6ac4\78\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\41c04c7e\7f3b6ac4\78\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\41c04c7e\7f3b6ac4\78\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\41c04c7e\7f3b6ac4\78\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\41c04c7e\7f3b6ac4\78\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3ced59c5\1b2590b1\7c
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3ced59c5\1b2590b1\7c\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3ced59c5\1b2590b1\7c\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3ced59c5\1b2590b1\7c\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3ced59c5\1b2590b1\7c\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3ced59c5\1b2590b1\7c\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\c991064\2bd33e1c\79
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\c991064\2bd33e1c\79\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\c991064\2bd33e1c\79\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\c991064\2bd33e1c\79\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\c991064\2bd33e1c\79\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\c991064\2bd33e1c\79\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc7c4f\3f50fe4f\88
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc7c4f\3f50fe4f\88\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc7c4f\3f50fe4f\88\ConfigMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc7c4f\3f50fe4f\88\ConfigString
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc7c4f\3f50fe4f\88\MVID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc7c4f\3f50fe4f\88\EvalationData
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc7c4f\3f50fe4f\88\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc7c4f\3f50fe4f\88\ILDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc7c4f\3f50fe4f\88\NIDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc7c4f\3f50fe4f\88\MissingDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3f50fe4f\6f1da7aa\88
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3f50fe4f\6f1da7aa\88\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3f50fe4f\6f1da7aa\88\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3f50fe4f\6f1da7aa\88\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3f50fe4f\6f1da7aa\88\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3f50fe4f\6f1da7aa\88\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\3cca06a0\6dc7d4c0\7b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\3cca06a0\6dc7d4c0\7b\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\3cca06a0\6dc7d4c0\7b\ConfigMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\3cca06a0\6dc7d4c0\7b\ConfigString
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\3cca06a0\6dc7d4c0\7b\MVID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\3cca06a0\6dc7d4c0\7b\EvalationData
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\3cca06a0\6dc7d4c0\7b\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\3cca06a0\6dc7d4c0\7b\ILDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\3cca06a0\6dc7d4c0\7b\NIDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\3cca06a0\6dc7d4c0\7b\MissingDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\6dc7d4c0\a5cd4db\7e
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\6dc7d4c0\a5cd4db\7e\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\6dc7d4c0\a5cd4db\7e\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\6dc7d4c0\a5cd4db\7e\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\6dc7d4c0\a5cd4db\7e\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\6dc7d4c0\a5cd4db\7e\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Windows.Forms,2.0.0.0,,b77a5c561934e089,MSIL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.2.0.System.Drawing__b03f5f7f11d50a3a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Drawing,2.0.0.0,,b03f5f7f11d50a3a,MSIL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.2.0.System__b77a5c561934e089
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System,2.0.0.0,,b77a5c561934e089,MSIL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.2.0.System.Xml__b77a5c561934e089
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Xml,2.0.0.0,,b77a5c561934e089,MSIL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.2.0.System.Configuration__b03f5f7f11d50a3a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Configuration,2.0.0.0,,b03f5f7f11d50a3a,MSIL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.2.0.System.Deployment__b03f5f7f11d50a3a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Deployment,2.0.0.0,,b03f5f7f11d50a3a,MSIL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.2.0.System.Runtime.Serialization.Formatters.Soap__b03f5f7f11d50a3a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Runtime.Serialization.Formatters.Soap,2.0.0.0,,b03f5f7f11d50a3a,MSIL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.2.0.Accessibility__b03f5f7f11d50a3a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\Accessibility,2.0.0.0,,b03f5f7f11d50a3a,MSIL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.2.0.System.Security__b03f5f7f11d50a3a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Security,2.0.0.0,,b03f5f7f11d50a3a,MSIL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\Policy\APTCA
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\FipsAlgorithmPolicy\Enabled
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\FipsAlgorithmPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\DbgJITDebugLaunchSetting
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\DbgManagedDebugger
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.8.0.Microsoft.VisualBasic__b03f5f7f11d50a3a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\1c22df2f\4f99a7c9
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\1c22df2f\4f99a7c9\2e
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\1c22df2f\4f99a7c9\2e\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\1c22df2f\4f99a7c9\2e\ConfigMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\1c22df2f\4f99a7c9\2e\ConfigString
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\1c22df2f\4f99a7c9\2e\MVID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\1c22df2f\4f99a7c9\2e\EvalationData
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\1c22df2f\4f99a7c9\2e\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\1c22df2f\4f99a7c9\2e\ILDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\1c22df2f\4f99a7c9\2e\NIDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\1c22df2f\4f99a7c9\2e\MissingDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\f6e8397\46ad0879\6f
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\f6e8397\46ad0879\6f\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\f6e8397\46ad0879\6f\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\f6e8397\46ad0879\6f\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\f6e8397\46ad0879\6f\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\f6e8397\46ad0879\6f\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\2b1a4e4\38a3212c\44
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\2b1a4e4\38a3212c\44\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\2b1a4e4\38a3212c\44\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\2b1a4e4\38a3212c\44\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\2b1a4e4\38a3212c\44\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\2b1a4e4\38a3212c\44\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\24bf93f6\455bab30\6e
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\24bf93f6\455bab30\6e\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\24bf93f6\455bab30\6e\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\24bf93f6\455bab30\6e\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\24bf93f6\455bab30\6e\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\24bf93f6\455bab30\6e\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\4f99a7c9\53bea2b0\2e
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\4f99a7c9\53bea2b0\2e\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\4f99a7c9\53bea2b0\2e\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\4f99a7c9\53bea2b0\2e\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\4f99a7c9\53bea2b0\2e\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\4f99a7c9\53bea2b0\2e\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\Microsoft.VisualBasic,8.0.0.0,,b03f5f7f11d50a3a,MSIL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.2.0.System.Web__b03f5f7f11d50a3a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Web,2.0.0.0,,b03f5f7f11d50a3a,x86
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.2.0.System.Management__b03f5f7f11d50a3a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Management,2.0.0.0,,b03f5f7f11d50a3a,MSIL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.2.0.System.Runtime.Remoting__b77a5c561934e089
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Runtime.Remoting,2.0.0.0,,b77a5c561934e089,MSIL
HKEY_CURRENT_USER\Software\Classes
HKEY_CURRENT_USER\Software\Classes\AppID\poo.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\OLE\AppCompat
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLE\AppCompat\RaiseDefaultAuthnLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLE
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLE\DefaultAccessPermission
HKEY_CURRENT_USER\Software\Classes\Interface\{00000134-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{00000134-0000-0000-C000-000000000046}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{00000134-0000-0000-C000-000000000046}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc\Extensions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\Extensions\NdrOleExtDLL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\Extensions\RemoteRpcDll
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BFE
HKEY_LOCAL_MACHINE\Software\Microsoft\SQMClient\Windows\DisabledProcesses\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\Windows\DisabledProcesses\FFC54FE0
HKEY_LOCAL_MACHINE\Software\Microsoft\SQMClient\Windows\DisabledSessions\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\Windows\DisabledSessions\MachineThrottling
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\Windows\DisabledSessions\GlobalSession
HKEY_CURRENT_USER\Software\Classes\WinMgmts
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WINMGMTS\CLSID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WINMGMTS\CLSID\(Default)
HKEY_LOCAL_MACHINE\Software\Microsoft\Wbem\Scripting
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\WBEM\Scripting\Default Namespace
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Hostname
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\System\DNSclient
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Domain
HKEY_CURRENT_USER\Software\Classes\Interface\{D4781CD6-E5D3-44DF-AD94-930EFE48A887}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{D4781CD6-E5D3-44DF-AD94-930EFE48A887}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{D4781CD6-E5D3-44DF-AD94-930EFE48A887}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\it
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\it
HKEY_CURRENT_USER\Software\Classes\Interface\{9556DC99-828C-11CF-A37E-00AA003240C7}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{9556DC99-828C-11CF-A37E-00AA003240C7}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{9556DC99-828C-11CF-A37E-00AA003240C7}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\Progid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\Progid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocServer32\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocServer32\ThreadingModel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocHandler
HKEY_CURRENT_USER\Software\Classes\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{565783C6-CB41-11D1-8B02-00600806D9B6}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{565783C6-CB41-11D1-8B02-00600806D9B6}\1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{565783C6-CB41-11D1-8B02-00600806D9B6}\1.2
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{565783C6-CB41-11D1-8B02-00600806D9B6}\1.2\0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{565783C6-CB41-11D1-8B02-00600806D9B6}\1.2\0\win32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{565783C6-CB41-11D1-8B02-00600806D9B6}\1.2\0\win32\(Default)
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\CMF\Config
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\CMF\Config\SYSTEM
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Windows Error Reporting\WMR
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\Windows Error Reporting\WMR\Disable
HKEY_CLASSES_ROOT\CLSID\{62E522DC-8CF3-40A8-8B2E-37D595651E40}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{565783C6-CB41-11D1-8B02-00600806D9B6}\1.2\410
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{565783C6-CB41-11D1-8B02-00600806D9B6}\1.2\10
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\en-US
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\en-US
HKEY_CURRENT_USER\Software\Classes\Interface\{027947E1-D731-11CE-A357-000000000001}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{027947E1-D731-11CE-A357-000000000001}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{027947E1-D731-11CE-A357-000000000001}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\Progid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\Progid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocServer32\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocServer32\ThreadingModel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocHandler
HKEY_CURRENT_USER\Software\Classes\Interface\{1C1C45EE-4395-11D2-B60B-00104B703EFD}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1C1C45EE-4395-11D2-B60B-00104B703EFD}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1C1C45EE-4395-11D2-B60B-00104B703EFD}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\Interface\{423EC01E-2E35-11D2-B604-00104B703EFD}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{423EC01E-2E35-11D2-B604-00104B703EFD}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{423EC01E-2E35-11D2-B604-00104B703EFD}\ProxyStubClsid32\(Default)
HKEY_CLASSES_ROOT\CLSID\{04B83D61-21AE-11D2-8B33-00600806D9B6}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.2.0.CustomMarshalers__b03f5f7f11d50a3a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\109d7e79\357ee49a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\109d7e79\357ee49a\44
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\109d7e79\357ee49a\44\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\109d7e79\357ee49a\44\ConfigMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\109d7e79\357ee49a\44\ConfigString
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\109d7e79\357ee49a\44\MVID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\109d7e79\357ee49a\44\EvalationData
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\109d7e79\357ee49a\44\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\109d7e79\357ee49a\44\ILDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\109d7e79\357ee49a\44\NIDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\109d7e79\357ee49a\44\MissingDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3d590c3f\59f3b67b\82
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3d590c3f\59f3b67b\82\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3d590c3f\59f3b67b\82\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3d590c3f\59f3b67b\82\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3d590c3f\59f3b67b\82\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3d590c3f\59f3b67b\82\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\357ee49a\7d2df0ec\41
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\357ee49a\7d2df0ec\41\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\357ee49a\7d2df0ec\41\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\357ee49a\7d2df0ec\41\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\357ee49a\7d2df0ec\41\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\357ee49a\7d2df0ec\41\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\CustomMarshalers,2.0.0.0,,b03f5f7f11d50a3a,x86
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.8.0.Microsoft.VisualC__b03f5f7f11d50a3a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\Microsoft.VisualC,8.0.0.0,,b03f5f7f11d50a3a,MSIL
HKEY_CLASSES_ROOT\CLSID\{D6BDAFB2-9435-491F-BB87-6AA0F0BC31A2}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{00020430-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{00020430-0000-0000-C000-000000000046}\2.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{00020430-0000-0000-C000-000000000046}\2.0\0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{00020430-0000-0000-C000-000000000046}\2.0\0\win32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{00020430-0000-0000-C000-000000000046}\2.0\0\win32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\5a8de2c3\2b1a4e4
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\5a8de2c3\2b1a4e4\47
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\5a8de2c3\2b1a4e4\47\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\5a8de2c3\2b1a4e4\47\ConfigMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\5a8de2c3\2b1a4e4\47\ConfigString
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\5a8de2c3\2b1a4e4\47\MVID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\5a8de2c3\2b1a4e4\47\EvalationData
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\5a8de2c3\2b1a4e4\47\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\5a8de2c3\2b1a4e4\47\ILDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\5a8de2c3\2b1a4e4\47\NIDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\5a8de2c3\2b1a4e4\47\MissingDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\73843e06\43a920ef\66
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\73843e06\43a920ef\66\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\73843e06\43a920ef\66\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\73843e06\43a920ef\66\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\73843e06\43a920ef\66\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\73843e06\43a920ef\66\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\141dfd70\6b79efab\43
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\141dfd70\6b79efab\43\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\141dfd70\6b79efab\43\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\141dfd70\6b79efab\43\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\141dfd70\6b79efab\43\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\141dfd70\6b79efab\43\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.8.0.Microsoft.JScript__b03f5f7f11d50a3a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\Microsoft.JScript,8.0.0.0,,b03f5f7f11d50a3a,MSIL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.2.0.System.Configuration.Install__b03f5f7f11d50a3a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Configuration.Install,2.0.0.0,,b03f5f7f11d50a3a,MSIL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\COM3
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\COM3\FinalizerActivityBypass
HKEY_LOCAL_MACHINE\Software\Microsoft\WBEM\CIMOM
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\WBEM\CIMOM\EnableObjectValidation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.2.0.mscorlib.resources_it-IT_b77a5c561934e089
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\5e8c75c\40dcb014
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-21-1822907384-1282624486-319450072-1000\Installer\Assemblies\C:|Users|Seven01|AppData|Local|Temp|poo.exe
HKEY_CURRENT_USER\Software\Microsoft\Installer\Assemblies\C:|Users|Seven01|AppData|Local|Temp|poo.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Users|Seven01|AppData|Local|Temp|poo.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-21-1822907384-1282624486-319450072-1000\Installer\Assemblies\Global
HKEY_CURRENT_USER\Software\Microsoft\Installer\Assemblies\Global
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\Global
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.2.0.mscorlib.resources_it_b77a5c561934e089
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\5e8c75c\1ffc8ca7
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.8.0.Microsoft.VisualBasic.resources_it-IT_b03f5f7f11d50a3a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\6d5fb745\1c4dd593
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.8.0.Microsoft.VisualBasic.resources_it_b03f5f7f11d50a3a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\6d5fb745\4deb99ab
HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676
HKEY_CURRENT_USER\Software\Microsoft\Windows Messaging Subsystem\Profiles\9375CFF0413111d3B88A00104B2A6676
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\Email
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\IMAP Password
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\POP3 Password
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\HTTP Password
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\SMTP Password
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000002
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000002\Email
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000002\IMAP Password
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000002\POP3 Password
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000002\HTTP Password
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000002\SMTP Password
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000003
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000003\Email
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000003\IMAP Password
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000003\POP3 Password
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000003\HTTP Password
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000003\SMTP Password
HKEY_CURRENT_USER\Software\Aerofox\FoxmailPreview
HKEY_CURRENT_USER\Software\Aerofox\Foxmail\V3.1
HKEY_CURRENT_USER\Software\IncrediMail\Identities
HKEY_CURRENT_USER\Software\Qualcomm\Eudora\CommandLine
HKEY_CURRENT_USER\Software\RimArts\B2\Settings
HKEY_CURRENT_USER\Software\OpenVPN-GUI\configs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\6faf58\19ab8d57
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\6faf58\19ab8d57\86
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\6faf58\19ab8d57\86\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\6faf58\19ab8d57\86\ConfigMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\6faf58\19ab8d57\86\ConfigString
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\6faf58\19ab8d57\86\MVID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\6faf58\19ab8d57\86\EvalationData
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\6faf58\19ab8d57\86\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\6faf58\19ab8d57\86\ILDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\6faf58\19ab8d57\86\NIDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\6faf58\19ab8d57\86\MissingDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\75638fee\7566cac\84
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\75638fee\7566cac\84\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\75638fee\7566cac\84\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\75638fee\7566cac\84\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\75638fee\7566cac\84\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\75638fee\7566cac\84\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\policy.2.0.System.Data.SqlXml__b77a5c561934e089
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Data.SqlXml,2.0.0.0,,b77a5c561934e089,MSIL
HKEY_CURRENT_USER\SOFTWARE\Martin Prikryl\WinSCP 2\Sessions
HKEY_CLASSES_ROOT\CLSID\{72C24DD5-D70A-438B-8A42-98424B88AFB8}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{72C24DD5-D70A-438B-8A42-98424B88AFB8}\InProcServer32\Class
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{F935DC20-1CF0-11D0-ADB9-00C04FD58A0B}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{F935DC20-1CF0-11D0-ADB9-00C04FD58A0B}\1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{F935DC20-1CF0-11D0-ADB9-00C04FD58A0B}\1.0\410
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{F935DC20-1CF0-11D0-ADB9-00C04FD58A0B}\1.0\10
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{F935DC20-1CF0-11D0-ADB9-00C04FD58A0B}\1.0\0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{F935DC20-1CF0-11D0-ADB9-00C04FD58A0B}\1.0\0\win32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{F935DC20-1CF0-11D0-ADB9-00C04FD58A0B}\1.0\0\win32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\Extensions\TrustRidDll
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\Rpc
HKEY_CURRENT_USER\Software\FTPWare\COREFTP\Sites
HKEY_CURRENT_USER\Software\DownloadManager\Passwords
HKEY_USERS\S-1-5-20_Classes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1F87137D-0E7C-44D5-8C73-4EFFB68962F2}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1F87137D-0E7C-44D5-8C73-4EFFB68962F2}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1F87137D-0E7C-44D5-8C73-4EFFB68962F2}\Progid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1F87137D-0E7C-44D5-8C73-4EFFB68962F2}\Progid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1F87137D-0E7C-44D5-8C73-4EFFB68962F2}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1F87137D-0E7C-44D5-8C73-4EFFB68962F2}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1F87137D-0E7C-44D5-8C73-4EFFB68962F2}\LocalServer32\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1F87137D-0E7C-44D5-8C73-4EFFB68962F2}\LocalServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1F87137D-0E7C-44D5-8C73-4EFFB68962F2}\LocalServer32\ServerExecutable
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1F87137D-0E7C-44D5-8C73-4EFFB68962F2}\AppID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{1F87137D-0E7C-44D5-8C73-4EFFB68962F2}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{1F87137D-0E7C-44D5-8C73-4EFFB68962F2}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{1F87137D-0E7C-44D5-8C73-4EFFB68962F2}\LocalService
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{1F87137D-0E7C-44D5-8C73-4EFFB68962F2}\DllSurrogate
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{1F87137D-0E7C-44D5-8C73-4EFFB68962F2}\RunAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{1F87137D-0E7C-44D5-8C73-4EFFB68962F2}\ActivateAtStorage
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{1F87137D-0E7C-44D5-8C73-4EFFB68962F2}\ROTFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{1F87137D-0E7C-44D5-8C73-4EFFB68962F2}\AppIDFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{1F87137D-0E7C-44D5-8C73-4EFFB68962F2}\LaunchPermission
HKEY_LOCAL_MACHINE\Software\Microsoft\OLE
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLE\LegacyAuthenticationLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLE\LegacyImpersonationLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{1F87137D-0E7C-44D5-8C73-4EFFB68962F2}\AuthenticationLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{1F87137D-0E7C-44D5-8C73-4EFFB68962F2}\RemoteServerName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{1F87137D-0E7C-44D5-8C73-4EFFB68962F2}\SRPTrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{1F87137D-0E7C-44D5-8C73-4EFFB68962F2}\PreferredServerBitness
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{1F87137D-0E7C-44D5-8C73-4EFFB68962F2}\LoadUserSettings
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1F87137D-0E7C-44D5-8C73-4EFFB68962F2}\Elevation
HKEY_LOCAL_MACHINE\Software\Microsoft\COM3
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\COM3\REGDBVersion
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Power\PowerRequestOverride
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Power\PowerRequestOverride
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\PowerRequestOverride\Driver
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{B1B9CBB2-B198-47E2-8260-9FD629A2B2EC}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{B1B9CBB2-B198-47E2-8260-9FD629A2B2EC}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{B1B9CBB2-B198-47E2-8260-9FD629A2B2EC}\LocalService
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{B1B9CBB2-B198-47E2-8260-9FD629A2B2EC}\ServiceParameters
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{B1B9CBB2-B198-47E2-8260-9FD629A2B2EC}\RunAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{B1B9CBB2-B198-47E2-8260-9FD629A2B2EC}\ActivateAtStorage
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{B1B9CBB2-B198-47E2-8260-9FD629A2B2EC}\ROTFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{B1B9CBB2-B198-47E2-8260-9FD629A2B2EC}\AppIDFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{B1B9CBB2-B198-47E2-8260-9FD629A2B2EC}\LaunchPermission
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{B1B9CBB2-B198-47E2-8260-9FD629A2B2EC}\AuthenticationLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{B1B9CBB2-B198-47E2-8260-9FD629A2B2EC}\RemoteServerName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{B1B9CBB2-B198-47E2-8260-9FD629A2B2EC}\SRPTrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{B1B9CBB2-B198-47E2-8260-9FD629A2B2EC}\PreferredServerBitness
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{B1B9CBB2-B198-47E2-8260-9FD629A2B2EC}\LoadUserSettings
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DeviceClasses\{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DeviceClasses\{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\##?#IDE#CdRomVBOX_CD-ROM_____________________________1.0_____#5&106af171&0&1.0.0#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\#
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DeviceClasses\{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\##?#IDE#CdRomVBOX_CD-ROM_____________________________1.0_____#5&106af171&0&1.0.0#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DeviceClasses\{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\##?#IDE#CdRomVBOX_CD-ROM_____________________________1.0_____#5&106af171&0&1.0.0#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\DeviceInstance
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DeviceClasses\{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\##?#IDE#CdRomVBOX_CD-ROM_____________________________1.0_____#5&106af171&0&1.0.0#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\#\Control
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DeviceClasses\{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\##?#IDE#CdRomVBOX_CD-ROM_____________________________1.0_____#5&106af171&0&1.0.0#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\#\Control\Linked
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DeviceClasses\{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\Properties
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\SecurityDescriptors\ActivePowerScheme
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Power\User\PowerSchemes
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\ActivePowerScheme
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\SecurityDescriptors\381b4222-f694-41f0-9685-ff5bb260df2e
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\SecurityDescriptors\94ac6d29-73ce-41a6-809f-6363ba21b47e
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\381b4222-f694-41f0-9685-ff5bb260df2e
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\381b4222-f694-41f0-9685-ff5bb260df2e\238c9fa8-0aad-41ed-83f4-97be242c8f20
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\PowerSettings\238c9fa8-0aad-41ed-83f4-97be242c8f20
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\PowerSettings\238C9FA8-0AAD-41ED-83F4-97BE242C8F20\94ac6d29-73ce-41a6-809f-6363ba21b47e
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\PowerSettings\238C9FA8-0AAD-41ED-83F4-97BE242C8F20\94AC6D29-73CE-41A6-809F-6363BA21B47E\DefaultPowerSchemeValues
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\PowerSettings\238C9FA8-0AAD-41ED-83F4-97BE242C8F20\94AC6D29-73CE-41A6-809F-6363BA21B47E\DefaultPowerSchemeValues\381b4222-f694-41f0-9685-ff5bb260df2e
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\PowerSettings\238C9FA8-0AAD-41ED-83F4-97BE242C8F20\94AC6D29-73CE-41A6-809F-6363BA21B47E\DefaultPowerSchemeValues\381b4222-f694-41f0-9685-ff5bb260df2e\ACSettingIndex
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\PowerSettings\238C9FA8-0AAD-41ED-83F4-97BE242C8F20\94AC6D29-73CE-41A6-809F-6363BA21B47E\ValueMin
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\PowerSettings\238C9FA8-0AAD-41ED-83F4-97BE242C8F20\94AC6D29-73CE-41A6-809F-6363BA21B47E\1
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\PowerSettings\238C9FA8-0AAD-41ED-83F4-97BE242C8F20\94AC6D29-73CE-41A6-809F-6363BA21B47E\1\SettingValue
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\SecurityDescriptors\a7066653-8d6c-40a8-910e-a1f54b84c7e5
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\381b4222-f694-41f0-9685-ff5bb260df2e\4f971e89-eebd-4455-a8de-9e59040e7347
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\PowerSettings\4f971e89-eebd-4455-a8de-9e59040e7347
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\PowerSettings\4f971e89-eebd-4455-a8de-9e59040e7347\a7066653-8d6c-40a8-910e-a1f54b84c7e5
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\PowerSettings\4f971e89-eebd-4455-a8de-9e59040e7347\A7066653-8D6C-40A8-910E-A1F54B84C7E5\DefaultPowerSchemeValues
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\PowerSettings\4f971e89-eebd-4455-a8de-9e59040e7347\A7066653-8D6C-40A8-910E-A1F54B84C7E5\DefaultPowerSchemeValues\381b4222-f694-41f0-9685-ff5bb260df2e
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\PowerSettings\4f971e89-eebd-4455-a8de-9e59040e7347\A7066653-8D6C-40A8-910E-A1F54B84C7E5\DefaultPowerSchemeValues\381b4222-f694-41f0-9685-ff5bb260df2e\ACSettingIndex
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\PowerSettings\4f971e89-eebd-4455-a8de-9e59040e7347\A7066653-8D6C-40A8-910E-A1F54B84C7E5\ValueMin
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\PowerSettings\4f971e89-eebd-4455-a8de-9e59040e7347\A7066653-8D6C-40A8-910E-A1F54B84C7E5\0
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\PowerSettings\4f971e89-eebd-4455-a8de-9e59040e7347\A7066653-8D6C-40A8-910E-A1F54B84C7E5\0\SettingValue
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DeviceClasses\{53f56308-b6bf-11d0-94f2-00a0c91efb8b}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DeviceClasses\{53f56308-b6bf-11d0-94f2-00a0c91efb8b}\##?#IDE#CdRomVBOX_CD-ROM_____________________________1.0_____#5&106af171&0&1.0.0#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}\#
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DeviceClasses\{53f56308-b6bf-11d0-94f2-00a0c91efb8b}\##?#IDE#CdRomVBOX_CD-ROM_____________________________1.0_____#5&106af171&0&1.0.0#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DeviceClasses\{53f56308-b6bf-11d0-94f2-00a0c91efb8b}\##?#IDE#CdRomVBOX_CD-ROM_____________________________1.0_____#5&106af171&0&1.0.0#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}\DeviceInstance
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DeviceClasses\{53f56308-b6bf-11d0-94f2-00a0c91efb8b}\##?#IDE#CdRomVBOX_CD-ROM_____________________________1.0_____#5&106af171&0&1.0.0#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}\#\Control
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DeviceClasses\{53f56308-b6bf-11d0-94f2-00a0c91efb8b}\##?#IDE#CdRomVBOX_CD-ROM_____________________________1.0_____#5&106af171&0&1.0.0#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}\#\Control\Linked
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DeviceClasses\{53f56308-b6bf-11d0-94f2-00a0c91efb8b}\Properties
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\IDE\CDROMVBOX_CD-ROM_____________________________1.0_____\5&106AF171&0&1.0.0
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\IDE\CdRomVBOX_CD-ROM_____________________________1.0_____\5&106af171&0&1.0.0\Capabilities
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCIIDE\IDECHANNEL\4&2F42C713&0&1
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCIIDE\IDEChannel\4&2f42c713&0&1\Capabilities
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCI\VEN_8086&DEV_7111&SUBSYS_00000000&REV_01\3&267A616A&0&09
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCI\VEN_8086&DEV_7111&SUBSYS_00000000&REV_01\3&267a616a&0&09\Capabilities
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ACPI\PNP0A03\0
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ACPI\PNP0A03\0\Capabilities
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ACPI_HAL\PNP0C08\0
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ACPI_HAL\PNP0C08\0\Capabilities
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ROOT\ACPI_HAL\0000
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\ACPI_HAL\0000\Capabilities
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\HTREE\ROOT\0
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\HTREE\ROOT\0\Capabilities
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\IDE\CdRomVBOX_CD-ROM_____________________________1.0_____\5&106af171&0&1.0.0\Device Parameters
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\IDE\CdRomVBOX_CD-ROM_____________________________1.0_____\5&106af171&0&1.0.0\Device Parameters\DeviceGroup
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PerHwIdStorage\LastUpdateTime
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\IDE\CdRomVBOX_CD-ROM_____________________________1.0_____\5&106af171&0&1.0.0\CustomPropertyCacheDate
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\IDE\CdRomVBOX_CD-ROM_____________________________1.0_____\5&106af171&0&1.0.0\HardwareID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PerHwIdStorage\IDE#CdRomVBOX_CD-ROM_____________________________1.0_____
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PerHwIdStorage\IDE#VBOX_CD-ROM_____________________________1.0_____
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PerHwIdStorage\IDE#CdRomVBOX_CD-ROM_____________________________
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PerHwIdStorage\VBOX_CD-ROM_____________________________1.0_____
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PerHwIdStorage\GenCdRom
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\IDE\CdRomVBOX_CD-ROM_____________________________1.0_____\5&106af171&0&1.0.0\CompatibleIDs
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\IDE\CdRomVBOX_CD-ROM_____________________________1.0_____\5&106af171&0&1.0.0\CustomPropertyHwIdKey
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\IDE\CdRomVBOX_CD-ROM_____________________________1.0_____\5&106af171&0&1.0.0\Device Parameters\Icons
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCIIDE\IDEChannel\4&2f42c713&0&1\Device Parameters
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCIIDE\IDEChannel\4&2f42c713&0&1\Device Parameters\NoSoftEject
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCIIDE\IDEChannel\4&2f42c713&0&1\CustomPropertyCacheDate
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCIIDE\IDEChannel\4&2f42c713&0&1\HardwareID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PerHwIdStorage\Intel-PIIX4
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PerHwIdStorage\Internal_IDE_Channel
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCIIDE\IDEChannel\4&2f42c713&0&1\CompatibleIDs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PerHwIdStorage\*PNP0600
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCIIDE\IDEChannel\4&2f42c713&0&1\CustomPropertyHwIdKey
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCIIDE\IDEChannel\4&2f42c713&0&1\Device Parameters\DeviceGroups
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCIIDE\IDEChannel\4&2f42c713&0&1\Device Parameters\DeviceGroup
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DeviceClasses\{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\##?#STORAGE#Volume#{35122303-fb0b-11e5-b945-806e6f6e6963}#0000000000100000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\#
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DeviceClasses\{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\##?#STORAGE#Volume#{35122303-fb0b-11e5-b945-806e6f6e6963}#0000000000100000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DeviceClasses\{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\##?#STORAGE#Volume#{35122303-fb0b-11e5-b945-806e6f6e6963}#0000000000100000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\DeviceInstance
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DeviceClasses\{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\##?#STORAGE#Volume#{35122303-fb0b-11e5-b945-806e6f6e6963}#0000000000100000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\#\Control
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DeviceClasses\{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\##?#STORAGE#Volume#{35122303-fb0b-11e5-b945-806e6f6e6963}#0000000000100000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\#\Control\Linked
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DeviceClasses\{53f56307-b6bf-11d0-94f2-00a0c91efb8b}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DeviceClasses\{53f56307-b6bf-11d0-94f2-00a0c91efb8b}\##?#IDE#DiskVBOX_HARDDISK___________________________1.0_____#5&33d1638a&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}\#
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DeviceClasses\{53f56307-b6bf-11d0-94f2-00a0c91efb8b}\##?#IDE#DiskVBOX_HARDDISK___________________________1.0_____#5&33d1638a&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DeviceClasses\{53f56307-b6bf-11d0-94f2-00a0c91efb8b}\##?#IDE#DiskVBOX_HARDDISK___________________________1.0_____#5&33d1638a&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}\DeviceInstance
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DeviceClasses\{53f56307-b6bf-11d0-94f2-00a0c91efb8b}\##?#IDE#DiskVBOX_HARDDISK___________________________1.0_____#5&33d1638a&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}\#\Control
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DeviceClasses\{53f56307-b6bf-11d0-94f2-00a0c91efb8b}\##?#IDE#DiskVBOX_HARDDISK___________________________1.0_____#5&33d1638a&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}\#\Control\Linked
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DeviceClasses\{53f56307-b6bf-11d0-94f2-00a0c91efb8b}\Properties
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\IDE\DISKVBOX_HARDDISK___________________________1.0_____\5&33D1638A&0&0.0.0
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\IDE\DISKVBOX_HARDDISK___________________________1.0_____\5&33D1638A&0&0.0.0\Capabilities
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\IDE\DISKVBOX_HARDDISK___________________________1.0_____\5&33D1638A&0&0.0.0\Device Parameters
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\IDE\DISKVBOX_HARDDISK___________________________1.0_____\5&33D1638A&0&0.0.0\Device Parameters\NoSoftEject
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\IDE\DISKVBOX_HARDDISK___________________________1.0_____\5&33D1638A&0&0.0.0\CustomPropertyCacheDate
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\IDE\DISKVBOX_HARDDISK___________________________1.0_____\5&33D1638A&0&0.0.0\HardwareID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PerHwIdStorage\IDE#DiskVBOX_HARDDISK___________________________1.0_____
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PerHwIdStorage\IDE#VBOX_HARDDISK___________________________1.0_____
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PerHwIdStorage\IDE#DiskVBOX_HARDDISK___________________________
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PerHwIdStorage\VBOX_HARDDISK___________________________1.0_____
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PerHwIdStorage\GenDisk
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\IDE\DISKVBOX_HARDDISK___________________________1.0_____\5&33D1638A&0&0.0.0\CompatibleIDs
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\IDE\DISKVBOX_HARDDISK___________________________1.0_____\5&33D1638A&0&0.0.0\CustomPropertyHwIdKey
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\IDE\DISKVBOX_HARDDISK___________________________1.0_____\5&33D1638A&0&0.0.0\Device Parameters\DeviceGroups
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\IDE\DISKVBOX_HARDDISK___________________________1.0_____\5&33D1638A&0&0.0.0\Device Parameters\DeviceGroup
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DeviceClasses\{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\##?#STORAGE#Volume#{35122303-fb0b-11e5-b945-806e6f6e6963}#0000000006500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\#
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DeviceClasses\{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\##?#STORAGE#Volume#{35122303-fb0b-11e5-b945-806e6f6e6963}#0000000006500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DeviceClasses\{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\##?#STORAGE#Volume#{35122303-fb0b-11e5-b945-806e6f6e6963}#0000000006500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\DeviceInstance
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DeviceClasses\{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\##?#STORAGE#Volume#{35122303-fb0b-11e5-b945-806e6f6e6963}#0000000006500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\#\Control
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DeviceClasses\{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\##?#STORAGE#Volume#{35122303-fb0b-11e5-b945-806e6f6e6963}#0000000006500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\#\Control\Linked
HKEY_USERS\S-1-5-21-1822907384-1282624486-319450072-1000_Classes
HKEY_USERS\S-1-5-21-1822907384-1282624486-319450072-1000_CLASSES\CLSID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
HKEY_USERS\S-1-5-21-1822907384-1282624486-319450072-1000_Classes\CLSID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\TreatAs
HKEY_USERS\S-1-5-21-1822907384-1282624486-319450072-1000_Classes\CLSID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\Progid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\Progid
HKEY_USERS\S-1-5-21-1822907384-1282624486-319450072-1000_Classes\Wow6432Node\CLSID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\Progid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\Progid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\AppID
HKEY_USERS\S-1-5-21-1822907384-1282624486-319450072-1000_CLASSES\AppID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\LocalService
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\DllSurrogate
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\RunAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\ActivateAtStorage
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\ROTFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\AppIDFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\LaunchPermission
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\AuthenticationLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\RemoteServerName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\SRPTrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\PreferredServerBitness
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\LoadUserSettings
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\InprocServer32
HKEY_USERS\S-1-5-21-1822907384-1282624486-319450072-1000_Classes\CLSID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\LocalServer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\LocalServer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\Elevation
HKEY_USERS\S-1-5-21-1822907384-1282624486-319450072-1000_Classes\Wow6432Node\CLSID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\AppID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\InprocServer32
HKEY_USERS\S-1-5-21-1822907384-1282624486-319450072-1000_Classes\Wow6432Node\CLSID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\LocalServer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\LocalServer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\Elevation
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{69AD4AEE-51BE-439B-A92C-86AE490E8B30}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{69AD4AEE-51BE-439B-A92C-86AE490E8B30}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{69AD4AEE-51BE-439B-A92C-86AE490E8B30}\LocalService
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{69AD4AEE-51BE-439B-A92C-86AE490E8B30}\ServiceParameters
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{69AD4AEE-51BE-439B-A92C-86AE490E8B30}\RunAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{69AD4AEE-51BE-439B-A92C-86AE490E8B30}\ActivateAtStorage
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{69AD4AEE-51BE-439B-A92C-86AE490E8B30}\ROTFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{69AD4AEE-51BE-439B-A92C-86AE490E8B30}\AppIDFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{69AD4AEE-51BE-439B-A92C-86AE490E8B30}\LaunchPermission
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{69AD4AEE-51BE-439B-A92C-86AE490E8B30}\AuthenticationLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{69AD4AEE-51BE-439B-A92C-86AE490E8B30}\RemoteServerName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{69AD4AEE-51BE-439B-A92C-86AE490E8B30}\SRPTrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{69AD4AEE-51BE-439B-A92C-86AE490E8B30}\PreferredServerBitness
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{69AD4AEE-51BE-439B-A92C-86AE490E8B30}\LoadUserSettings
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\cimv2
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\cimv2
HKEY_LOCAL_MACHINE\system\Setup
HKEY_LOCAL_MACHINE\SYSTEM\Setup\SystemSetupInProgress
HKEY_CLASSES_ROOT\CLSID\{661FF7F6-F4D1-4593-B59D-4C54C1ECE68B}\InProcServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{661FF7F6-F4D1-4593-B59D-4C54C1ECE68B}\InprocServer32\(Default)
HKEY_CLASSES_ROOT\CLSID\{661FF7F6-F4D1-4593-B59D-4C54C1ECE68B}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{661FF7F6-F4D1-4593-B59D-4C54C1ECE68B}\InprocServer32\ThreadingModel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{661FF7F6-F4D1-4593-B59D-4C54C1ECE68B}\InprocServer32\Synchronization
HKEY_CLASSES_ROOT\CLSID\{661FF7F6-F4D1-4593-B59D-4C54C1ECE68B}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{661FF7F6-F4D1-4593-B59D-4C54C1ECE68B}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{661FF7F6-F4D1-4593-B59D-4C54C1ECE68B}\AppId
HKEY_CLASSES_ROOT\CLSID\{d63a5850-8f16-11cf-9f47-00aa00bf345c}\InProcServer32
HKEY_CLASSES_ROOT\CLSID\{d63a5850-8f16-11cf-9f47-00aa00bf345c}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D63A5850-8F16-11CF-9F47-00AA00BF345C}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D63A5850-8F16-11CF-9F47-00AA00BF345C}\InprocServer32\ThreadingModel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D63A5850-8F16-11CF-9F47-00AA00BF345C}\InprocServer32\Synchronization
HKEY_CLASSES_ROOT\CLSID\{d63a5850-8f16-11cf-9f47-00aa00bf345c}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D63A5850-8F16-11CF-9F47-00AA00BF345C}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D63A5850-8F16-11CF-9F47-00AA00BF345C}\AppId
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\CIMOM\SecuredHostProviders
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\CIMOM\SecuredHostProviders\ROOT\CIMV2:__Win32Provider.Name="CIMWin32"
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\minint
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Cache
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Custom\WmiPrvSE.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\Progid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\Progid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7C857801-7381-11CF-884D-00AA004B2E24}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7C857801-7381-11CF-884D-00AA004B2E24}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7C857801-7381-11CF-884D-00AA004B2E24}\Progid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{7C857801-7381-11CF-884D-00AA004B2E24}\Progid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7C857801-7381-11CF-884D-00AA004B2E24}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7C857801-7381-11CF-884D-00AA004B2E24}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7C857801-7381-11CF-884D-00AA004B2E24}\InProcServer32\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7C857801-7381-11CF-884D-00AA004B2E24}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7C857801-7381-11CF-884D-00AA004B2E24}\InProcServer32\ThreadingModel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7C857801-7381-11CF-884D-00AA004B2E24}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7C857801-7381-11CF-884D-00AA004B2E24}\InprocHandler
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\Root
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\Root
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocServer32\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocServer32\ThreadingModel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocHandler
HKEY_LOCAL_MACHINE\Software\Classes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B7B31DF9-D515-11D3-A11C-00105A1F515A}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B7B31DF9-D515-11D3-A11C-00105A1F515A}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B7B31DF9-D515-11D3-A11C-00105A1F515A}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{07435309-D440-41B7-83F3-EB82DB6C622F}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{07435309-D440-41B7-83F3-EB82DB6C622F}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{07435309-D440-41B7-83F3-EB82DB6C622F}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{21CD80A2-B305-4F37-9D4C-4534A8D9B568}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{21CD80A2-B305-4F37-9D4C-4534A8D9B568}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{21CD80A2-B305-4F37-9D4C-4534A8D9B568}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{06413D98-405C-4A5A-8D6F-19B8B7C6ACF7}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{06413D98-405C-4A5A-8D6F-19B8B7C6ACF7}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{06413D98-405C-4A5A-8D6F-19B8B7C6ACF7}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocServer32\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocServer32\ThreadingModel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6B3FC272-BF37-4968-933A-6DF9222A2607}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6B3FC272-BF37-4968-933A-6DF9222A2607}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6B3FC272-BF37-4968-933A-6DF9222A2607}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0FC8C622-1728-4149-A57F-AD19D0970710}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0FC8C622-1728-4149-A57F-AD19D0970710}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0FC8C622-1728-4149-A57F-AD19D0970710}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{EB658B8A-7A64-4DDC-9B8D-A92610DB0206}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{EB658B8A-7A64-4DDC-9B8D-A92610DB0206}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{EB658B8A-7A64-4DDC-9B8D-A92610DB0206}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{71285C44-1DC0-11D2-B5FB-00104B703EFD}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{71285C44-1DC0-11D2-B5FB-00104B703EFD}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{71285C44-1DC0-11D2-B5FB-00104B703EFD}\Progid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{71285C44-1DC0-11D2-B5FB-00104B703EFD}\Progid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{71285C44-1DC0-11D2-B5FB-00104B703EFD}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{71285C44-1DC0-11D2-B5FB-00104B703EFD}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{71285C44-1DC0-11D2-B5FB-00104B703EFD}\InprocServer32\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{71285C44-1DC0-11D2-B5FB-00104B703EFD}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{71285C44-1DC0-11D2-B5FB-00104B703EFD}\InprocServer32\ThreadingModel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{71285C44-1DC0-11D2-B5FB-00104B703EFD}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{71285C44-1DC0-11D2-B5FB-00104B703EFD}\InprocHandler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Custom\sc.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WDI\ResolutionHost
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WDI\ResolutionHost\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9435F817-FED2-454E-88CD-7F78FDA62C48}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9435F817-FED2-454E-88CD-7F78FDA62C48}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9435F817-FED2-454E-88CD-7F78FDA62C48}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\CIMOM\Sink Transmit Buffer Size
HKEY_LOCAL_MACHINE\Software\Microsoft\Wbem\Cimom
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\CIMOM\DefaultRpcStackSize
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\LSA\AccessProviders
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\AccessProviders\MartaExtension
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\wmiprvse.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D4781CD6-E5D3-44DF-AD94-930EFE48A887}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D4781CD6-E5D3-44DF-AD94-930EFE48A887}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D4781CD6-E5D3-44DF-AD94-930EFE48A887}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\it-IT
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\it-IT
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{9556DC99-828C-11CF-A37E-00AA003240C7}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{9556DC99-828C-11CF-A37E-00AA003240C7}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{9556DC99-828C-11CF-A37E-00AA003240C7}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\CIMOM\EnableObjectValidation
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1F87137D-0E7C-44D5-8C73-4EFFB68962F2}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1F87137D-0E7C-44D5-8C73-4EFFB68962F2}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1F87137D-0E7C-44D5-8C73-4EFFB68962F2}\InprocHandler
HKEY_CURRENT_USER
HKEY_CURRENT_USER\Control Panel\International
HKEY_CURRENT_USER\Control Panel\International\LocaleName
HKEY_CURRENT_USER\Control Panel\International\sCountry
HKEY_CURRENT_USER\Control Panel\International\sList
HKEY_CURRENT_USER\Control Panel\International\sDecimal
HKEY_CURRENT_USER\Control Panel\International\sThousand
HKEY_CURRENT_USER\Control Panel\International\sGrouping
HKEY_CURRENT_USER\Control Panel\International\sNativeDigits
HKEY_CURRENT_USER\Control Panel\International\sCurrency
HKEY_CURRENT_USER\Control Panel\International\sMonDecimalSep
HKEY_CURRENT_USER\Control Panel\International\sMonThousandSep
HKEY_CURRENT_USER\Control Panel\International\sMonGrouping
HKEY_CURRENT_USER\Control Panel\International\sPositiveSign
HKEY_CURRENT_USER\Control Panel\International\sNegativeSign
HKEY_CURRENT_USER\Control Panel\International\sTimeFormat
HKEY_CURRENT_USER\Control Panel\International\sShortTime
HKEY_CURRENT_USER\Control Panel\International\s1159
HKEY_CURRENT_USER\Control Panel\International\s2359
HKEY_CURRENT_USER\Control Panel\International\sShortDate
HKEY_CURRENT_USER\Control Panel\International\sYearMonth
HKEY_CURRENT_USER\Control Panel\International\sLongDate
HKEY_CURRENT_USER\Control Panel\International\iCountry
HKEY_CURRENT_USER\Control Panel\International\iMeasure
HKEY_CURRENT_USER\Control Panel\International\iPaperSize
HKEY_CURRENT_USER\Control Panel\International\iDigits
HKEY_CURRENT_USER\Control Panel\International\iLZero
HKEY_CURRENT_USER\Control Panel\International\iNegNumber
HKEY_CURRENT_USER\Control Panel\International\NumShape
HKEY_CURRENT_USER\Control Panel\International\iCurrDigits
HKEY_CURRENT_USER\Control Panel\International\iCurrency
HKEY_CURRENT_USER\Control Panel\International\iNegCurr
HKEY_CURRENT_USER\Control Panel\International\iCalendarType
HKEY_CURRENT_USER\Control Panel\International\iFirstDayOfWeek
HKEY_CURRENT_USER\Control Panel\International\iFirstWeekOfYear
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{027947E1-D731-11CE-A357-000000000001}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{027947E1-D731-11CE-A357-000000000001}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{027947E1-D731-11CE-A357-000000000001}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1C1C45EE-4395-11D2-B60B-00104B703EFD}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1C1C45EE-4395-11D2-B60B-00104B703EFD}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1C1C45EE-4395-11D2-B60B-00104B703EFD}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{423EC01E-2E35-11D2-B604-00104B703EFD}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{423EC01E-2E35-11D2-B604-00104B703EFD}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{423EC01E-2E35-11D2-B604-00104B703EFD}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\CIMOM
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\CIMOM\Logging
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F50A28CF-5C9C-4F7E-9D80-E25E16E18C59}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F50A28CF-5C9C-4F7E-9D80-E25E16E18C59}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F50A28CF-5C9C-4F7E-9D80-E25E16E18C59}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FEC1B0AC-5808-4033-A915-C0185934581E}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FEC1B0AC-5808-4033-A915-C0185934581E}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FEC1B0AC-5808-4033-A915-C0185934581E}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\Software\Microsoft\OleAut
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7C857801-7381-11CF-884D-00AA004B2E24}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7C857801-7381-11CF-884D-00AA004B2E24}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7C857801-7381-11CF-884D-00AA004B2E24}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\WMR\Disable
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\DcomLaunch
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\DcomLaunch\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RpcEptMapper
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RpcEptMapper\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RpcSs
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RpcSs\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VaultSvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VaultSvc\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VaultSvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VaultSvc\WOW64
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\ProgramData
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\Public
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Environment
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\Default
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\CommonFilesDir
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir (x86)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\CommonFilesDir (x86)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramW6432Dir
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\CommonW6432Dir
HKEY_USERS\S-1-5-18
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-18
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-18\ProfileImagePath
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\AppData
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Local AppData
HKEY_USERS\.DEFAULT\Environment
HKEY_USERS\.DEFAULT\Volatile Environment
HKEY_USERS\.DEFAULT\Volatile Environment\0
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VaultSvc\Environment
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VaultSvc\RequiredPrivileges
HKEY_USERS\S-1-5-21-1822907384-1282624486-319450072-1000
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-1822907384-1282624486-319450072-1000\ProfileImagePath
HKEY_USERS\S-1-5-21-1822907384-1282624486-319450072-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
HKEY_USERS\S-1-5-21-1822907384-1282624486-319450072-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\AppData
HKEY_USERS\S-1-5-21-1822907384-1282624486-319450072-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Local AppData
HKEY_USERS\S-1-5-21-1822907384-1282624486-319450072-1000\Environment
HKEY_USERS\S-1-5-21-1822907384-1282624486-319450072-1000\Volatile Environment
HKEY_USERS\S-1-5-21-1822907384-1282624486-319450072-1000\Volatile Environment\0
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WerSvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WerSvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WerSvc\Type
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WerSvc\Start
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WerSvc\ErrorControl
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WerSvc\Tag
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WerSvc\DependOnService
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WerSvc\DependOnGroup
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WerSvc\Group
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WerSvc\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\clr_optimization_v4.0.30319_64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\clr_optimization_v4.0.30319_64\RequiredPrivileges
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lsass.exe
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wscsvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wscsvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wscsvc\Type
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wscsvc\Start
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wscsvc\ErrorControl
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wscsvc\Tag
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wscsvc\DependOnService
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wscsvc\DependOnGroup
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wscsvc\Group
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wscsvc\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AeLookupSvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AeLookupSvc\FailureActions
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\FailureActions
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Browser
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Browser\FailureActions
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\gpsvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\gpsvc\FailureActions
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\IKEEXT
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\IKEEXT\FailureActions
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\FailureActions
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MMCSS
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MMCSS\FailureActions
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ProfSvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ProfSvc\FailureActions
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Schedule
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Schedule\FailureActions
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SENS
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SENS\FailureActions
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ShellHWDetection
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ShellHWDetection\FailureActions
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Themes
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Themes\FailureActions
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Winmgmt
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Winmgmt\FailureActions
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Winmgmt\Type
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Winmgmt\Start
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Winmgmt\ErrorControl
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Winmgmt\Tag
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Winmgmt\Group
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WerSvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WerSvc\RequiredPrivileges
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WerSvc\Environment
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\clr_optimization_v4.0.30319_32
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\clr_optimization_v4.0.30319_32\RequiredPrivileges
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AeLookupSvc\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AeLookupSvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AeLookupSvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AppIDSvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AppIDSvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AppIDSvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AxInstSV
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AxInstSV\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AxInstSV\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BDESVC
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BDESVC\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BDESVC\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bthserv
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bthserv\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bthserv\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CertPropSvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CertPropSvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CertPropSvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\dot3svc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\dot3svc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\dot3svc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\EapHost
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\EapHost\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\EapHost\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\fdPHost
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\fdPHost\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\fdPHost\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FDResPub
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FDResPub\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FDResPub\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\hidserv
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\hidserv\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\hidserv\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\hkmsvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\hkmsvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\hkmsvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HomeGroupListener
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HomeGroupListener\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HomeGroupListener\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HomeGroupProvider
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HomeGroupProvider\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HomeGroupProvider\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\idsvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\idsvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\idsvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\IKEEXT\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\IKEEXT\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\IPBusEnum
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\IPBusEnum\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\IPBusEnum\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\iphlpsvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\iphlpsvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\iphlpsvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\KtmRm
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\KtmRm\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\KtmRm\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\lltdsvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\lltdsvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\lltdsvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\lmhosts
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\lmhosts\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\lmhosts\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Mcx2Svc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Mcx2Svc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Mcx2Svc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MMCSS\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MMCSS\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MpsSvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MpsSvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MpsSvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MSiSCSI
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MSiSCSI\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MSiSCSI\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\napagent
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\napagent\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\napagent\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetMsmqActivator
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetMsmqActivator\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetMsmqActivator\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetPipeActivator
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetPipeActivator\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetPipeActivator\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetTcpActivator
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetTcpActivator\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetTcpActivator\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetTcpPortSharing
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetTcpPortSharing\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetTcpPortSharing\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\p2pimsvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\p2pimsvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\p2pimsvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\p2psvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\p2psvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\p2psvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PeerDistSvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PeerDistSvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PeerDistSvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pla
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pla\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pla\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PNRPAutoReg
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PNRPAutoReg\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PNRPAutoReg\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PNRPsvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PNRPsvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PNRPsvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\QWAVE
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\QWAVE\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\QWAVE\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RasAuto
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RasAuto\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RasAuto\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RasMan
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RasMan\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RasMan\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RemoteAccess
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RemoteAccess\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RemoteAccess\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RemoteRegistry
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RemoteRegistry\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RemoteRegistry\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SCardSvr
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SCardSvr\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SCardSvr\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Schedule\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Schedule\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SCPolicySvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SCPolicySvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SCPolicySvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SENS\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SENS\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SensrSvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SensrSvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SensrSvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SessionEnv
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SessionEnv\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SessionEnv\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ShellHWDetection\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ShellHWDetection\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\sppuinotify
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\sppuinotify\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\sppuinotify\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SSDPSRV
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SSDPSRV\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SSDPSRV\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SstpSvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SstpSvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SstpSvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\StorSvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\StorSvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\StorSvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TabletInputService
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TabletInputService\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TabletInputService\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TapiSrv
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TapiSrv\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TapiSrv\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TBS
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TBS\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TBS\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TermService
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TermService\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TermService\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\THREADORDER
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\THREADORDER\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\THREADORDER\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\UmRdpService
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\UmRdpService\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\UmRdpService\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\upnphost
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\upnphost\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\upnphost\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wcncsvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wcncsvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wcncsvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WcsPlugInService
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WcsPlugInService\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WcsPlugInService\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WebClient
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WebClient\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WebClient\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Wecsvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Wecsvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Wecsvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wercplsupport
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wercplsupport\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wercplsupport\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinDefend
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinDefend\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinDefend\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinRM
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinRM\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinRM\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Wlansvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Wlansvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Wlansvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WPCSvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WPCSvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WPCSvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WPDBusEnum
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WPDBusEnum\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WPDBusEnum\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wuauserv
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wuauserv\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wuauserv\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wudfsvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wudfsvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wudfsvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WwanSvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WwanSvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WwanSvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AeLookupSvc\RequiredPrivileges
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Appinfo
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Appinfo\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Appinfo\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Appinfo\RequiredPrivileges
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AppMgmt
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AppMgmt\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AppMgmt\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AppMgmt\RequiredPrivileges
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BDESVC\RequiredPrivileges
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\RequiredPrivileges
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Browser\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Browser\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AeLookupSvc\Environment
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\EventSystem
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\EventSystem\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\srvnet
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\srvnet\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\srv2
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\srv2\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\srv
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\srv\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SamSs
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SamSs\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\RequiredPrivileges
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Themes\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Themes\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Themes\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Themes\RequiredPrivileges
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ShellHWDetection\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ShellHWDetection\RequiredPrivileges
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Schedule\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Schedule\RequiredPrivileges
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\Type
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\Start
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\ErrorControl
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\Tag
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\DependOnService
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\DependOnGroup
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\Group
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SSDPSRV\Type
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SSDPSRV\Start
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SSDPSRV\ErrorControl
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SSDPSRV\Tag
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SSDPSRV\DependOnService
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SSDPSRV\DependOnGroup
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SSDPSRV\Group
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SSDPSRV\ObjectName
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Time Zones\W. Europe Standard Time\Dynamic DST
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ShellHWDetection\Type
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ShellHWDetection\Start
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ShellHWDetection\ErrorControl
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ShellHWDetection\Tag
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ShellHWDetection\DependOnService
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ShellHWDetection\DependOnGroup
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ShellHWDetection\Group
HKEY_CURRENT_USER\Software\Classes\AppID\taskhost.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\WDI\DiagnosticModules
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{15fba3b8-a37a-4f91-bdba-fbb98fe804bf}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{15fba3b8-a37a-4f91-bdba-fbb98fe804bf}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{15fba3b8-a37a-4f91-bdba-fbb98fe804bf}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{15fba3b8-a37a-4f91-bdba-fbb98fe804bf}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{282396b2-6c46-4d66-b413-70b0445df33c}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{282396b2-6c46-4d66-b413-70b0445df33c}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{282396b2-6c46-4d66-b413-70b0445df33c}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{282396b2-6c46-4d66-b413-70b0445df33c}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{284ddb2f-beea-4c9d-91e8-e3670ed91517}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{284ddb2f-beea-4c9d-91e8-e3670ed91517}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{284ddb2f-beea-4c9d-91e8-e3670ed91517}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{284ddb2f-beea-4c9d-91e8-e3670ed91517}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{3EA6B3DF-393E-41C3-9885-29EC5A701926}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{3EA6B3DF-393E-41C3-9885-29EC5A701926}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{3EA6B3DF-393E-41C3-9885-29EC5A701926}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{3EA6B3DF-393E-41C3-9885-29EC5A701926}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{45DE1EA9-10BC-4f96-9B21-4B6B83DBF476}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{45DE1EA9-10BC-4f96-9B21-4B6B83DBF476}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{45DE1EA9-10BC-4f96-9B21-4B6B83DBF476}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{45DE1EA9-10BC-4f96-9B21-4B6B83DBF476}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{4d21da64-fd02-4b82-a0a5-783266e430ab}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{4d21da64-fd02-4b82-a0a5-783266e430ab}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{4d21da64-fd02-4b82-a0a5-783266e430ab}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{4d21da64-fd02-4b82-a0a5-783266e430ab}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{50e3b0eb-5780-49de-9eb5-8d53a51fd146}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{50e3b0eb-5780-49de-9eb5-8d53a51fd146}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{50e3b0eb-5780-49de-9eb5-8d53a51fd146}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{50e3b0eb-5780-49de-9eb5-8d53a51fd146}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{5C85A128-86F7-41a4-B655-BEE3F2ADEF46}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{5C85A128-86F7-41a4-B655-BEE3F2ADEF46}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{5C85A128-86F7-41a4-B655-BEE3F2ADEF46}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{5C85A128-86F7-41a4-B655-BEE3F2ADEF46}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{5EE64AFB-398D-4edb-AF71-3B830219ABF7}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{5EE64AFB-398D-4edb-AF71-3B830219ABF7}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{5EE64AFB-398D-4edb-AF71-3B830219ABF7}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{5EE64AFB-398D-4edb-AF71-3B830219ABF7}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{63e0d0f7-ac2f-493b-a7f2-2f3ccdb66fca}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{63e0d0f7-ac2f-493b-a7f2-2f3ccdb66fca}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{63e0d0f7-ac2f-493b-a7f2-2f3ccdb66fca}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{63e0d0f7-ac2f-493b-a7f2-2f3ccdb66fca}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{67f1ec80-6c5b-43bb-860b-d47ae85242b1}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{67f1ec80-6c5b-43bb-860b-d47ae85242b1}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{67f1ec80-6c5b-43bb-860b-d47ae85242b1}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{67f1ec80-6c5b-43bb-860b-d47ae85242b1}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{72dbb5ac-6a91-46e6-885b-d429828bea2e}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{72dbb5ac-6a91-46e6-885b-d429828bea2e}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{72dbb5ac-6a91-46e6-885b-d429828bea2e}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{72dbb5ac-6a91-46e6-885b-d429828bea2e}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{7a54f16f-a73a-4258-ba46-a1e998a6aa74}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{7a54f16f-a73a-4258-ba46-a1e998a6aa74}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{7a54f16f-a73a-4258-ba46-a1e998a6aa74}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{7a54f16f-a73a-4258-ba46-a1e998a6aa74}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{85e0acd9-809a-482b-b60b-bcad1f8d0cd7}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{85e0acd9-809a-482b-b60b-bcad1f8d0cd7}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{85e0acd9-809a-482b-b60b-bcad1f8d0cd7}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{85e0acd9-809a-482b-b60b-bcad1f8d0cd7}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{88d4896f-f553-446a-9c75-9dec124ff8b7}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{88d4896f-f553-446a-9c75-9dec124ff8b7}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{88d4896f-f553-446a-9c75-9dec124ff8b7}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{88d4896f-f553-446a-9c75-9dec124ff8b7}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{8CC29128-0B57-4a2b-A7B9-A74A70BA6FA1}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{8CC29128-0B57-4a2b-A7B9-A74A70BA6FA1}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{8CC29128-0B57-4a2b-A7B9-A74A70BA6FA1}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{8CC29128-0B57-4a2b-A7B9-A74A70BA6FA1}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{8d39bd5b-81f8-4b94-a608-6a50bbff5d15}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{8d39bd5b-81f8-4b94-a608-6a50bbff5d15}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{8d39bd5b-81f8-4b94-a608-6a50bbff5d15}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{8d39bd5b-81f8-4b94-a608-6a50bbff5d15}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{95c162b7-5b71-44f8-82e4-abfd3108f40f}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{95c162b7-5b71-44f8-82e4-abfd3108f40f}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{95c162b7-5b71-44f8-82e4-abfd3108f40f}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{95c162b7-5b71-44f8-82e4-abfd3108f40f}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{9c5a40da-b965-4fc3-8781-88dd50a6299d}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{9c5a40da-b965-4fc3-8781-88dd50a6299d}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{9c5a40da-b965-4fc3-8781-88dd50a6299d}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{9c5a40da-b965-4fc3-8781-88dd50a6299d}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{a0d86e0d-3f06-411b-9dd5-35bc5666ff3e}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{a0d86e0d-3f06-411b-9dd5-35bc5666ff3e}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{a0d86e0d-3f06-411b-9dd5-35bc5666ff3e}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{a0d86e0d-3f06-411b-9dd5-35bc5666ff3e}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{a59f0643-a6ca-48e0-a7c4-4cdd258439e2}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{a59f0643-a6ca-48e0-a7c4-4cdd258439e2}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{a59f0643-a6ca-48e0-a7c4-4cdd258439e2}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{a59f0643-a6ca-48e0-a7c4-4cdd258439e2}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{abd0ea66-a840-44a9-97b1-fb74fddaa8c8}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{abd0ea66-a840-44a9-97b1-fb74fddaa8c8}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{abd0ea66-a840-44a9-97b1-fb74fddaa8c8}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{abd0ea66-a840-44a9-97b1-fb74fddaa8c8}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{b171ab1c-60e9-4301-a338-beab1c70b3e9}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{b171ab1c-60e9-4301-a338-beab1c70b3e9}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{b171ab1c-60e9-4301-a338-beab1c70b3e9}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{b171ab1c-60e9-4301-a338-beab1c70b3e9}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{bf2de437-b736-48fb-84a0-5f0c389a068e}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{bf2de437-b736-48fb-84a0-5f0c389a068e}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{bf2de437-b736-48fb-84a0-5f0c389a068e}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{bf2de437-b736-48fb-84a0-5f0c389a068e}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{C0F51D84-11B9-4e74-B083-99F11BA2DB0A}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{C0F51D84-11B9-4e74-B083-99F11BA2DB0A}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{C0F51D84-11B9-4e74-B083-99F11BA2DB0A}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{C0F51D84-11B9-4e74-B083-99F11BA2DB0A}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{c70949f5-bda4-4bf3-8121-af0bc174925f}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{c70949f5-bda4-4bf3-8121-af0bc174925f}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{c70949f5-bda4-4bf3-8121-af0bc174925f}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{c70949f5-bda4-4bf3-8121-af0bc174925f}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{c8544339-5be9-4f25-862e-485f1b1a6935}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{c8544339-5be9-4f25-862e-485f1b1a6935}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{c8544339-5be9-4f25-862e-485f1b1a6935}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{c8544339-5be9-4f25-862e-485f1b1a6935}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{d8bcedf8-46c3-440e-bc65-dfa6a5094054}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{d8bcedf8-46c3-440e-bc65-dfa6a5094054}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{d8bcedf8-46c3-440e-bc65-dfa6a5094054}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{d8bcedf8-46c3-440e-bc65-dfa6a5094054}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{E4CD2E3E-3852-4952-B76B-23BB8E35D344}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{E4CD2E3E-3852-4952-B76B-23BB8E35D344}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{E4CD2E3E-3852-4952-B76B-23BB8E35D344}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{E4CD2E3E-3852-4952-B76B-23BB8E35D344}\NameResource
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\WDI\Config
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\Config\ServerName
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RADAR
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RADAR\CLResolutionInterval
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RADAR\DisplayInterval
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RADAR\SkipWatson
HKEY_LOCAL_MACHINE\Software\Microsoft\RADAR\HeapLeakDetection\Settings
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\Settings\ReflectionInterval
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Locale
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Locale\Alternate Sorts
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Language Groups
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Locale\00000410
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Language Groups\1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontLink\SystemLink
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\DataStore_V1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\DataStore_V1.0\Disable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\DataStore_V1.0\DataFilePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane3
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane4
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane5
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane7
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane8
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane9
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane10
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane11
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane12
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane13
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane14
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane15
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane16
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Segoe UI
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{69486DD6-C19F-42E8-B508-A53F9F8E67B8}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{69486DD6-C19F-42E8-B508-A53F9F8E67B8}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{69486DD6-C19F-42E8-B508-A53F9F8E67B8}\Progid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{69486DD6-C19F-42E8-B508-A53F9F8E67B8}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{69486DD6-C19F-42E8-B508-A53F9F8E67B8}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{69486DD6-C19F-42E8-B508-A53F9F8E67B8}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{69486DD6-C19F-42E8-B508-A53F9F8E67B8}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EFB23A09-A867-4BE8-83A6-86969A7D0856}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EFB23A09-A867-4BE8-83A6-86969A7D0856}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EFB23A09-A867-4BE8-83A6-86969A7D0856}\Progid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{EFB23A09-A867-4BE8-83A6-86969A7D0856}\Progid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EFB23A09-A867-4BE8-83A6-86969A7D0856}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EFB23A09-A867-4BE8-83A6-86969A7D0856}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EFB23A09-A867-4BE8-83A6-86969A7D0856}\InProcServer32\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EFB23A09-A867-4BE8-83A6-86969A7D0856}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EFB23A09-A867-4BE8-83A6-86969A7D0856}\InProcServer32\ThreadingModel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EFB23A09-A867-4BE8-83A6-86969A7D0856}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EFB23A09-A867-4BE8-83A6-86969A7D0856}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Publishers
HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\eventlog\Microsoft-Windows-ReliabilityAnalysisComponent/Operational
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\Type
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\Enabled
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\FileMax
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\FileCounter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\BufferSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\MinBuffers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\MaxBuffers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\Latency
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\ClockType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\SidType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\Level
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\ControlGuid
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\MaxSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\MaxSizeUpper
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\Retention
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\AutoBackupLogFiles
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\File
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\FilterId
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\Isolation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\OwningPublisher
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\ChannelAccess
HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\eventlog\Microsoft-Windows-TaskScheduler/Operational
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Operational
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Operational\Type
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Operational\Enabled
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Operational\FileMax
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Operational\FileCounter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Operational\BufferSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Operational\MinBuffers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Operational\MaxBuffers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Operational\Latency
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Operational\ClockType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Operational\SidType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Operational\Level
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Operational\ControlGuid
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Operational\MaxSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Operational\MaxSizeUpper
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Operational\Retention
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Operational\AutoBackupLogFiles
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Operational\File
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Operational\FilterId
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Operational\Isolation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Operational\OwningPublisher
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Operational\ChannelAccess
HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\eventlog\Microsoft-Windows-TaskScheduler/Debug
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Debug
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Debug\Type
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Debug\Enabled
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Debug\FileMax
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Debug\FileCounter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Debug\BufferSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Debug\MinBuffers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Debug\MaxBuffers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Debug\Latency
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Debug\ClockType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Debug\SidType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Debug\Level
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Debug\KeywordsLower
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Debug\KeywordsUpper
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Debug\ControlGuid
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Debug\MaxSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Debug\MaxSizeUpper
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Debug\Retention
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Debug\AutoBackupLogFiles
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Debug\File
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Debug\FilterId
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Debug\Isolation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Debug\OwningPublisher
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Debug\ChannelAccess
HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\eventlog\Microsoft-Windows-TaskScheduler/Diagnostic
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Diagnostic
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Diagnostic\Type
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Diagnostic\Enabled
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Diagnostic\FileMax
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Diagnostic\FileCounter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Diagnostic\BufferSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Diagnostic\MinBuffers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Diagnostic\MaxBuffers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Diagnostic\Latency
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Diagnostic\ClockType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Diagnostic\SidType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Diagnostic\Level
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Diagnostic\KeywordsLower
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Diagnostic\KeywordsUpper
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Diagnostic\ControlGuid
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Diagnostic\MaxSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Diagnostic\MaxSizeUpper
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Diagnostic\Retention
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Diagnostic\AutoBackupLogFiles
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Diagnostic\File
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Diagnostic\FilterId
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Diagnostic\Isolation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Diagnostic\OwningPublisher
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Diagnostic\ChannelAccess
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\eventlog\Application\Application Error
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\Application\Application Error\ProviderGuid
HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\eventlog\Microsoft-Windows-WER-Diag/Operational
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-WER-Diag/Operational
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-WER-Diag/Operational\Type
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-WER-Diag/Operational\Enabled
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-WER-Diag/Operational\FileMax
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-WER-Diag/Operational\FileCounter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-WER-Diag/Operational\BufferSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-WER-Diag/Operational\MinBuffers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-WER-Diag/Operational\MaxBuffers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-WER-Diag/Operational\Latency
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-WER-Diag/Operational\ClockType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-WER-Diag/Operational\SidType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-WER-Diag/Operational\Level
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-WER-Diag/Operational\ControlGuid
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-WER-Diag/Operational\MaxSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-WER-Diag/Operational\MaxSizeUpper
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-WER-Diag/Operational\Retention
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-WER-Diag/Operational\AutoBackupLogFiles
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-WER-Diag/Operational\File
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-WER-Diag/Operational\FilterId
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-WER-Diag/Operational\Isolation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-WER-Diag/Operational\OwningPublisher
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-WER-Diag/Operational\ChannelAccess
HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\eventlog\Microsoft-Windows-Fault-Tolerant-Heap/Operational
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Fault-Tolerant-Heap/Operational
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Fault-Tolerant-Heap/Operational\Type
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Fault-Tolerant-Heap/Operational\Enabled
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Fault-Tolerant-Heap/Operational\FileMax
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Fault-Tolerant-Heap/Operational\FileCounter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Fault-Tolerant-Heap/Operational\BufferSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Fault-Tolerant-Heap/Operational\MinBuffers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Fault-Tolerant-Heap/Operational\MaxBuffers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Fault-Tolerant-Heap/Operational\Latency
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Fault-Tolerant-Heap/Operational\ClockType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Fault-Tolerant-Heap/Operational\SidType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Fault-Tolerant-Heap/Operational\Level
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Fault-Tolerant-Heap/Operational\ControlGuid
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Fault-Tolerant-Heap/Operational\MaxSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Fault-Tolerant-Heap/Operational\MaxSizeUpper
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Fault-Tolerant-Heap/Operational\Retention
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Fault-Tolerant-Heap/Operational\AutoBackupLogFiles
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Fault-Tolerant-Heap/Operational\File
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Fault-Tolerant-Heap/Operational\FilterId
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Fault-Tolerant-Heap/Operational\Isolation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Fault-Tolerant-Heap/Operational\OwningPublisher
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Fault-Tolerant-Heap/Operational\ChannelAccess
HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\eventlog\Microsoft-Windows-Known Folders API Service
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Known Folders API Service
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Known Folders API Service\Type
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Known Folders API Service\Enabled
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Known Folders API Service\FileMax
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Known Folders API Service\FileCounter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Known Folders API Service\BufferSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Known Folders API Service\MinBuffers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Known Folders API Service\MaxBuffers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Known Folders API Service\Latency
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Known Folders API Service\ClockType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Known Folders API Service\SidType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Known Folders API Service\Level
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Known Folders API Service\ControlGuid
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Known Folders API Service\MaxSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Known Folders API Service\MaxSizeUpper
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Known Folders API Service\Retention
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Known Folders API Service\AutoBackupLogFiles
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Known Folders API Service\File
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Known Folders API Service\FilterId
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Known Folders API Service\Isolation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Known Folders API Service\OwningPublisher
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Known Folders API Service\ChannelAccess
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\eventlog\Application\Windows Error Reporting
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\Application\Windows Error Reporting\ProviderGuid
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\eventlog\System\DCOM
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\System\DCOM\ProviderGuid
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost\WerSvcGroup
HKEY_USERS\.DEFAULT\Control Panel\International
HKEY_USERS\.DEFAULT\Control Panel\International\LocaleName
HKEY_USERS\.DEFAULT\Control Panel\International\sCountry
HKEY_USERS\.DEFAULT\Control Panel\International\sList
HKEY_USERS\.DEFAULT\Control Panel\International\sDecimal
HKEY_USERS\.DEFAULT\Control Panel\International\sThousand
HKEY_USERS\.DEFAULT\Control Panel\International\sGrouping
HKEY_USERS\.DEFAULT\Control Panel\International\sNativeDigits
HKEY_USERS\.DEFAULT\Control Panel\International\sCurrency
HKEY_USERS\.DEFAULT\Control Panel\International\sMonDecimalSep
HKEY_USERS\.DEFAULT\Control Panel\International\sMonThousandSep
HKEY_USERS\.DEFAULT\Control Panel\International\sMonGrouping
HKEY_USERS\.DEFAULT\Control Panel\International\sPositiveSign
HKEY_USERS\.DEFAULT\Control Panel\International\sNegativeSign
HKEY_USERS\.DEFAULT\Control Panel\International\sTimeFormat
HKEY_USERS\.DEFAULT\Control Panel\International\sShortTime
HKEY_USERS\.DEFAULT\Control Panel\International\s1159
HKEY_USERS\.DEFAULT\Control Panel\International\s2359
HKEY_USERS\.DEFAULT\Control Panel\International\sShortDate
HKEY_USERS\.DEFAULT\Control Panel\International\sYearMonth
HKEY_USERS\.DEFAULT\Control Panel\International\sLongDate
HKEY_USERS\.DEFAULT\Control Panel\International\iCountry
HKEY_USERS\.DEFAULT\Control Panel\International\iMeasure
HKEY_USERS\.DEFAULT\Control Panel\International\iPaperSize
HKEY_USERS\.DEFAULT\Control Panel\International\iDigits
HKEY_USERS\.DEFAULT\Control Panel\International\iLZero
HKEY_USERS\.DEFAULT\Control Panel\International\iNegNumber
HKEY_USERS\.DEFAULT\Control Panel\International\NumShape
HKEY_USERS\.DEFAULT\Control Panel\International\iCurrDigits
HKEY_USERS\.DEFAULT\Control Panel\International\iCurrency
HKEY_USERS\.DEFAULT\Control Panel\International\iNegCurr
HKEY_USERS\.DEFAULT\Control Panel\International\iCalendarType
HKEY_USERS\.DEFAULT\Control Panel\International\iFirstDayOfWeek
HKEY_USERS\.DEFAULT\Control Panel\International\iFirstWeekOfYear
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wersvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WerSvc\Parameters
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WerSvc\Parameters\ServiceDll
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WerSvc\Parameters\ServiceManifest
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WerSvc\Parameters\ServiceMain
HKEY_LOCAL_MACHINE
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Windows Error Reporting
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\ServiceTimeout
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WerSvc\Parameters\ServiceDllUnloadOnStop
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\NoReflection
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\Windows Error Reporting\NoReflection
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\PropertyBag
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dllhost.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost\netsvcs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost\netsvcs\CoInitializeSecurityParam
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost\netsvcs\AuthenticationLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost\netsvcs\ImpersonationLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost\netsvcs\AuthenticationCapabilities
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost\netsvcs\CoInitializeSecurityAppID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost\netsvcs\DeferredCoInitializeSecurityServices
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost\netsvcs\DefaultRpcStackSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost\netsvcs\SystemCritical
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\svchost.exe
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AeLookupSvc\Parameters
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AeLookupSvc\Parameters\ServiceDll
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AeLookupSvc\Parameters\ServiceManifest
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AeLookupSvc\Parameters\ServiceMain
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AeLookupSvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AeLookupSvc\MaximumThreadCount
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AeLookupSvc\EnableDebugOutput
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\Parameters
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\Parameters\ServiceDll
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\Parameters\ServiceManifest
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\Parameters\ServiceMain
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AeLookupSvc\Parameters\ServiceDllUnloadOnStop
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\LogFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\LogFileFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\LogFileMinMemory
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Themes\Parameters
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Themes\Parameters\ServiceDll
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Themes\Parameters\ServiceManifest
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Themes\Parameters\ServiceMain
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Performance
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\Performance\First Counter
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\Performance\First Help
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\Performance\Last Counter
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\Performance\Last Help
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\Performance\PerfMMFileName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ThemeManager
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ThemeManager\ServerChangeNumber
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ShellHWDetection\Parameters
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ShellHWDetection\Parameters\ServiceDll
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ShellHWDetection\Parameters\ServiceManifest
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ShellHWDetection\Parameters\ServiceMain
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\schedule
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Schedule\Parameters
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Schedule\Parameters\ServiceDll
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Schedule\Parameters\ServiceManifest
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Schedule\Parameters\ServiceMain
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\lanmanserver
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\Parameters
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\Parameters\ServiceDll
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\Parameters\ServiceManifest
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\Parameters\ServiceMain
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\BackupRestore\FilesNotToBackup
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\BackupRestore\FilesNotToBackup\BITS_metadata
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\BITS
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\JobInactivityTimeout
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\TimeQuantaLength
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\JobNoProgressTimeout
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\JobMinimumRetryDelay
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\TransferBufferSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\SleepAtCallbackBegin
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\SleepAtCallbackEnd
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\SleepAtCallbackDuration
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\TestFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\ForceFileFlush
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ShellHWDetection\Parameters
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ShellHWDetection\Parameters\Config
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\UseLmCompat
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\SQMClient\Windows
HKEY_LOCAL_MACHINE\Software\Microsoft\SQMClient\Windows
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\Windows\CEIPEnable
HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc\SecurityService
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\SecurityService\10
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\LsaExtensionConfig\SspiCli
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\LsaExtensionConfig\SspiCli\CheckSignatureDll
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\LsaExtensionConfig\SspiCli\CheckSignatureRoutine
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{00000134-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{00000134-0000-0000-C000-000000000046}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{00000134-0000-0000-C000-000000000046}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SecurityProviders
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\SspiCache
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\Name
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\Comment
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\Capabilities
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\RpcId
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\Version
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\Type
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\TokenSize
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders\SaslProfiles
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\Windows\DisabledProcesses\AECFFC7E
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CredWom
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CredWom\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DD522ACC-F821-461A-A407-50B198B896DC}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DD522ACC-F821-461A-A407-50B198B896DC}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DD522ACC-F821-461A-A407-50B198B896DC}\Progid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DD522ACC-F821-461A-A407-50B198B896DC}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DD522ACC-F821-461A-A407-50B198B896DC}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DD522ACC-F821-461A-A407-50B198B896DC}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DD522ACC-F821-461A-A407-50B198B896DC}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLE\MaxSxSHashCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\Configuration
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\Configuration\DataVersion
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\Configuration\EnableBackCompat
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\Configuration\MissedTasksStartupDelay
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\Configuration\TasksInMemoryQueue
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\Configuration\TasksPerHighestPrivEngine
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\Configuration\TasksPerLeastPrivEngine
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\Configuration\TracingLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\Configuration\WindowSeconds
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{555F3418-D99E-4E51-800A-6E89CFD8B1D7}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{555F3418-D99E-4E51-800A-6E89CFD8B1D7}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{555F3418-D99E-4E51-800A-6E89CFD8B1D7}\Progid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{555F3418-D99E-4E51-800A-6E89CFD8B1D7}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{555F3418-D99E-4E51-800A-6E89CFD8B1D7}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{555F3418-D99E-4E51-800A-6E89CFD8B1D7}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{555F3418-D99E-4E51-800A-6E89CFD8B1D7}\InprocHandler
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\Linkage
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\Parameters
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\ShareProviders
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\DefaultSecurity
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\Parameters\Guid
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\AutotunedParameters
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\Shares
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\Shares\Security
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\Parameters\DontNotifyIcf
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\Parameters\DontPropagateIcfFailure
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\Parameters\DontStartBrowserOnIcfOpen
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\Parameters\SqmUpdateInterval
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\Parameters\Size
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\lanmanserver\DefaultSecurity
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\DefaultSecurity\AnonymousDescriptorsUpgraded
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\RestrictAnonymous
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\Parameters\Level2Compatibility
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\DefaultSecurity\PreviousAnonymousRestriction
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\DefaultSecurity\InteractiveDescriptorsRegenerated
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\DefaultSecurity\SessionSecurityDescriptorRegenerated
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\DefaultSecurity\SrvsvcConfigInfo
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\DefaultSecurity\SrvsvcTransportEnum
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\DefaultSecurity\SrvsvcConnection
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\DefaultSecurity\SrvsvcServerDiskEnum
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\DefaultSecurity\SrvsvcFile
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\DefaultSecurity\SrvsvcSessionInfo
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\DefaultSecurity\SrvsvcDefaultShareInfo
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\DefaultSecurity\SrvsvcShareFileInfo
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\DefaultSecurity\SrvsvcSharePrintInfo
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\DefaultSecurity\SrvsvcShareAdminInfo
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\DefaultSecurity\SrvsvcShareChange
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\DefaultSecurity\SrvsvcShareConnect
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\DefaultSecurity\SrvsvcShareAdminConnect
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\DefaultSecurity\SrvsvcStatisticsInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\IGDSearcherDLL
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\ShareProviders
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\Handshake
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\DisableDownlevelCompatibilityPlugin
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SchedulingAgent
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SchedulingAgent\LogPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SchedulingAgent\MaxLogSizeKB
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SchedulingAgent\TasksFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2085F28-FEB7-404A-B8E7-E659BDEAAA02}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2085F28-FEB7-404A-B8E7-E659BDEAAA02}\TreatAs
HKEY_LOCAL_MACHINE\System\Setup
HKEY_USERS\S-1-5-21-1822907384-1282624486-319450072-1000\Control Panel\International
HKEY_USERS\S-1-5-21-1822907384-1282624486-319450072-1000\Control Panel\International\LocaleName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SchedulingAgent\NotifyOnTaskMiss
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SchedulingAgent\ViewHiddenTasks
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SchedulingAgent\OldName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SubmitControl
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Rpc\Linkage
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\DeviceClasses\{53F5630D-B6BF-11D0-94F2-00A0C91EFB8B}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\DeviceClasses\{53F5630D-B6BF-11D0-94F2-00A0C91EFB8B}\NoSoftEject
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\HashingCompleted
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\DisableRpcOverTcp
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\WinSock2\Parameters
HKEY_LOCAL_MACHINE\SYSTEM\Setup\Upgrade
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\DomainJoinDetected
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F5A18EB-DC73-4E45-A11C-B59043598412}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F5A18EB-DC73-4E45-A11C-B59043598412}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6DD68AC2-29D2-4FF8-A7C8-4FAF5BFA0E39}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6DD68AC2-29D2-4FF8-A7C8-4FAF5BFA0E39}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{72DB7465-BC54-491B-A92A-4637A28C9BBF}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{72DB7465-BC54-491B-A92A-4637A28C9BBF}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{994C86AD-A929-4B2C-88A0-4E25A107A029}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{994C86AD-A929-4B2C-88A0-4E25A107A029}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D7B6E81D-3CF4-432C-84D2-24213F4316E6}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D7B6E81D-3CF4-432C-84D2-24213F4316E6}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB02381F-D652-4B1C-894A-712498C62C51}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB02381F-D652-4B1C-894A-712498C62C51}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\CertificateServicesClient\SystemTask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\CertificateServicesClient\SystemTask\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F5A18EB-DC73-4E45-A11C-B59043598412}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F5A18EB-DC73-4E45-A11C-B59043598412}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\SchedulingEngineKnob
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\Aliases
HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{58FB76B9-AC85-4E55-AC04-427593B1D060}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{58FB76B9-AC85-4E55-AC04-427593B1D060}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F5A18EB-DC73-4E45-A11C-B59043598412}\DynamicInfo
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\Parameters\ServiceDllUnloadOnStop
HKEY_LOCAL_MACHINE\SYSTEM\Setup
HKEY_LOCAL_MACHINE\SYSTEM\Setup\SystemPartition
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\BITS\Throttling
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\StatefileChunk
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\StatefileWriteBuffer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\StateIndex
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RecordingRestart
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RecordingRestart\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6DD68AC2-29D2-4FF8-A7C8-4FAF5BFA0E39}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6DD68AC2-29D2-4FF8-A7C8-4FAF5BFA0E39}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6DD68AC2-29D2-4FF8-A7C8-4FAF5BFA0E39}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{72DB7465-BC54-491B-A92A-4637A28C9BBF}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{72DB7465-BC54-491B-A92A-4637A28C9BBF}\Triggers
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\BackupRestore\FilesNotToBackup
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\BackupRestore\FilesNotToBackup\BITS_LOG
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\BackupRestore\FilesNotToBackup\BITS_BAK
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{72DB7465-BC54-491B-A92A-4637A28C9BBF}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SystemRestore\SR
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SystemRestore\SR\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{994C86AD-A929-4B2C-88A0-4E25A107A029}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{994C86AD-A929-4B2C-88A0-4E25A107A029}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{994C86AD-A929-4B2C-88A0-4E25A107A029}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Autochk\Proxy
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Autochk\Proxy\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D7B6E81D-3CF4-432C-84D2-24213F4316E6}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D7B6E81D-3CF4-432C-84D2-24213F4316E6}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D7B6E81D-3CF4-432C-84D2-24213F4316E6}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MUI\LPRemove
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MUI\LPRemove\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB02381F-D652-4B1C-894A-712498C62C51}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB02381F-D652-4B1C-894A-712498C62C51}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB02381F-D652-4B1C-894A-712498C62C51}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01AE1CD5-23D1-4B8C-B118-6F70E4B13019}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01AE1CD5-23D1-4B8C-B118-6F70E4B13019}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0E0931AF-7911-4AE5-8FDB-971E157234B3}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0E0931AF-7911-4AE5-8FDB-971E157234B3}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2470470F-2634-478E-B181-571E98A789BB}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2470470F-2634-478E-B181-571E98A789BB}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{28011108-68DF-4C73-B91B-57427D501BBA}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{28011108-68DF-4C73-B91B-57427D501BBA}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C513E04-9757-4167-A0CD-5B485ED9ABC6}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C513E04-9757-4167-A0CD-5B485ED9ABC6}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{458AD310-8828-4E4A-976E-55B7F1724152}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{458AD310-8828-4E4A-976E-55B7F1724152}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{486D715E-6AA2-44CF-BC48-B6990CBB53C6}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{486D715E-6AA2-44CF-BC48-B6990CBB53C6}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C8B01A2-11FF-4C41-848F-508EF4F00CF7}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C8B01A2-11FF-4C41-848F-508EF4F00CF7}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B42DD9C-5A26-4F27-BB95-34603F0997E5}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B42DD9C-5A26-4F27-BB95-34603F0997E5}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{613612BA-897D-44CE-8DC1-8FC283F9FD51}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{613612BA-897D-44CE-8DC1-8FC283F9FD51}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7AFCC0CA-7121-422A-AB45-B0E8D599FF08}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7AFCC0CA-7121-422A-AB45-B0E8D599FF08}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7BB9AB04-19C4-4ED4-9E39-842EE25E4F34}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7BB9AB04-19C4-4ED4-9E39-842EE25E4F34}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{90F611E2-877D-473D-BC36-5623044532AE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{90F611E2-877D-473D-BC36-5623044532AE}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A35BB7A6-5F0C-4C9F-8450-2B3BED532D51}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A35BB7A6-5F0C-4C9F-8450-2B3BED532D51}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0250F3F-6480-484F-B719-42F659AC64D5}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0250F3F-6480-484F-B719-42F659AC64D5}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB97BAC0-E76F-421D-BFE3-12EAA69CE705}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB97BAC0-E76F-421D-BFE3-12EAA69CE705}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01AE1CD5-23D1-4B8C-B118-6F70E4B13019}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01AE1CD5-23D1-4B8C-B118-6F70E4B13019}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01AE1CD5-23D1-4B8C-B118-6F70E4B13019}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SideShow\GadgetManager
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SideShow\GadgetManager\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0E0931AF-7911-4AE5-8FDB-971E157234B3}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0E0931AF-7911-4AE5-8FDB-971E157234B3}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FF87090D-4A9A-4F47-879B-29A80C355D61}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FF87090D-4A9A-4F47-879B-29A80C355D61}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0E0931AF-7911-4AE5-8FDB-971E157234B3}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Multimedia\SystemSoundsService
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Multimedia\SystemSoundsService\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2470470F-2634-478E-B181-571E98A789BB}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2470470F-2634-478E-B181-571E98A789BB}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2DEA658F-54C1-4227-AF9B-260AB5FC3543}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2DEA658F-54C1-4227-AF9B-260AB5FC3543}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2470470F-2634-478E-B181-571E98A789BB}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual)\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{28011108-68DF-4C73-B91B-57427D501BBA}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{28011108-68DF-4C73-B91B-57427D501BBA}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BF5CB148-7C77-4D8A-A53E-D81C70CF743C}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BF5CB148-7C77-4D8A-A53E-D81C70CF743C}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{28011108-68DF-4C73-B91B-57427D501BBA}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SideShow\SystemDataProviders
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SideShow\SystemDataProviders\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C513E04-9757-4167-A0CD-5B485ED9ABC6}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C513E04-9757-4167-A0CD-5B485ED9ABC6}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7CCA6768-8373-4D28-8876-83E8B4E3A969}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7CCA6768-8373-4D28-8876-83E8B4E3A969}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C513E04-9757-4167-A0CD-5B485ED9ABC6}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SideShow\AutoWake
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SideShow\AutoWake\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{458AD310-8828-4E4A-976E-55B7F1724152}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{458AD310-8828-4E4A-976E-55B7F1724152}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E51DFD48-AA36-4B45-BB52-E831F02E8316}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E51DFD48-AA36-4B45-BB52-E831F02E8316}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{458AD310-8828-4E4A-976E-55B7F1724152}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Shell\WindowsParentalControlsMigration
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Shell\WindowsParentalControlsMigration\Id
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Custom\wmplayer.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{486D715E-6AA2-44CF-BC48-B6990CBB53C6}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{486D715E-6AA2-44CF-BC48-B6990CBB53C6}\Triggers
HKEY_LOCAL_MACHINE\SYSTEM\Setup\UpgradeInProgress
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Safeboot\Option
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VSS\VssAccessControl
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{343D770D-7788-47C2-B62A-B7C4CED925CB}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{343D770D-7788-47C2-B62A-B7C4CED925CB}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{486D715E-6AA2-44CF-BC48-B6990CBB53C6}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\TextServicesFramework\MsCtfMonitor
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\TextServicesFramework\MsCtfMonitor\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C8B01A2-11FF-4C41-848F-508EF4F00CF7}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C8B01A2-11FF-4C41-848F-508EF4F00CF7}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01575CFE-9A55-4003-A5E1-F38D1EBDCBE1}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01575CFE-9A55-4003-A5E1-F38D1EBDCBE1}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C8B01A2-11FF-4C41-848F-508EF4F00CF7}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Shell\WindowsParentalControls
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Shell\WindowsParentalControls\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B42DD9C-5A26-4F27-BB95-34603F0997E5}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B42DD9C-5A26-4F27-BB95-34603F0997E5}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DFA14C43-F385-4170-99CC-1B7765FA0E4A}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DFA14C43-F385-4170-99CC-1B7765FA0E4A}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B42DD9C-5A26-4F27-BB95-34603F0997E5}\DynamicInfo
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VSS\Settings
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Settings\ActiveWriterStateTimeout
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VSS\Diag
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\(Default)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VSS\Diag\BITS Writer
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Settings\TornComponentsMax
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated)\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{613612BA-897D-44CE-8DC1-8FC283F9FD51}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{613612BA-897D-44CE-8DC1-8FC283F9FD51}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CF2CF428-325B-48D3-8CA8-7633E36E5A32}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CF2CF428-325B-48D3-8CA8-7633E36E5A32}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{613612BA-897D-44CE-8DC1-8FC283F9FD51}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\CertificateServicesClient\UserTask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\CertificateServicesClient\UserTask\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7AFCC0CA-7121-422A-AB45-B0E8D599FF08}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7AFCC0CA-7121-422A-AB45-B0E8D599FF08}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7AFCC0CA-7121-422A-AB45-B0E8D599FF08}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Offline Files\Logon Synchronization
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Offline Files\Logon Synchronization\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7BB9AB04-19C4-4ED4-9E39-842EE25E4F34}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7BB9AB04-19C4-4ED4-9E39-842EE25E4F34}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{00000100-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{00000100-0000-0000-C000-000000000046}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{00000100-0000-0000-C000-000000000046}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FA3F3DD9-4C1A-456B-A8FA-C76EF3ED83B8}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FA3F3DD9-4C1A-456B-A8FA-C76EF3ED83B8}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7BB9AB04-19C4-4ED4-9E39-842EE25E4F34}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SideShow\SessionAgent
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SideShow\SessionAgent\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{90F611E2-877D-473D-BC36-5623044532AE}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{90F611E2-877D-473D-BC36-5623044532AE}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{609B9555-4FB6-11D1-9971-00C04FBBB345}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{609B9555-4FB6-11D1-9971-00C04FBBB345}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{609B9555-4FB6-11D1-9971-00C04FBBB345}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{45F26E9E-6199-477F-85DA-AF1EDFE067B1}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{45F26E9E-6199-477F-85DA-AF1EDFE067B1}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{90F611E2-877D-473D-BC36-5623044532AE}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WindowsColorSystem\Calibration Loader
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WindowsColorSystem\Calibration Loader\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A35BB7A6-5F0C-4C9F-8450-2B3BED532D51}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A35BB7A6-5F0C-4C9F-8450-2B3BED532D51}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{609B9557-4FB6-11D1-9971-00C04FBBB345}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{609B9557-4FB6-11D1-9971-00C04FBBB345}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{609B9557-4FB6-11D1-9971-00C04FBBB345}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B210D694-C8DF-490D-9576-9E20CDBC20BD}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B210D694-C8DF-490D-9576-9E20CDBC20BD}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A35BB7A6-5F0C-4C9F-8450-2B3BED532D51}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Error Reporting\QueueReporting
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Error Reporting\QueueReporting\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0250F3F-6480-484F-B719-42F659AC64D5}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0250F3F-6480-484F-B719-42F659AC64D5}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0250F3F-6480-484F-B719-42F659AC64D5}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MobilePC\HotStart
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MobilePC\HotStart\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB97BAC0-E76F-421D-BFE3-12EAA69CE705}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB97BAC0-E76F-421D-BFE3-12EAA69CE705}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{06DA0625-9701-43DA-BFD7-FBEEA2180A1E}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB97BAC0-E76F-421D-BFE3-12EAA69CE705}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{044A6734-E90E-4F8F-B357-B2DC8AB3B5EC}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{044A6734-E90E-4F8F-B357-B2DC8AB3B5EC}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{046FBEF8-2DD6-4A92-A08E-608464EDCC44}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{046FBEF8-2DD6-4A92-A08E-608464EDCC44}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{088482FA-65B8-4E17-9ABF-1DCD48E8D373}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{088482FA-65B8-4E17-9ABF-1DCD48E8D373}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09F06BFE-A3C8-40E3-846A-6E6F4000C238}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09F06BFE-A3C8-40E3-846A-6E6F4000C238}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1AF4338F-6C18-4FC7-9691-7BF990A00048}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1AF4338F-6C18-4FC7-9691-7BF990A00048}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F7B7221-AE8F-44F3-BA82-F7D260F51964}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F7B7221-AE8F-44F3-BA82-F7D260F51964}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2171D673-DA91-42EB-99AA-8377558033A6}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2171D673-DA91-42EB-99AA-8377558033A6}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{384D247E-5044-403E-8815-663857F019E4}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{384D247E-5044-403E-8815-663857F019E4}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{47536D45-EEEC-4BDC-8183-A4DC1F8DA9E4}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{47536D45-EEEC-4BDC-8183-A4DC1F8DA9E4}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F50E1B5-2F4B-4EFE-AE7A-842B3315F32F}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F50E1B5-2F4B-4EFE-AE7A-842B3315F32F}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F7CC921-910F-4928-A3C6-140C6114A475}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F7CC921-910F-4928-A3C6-140C6114A475}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{502CD1F9-96CB-4A12-A9B3-B6E0B1A39F24}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{502CD1F9-96CB-4A12-A9B3-B6E0B1A39F24}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A40E926-9E86-4B89-9CFD-B12311724371}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A40E926-9E86-4B89-9CFD-B12311724371}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C0AEEEA-C154-45BE-8499-BEA5F11BAFF6}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C0AEEEA-C154-45BE-8499-BEA5F11BAFF6}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6738BA6E-EA75-4B6B-B8B8-71F0336DD8EF}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6738BA6E-EA75-4B6B-B8B8-71F0336DD8EF}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E0CAA7B-B2E3-426E-9EBC-D2E0F803CE6B}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E0CAA7B-B2E3-426E-9EBC-D2E0F803CE6B}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{753C47AE-EC5E-44B3-95A9-2C8E553F0E39}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{753C47AE-EC5E-44B3-95A9-2C8E553F0E39}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{786F5419-95A1-4B6A-82DE-32EF997C5BD9}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{786F5419-95A1-4B6A-82DE-32EF997C5BD9}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C6FA9F4-69A9-419C-8646-AD6F7EC02D09}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C6FA9F4-69A9-419C-8646-AD6F7EC02D09}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{81540B9F-B5BF-47EB-9C95-BE195BF2C664}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{81540B9F-B5BF-47EB-9C95-BE195BF2C664}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{82E14523-E495-4D88-BA3A-2BC274EF1200}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{82E14523-E495-4D88-BA3A-2BC274EF1200}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{83687E64-03CD-4A47-8CBB-508DD54B726E}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{83687E64-03CD-4A47-8CBB-508DD54B726E}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{888700E2-603D-461E-BC12-C17DFE30776F}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{888700E2-603D-461E-BC12-C17DFE30776F}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C04A2AF-1DC1-4B64-8B32-FE6389548119}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C04A2AF-1DC1-4B64-8B32-FE6389548119}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9435F817-FED2-454E-88CD-7F78FDA62C48}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{94AA3293-B515-4FA7-A36B-3CFA64BA5BE3}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{94AA3293-B515-4FA7-A36B-3CFA64BA5BE3}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9979CB83-103A-4105-9E5D-C74B0AF6D198}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9979CB83-103A-4105-9E5D-C74B0AF6D198}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F7C4864-F6AA-4F3B-84D8-DBAD7E51692E}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F7C4864-F6AA-4F3B-84D8-DBAD7E51692E}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A05D6C16-6A14-4759-9D8D-E492E894DE9F}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A05D6C16-6A14-4759-9D8D-E492E894DE9F}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A48CABBF-24C8-4B87-B00F-9261807C3B43}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A48CABBF-24C8-4B87-B00F-9261807C3B43}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A4E48BB8-F9A1-445E-86A4-E5C29BBE1347}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A4E48BB8-F9A1-445E-86A4-E5C29BBE1347}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A6AF9377-77CE-47AB-AD7D-EC32CAD0C82D}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A6AF9377-77CE-47AB-AD7D-EC32CAD0C82D}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A7C73732-9F11-4281-8D19-764D4EC9D94D}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A7C73732-9F11-4281-8D19-764D4EC9D94D}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC4E5ACF-89F7-4220-BA21-81EE183975E2}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC4E5ACF-89F7-4220-BA21-81EE183975E2}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC668097-4D6B-4093-AC14-014C09DBF820}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC668097-4D6B-4093-AC14-014C09DBF820}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B0CBAB43-44FC-469B-A4CE-87426761FDCE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B0CBAB43-44FC-469B-A4CE-87426761FDCE}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BE669C13-8165-4536-96D0-6D6C39292AAE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BE669C13-8165-4536-96D0-6D6C39292AAE}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C016366B-7126-46CA-B36B-592A3D95A60B}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C016366B-7126-46CA-B36B-592A3D95A60B}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C0383FC4-F308-468A-8459-367B3A33AD15}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C0383FC4-F308-468A-8459-367B3A33AD15}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C10E7971-5E9E-4140-884E-DE663DA8BDD6}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C10E7971-5E9E-4140-884E-DE663DA8BDD6}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA4B8FF2-A4D2-4D88-A52E-3A5BDAF7F56E}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA4B8FF2-A4D2-4D88-A52E-3A5BDAF7F56E}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CB3D64BF-C0C9-45FF-BFB0-FF1A8F680186}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CB3D64BF-C0C9-45FF-BFB0-FF1A8F680186}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CEE64558-E1A7-4D9D-80A7-2001912BE5B5}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CEE64558-E1A7-4D9D-80A7-2001912BE5B5}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DA41DE71-8431-42FB-9DB0-EB64A961DEAD}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DA41DE71-8431-42FB-9DB0-EB64A961DEAD}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DD9F510C-95F4-499A-90C8-BAC5BC372FF4}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DD9F510C-95F4-499A-90C8-BAC5BC372FF4}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E22A8667-F75B-4BA9-BA46-067ED4429DE8}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E22A8667-F75B-4BA9-BA46-067ED4429DE8}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3163C33-301D-4730-A266-5518C5ED3967}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3163C33-301D-4730-A266-5518C5ED3967}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EACA24FF-236C-401D-A1E7-B3D5267B8A50}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EACA24FF-236C-401D-A1E7-B3D5267B8A50}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ECDE38D5-1A9E-41D2-97A0-0CBAD890B0BE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ECDE38D5-1A9E-41D2-97A0-0CBAD890B0BE}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F15EACD7-1AC9-4C6C-B1F2-C00C5844037B}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F15EACD7-1AC9-4C6C-B1F2-C00C5844037B}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F5D967A9-73DF-416F-9CF2-357B94578ADE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F5D967A9-73DF-416F-9CF2-357B94578ADE}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FA2BC0A6-8D4B-458A-85C8-2B8C72487513}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FA2BC0A6-8D4B-458A-85C8-2B8C72487513}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FAB6B964-B7AA-43C5-B2D3-C48E363455EE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FAB6B964-B7AA-43C5-B2D3-C48E363455EE}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FB3C354D-297A-4EB2-9B58-090F6361906B}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FB3C354D-297A-4EB2-9B58-090F6361906B}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FCA58FB2-231F-4DAA-BCA0-77602B638485}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FCA58FB2-231F-4DAA-BCA0-77602B638485}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FDD56C73-F0D5-41B6-B767-6EFFD7966428}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FDD56C73-F0D5-41B6-B767-6EFFD7966428}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE1253D1-1B7F-4E2C-A4F7-BCC472C6D87E}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE1253D1-1B7F-4E2C-A4F7-BCC472C6D87E}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Time Synchronization\SynchronizeTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Time Synchronization\SynchronizeTime\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{044A6734-E90E-4F8F-B357-B2DC8AB3B5EC}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{044A6734-E90E-4F8F-B357-B2DC8AB3B5EC}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{044A6734-E90E-4F8F-B357-B2DC8AB3B5EC}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{659CDEA7-489E-11D9-A9CD-000D56965251}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{659CDEA7-489E-11D9-A9CD-000D56965251}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{659CDEA7-489E-11D9-A9CD-000D56965251}\Progid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{659CDEA7-489E-11D9-A9CD-000D56965251}\Progid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{659CDEA7-489E-11D9-A9CD-000D56965251}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{659CDEA7-489E-11D9-A9CD-000D56965251}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{659CDEA7-489E-11D9-A9CD-000D56965251}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{659CDEA7-489E-11D9-A9CD-000D56965251}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03CA98D6-FF5D-49B8-ABC6-03DD84127020}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03CA98D6-FF5D-49B8-ABC6-03DD84127020}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03CA98D6-FF5D-49B8-ABC6-03DD84127020}\Progid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{03CA98D6-FF5D-49B8-ABC6-03DD84127020}\Progid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03CA98D6-FF5D-49B8-ABC6-03DD84127020}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03CA98D6-FF5D-49B8-ABC6-03DD84127020}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03CA98D6-FF5D-49B8-ABC6-03DD84127020}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03CA98D6-FF5D-49B8-ABC6-03DD84127020}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6D18AD12-BDE3-4393-B311-099C346E6DF9}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6D18AD12-BDE3-4393-B311-099C346E6DF9}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6D18AD12-BDE3-4393-B311-099C346E6DF9}\Progid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{6D18AD12-BDE3-4393-B311-099C346E6DF9}\Progid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6D18AD12-BDE3-4393-B311-099C346E6DF9}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6D18AD12-BDE3-4393-B311-099C346E6DF9}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6D18AD12-BDE3-4393-B311-099C346E6DF9}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6D18AD12-BDE3-4393-B311-099C346E6DF9}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F087771F-D74F-4C1A-BB8A-E16ACA9124EA}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F087771F-D74F-4C1A-BB8A-E16ACA9124EA}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F087771F-D74F-4C1A-BB8A-E16ACA9124EA}\Progid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{F087771F-D74F-4C1A-BB8A-E16ACA9124EA}\Progid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F087771F-D74F-4C1A-BB8A-E16ACA9124EA}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F087771F-D74F-4C1A-BB8A-E16ACA9124EA}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F087771F-D74F-4C1A-BB8A-E16ACA9124EA}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F087771F-D74F-4C1A-BB8A-E16ACA9124EA}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4991D34B-80A1-4291-83B6-3328366B9097}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4991D34B-80A1-4291-83B6-3328366B9097}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4991D34B-80A1-4291-83B6-3328366B9097}\Progid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{4991D34B-80A1-4291-83B6-3328366B9097}\Progid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4991D34B-80A1-4291-83B6-3328366B9097}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4991D34B-80A1-4291-83B6-3328366B9097}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4991D34B-80A1-4291-83B6-3328366B9097}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4991D34B-80A1-4291-83B6-3328366B9097}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{69AD4AEE-51BE-439B-A92C-86AE490E8B30}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{69AD4AEE-51BE-439B-A92C-86AE490E8B30}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{69AD4AEE-51BE-439B-A92C-86AE490E8B30}\Progid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{69AD4AEE-51BE-439B-A92C-86AE490E8B30}\Progid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{69AD4AEE-51BE-439B-A92C-86AE490E8B30}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{69AD4AEE-51BE-439B-A92C-86AE490E8B30}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{69AD4AEE-51BE-439B-A92C-86AE490E8B30}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{69AD4AEE-51BE-439B-A92C-86AE490E8B30}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{046FBEF8-2DD6-4A92-A08E-608464EDCC44}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{046FBEF8-2DD6-4A92-A08E-608464EDCC44}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{046FBEF8-2DD6-4A92-A08E-608464EDCC44}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Tcpip\IpAddressConflict1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Tcpip\IpAddressConflict1\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{088482FA-65B8-4E17-9ABF-1DCD48E8D373}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{088482FA-65B8-4E17-9ABF-1DCD48E8D373}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{088482FA-65B8-4E17-9ABF-1DCD48E8D373}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Tcpip\IpAddressConflict2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Tcpip\IpAddressConflict2\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09F06BFE-A3C8-40E3-846A-6E6F4000C238}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09F06BFE-A3C8-40E3-846A-6E6F4000C238}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09F06BFE-A3C8-40E3-846A-6E6F4000C238}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows Defender\MpIdleTask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows Defender\MpIdleTask\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1AF4338F-6C18-4FC7-9691-7BF990A00048}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1AF4338F-6C18-4FC7-9691-7BF990A00048}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1AF4338F-6C18-4FC7-9691-7BF990A00048}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Task Manager\Interactive
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Task Manager\Interactive\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F7B7221-AE8F-44F3-BA82-F7D260F51964}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F7B7221-AE8F-44F3-BA82-F7D260F51964}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855FEC53-D2E4-4999-9E87-3414E9CF0FF4}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855FEC53-D2E4-4999-9E87-3414E9CF0FF4}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F7B7221-AE8F-44F3-BA82-F7D260F51964}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2171D673-DA91-42EB-99AA-8377558033A6}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2171D673-DA91-42EB-99AA-8377558033A6}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{177AFECE-9599-46CF-90D7-68EC9EEB27B4}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2171D673-DA91-42EB-99AA-8377558033A6}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WindowsBackup\ConfigNotification
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WindowsBackup\ConfigNotification\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ConfigureInternetTimeService
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ConfigureInternetTimeService\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{384D247E-5044-403E-8815-663857F019E4}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{384D247E-5044-403E-8815-663857F019E4}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{384D247E-5044-403E-8815-663857F019E4}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Customer Experience Improvement Program\UsbCeip
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Customer Experience Improvement Program\UsbCeip\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{47536D45-EEEC-4BDC-8183-A4DC1F8DA9E4}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{47536D45-EEEC-4BDC-8183-A4DC1F8DA9E4}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C27F6B1D-FE0B-45E4-9257-38799FA69BC8}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C27F6B1D-FE0B-45E4-9257-38799FA69BC8}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{47536D45-EEEC-4BDC-8183-A4DC1F8DA9E4}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Offline Files\Background Synchronization
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Offline Files\Background Synchronization\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F50E1B5-2F4B-4EFE-AE7A-842B3315F32F}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F50E1B5-2F4B-4EFE-AE7A-842B3315F32F}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F50E1B5-2F4B-4EFE-AE7A-842B3315F32F}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ActivateWindowsSearch
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ActivateWindowsSearch\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F7CC921-910F-4928-A3C6-140C6114A475}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F7CC921-910F-4928-A3C6-140C6114A475}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F7CC921-910F-4928-A3C6-140C6114A475}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PeriodicScanRetry
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PeriodicScanRetry\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{502CD1F9-96CB-4A12-A9B3-B6E0B1A39F24}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{502CD1F9-96CB-4A12-A9B3-B6E0B1A39F24}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{502CD1F9-96CB-4A12-A9B3-B6E0B1A39F24}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UPnP\UPnPHostConfig
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UPnP\UPnPHostConfig\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A40E926-9E86-4B89-9CFD-B12311724371}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A40E926-9E86-4B89-9CFD-B12311724371}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A40E926-9E86-4B89-9CFD-B12311724371}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Defrag\ScheduledDefrag
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Defrag\ScheduledDefrag\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C0AEEEA-C154-45BE-8499-BEA5F11BAFF6}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C0AEEEA-C154-45BE-8499-BEA5F11BAFF6}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C0AEEEA-C154-45BE-8499-BEA5F11BAFF6}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\User Profile Service\HiveUploadTask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\User Profile Service\HiveUploadTask\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6738BA6E-EA75-4B6B-B8B8-71F0336DD8EF}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6738BA6E-EA75-4B6B-B8B8-71F0336DD8EF}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BA677074-762C-444B-94C8-8C83F93F6605}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BA677074-762C-444B-94C8-8C83F93F6605}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6738BA6E-EA75-4B6B-B8B8-71F0336DD8EF}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\mcupdate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\mcupdate\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E0CAA7B-B2E3-426E-9EBC-D2E0F803CE6B}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E0CAA7B-B2E3-426E-9EBC-D2E0F803CE6B}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E0CAA7B-B2E3-426E-9EBC-D2E0F803CE6B}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Media Sharing\UpdateLibrary
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Media Sharing\UpdateLibrary\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{753C47AE-EC5E-44B3-95A9-2C8E553F0E39}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{753C47AE-EC5E-44B3-95A9-2C8E553F0E39}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{753C47AE-EC5E-44B3-95A9-2C8E553F0E39}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscovery
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscovery\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{786F5419-95A1-4B6A-82DE-32EF997C5BD9}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{786F5419-95A1-4B6A-82DE-32EF997C5BD9}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{786F5419-95A1-4B6A-82DE-32EF997C5BD9}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURActivate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURActivate\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C6FA9F4-69A9-419C-8646-AD6F7EC02D09}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C6FA9F4-69A9-419C-8646-AD6F7EC02D09}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C6FA9F4-69A9-419C-8646-AD6F7EC02D09}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\NetTrace\GatherNetworkInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\NetTrace\GatherNetworkInfo\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{81540B9F-B5BF-47EB-9C95-BE195BF2C664}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{81540B9F-B5BF-47EB-9C95-BE195BF2C664}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\PreferExternalManifest
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ShellHWDetection\Parameters\ServiceDllUnloadOnStop
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\KindMap
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\KindMap\.vbs
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Custom\WerFault.exe
HKEY_CLASSES_ROOT\.vbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.vbs\(Default)
HKEY_CLASSES_ROOT\.vbs\OpenWithProgids
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vbs\OpenWithProgids
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts
HKEY_CLASSES_ROOT\VBSFile
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VBSFile\CurVer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VBSFile\
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VBSFile\IsShortcut
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VBSFile\NoStaticDefaultVerb
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VBSFile\shell
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VBSFile\Shell\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VBSFile\Shell\Open
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VBSFile\Shell\Open\NeverDefault
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VBSFile\Shell\Open\command
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VBSFile\Shell\Open\Command\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{81540B9F-B5BF-47EB-9C95-BE195BF2C664}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrRecoveryTask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrRecoveryTask\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{82E14523-E495-4D88-BA3A-2BC274EF1200}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{82E14523-E495-4D88-BA3A-2BC274EF1200}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FA3A1C3-3C87-40DE-AC16-B6E2815A4CC8}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FA3A1C3-3C87-40DE-AC16-B6E2815A4CC8}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{82E14523-E495-4D88-BA3A-2BC274EF1200}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW2\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{83687E64-03CD-4A47-8CBB-508DD54B726E}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{83687E64-03CD-4A47-8CBB-508DD54B726E}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{83687E64-03CD-4A47-8CBB-508DD54B726E}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW1\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{888700E2-603D-461E-BC12-C17DFE30776F}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{888700E2-603D-461E-BC12-C17DFE30776F}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{888700E2-603D-461E-BC12-C17DFE30776F}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\UpdateRecordPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\UpdateRecordPath\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C04A2AF-1DC1-4B64-8B32-FE6389548119}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C04A2AF-1DC1-4B64-8B32-FE6389548119}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C04A2AF-1DC1-4B64-8B32-FE6389548119}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{900BE39D-6BE8-461A-BC4D-B0FA71F5ECB1}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{900BE39D-6BE8-461A-BC4D-B0FA71F5ECB1}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9435F817-FED2-454E-88CD-7F78FDA62C48}\DynamicInfo
HKEY_USERS\S-1-5-21-1822907384-1282624486-319450072-1000\Software\Microsoft\Windows\CurrentVersion\ThemeManager
HKEY_USERS\S-1-5-21-1822907384-1282624486-319450072-1000\Software\Microsoft\Windows\CurrentVersion\ThemeManager\ThemeActive
HKEY_USERS\S-1-5-21-1822907384-1282624486-319450072-1000\Software\Microsoft\Windows\CurrentVersion\ThemeManager\LoadedBefore
HKEY_USERS\S-1-5-21-1822907384-1282624486-319450072-1000\Software\Microsoft\Windows\CurrentVersion\ThemeManager\LastUserLangID
HKEY_USERS\S-1-5-21-1822907384-1282624486-319450072-1000\Software\Microsoft\Windows\CurrentVersion\ThemeManager\LastLoadedDPI
HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\ThemeManager
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\ThemeManager\LMVersion
HKEY_USERS\S-1-5-21-1822907384-1282624486-319450072-1000\Software\Microsoft\Windows\CurrentVersion\ThemeManager\LMVersion
HKEY_USERS\S-1-5-21-1822907384-1282624486-319450072-1000\Software\Microsoft\Windows\CurrentVersion\ThemeManager\DllName
HKEY_USERS\S-1-5-21-1822907384-1282624486-319450072-1000\Software\Microsoft\Windows\CurrentVersion\ThemeManager\ColorName
HKEY_USERS\S-1-5-21-1822907384-1282624486-319450072-1000\Software\Microsoft\Windows\CurrentVersion\ThemeManager\SizeName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\COM3\Com+Enabled
HKEY_CURRENT_USER\Software\Classes\AppID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\AccessPermission
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Windows Error Reporting
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TraceFlags
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Windows Error Reporting\Debug
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\NoReflection
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\AeDebug
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AeDebug\Debugger
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\Plugins\AppRecorder
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\Plugins\FDR\CurrentSession
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\Debug\ExceptionRecord
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\Debug\WaitonExceptionRecord
HKEY_CURRENT_USER\Software\Microsoft\Windiff
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\CurrentType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\Debug\WaitOnStart
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\MachineID
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\Consent
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\Consent\DefaultConsent
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\DontSendAdditionalData
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\Disabled
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\Consent
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\Consent\DefaultConsent
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\Consent\DefaultOverrideBehavior
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\Consent\APPCRASH
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\LoggingDisabled
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\DontShowUI
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\DisableArchive
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\ConfigureArchive
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\DisableQueue
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\MaxQueueCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\MaxArchiveCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\ForceQueue
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\QueuePesterInterval
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\ExcludedApplications
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\DebugApplications
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\SendEFSFiles
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\BypassDataThrottling
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\ForceUserModeCabCollection
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Windows Error Reporting
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\DontSendAdditionalData
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\Disabled
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\Consent\DefaultOverrideBehavior
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\Consent\APPCRASH
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\LoggingDisabled
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\DontShowUI
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\DisableArchive
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\ConfigureArchive
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\DisableQueue
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\MaxQueueCount
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\MaxArchiveCount
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\ForceQueue
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\QueuePesterInterval
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\ExcludedApplications
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\DebugApplications
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\SendEFSFiles
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\BypassDataThrottling
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\ForceUserModeCabCollection
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\CorporateWerServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\CorporateWerUseSSL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\CorporateWerPortNumber
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\CorporateWerUseAuthentication
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Reliability Analysis\RAC
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Reliability Analysis\RAC\RacWerSampleTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\Debug\OfflineMode
HKEY_LOCAL_MACHINE\Software\Microsoft\DirectUI
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SESSION MANAGER\SafeProcessSearchMode
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\ScrollInset
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\DragDelay
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\DragMinDist
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\ScrollDelay
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\ScrollInterval
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\Debug\UIHandles
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\Debug\UIHandles\FirstLevelConsentDialog
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Windows Error Reporting\Debug\UIHandles
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\Debug\UIHandles\FirstLevelConsentDialog
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\TurnOffSPIAnimations
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\FontSubstitutes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\Segoe UI
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\Debug\UIHandles\CheckingForSolutionDialog
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\Debug\UIHandles\CheckingForSolutionDialog
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProductName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EditionID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\BuildLabEx
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\CSDBuildNumber
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SystemInformation
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\BIOSVersion
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Windows
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Windows\CSDBuildNumber
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\CEIPRole\RolesInWER
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\LastWatsonCabUploaded
HKEY_LOCAL_MACHINE\Software\Microsoft\windows\CurrentVersion\Internet Settings\Connections
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\WinHttpSettings
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\Windows\DisabledProcesses\6FD5A890
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\Debug
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\Debug\StoreLocation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\Debug\StoreLocation
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Windows Error Reporting\LocalDumps
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\GRE_Initialize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize\DisableMetaFiles

Read Keys

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\InstallRoot
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\CLRLoadLogDir
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\UseLegacyV2RuntimeActivationPolicyDefaultValue
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\OnlyUseLatestCLR
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Fusion\NoClientChecks
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SideBySide\PreferExternalManifest
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\GCStressStart
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\GCStressStartAtJit
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\DisableConfigCache
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\CacheLocation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\DownloadCacheQuotaInKB
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\EnableLog
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\LoggingLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\ForceLog
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\LogFailures
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\VersioningLog
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\LogResourceBinds
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\UseLegacyIdentityFormat
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\DisableMSIPeek
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NoClientChecks
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DevOverrideEnable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\LatestIndex
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\index126\NIUsageMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\index126\ILUsageMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\181938c6\7950e2c5\83\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\181938c6\7950e2c5\83\ConfigMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\181938c6\7950e2c5\83\ConfigString
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\181938c6\7950e2c5\83\MVID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\181938c6\7950e2c5\83\EvalationData
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\181938c6\7950e2c5\83\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\181938c6\7950e2c5\83\ILDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\181938c6\7950e2c5\83\NIDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\181938c6\7950e2c5\83\MissingDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\7950e2c5\183e33de\83\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\7950e2c5\183e33de\83\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\7950e2c5\183e33de\83\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\7950e2c5\183e33de\83\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\7950e2c5\183e33de\83\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\mscorlib,2.0.0.0,,b77a5c561934e089,x86
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\Latest
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\index28
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\PublisherPolicy\Default\LegacyPolicyTimeStamp
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\61e7e666\c991064\7a\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\61e7e666\c991064\7a\ConfigMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\61e7e666\c991064\7a\ConfigString
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\61e7e666\c991064\7a\MVID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\61e7e666\c991064\7a\EvalationData
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\61e7e666\c991064\7a\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\61e7e666\c991064\7a\ILDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\61e7e666\c991064\7a\NIDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\61e7e666\c991064\7a\MissingDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\475dce40\2d382ce6\85\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\475dce40\2d382ce6\85\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\475dce40\2d382ce6\85\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\475dce40\2d382ce6\85\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\475dce40\2d382ce6\85\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\19ab8d57\1bd7b0d8\87\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\19ab8d57\1bd7b0d8\87\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\19ab8d57\1bd7b0d8\87\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\19ab8d57\1bd7b0d8\87\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\19ab8d57\1bd7b0d8\87\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\2dd6ac50\163e1f5e\80\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\2dd6ac50\163e1f5e\80\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\2dd6ac50\163e1f5e\80\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\2dd6ac50\163e1f5e\80\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\2dd6ac50\163e1f5e\80\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\424bd4d8\1c83327b\86\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\424bd4d8\1c83327b\86\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\424bd4d8\1c83327b\86\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\424bd4d8\1c83327b\86\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\424bd4d8\1c83327b\86\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\41c04c7e\7f3b6ac4\78\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\41c04c7e\7f3b6ac4\78\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\41c04c7e\7f3b6ac4\78\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\41c04c7e\7f3b6ac4\78\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\41c04c7e\7f3b6ac4\78\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3ced59c5\1b2590b1\7c\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3ced59c5\1b2590b1\7c\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3ced59c5\1b2590b1\7c\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3ced59c5\1b2590b1\7c\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3ced59c5\1b2590b1\7c\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\c991064\2bd33e1c\79\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\c991064\2bd33e1c\79\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\c991064\2bd33e1c\79\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\c991064\2bd33e1c\79\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\c991064\2bd33e1c\79\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc7c4f\3f50fe4f\88\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc7c4f\3f50fe4f\88\ConfigMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc7c4f\3f50fe4f\88\ConfigString
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc7c4f\3f50fe4f\88\MVID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc7c4f\3f50fe4f\88\EvalationData
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc7c4f\3f50fe4f\88\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc7c4f\3f50fe4f\88\ILDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc7c4f\3f50fe4f\88\NIDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc7c4f\3f50fe4f\88\MissingDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3f50fe4f\6f1da7aa\88\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3f50fe4f\6f1da7aa\88\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3f50fe4f\6f1da7aa\88\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3f50fe4f\6f1da7aa\88\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3f50fe4f\6f1da7aa\88\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\3cca06a0\6dc7d4c0\7b\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\3cca06a0\6dc7d4c0\7b\ConfigMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\3cca06a0\6dc7d4c0\7b\ConfigString
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\3cca06a0\6dc7d4c0\7b\MVID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\3cca06a0\6dc7d4c0\7b\EvalationData
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\3cca06a0\6dc7d4c0\7b\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\3cca06a0\6dc7d4c0\7b\ILDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\3cca06a0\6dc7d4c0\7b\NIDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\3cca06a0\6dc7d4c0\7b\MissingDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\6dc7d4c0\a5cd4db\7e\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\6dc7d4c0\a5cd4db\7e\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\6dc7d4c0\a5cd4db\7e\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\6dc7d4c0\a5cd4db\7e\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\6dc7d4c0\a5cd4db\7e\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Windows.Forms,2.0.0.0,,b77a5c561934e089,MSIL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Drawing,2.0.0.0,,b03f5f7f11d50a3a,MSIL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System,2.0.0.0,,b77a5c561934e089,MSIL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Xml,2.0.0.0,,b77a5c561934e089,MSIL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Configuration,2.0.0.0,,b03f5f7f11d50a3a,MSIL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Deployment,2.0.0.0,,b03f5f7f11d50a3a,MSIL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Runtime.Serialization.Formatters.Soap,2.0.0.0,,b03f5f7f11d50a3a,MSIL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\Accessibility,2.0.0.0,,b03f5f7f11d50a3a,MSIL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Security,2.0.0.0,,b03f5f7f11d50a3a,MSIL
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\FipsAlgorithmPolicy\Enabled
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\FipsAlgorithmPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\DbgJITDebugLaunchSetting
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\DbgManagedDebugger
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\1c22df2f\4f99a7c9\2e\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\1c22df2f\4f99a7c9\2e\ConfigMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\1c22df2f\4f99a7c9\2e\ConfigString
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\1c22df2f\4f99a7c9\2e\MVID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\1c22df2f\4f99a7c9\2e\EvalationData
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\1c22df2f\4f99a7c9\2e\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\1c22df2f\4f99a7c9\2e\ILDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\1c22df2f\4f99a7c9\2e\NIDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\1c22df2f\4f99a7c9\2e\MissingDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\f6e8397\46ad0879\6f\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\f6e8397\46ad0879\6f\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\f6e8397\46ad0879\6f\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\f6e8397\46ad0879\6f\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\f6e8397\46ad0879\6f\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\2b1a4e4\38a3212c\44\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\2b1a4e4\38a3212c\44\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\2b1a4e4\38a3212c\44\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\2b1a4e4\38a3212c\44\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\2b1a4e4\38a3212c\44\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\24bf93f6\455bab30\6e\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\24bf93f6\455bab30\6e\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\24bf93f6\455bab30\6e\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\24bf93f6\455bab30\6e\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\24bf93f6\455bab30\6e\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\4f99a7c9\53bea2b0\2e\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\4f99a7c9\53bea2b0\2e\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\4f99a7c9\53bea2b0\2e\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\4f99a7c9\53bea2b0\2e\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\4f99a7c9\53bea2b0\2e\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\Microsoft.VisualBasic,8.0.0.0,,b03f5f7f11d50a3a,MSIL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Web,2.0.0.0,,b03f5f7f11d50a3a,x86
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Management,2.0.0.0,,b03f5f7f11d50a3a,MSIL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Runtime.Remoting,2.0.0.0,,b77a5c561934e089,MSIL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLE\AppCompat\RaiseDefaultAuthnLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLE\DefaultAccessPermission
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{00000134-0000-0000-C000-000000000046}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\Extensions\NdrOleExtDLL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\Extensions\RemoteRpcDll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\Windows\DisabledProcesses\FFC54FE0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\Windows\DisabledSessions\MachineThrottling
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\Windows\DisabledSessions\GlobalSession
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WINMGMTS\CLSID\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\WBEM\Scripting\Default Namespace
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Hostname
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Domain
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{D4781CD6-E5D3-44DF-AD94-930EFE48A887}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\it
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\it
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{9556DC99-828C-11CF-A37E-00AA003240C7}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocServer32\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocServer32\ThreadingModel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{565783C6-CB41-11D1-8B02-00600806D9B6}\1.2\0\win32\(Default)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\CMF\Config\SYSTEM
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\Windows Error Reporting\WMR\Disable
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\en-US
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\en-US
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{027947E1-D731-11CE-A357-000000000001}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocServer32\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocServer32\ThreadingModel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1C1C45EE-4395-11D2-B60B-00104B703EFD}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{423EC01E-2E35-11D2-B604-00104B703EFD}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\109d7e79\357ee49a\44\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\109d7e79\357ee49a\44\ConfigMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\109d7e79\357ee49a\44\ConfigString
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\109d7e79\357ee49a\44\MVID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\109d7e79\357ee49a\44\EvalationData
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\109d7e79\357ee49a\44\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\109d7e79\357ee49a\44\ILDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\109d7e79\357ee49a\44\NIDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\109d7e79\357ee49a\44\MissingDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3d590c3f\59f3b67b\82\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3d590c3f\59f3b67b\82\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3d590c3f\59f3b67b\82\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3d590c3f\59f3b67b\82\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\3d590c3f\59f3b67b\82\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\357ee49a\7d2df0ec\41\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\357ee49a\7d2df0ec\41\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\357ee49a\7d2df0ec\41\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\357ee49a\7d2df0ec\41\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\357ee49a\7d2df0ec\41\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\CustomMarshalers,2.0.0.0,,b03f5f7f11d50a3a,x86
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\Microsoft.VisualC,8.0.0.0,,b03f5f7f11d50a3a,MSIL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{00020430-0000-0000-C000-000000000046}\2.0\0\win32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\5a8de2c3\2b1a4e4\47\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\5a8de2c3\2b1a4e4\47\ConfigMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\5a8de2c3\2b1a4e4\47\ConfigString
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\5a8de2c3\2b1a4e4\47\MVID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\5a8de2c3\2b1a4e4\47\EvalationData
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\5a8de2c3\2b1a4e4\47\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\5a8de2c3\2b1a4e4\47\ILDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\5a8de2c3\2b1a4e4\47\NIDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\5a8de2c3\2b1a4e4\47\MissingDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\73843e06\43a920ef\66\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\73843e06\43a920ef\66\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\73843e06\43a920ef\66\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\73843e06\43a920ef\66\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\73843e06\43a920ef\66\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\141dfd70\6b79efab\43\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\141dfd70\6b79efab\43\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\141dfd70\6b79efab\43\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\141dfd70\6b79efab\43\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\141dfd70\6b79efab\43\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\Microsoft.JScript,8.0.0.0,,b03f5f7f11d50a3a,MSIL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Configuration.Install,2.0.0.0,,b03f5f7f11d50a3a,MSIL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\COM3\FinalizerActivityBypass
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\WBEM\CIMOM\EnableObjectValidation
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\Email
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\IMAP Password
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\POP3 Password
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\HTTP Password
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\SMTP Password
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000002\Email
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000002\IMAP Password
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000002\POP3 Password
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000002\HTTP Password
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000002\SMTP Password
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000003\Email
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000003\IMAP Password
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000003\POP3 Password
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000003\HTTP Password
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000003\SMTP Password
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\6faf58\19ab8d57\86\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\6faf58\19ab8d57\86\ConfigMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\6faf58\19ab8d57\86\ConfigString
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\6faf58\19ab8d57\86\MVID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\6faf58\19ab8d57\86\EvalationData
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\6faf58\19ab8d57\86\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\6faf58\19ab8d57\86\ILDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\6faf58\19ab8d57\86\NIDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\6faf58\19ab8d57\86\MissingDependencies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\75638fee\7566cac\84\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\75638fee\7566cac\84\Status
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\75638fee\7566cac\84\Modules
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\75638fee\7566cac\84\SIG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\75638fee\7566cac\84\LastModTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default\System.Data.SqlXml,2.0.0.0,,b77a5c561934e089,MSIL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{72C24DD5-D70A-438B-8A42-98424B88AFB8}\InProcServer32\Class
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{F935DC20-1CF0-11D0-ADB9-00C04FD58A0B}\1.0\0\win32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\Extensions\TrustRidDll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1F87137D-0E7C-44D5-8C73-4EFFB68962F2}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1F87137D-0E7C-44D5-8C73-4EFFB68962F2}\LocalServer32\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1F87137D-0E7C-44D5-8C73-4EFFB68962F2}\LocalServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1F87137D-0E7C-44D5-8C73-4EFFB68962F2}\LocalServer32\ServerExecutable
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1F87137D-0E7C-44D5-8C73-4EFFB68962F2}\AppID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{1F87137D-0E7C-44D5-8C73-4EFFB68962F2}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{1F87137D-0E7C-44D5-8C73-4EFFB68962F2}\LocalService
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{1F87137D-0E7C-44D5-8C73-4EFFB68962F2}\DllSurrogate
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{1F87137D-0E7C-44D5-8C73-4EFFB68962F2}\RunAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{1F87137D-0E7C-44D5-8C73-4EFFB68962F2}\ActivateAtStorage
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{1F87137D-0E7C-44D5-8C73-4EFFB68962F2}\ROTFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{1F87137D-0E7C-44D5-8C73-4EFFB68962F2}\AppIDFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{1F87137D-0E7C-44D5-8C73-4EFFB68962F2}\LaunchPermission
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLE\LegacyAuthenticationLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLE\LegacyImpersonationLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{1F87137D-0E7C-44D5-8C73-4EFFB68962F2}\AuthenticationLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{1F87137D-0E7C-44D5-8C73-4EFFB68962F2}\RemoteServerName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{1F87137D-0E7C-44D5-8C73-4EFFB68962F2}\SRPTrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{1F87137D-0E7C-44D5-8C73-4EFFB68962F2}\PreferredServerBitness
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{1F87137D-0E7C-44D5-8C73-4EFFB68962F2}\LoadUserSettings
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\COM3\REGDBVersion
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{B1B9CBB2-B198-47E2-8260-9FD629A2B2EC}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{B1B9CBB2-B198-47E2-8260-9FD629A2B2EC}\LocalService
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{B1B9CBB2-B198-47E2-8260-9FD629A2B2EC}\ServiceParameters
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{B1B9CBB2-B198-47E2-8260-9FD629A2B2EC}\RunAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{B1B9CBB2-B198-47E2-8260-9FD629A2B2EC}\ActivateAtStorage
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{B1B9CBB2-B198-47E2-8260-9FD629A2B2EC}\ROTFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{B1B9CBB2-B198-47E2-8260-9FD629A2B2EC}\AppIDFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{B1B9CBB2-B198-47E2-8260-9FD629A2B2EC}\LaunchPermission
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{B1B9CBB2-B198-47E2-8260-9FD629A2B2EC}\AuthenticationLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{B1B9CBB2-B198-47E2-8260-9FD629A2B2EC}\RemoteServerName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{B1B9CBB2-B198-47E2-8260-9FD629A2B2EC}\SRPTrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{B1B9CBB2-B198-47E2-8260-9FD629A2B2EC}\PreferredServerBitness
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{B1B9CBB2-B198-47E2-8260-9FD629A2B2EC}\LoadUserSettings
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DeviceClasses\{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\##?#IDE#CdRomVBOX_CD-ROM_____________________________1.0_____#5&106af171&0&1.0.0#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\DeviceInstance
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DeviceClasses\{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\##?#IDE#CdRomVBOX_CD-ROM_____________________________1.0_____#5&106af171&0&1.0.0#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\#\Control\Linked
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\SecurityDescriptors\ActivePowerScheme
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\ActivePowerScheme
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\SecurityDescriptors\381b4222-f694-41f0-9685-ff5bb260df2e
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\SecurityDescriptors\94ac6d29-73ce-41a6-809f-6363ba21b47e
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\PowerSettings\238C9FA8-0AAD-41ED-83F4-97BE242C8F20\94AC6D29-73CE-41A6-809F-6363BA21B47E\DefaultPowerSchemeValues\381b4222-f694-41f0-9685-ff5bb260df2e\ACSettingIndex
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\PowerSettings\238C9FA8-0AAD-41ED-83F4-97BE242C8F20\94AC6D29-73CE-41A6-809F-6363BA21B47E\ValueMin
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\PowerSettings\238C9FA8-0AAD-41ED-83F4-97BE242C8F20\94AC6D29-73CE-41A6-809F-6363BA21B47E\1\SettingValue
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\SecurityDescriptors\a7066653-8d6c-40a8-910e-a1f54b84c7e5
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\PowerSettings\4f971e89-eebd-4455-a8de-9e59040e7347\A7066653-8D6C-40A8-910E-A1F54B84C7E5\DefaultPowerSchemeValues\381b4222-f694-41f0-9685-ff5bb260df2e\ACSettingIndex
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\PowerSettings\4f971e89-eebd-4455-a8de-9e59040e7347\A7066653-8D6C-40A8-910E-A1F54B84C7E5\ValueMin
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\PowerSettings\4f971e89-eebd-4455-a8de-9e59040e7347\A7066653-8D6C-40A8-910E-A1F54B84C7E5\0\SettingValue
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DeviceClasses\{53f56308-b6bf-11d0-94f2-00a0c91efb8b}\##?#IDE#CdRomVBOX_CD-ROM_____________________________1.0_____#5&106af171&0&1.0.0#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}\DeviceInstance
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DeviceClasses\{53f56308-b6bf-11d0-94f2-00a0c91efb8b}\##?#IDE#CdRomVBOX_CD-ROM_____________________________1.0_____#5&106af171&0&1.0.0#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}\#\Control\Linked
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\IDE\CdRomVBOX_CD-ROM_____________________________1.0_____\5&106af171&0&1.0.0\Capabilities
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCIIDE\IDEChannel\4&2f42c713&0&1\Capabilities
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCI\VEN_8086&DEV_7111&SUBSYS_00000000&REV_01\3&267a616a&0&09\Capabilities
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ACPI\PNP0A03\0\Capabilities
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ACPI_HAL\PNP0C08\0\Capabilities
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\ACPI_HAL\0000\Capabilities
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\HTREE\ROOT\0\Capabilities
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\IDE\CdRomVBOX_CD-ROM_____________________________1.0_____\5&106af171&0&1.0.0\Device Parameters\DeviceGroup
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PerHwIdStorage\LastUpdateTime
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\IDE\CdRomVBOX_CD-ROM_____________________________1.0_____\5&106af171&0&1.0.0\CustomPropertyCacheDate
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\IDE\CdRomVBOX_CD-ROM_____________________________1.0_____\5&106af171&0&1.0.0\HardwareID
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\IDE\CdRomVBOX_CD-ROM_____________________________1.0_____\5&106af171&0&1.0.0\CompatibleIDs
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\IDE\CdRomVBOX_CD-ROM_____________________________1.0_____\5&106af171&0&1.0.0\Device Parameters\Icons
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCIIDE\IDEChannel\4&2f42c713&0&1\Device Parameters\NoSoftEject
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCIIDE\IDEChannel\4&2f42c713&0&1\CustomPropertyCacheDate
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCIIDE\IDEChannel\4&2f42c713&0&1\HardwareID
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCIIDE\IDEChannel\4&2f42c713&0&1\CompatibleIDs
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCIIDE\IDEChannel\4&2f42c713&0&1\Device Parameters\DeviceGroups
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCIIDE\IDEChannel\4&2f42c713&0&1\Device Parameters\DeviceGroup
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DeviceClasses\{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\##?#STORAGE#Volume#{35122303-fb0b-11e5-b945-806e6f6e6963}#0000000000100000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\DeviceInstance
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DeviceClasses\{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\##?#STORAGE#Volume#{35122303-fb0b-11e5-b945-806e6f6e6963}#0000000000100000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\#\Control\Linked
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DeviceClasses\{53f56307-b6bf-11d0-94f2-00a0c91efb8b}\##?#IDE#DiskVBOX_HARDDISK___________________________1.0_____#5&33d1638a&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}\DeviceInstance
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DeviceClasses\{53f56307-b6bf-11d0-94f2-00a0c91efb8b}\##?#IDE#DiskVBOX_HARDDISK___________________________1.0_____#5&33d1638a&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}\#\Control\Linked
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\IDE\DISKVBOX_HARDDISK___________________________1.0_____\5&33D1638A&0&0.0.0\Capabilities
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\IDE\DISKVBOX_HARDDISK___________________________1.0_____\5&33D1638A&0&0.0.0\Device Parameters\NoSoftEject
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\IDE\DISKVBOX_HARDDISK___________________________1.0_____\5&33D1638A&0&0.0.0\CustomPropertyCacheDate
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\IDE\DISKVBOX_HARDDISK___________________________1.0_____\5&33D1638A&0&0.0.0\HardwareID
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\IDE\DISKVBOX_HARDDISK___________________________1.0_____\5&33D1638A&0&0.0.0\CompatibleIDs
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\IDE\DISKVBOX_HARDDISK___________________________1.0_____\5&33D1638A&0&0.0.0\Device Parameters\DeviceGroups
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\IDE\DISKVBOX_HARDDISK___________________________1.0_____\5&33D1638A&0&0.0.0\Device Parameters\DeviceGroup
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DeviceClasses\{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\##?#STORAGE#Volume#{35122303-fb0b-11e5-b945-806e6f6e6963}#0000000006500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\DeviceInstance
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DeviceClasses\{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\##?#STORAGE#Volume#{35122303-fb0b-11e5-b945-806e6f6e6963}#0000000006500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\#\Control\Linked
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\AppID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\LocalService
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\DllSurrogate
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\RunAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\ActivateAtStorage
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\ROTFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\AppIDFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\LaunchPermission
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\AuthenticationLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\RemoteServerName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\SRPTrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\PreferredServerBitness
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\LoadUserSettings
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\AppID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{69AD4AEE-51BE-439B-A92C-86AE490E8B30}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{69AD4AEE-51BE-439B-A92C-86AE490E8B30}\LocalService
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{69AD4AEE-51BE-439B-A92C-86AE490E8B30}\ServiceParameters
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{69AD4AEE-51BE-439B-A92C-86AE490E8B30}\RunAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{69AD4AEE-51BE-439B-A92C-86AE490E8B30}\ActivateAtStorage
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{69AD4AEE-51BE-439B-A92C-86AE490E8B30}\ROTFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{69AD4AEE-51BE-439B-A92C-86AE490E8B30}\AppIDFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{69AD4AEE-51BE-439B-A92C-86AE490E8B30}\LaunchPermission
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{69AD4AEE-51BE-439B-A92C-86AE490E8B30}\AuthenticationLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{69AD4AEE-51BE-439B-A92C-86AE490E8B30}\RemoteServerName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{69AD4AEE-51BE-439B-A92C-86AE490E8B30}\SRPTrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{69AD4AEE-51BE-439B-A92C-86AE490E8B30}\PreferredServerBitness
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{69AD4AEE-51BE-439B-A92C-86AE490E8B30}\LoadUserSettings
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\cimv2
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\cimv2
HKEY_LOCAL_MACHINE\SYSTEM\Setup\SystemSetupInProgress
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{661FF7F6-F4D1-4593-B59D-4C54C1ECE68B}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{661FF7F6-F4D1-4593-B59D-4C54C1ECE68B}\InprocServer32\ThreadingModel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{661FF7F6-F4D1-4593-B59D-4C54C1ECE68B}\InprocServer32\Synchronization
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{661FF7F6-F4D1-4593-B59D-4C54C1ECE68B}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{661FF7F6-F4D1-4593-B59D-4C54C1ECE68B}\AppId
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D63A5850-8F16-11CF-9F47-00AA00BF345C}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D63A5850-8F16-11CF-9F47-00AA00BF345C}\InprocServer32\ThreadingModel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D63A5850-8F16-11CF-9F47-00AA00BF345C}\InprocServer32\Synchronization
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D63A5850-8F16-11CF-9F47-00AA00BF345C}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D63A5850-8F16-11CF-9F47-00AA00BF345C}\AppId
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\CIMOM\SecuredHostProviders\ROOT\CIMV2:__Win32Provider.Name="CIMWin32"
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Cache
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7C857801-7381-11CF-884D-00AA004B2E24}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7C857801-7381-11CF-884D-00AA004B2E24}\InProcServer32\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7C857801-7381-11CF-884D-00AA004B2E24}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7C857801-7381-11CF-884D-00AA004B2E24}\InProcServer32\ThreadingModel
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\Root
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\Root
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocServer32\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocServer32\ThreadingModel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B7B31DF9-D515-11D3-A11C-00105A1F515A}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{07435309-D440-41B7-83F3-EB82DB6C622F}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{21CD80A2-B305-4F37-9D4C-4534A8D9B568}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{06413D98-405C-4A5A-8D6F-19B8B7C6ACF7}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocServer32\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocServer32\ThreadingModel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6B3FC272-BF37-4968-933A-6DF9222A2607}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0FC8C622-1728-4149-A57F-AD19D0970710}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{EB658B8A-7A64-4DDC-9B8D-A92610DB0206}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{71285C44-1DC0-11D2-B5FB-00104B703EFD}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{71285C44-1DC0-11D2-B5FB-00104B703EFD}\InprocServer32\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{71285C44-1DC0-11D2-B5FB-00104B703EFD}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{71285C44-1DC0-11D2-B5FB-00104B703EFD}\InprocServer32\ThreadingModel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WDI\ResolutionHost\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9435F817-FED2-454E-88CD-7F78FDA62C48}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9435F817-FED2-454E-88CD-7F78FDA62C48}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\CIMOM\Sink Transmit Buffer Size
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\CIMOM\DefaultRpcStackSize
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\AccessProviders\MartaExtension
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D4781CD6-E5D3-44DF-AD94-930EFE48A887}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\it-IT
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\it-IT
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{9556DC99-828C-11CF-A37E-00AA003240C7}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\CIMOM\EnableObjectValidation
HKEY_CURRENT_USER\Control Panel\International\LocaleName
HKEY_CURRENT_USER\Control Panel\International\sCountry
HKEY_CURRENT_USER\Control Panel\International\sList
HKEY_CURRENT_USER\Control Panel\International\sDecimal
HKEY_CURRENT_USER\Control Panel\International\sThousand
HKEY_CURRENT_USER\Control Panel\International\sGrouping
HKEY_CURRENT_USER\Control Panel\International\sNativeDigits
HKEY_CURRENT_USER\Control Panel\International\sCurrency
HKEY_CURRENT_USER\Control Panel\International\sMonDecimalSep
HKEY_CURRENT_USER\Control Panel\International\sMonThousandSep
HKEY_CURRENT_USER\Control Panel\International\sMonGrouping
HKEY_CURRENT_USER\Control Panel\International\sPositiveSign
HKEY_CURRENT_USER\Control Panel\International\sNegativeSign
HKEY_CURRENT_USER\Control Panel\International\sTimeFormat
HKEY_CURRENT_USER\Control Panel\International\sShortTime
HKEY_CURRENT_USER\Control Panel\International\s1159
HKEY_CURRENT_USER\Control Panel\International\s2359
HKEY_CURRENT_USER\Control Panel\International\sShortDate
HKEY_CURRENT_USER\Control Panel\International\sYearMonth
HKEY_CURRENT_USER\Control Panel\International\sLongDate
HKEY_CURRENT_USER\Control Panel\International\iCountry
HKEY_CURRENT_USER\Control Panel\International\iMeasure
HKEY_CURRENT_USER\Control Panel\International\iPaperSize
HKEY_CURRENT_USER\Control Panel\International\iDigits
HKEY_CURRENT_USER\Control Panel\International\iLZero
HKEY_CURRENT_USER\Control Panel\International\iNegNumber
HKEY_CURRENT_USER\Control Panel\International\NumShape
HKEY_CURRENT_USER\Control Panel\International\iCurrDigits
HKEY_CURRENT_USER\Control Panel\International\iCurrency
HKEY_CURRENT_USER\Control Panel\International\iNegCurr
HKEY_CURRENT_USER\Control Panel\International\iCalendarType
HKEY_CURRENT_USER\Control Panel\International\iFirstDayOfWeek
HKEY_CURRENT_USER\Control Panel\International\iFirstWeekOfYear
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{027947E1-D731-11CE-A357-000000000001}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1C1C45EE-4395-11D2-B60B-00104B703EFD}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{423EC01E-2E35-11D2-B604-00104B703EFD}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\CIMOM\Logging
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F50A28CF-5C9C-4F7E-9D80-E25E16E18C59}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FEC1B0AC-5808-4033-A915-C0185934581E}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7C857801-7381-11CF-884D-00AA004B2E24}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\WMR\Disable
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\DcomLaunch\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RpcEptMapper\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RpcSs\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VaultSvc\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VaultSvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VaultSvc\WOW64
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\ProgramData
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\Public
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\Default
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\CommonFilesDir
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir (x86)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\CommonFilesDir (x86)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramW6432Dir
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\CommonW6432Dir
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-18\ProfileImagePath
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\AppData
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Local AppData
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VaultSvc\Environment
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VaultSvc\RequiredPrivileges
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-1822907384-1282624486-319450072-1000\ProfileImagePath
HKEY_USERS\S-1-5-21-1822907384-1282624486-319450072-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\AppData
HKEY_USERS\S-1-5-21-1822907384-1282624486-319450072-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Local AppData
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WerSvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WerSvc\Type
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WerSvc\Start
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WerSvc\ErrorControl
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WerSvc\Tag
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WerSvc\DependOnService
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WerSvc\DependOnGroup
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WerSvc\Group
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WerSvc\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\clr_optimization_v4.0.30319_64\RequiredPrivileges
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wscsvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wscsvc\Type
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wscsvc\Start
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wscsvc\ErrorControl
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wscsvc\Tag
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wscsvc\DependOnService
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wscsvc\DependOnGroup
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wscsvc\Group
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wscsvc\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AeLookupSvc\FailureActions
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\FailureActions
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Browser\FailureActions
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\gpsvc\FailureActions
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\IKEEXT\FailureActions
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\FailureActions
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MMCSS\FailureActions
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ProfSvc\FailureActions
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Schedule\FailureActions
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SENS\FailureActions
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ShellHWDetection\FailureActions
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Themes\FailureActions
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Winmgmt\FailureActions
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Winmgmt\Type
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Winmgmt\Start
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Winmgmt\ErrorControl
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Winmgmt\Tag
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Winmgmt\Group
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WerSvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WerSvc\RequiredPrivileges
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WerSvc\Environment
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\clr_optimization_v4.0.30319_32\RequiredPrivileges
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AeLookupSvc\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AeLookupSvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AeLookupSvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AppIDSvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AppIDSvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AxInstSV\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AxInstSV\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BDESVC\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BDESVC\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bthserv\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bthserv\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CertPropSvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CertPropSvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\dot3svc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\dot3svc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\EapHost\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\EapHost\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\fdPHost\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\fdPHost\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FDResPub\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FDResPub\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\hidserv\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\hidserv\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\hkmsvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\hkmsvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HomeGroupListener\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HomeGroupListener\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HomeGroupProvider\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HomeGroupProvider\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\idsvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\idsvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\IKEEXT\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\IKEEXT\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\IPBusEnum\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\IPBusEnum\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\iphlpsvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\iphlpsvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\KtmRm\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\KtmRm\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\lltdsvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\lltdsvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\lmhosts\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\lmhosts\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Mcx2Svc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Mcx2Svc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MMCSS\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MMCSS\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MpsSvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MpsSvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MSiSCSI\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MSiSCSI\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\napagent\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\napagent\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetMsmqActivator\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetMsmqActivator\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetPipeActivator\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetPipeActivator\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetTcpActivator\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetTcpActivator\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetTcpPortSharing\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetTcpPortSharing\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\p2pimsvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\p2pimsvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\p2psvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\p2psvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PeerDistSvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PeerDistSvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pla\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pla\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PNRPAutoReg\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PNRPAutoReg\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PNRPsvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PNRPsvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\QWAVE\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\QWAVE\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RasAuto\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RasAuto\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RasMan\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RasMan\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RemoteAccess\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RemoteAccess\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RemoteRegistry\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RemoteRegistry\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SCardSvr\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SCardSvr\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Schedule\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Schedule\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SCPolicySvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SCPolicySvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SENS\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SENS\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SensrSvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SensrSvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SessionEnv\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SessionEnv\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ShellHWDetection\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ShellHWDetection\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\sppuinotify\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\sppuinotify\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SSDPSRV\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SSDPSRV\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SstpSvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SstpSvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\StorSvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\StorSvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TabletInputService\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TabletInputService\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TapiSrv\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TapiSrv\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TBS\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TBS\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TermService\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TermService\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\THREADORDER\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\THREADORDER\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\UmRdpService\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\UmRdpService\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\upnphost\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\upnphost\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wcncsvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wcncsvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WcsPlugInService\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WcsPlugInService\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WebClient\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WebClient\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Wecsvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Wecsvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wercplsupport\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wercplsupport\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinDefend\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinDefend\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinRM\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinRM\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Wlansvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Wlansvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WPCSvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WPCSvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WPDBusEnum\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WPDBusEnum\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wuauserv\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wuauserv\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wudfsvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wudfsvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WwanSvc\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WwanSvc\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AeLookupSvc\RequiredPrivileges
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Appinfo\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Appinfo\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Appinfo\RequiredPrivileges
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AppMgmt\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AppMgmt\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AppMgmt\RequiredPrivileges
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BDESVC\RequiredPrivileges
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\RequiredPrivileges
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Browser\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Browser\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AeLookupSvc\Environment
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\EventSystem\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\srvnet\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\srv2\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\srv\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SamSs\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\RequiredPrivileges
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Themes\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Themes\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Themes\WOW64
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Themes\RequiredPrivileges
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ShellHWDetection\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ShellHWDetection\RequiredPrivileges
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Schedule\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Schedule\RequiredPrivileges
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\Type
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\Start
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\ErrorControl
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\Tag
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\DependOnService
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\DependOnGroup
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\Group
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SSDPSRV\Type
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SSDPSRV\Start
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SSDPSRV\ErrorControl
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SSDPSRV\Tag
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SSDPSRV\DependOnService
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SSDPSRV\DependOnGroup
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SSDPSRV\Group
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SSDPSRV\ObjectName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ShellHWDetection\Type
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ShellHWDetection\Start
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ShellHWDetection\ErrorControl
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ShellHWDetection\Tag
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ShellHWDetection\DependOnService
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ShellHWDetection\DependOnGroup
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ShellHWDetection\Group
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{15fba3b8-a37a-4f91-bdba-fbb98fe804bf}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{15fba3b8-a37a-4f91-bdba-fbb98fe804bf}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{15fba3b8-a37a-4f91-bdba-fbb98fe804bf}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{282396b2-6c46-4d66-b413-70b0445df33c}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{282396b2-6c46-4d66-b413-70b0445df33c}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{282396b2-6c46-4d66-b413-70b0445df33c}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{284ddb2f-beea-4c9d-91e8-e3670ed91517}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{284ddb2f-beea-4c9d-91e8-e3670ed91517}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{284ddb2f-beea-4c9d-91e8-e3670ed91517}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{3EA6B3DF-393E-41C3-9885-29EC5A701926}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{3EA6B3DF-393E-41C3-9885-29EC5A701926}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{3EA6B3DF-393E-41C3-9885-29EC5A701926}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{45DE1EA9-10BC-4f96-9B21-4B6B83DBF476}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{45DE1EA9-10BC-4f96-9B21-4B6B83DBF476}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{45DE1EA9-10BC-4f96-9B21-4B6B83DBF476}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{4d21da64-fd02-4b82-a0a5-783266e430ab}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{4d21da64-fd02-4b82-a0a5-783266e430ab}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{4d21da64-fd02-4b82-a0a5-783266e430ab}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{50e3b0eb-5780-49de-9eb5-8d53a51fd146}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{50e3b0eb-5780-49de-9eb5-8d53a51fd146}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{50e3b0eb-5780-49de-9eb5-8d53a51fd146}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{5C85A128-86F7-41a4-B655-BEE3F2ADEF46}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{5C85A128-86F7-41a4-B655-BEE3F2ADEF46}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{5C85A128-86F7-41a4-B655-BEE3F2ADEF46}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{5EE64AFB-398D-4edb-AF71-3B830219ABF7}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{5EE64AFB-398D-4edb-AF71-3B830219ABF7}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{5EE64AFB-398D-4edb-AF71-3B830219ABF7}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{63e0d0f7-ac2f-493b-a7f2-2f3ccdb66fca}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{63e0d0f7-ac2f-493b-a7f2-2f3ccdb66fca}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{63e0d0f7-ac2f-493b-a7f2-2f3ccdb66fca}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{67f1ec80-6c5b-43bb-860b-d47ae85242b1}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{67f1ec80-6c5b-43bb-860b-d47ae85242b1}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{67f1ec80-6c5b-43bb-860b-d47ae85242b1}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{72dbb5ac-6a91-46e6-885b-d429828bea2e}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{72dbb5ac-6a91-46e6-885b-d429828bea2e}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{72dbb5ac-6a91-46e6-885b-d429828bea2e}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{7a54f16f-a73a-4258-ba46-a1e998a6aa74}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{7a54f16f-a73a-4258-ba46-a1e998a6aa74}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{7a54f16f-a73a-4258-ba46-a1e998a6aa74}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{85e0acd9-809a-482b-b60b-bcad1f8d0cd7}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{85e0acd9-809a-482b-b60b-bcad1f8d0cd7}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{85e0acd9-809a-482b-b60b-bcad1f8d0cd7}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{88d4896f-f553-446a-9c75-9dec124ff8b7}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{88d4896f-f553-446a-9c75-9dec124ff8b7}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{88d4896f-f553-446a-9c75-9dec124ff8b7}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{8CC29128-0B57-4a2b-A7B9-A74A70BA6FA1}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{8CC29128-0B57-4a2b-A7B9-A74A70BA6FA1}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{8CC29128-0B57-4a2b-A7B9-A74A70BA6FA1}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{8d39bd5b-81f8-4b94-a608-6a50bbff5d15}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{8d39bd5b-81f8-4b94-a608-6a50bbff5d15}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{8d39bd5b-81f8-4b94-a608-6a50bbff5d15}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{95c162b7-5b71-44f8-82e4-abfd3108f40f}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{95c162b7-5b71-44f8-82e4-abfd3108f40f}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{95c162b7-5b71-44f8-82e4-abfd3108f40f}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{9c5a40da-b965-4fc3-8781-88dd50a6299d}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{9c5a40da-b965-4fc3-8781-88dd50a6299d}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{9c5a40da-b965-4fc3-8781-88dd50a6299d}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{a0d86e0d-3f06-411b-9dd5-35bc5666ff3e}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{a0d86e0d-3f06-411b-9dd5-35bc5666ff3e}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{a0d86e0d-3f06-411b-9dd5-35bc5666ff3e}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{a59f0643-a6ca-48e0-a7c4-4cdd258439e2}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{a59f0643-a6ca-48e0-a7c4-4cdd258439e2}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{a59f0643-a6ca-48e0-a7c4-4cdd258439e2}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{abd0ea66-a840-44a9-97b1-fb74fddaa8c8}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{abd0ea66-a840-44a9-97b1-fb74fddaa8c8}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{abd0ea66-a840-44a9-97b1-fb74fddaa8c8}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{b171ab1c-60e9-4301-a338-beab1c70b3e9}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{b171ab1c-60e9-4301-a338-beab1c70b3e9}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{b171ab1c-60e9-4301-a338-beab1c70b3e9}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{bf2de437-b736-48fb-84a0-5f0c389a068e}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{bf2de437-b736-48fb-84a0-5f0c389a068e}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{bf2de437-b736-48fb-84a0-5f0c389a068e}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{C0F51D84-11B9-4e74-B083-99F11BA2DB0A}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{C0F51D84-11B9-4e74-B083-99F11BA2DB0A}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{C0F51D84-11B9-4e74-B083-99F11BA2DB0A}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{c70949f5-bda4-4bf3-8121-af0bc174925f}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{c70949f5-bda4-4bf3-8121-af0bc174925f}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{c70949f5-bda4-4bf3-8121-af0bc174925f}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{c8544339-5be9-4f25-862e-485f1b1a6935}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{c8544339-5be9-4f25-862e-485f1b1a6935}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{c8544339-5be9-4f25-862e-485f1b1a6935}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{d8bcedf8-46c3-440e-bc65-dfa6a5094054}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{d8bcedf8-46c3-440e-bc65-dfa6a5094054}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{d8bcedf8-46c3-440e-bc65-dfa6a5094054}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{E4CD2E3E-3852-4952-B76B-23BB8E35D344}\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{E4CD2E3E-3852-4952-B76B-23BB8E35D344}\NeverLowerPagePriority
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\DiagnosticModules\{E4CD2E3E-3852-4952-B76B-23BB8E35D344}\NameResource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WDI\Config\ServerName
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RADAR\CLResolutionInterval
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RADAR\DisplayInterval
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RADAR\SkipWatson
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\Settings\ReflectionInterval
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Locale\00000410
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Language Groups\1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\DataStore_V1.0\Disable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\DataStore_V1.0\DataFilePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane3
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane4
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane5
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane7
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane8
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane9
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane10
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane11
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane12
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane13
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane14
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane15
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane16
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{69486DD6-C19F-42E8-B508-A53F9F8E67B8}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EFB23A09-A867-4BE8-83A6-86969A7D0856}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EFB23A09-A867-4BE8-83A6-86969A7D0856}\InProcServer32\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EFB23A09-A867-4BE8-83A6-86969A7D0856}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EFB23A09-A867-4BE8-83A6-86969A7D0856}\InProcServer32\ThreadingModel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\Type
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\Enabled
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\FileMax
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\FileCounter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\BufferSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\MinBuffers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\MaxBuffers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\Latency
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\ClockType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\SidType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\Level
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\ControlGuid
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\MaxSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\MaxSizeUpper
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\Retention
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\AutoBackupLogFiles
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\File
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\FilterId
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\Isolation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\OwningPublisher
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-ReliabilityAnalysisComponent/Operational\ChannelAccess
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Operational\Type
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Operational\Enabled
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Operational\FileMax
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Operational\FileCounter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Operational\BufferSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Operational\MinBuffers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Operational\MaxBuffers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Operational\Latency
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Operational\ClockType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Operational\SidType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Operational\Level
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Operational\ControlGuid
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Operational\MaxSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Operational\MaxSizeUpper
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Operational\Retention
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Operational\AutoBackupLogFiles
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Operational\File
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Operational\FilterId
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Operational\Isolation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Operational\OwningPublisher
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Operational\ChannelAccess
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Debug\Type
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Debug\Enabled
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Debug\FileMax
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Debug\FileCounter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Debug\BufferSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Debug\MinBuffers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Debug\MaxBuffers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Debug\Latency
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Debug\ClockType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Debug\SidType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Debug\Level
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Debug\KeywordsLower
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Debug\KeywordsUpper
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Debug\ControlGuid
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Debug\MaxSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Debug\MaxSizeUpper
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Debug\Retention
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Debug\AutoBackupLogFiles
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Debug\File
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Debug\FilterId
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Debug\Isolation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Debug\OwningPublisher
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Debug\ChannelAccess
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Diagnostic\Type
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Diagnostic\Enabled
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Diagnostic\FileMax
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Diagnostic\FileCounter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Diagnostic\BufferSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Diagnostic\MinBuffers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Diagnostic\MaxBuffers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Diagnostic\Latency
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Diagnostic\ClockType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Diagnostic\SidType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Diagnostic\Level
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Diagnostic\KeywordsLower
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Diagnostic\KeywordsUpper
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Diagnostic\ControlGuid
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Diagnostic\MaxSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Diagnostic\MaxSizeUpper
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Diagnostic\Retention
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Diagnostic\AutoBackupLogFiles
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Diagnostic\File
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Diagnostic\FilterId
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Diagnostic\Isolation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Diagnostic\OwningPublisher
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-TaskScheduler/Diagnostic\ChannelAccess
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\Application\Application Error\ProviderGuid
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-WER-Diag/Operational\Type
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-WER-Diag/Operational\Enabled
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-WER-Diag/Operational\FileMax
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-WER-Diag/Operational\FileCounter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-WER-Diag/Operational\BufferSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-WER-Diag/Operational\MinBuffers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-WER-Diag/Operational\MaxBuffers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-WER-Diag/Operational\Latency
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-WER-Diag/Operational\ClockType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-WER-Diag/Operational\SidType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-WER-Diag/Operational\Level
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-WER-Diag/Operational\ControlGuid
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-WER-Diag/Operational\MaxSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-WER-Diag/Operational\MaxSizeUpper
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-WER-Diag/Operational\Retention
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-WER-Diag/Operational\AutoBackupLogFiles
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-WER-Diag/Operational\File
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-WER-Diag/Operational\FilterId
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-WER-Diag/Operational\Isolation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-WER-Diag/Operational\OwningPublisher
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-WER-Diag/Operational\ChannelAccess
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Fault-Tolerant-Heap/Operational\Type
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Fault-Tolerant-Heap/Operational\Enabled
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Fault-Tolerant-Heap/Operational\FileMax
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Fault-Tolerant-Heap/Operational\FileCounter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Fault-Tolerant-Heap/Operational\BufferSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Fault-Tolerant-Heap/Operational\MinBuffers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Fault-Tolerant-Heap/Operational\MaxBuffers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Fault-Tolerant-Heap/Operational\Latency
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Fault-Tolerant-Heap/Operational\ClockType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Fault-Tolerant-Heap/Operational\SidType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Fault-Tolerant-Heap/Operational\Level
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Fault-Tolerant-Heap/Operational\ControlGuid
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Fault-Tolerant-Heap/Operational\MaxSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Fault-Tolerant-Heap/Operational\MaxSizeUpper
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Fault-Tolerant-Heap/Operational\Retention
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Fault-Tolerant-Heap/Operational\AutoBackupLogFiles
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Fault-Tolerant-Heap/Operational\File
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Fault-Tolerant-Heap/Operational\FilterId
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Fault-Tolerant-Heap/Operational\Isolation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Fault-Tolerant-Heap/Operational\OwningPublisher
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Fault-Tolerant-Heap/Operational\ChannelAccess
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Known Folders API Service\Type
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Known Folders API Service\Enabled
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Known Folders API Service\FileMax
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Known Folders API Service\FileCounter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Known Folders API Service\BufferSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Known Folders API Service\MinBuffers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Known Folders API Service\MaxBuffers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Known Folders API Service\Latency
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Known Folders API Service\ClockType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Known Folders API Service\SidType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Known Folders API Service\Level
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Known Folders API Service\ControlGuid
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Known Folders API Service\MaxSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Known Folders API Service\MaxSizeUpper
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Known Folders API Service\Retention
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Known Folders API Service\AutoBackupLogFiles
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Known Folders API Service\File
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Known Folders API Service\FilterId
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Known Folders API Service\Isolation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Known Folders API Service\OwningPublisher
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Known Folders API Service\ChannelAccess
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\Application\Windows Error Reporting\ProviderGuid
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\System\DCOM\ProviderGuid
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost\WerSvcGroup
HKEY_USERS\.DEFAULT\Control Panel\International\LocaleName
HKEY_USERS\.DEFAULT\Control Panel\International\sCountry
HKEY_USERS\.DEFAULT\Control Panel\International\sList
HKEY_USERS\.DEFAULT\Control Panel\International\sDecimal
HKEY_USERS\.DEFAULT\Control Panel\International\sThousand
HKEY_USERS\.DEFAULT\Control Panel\International\sGrouping
HKEY_USERS\.DEFAULT\Control Panel\International\sNativeDigits
HKEY_USERS\.DEFAULT\Control Panel\International\sCurrency
HKEY_USERS\.DEFAULT\Control Panel\International\sMonDecimalSep
HKEY_USERS\.DEFAULT\Control Panel\International\sMonThousandSep
HKEY_USERS\.DEFAULT\Control Panel\International\sMonGrouping
HKEY_USERS\.DEFAULT\Control Panel\International\sPositiveSign
HKEY_USERS\.DEFAULT\Control Panel\International\sNegativeSign
HKEY_USERS\.DEFAULT\Control Panel\International\sTimeFormat
HKEY_USERS\.DEFAULT\Control Panel\International\sShortTime
HKEY_USERS\.DEFAULT\Control Panel\International\s1159
HKEY_USERS\.DEFAULT\Control Panel\International\s2359
HKEY_USERS\.DEFAULT\Control Panel\International\sShortDate
HKEY_USERS\.DEFAULT\Control Panel\International\sYearMonth
HKEY_USERS\.DEFAULT\Control Panel\International\sLongDate
HKEY_USERS\.DEFAULT\Control Panel\International\iCountry
HKEY_USERS\.DEFAULT\Control Panel\International\iMeasure
HKEY_USERS\.DEFAULT\Control Panel\International\iPaperSize
HKEY_USERS\.DEFAULT\Control Panel\International\iDigits
HKEY_USERS\.DEFAULT\Control Panel\International\iLZero
HKEY_USERS\.DEFAULT\Control Panel\International\iNegNumber
HKEY_USERS\.DEFAULT\Control Panel\International\NumShape
HKEY_USERS\.DEFAULT\Control Panel\International\iCurrDigits
HKEY_USERS\.DEFAULT\Control Panel\International\iCurrency
HKEY_USERS\.DEFAULT\Control Panel\International\iNegCurr
HKEY_USERS\.DEFAULT\Control Panel\International\iCalendarType
HKEY_USERS\.DEFAULT\Control Panel\International\iFirstDayOfWeek
HKEY_USERS\.DEFAULT\Control Panel\International\iFirstWeekOfYear
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WerSvc\Parameters\ServiceDll
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WerSvc\Parameters\ServiceManifest
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WerSvc\Parameters\ServiceMain
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\ServiceTimeout
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WerSvc\Parameters\ServiceDllUnloadOnStop
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\NoReflection
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\Windows Error Reporting\NoReflection
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost\netsvcs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost\netsvcs\CoInitializeSecurityParam
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost\netsvcs\AuthenticationLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost\netsvcs\ImpersonationLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost\netsvcs\AuthenticationCapabilities
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost\netsvcs\CoInitializeSecurityAppID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost\netsvcs\DeferredCoInitializeSecurityServices
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost\netsvcs\DefaultRpcStackSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost\netsvcs\SystemCritical
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AeLookupSvc\Parameters\ServiceDll
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AeLookupSvc\Parameters\ServiceManifest
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AeLookupSvc\Parameters\ServiceMain
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AeLookupSvc\MaximumThreadCount
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AeLookupSvc\EnableDebugOutput
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\Parameters\ServiceDll
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\Parameters\ServiceManifest
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\Parameters\ServiceMain
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AeLookupSvc\Parameters\ServiceDllUnloadOnStop
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\LogFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\LogFileFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\LogFileMinMemory
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Themes\Parameters\ServiceDll
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Themes\Parameters\ServiceManifest
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Themes\Parameters\ServiceMain
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\Performance\First Counter
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\Performance\First Help
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\Performance\Last Counter
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\Performance\Last Help
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ThemeManager\ServerChangeNumber
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ShellHWDetection\Parameters\ServiceDll
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ShellHWDetection\Parameters\ServiceManifest
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ShellHWDetection\Parameters\ServiceMain
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Schedule\Parameters\ServiceDll
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Schedule\Parameters\ServiceManifest
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Schedule\Parameters\ServiceMain
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\Parameters\ServiceDll
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\Parameters\ServiceManifest
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\Parameters\ServiceMain
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\BackupRestore\FilesNotToBackup\BITS_metadata
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\JobInactivityTimeout
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\TimeQuantaLength
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\JobNoProgressTimeout
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\JobMinimumRetryDelay
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\TransferBufferSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\SleepAtCallbackBegin
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\SleepAtCallbackEnd
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\SleepAtCallbackDuration
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\TestFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\ForceFileFlush
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ShellHWDetection\Parameters\Config
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\UseLmCompat
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\Windows\CEIPEnable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\SecurityService\10
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\LsaExtensionConfig\SspiCli\CheckSignatureDll
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\LsaExtensionConfig\SspiCli\CheckSignatureRoutine
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{00000134-0000-0000-C000-000000000046}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SecurityProviders
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\Name
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\Comment
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\Capabilities
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\RpcId
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\Version
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\Type
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\TokenSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\Windows\DisabledProcesses\AECFFC7E
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CredWom\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DD522ACC-F821-461A-A407-50B198B896DC}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLE\MaxSxSHashCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\Configuration\DataVersion
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\Configuration\EnableBackCompat
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\Configuration\MissedTasksStartupDelay
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\Configuration\TasksInMemoryQueue
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\Configuration\TasksPerHighestPrivEngine
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\Configuration\TasksPerLeastPrivEngine
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\Configuration\TracingLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\Configuration\WindowSeconds
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{555F3418-D99E-4E51-800A-6E89CFD8B1D7}\(Default)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\Parameters\DontNotifyIcf
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\Parameters\DontPropagateIcfFailure
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\Parameters\DontStartBrowserOnIcfOpen
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\Parameters\SqmUpdateInterval
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\Parameters\Size
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\DefaultSecurity\AnonymousDescriptorsUpgraded
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\RestrictAnonymous
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\Parameters\Level2Compatibility
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\DefaultSecurity\PreviousAnonymousRestriction
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\DefaultSecurity\InteractiveDescriptorsRegenerated
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\DefaultSecurity\SessionSecurityDescriptorRegenerated
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\DefaultSecurity\SrvsvcConfigInfo
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\DefaultSecurity\SrvsvcTransportEnum
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\DefaultSecurity\SrvsvcConnection
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\DefaultSecurity\SrvsvcServerDiskEnum
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\DefaultSecurity\SrvsvcFile
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\DefaultSecurity\SrvsvcSessionInfo
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\DefaultSecurity\SrvsvcDefaultShareInfo
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\DefaultSecurity\SrvsvcShareFileInfo
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\DefaultSecurity\SrvsvcSharePrintInfo
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\DefaultSecurity\SrvsvcShareAdminInfo
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\DefaultSecurity\SrvsvcShareChange
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\DefaultSecurity\SrvsvcShareConnect
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\DefaultSecurity\SrvsvcShareAdminConnect
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\DefaultSecurity\SrvsvcStatisticsInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\IGDSearcherDLL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\DisableDownlevelCompatibilityPlugin
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SchedulingAgent\LogPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SchedulingAgent\MaxLogSizeKB
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SchedulingAgent\TasksFolder
HKEY_USERS\S-1-5-21-1822907384-1282624486-319450072-1000\Control Panel\International\LocaleName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SchedulingAgent\NotifyOnTaskMiss
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SchedulingAgent\ViewHiddenTasks
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SchedulingAgent\OldName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SubmitControl
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\DeviceClasses\{53F5630D-B6BF-11D0-94F2-00A0C91EFB8B}\NoSoftEject
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\HashingCompleted
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\DisableRpcOverTcp
HKEY_LOCAL_MACHINE\SYSTEM\Setup\Upgrade
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\DomainJoinDetected
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F5A18EB-DC73-4E45-A11C-B59043598412}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6DD68AC2-29D2-4FF8-A7C8-4FAF5BFA0E39}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{72DB7465-BC54-491B-A92A-4637A28C9BBF}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{994C86AD-A929-4B2C-88A0-4E25A107A029}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D7B6E81D-3CF4-432C-84D2-24213F4316E6}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB02381F-D652-4B1C-894A-712498C62C51}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\CertificateServicesClient\SystemTask\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F5A18EB-DC73-4E45-A11C-B59043598412}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F5A18EB-DC73-4E45-A11C-B59043598412}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\SchedulingEngineKnob
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{58FB76B9-AC85-4E55-AC04-427593B1D060}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F5A18EB-DC73-4E45-A11C-B59043598412}\DynamicInfo
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\Parameters\ServiceDllUnloadOnStop
HKEY_LOCAL_MACHINE\SYSTEM\Setup\SystemPartition
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\StatefileChunk
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\StatefileWriteBuffer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS\StateIndex
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RecordingRestart\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6DD68AC2-29D2-4FF8-A7C8-4FAF5BFA0E39}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6DD68AC2-29D2-4FF8-A7C8-4FAF5BFA0E39}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6DD68AC2-29D2-4FF8-A7C8-4FAF5BFA0E39}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{72DB7465-BC54-491B-A92A-4637A28C9BBF}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{72DB7465-BC54-491B-A92A-4637A28C9BBF}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{72DB7465-BC54-491B-A92A-4637A28C9BBF}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SystemRestore\SR\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{994C86AD-A929-4B2C-88A0-4E25A107A029}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{994C86AD-A929-4B2C-88A0-4E25A107A029}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{994C86AD-A929-4B2C-88A0-4E25A107A029}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Autochk\Proxy\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D7B6E81D-3CF4-432C-84D2-24213F4316E6}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D7B6E81D-3CF4-432C-84D2-24213F4316E6}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D7B6E81D-3CF4-432C-84D2-24213F4316E6}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MUI\LPRemove\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB02381F-D652-4B1C-894A-712498C62C51}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB02381F-D652-4B1C-894A-712498C62C51}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB02381F-D652-4B1C-894A-712498C62C51}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01AE1CD5-23D1-4B8C-B118-6F70E4B13019}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0E0931AF-7911-4AE5-8FDB-971E157234B3}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2470470F-2634-478E-B181-571E98A789BB}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{28011108-68DF-4C73-B91B-57427D501BBA}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C513E04-9757-4167-A0CD-5B485ED9ABC6}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{458AD310-8828-4E4A-976E-55B7F1724152}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{486D715E-6AA2-44CF-BC48-B6990CBB53C6}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C8B01A2-11FF-4C41-848F-508EF4F00CF7}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B42DD9C-5A26-4F27-BB95-34603F0997E5}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{613612BA-897D-44CE-8DC1-8FC283F9FD51}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7AFCC0CA-7121-422A-AB45-B0E8D599FF08}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7BB9AB04-19C4-4ED4-9E39-842EE25E4F34}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{90F611E2-877D-473D-BC36-5623044532AE}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A35BB7A6-5F0C-4C9F-8450-2B3BED532D51}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0250F3F-6480-484F-B719-42F659AC64D5}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB97BAC0-E76F-421D-BFE3-12EAA69CE705}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01AE1CD5-23D1-4B8C-B118-6F70E4B13019}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01AE1CD5-23D1-4B8C-B118-6F70E4B13019}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01AE1CD5-23D1-4B8C-B118-6F70E4B13019}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SideShow\GadgetManager\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0E0931AF-7911-4AE5-8FDB-971E157234B3}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0E0931AF-7911-4AE5-8FDB-971E157234B3}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FF87090D-4A9A-4F47-879B-29A80C355D61}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0E0931AF-7911-4AE5-8FDB-971E157234B3}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Multimedia\SystemSoundsService\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2470470F-2634-478E-B181-571E98A789BB}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2470470F-2634-478E-B181-571E98A789BB}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2DEA658F-54C1-4227-AF9B-260AB5FC3543}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2470470F-2634-478E-B181-571E98A789BB}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual)\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{28011108-68DF-4C73-B91B-57427D501BBA}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{28011108-68DF-4C73-B91B-57427D501BBA}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BF5CB148-7C77-4D8A-A53E-D81C70CF743C}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{28011108-68DF-4C73-B91B-57427D501BBA}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SideShow\SystemDataProviders\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C513E04-9757-4167-A0CD-5B485ED9ABC6}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C513E04-9757-4167-A0CD-5B485ED9ABC6}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7CCA6768-8373-4D28-8876-83E8B4E3A969}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C513E04-9757-4167-A0CD-5B485ED9ABC6}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SideShow\AutoWake\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{458AD310-8828-4E4A-976E-55B7F1724152}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{458AD310-8828-4E4A-976E-55B7F1724152}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E51DFD48-AA36-4B45-BB52-E831F02E8316}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{458AD310-8828-4E4A-976E-55B7F1724152}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Shell\WindowsParentalControlsMigration\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{486D715E-6AA2-44CF-BC48-B6990CBB53C6}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{486D715E-6AA2-44CF-BC48-B6990CBB53C6}\Triggers
HKEY_LOCAL_MACHINE\SYSTEM\Setup\UpgradeInProgress
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{343D770D-7788-47C2-B62A-B7C4CED925CB}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{486D715E-6AA2-44CF-BC48-B6990CBB53C6}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\TextServicesFramework\MsCtfMonitor\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C8B01A2-11FF-4C41-848F-508EF4F00CF7}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C8B01A2-11FF-4C41-848F-508EF4F00CF7}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01575CFE-9A55-4003-A5E1-F38D1EBDCBE1}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C8B01A2-11FF-4C41-848F-508EF4F00CF7}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Shell\WindowsParentalControls\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B42DD9C-5A26-4F27-BB95-34603F0997E5}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B42DD9C-5A26-4F27-BB95-34603F0997E5}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DFA14C43-F385-4170-99CC-1B7765FA0E4A}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B42DD9C-5A26-4F27-BB95-34603F0997E5}\DynamicInfo
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Settings\ActiveWriterStateTimeout
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\(Default)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Settings\TornComponentsMax
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated)\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{613612BA-897D-44CE-8DC1-8FC283F9FD51}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{613612BA-897D-44CE-8DC1-8FC283F9FD51}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CF2CF428-325B-48D3-8CA8-7633E36E5A32}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{613612BA-897D-44CE-8DC1-8FC283F9FD51}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\CertificateServicesClient\UserTask\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7AFCC0CA-7121-422A-AB45-B0E8D599FF08}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7AFCC0CA-7121-422A-AB45-B0E8D599FF08}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7AFCC0CA-7121-422A-AB45-B0E8D599FF08}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Offline Files\Logon Synchronization\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7BB9AB04-19C4-4ED4-9E39-842EE25E4F34}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7BB9AB04-19C4-4ED4-9E39-842EE25E4F34}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{00000100-0000-0000-C000-000000000046}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FA3F3DD9-4C1A-456B-A8FA-C76EF3ED83B8}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7BB9AB04-19C4-4ED4-9E39-842EE25E4F34}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SideShow\SessionAgent\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{90F611E2-877D-473D-BC36-5623044532AE}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{90F611E2-877D-473D-BC36-5623044532AE}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{609B9555-4FB6-11D1-9971-00C04FBBB345}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{45F26E9E-6199-477F-85DA-AF1EDFE067B1}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{90F611E2-877D-473D-BC36-5623044532AE}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WindowsColorSystem\Calibration Loader\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A35BB7A6-5F0C-4C9F-8450-2B3BED532D51}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A35BB7A6-5F0C-4C9F-8450-2B3BED532D51}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{609B9557-4FB6-11D1-9971-00C04FBBB345}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B210D694-C8DF-490D-9576-9E20CDBC20BD}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A35BB7A6-5F0C-4C9F-8450-2B3BED532D51}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Error Reporting\QueueReporting\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0250F3F-6480-484F-B719-42F659AC64D5}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0250F3F-6480-484F-B719-42F659AC64D5}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0250F3F-6480-484F-B719-42F659AC64D5}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MobilePC\HotStart\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB97BAC0-E76F-421D-BFE3-12EAA69CE705}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB97BAC0-E76F-421D-BFE3-12EAA69CE705}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{06DA0625-9701-43DA-BFD7-FBEEA2180A1E}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB97BAC0-E76F-421D-BFE3-12EAA69CE705}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{044A6734-E90E-4F8F-B357-B2DC8AB3B5EC}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{046FBEF8-2DD6-4A92-A08E-608464EDCC44}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{088482FA-65B8-4E17-9ABF-1DCD48E8D373}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09F06BFE-A3C8-40E3-846A-6E6F4000C238}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1AF4338F-6C18-4FC7-9691-7BF990A00048}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F7B7221-AE8F-44F3-BA82-F7D260F51964}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2171D673-DA91-42EB-99AA-8377558033A6}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{384D247E-5044-403E-8815-663857F019E4}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{47536D45-EEEC-4BDC-8183-A4DC1F8DA9E4}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F50E1B5-2F4B-4EFE-AE7A-842B3315F32F}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F7CC921-910F-4928-A3C6-140C6114A475}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{502CD1F9-96CB-4A12-A9B3-B6E0B1A39F24}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A40E926-9E86-4B89-9CFD-B12311724371}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C0AEEEA-C154-45BE-8499-BEA5F11BAFF6}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6738BA6E-EA75-4B6B-B8B8-71F0336DD8EF}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E0CAA7B-B2E3-426E-9EBC-D2E0F803CE6B}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{753C47AE-EC5E-44B3-95A9-2C8E553F0E39}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{786F5419-95A1-4B6A-82DE-32EF997C5BD9}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C6FA9F4-69A9-419C-8646-AD6F7EC02D09}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{81540B9F-B5BF-47EB-9C95-BE195BF2C664}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{82E14523-E495-4D88-BA3A-2BC274EF1200}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{83687E64-03CD-4A47-8CBB-508DD54B726E}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{888700E2-603D-461E-BC12-C17DFE30776F}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C04A2AF-1DC1-4B64-8B32-FE6389548119}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9435F817-FED2-454E-88CD-7F78FDA62C48}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{94AA3293-B515-4FA7-A36B-3CFA64BA5BE3}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9979CB83-103A-4105-9E5D-C74B0AF6D198}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F7C4864-F6AA-4F3B-84D8-DBAD7E51692E}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A05D6C16-6A14-4759-9D8D-E492E894DE9F}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A48CABBF-24C8-4B87-B00F-9261807C3B43}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A4E48BB8-F9A1-445E-86A4-E5C29BBE1347}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A6AF9377-77CE-47AB-AD7D-EC32CAD0C82D}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A7C73732-9F11-4281-8D19-764D4EC9D94D}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC4E5ACF-89F7-4220-BA21-81EE183975E2}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC668097-4D6B-4093-AC14-014C09DBF820}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B0CBAB43-44FC-469B-A4CE-87426761FDCE}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BE669C13-8165-4536-96D0-6D6C39292AAE}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C016366B-7126-46CA-B36B-592A3D95A60B}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C0383FC4-F308-468A-8459-367B3A33AD15}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C10E7971-5E9E-4140-884E-DE663DA8BDD6}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA4B8FF2-A4D2-4D88-A52E-3A5BDAF7F56E}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CB3D64BF-C0C9-45FF-BFB0-FF1A8F680186}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CEE64558-E1A7-4D9D-80A7-2001912BE5B5}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DA41DE71-8431-42FB-9DB0-EB64A961DEAD}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DD9F510C-95F4-499A-90C8-BAC5BC372FF4}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E22A8667-F75B-4BA9-BA46-067ED4429DE8}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3163C33-301D-4730-A266-5518C5ED3967}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EACA24FF-236C-401D-A1E7-B3D5267B8A50}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ECDE38D5-1A9E-41D2-97A0-0CBAD890B0BE}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F15EACD7-1AC9-4C6C-B1F2-C00C5844037B}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F5D967A9-73DF-416F-9CF2-357B94578ADE}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FA2BC0A6-8D4B-458A-85C8-2B8C72487513}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FAB6B964-B7AA-43C5-B2D3-C48E363455EE}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FB3C354D-297A-4EB2-9B58-090F6361906B}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FCA58FB2-231F-4DAA-BCA0-77602B638485}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FDD56C73-F0D5-41B6-B767-6EFFD7966428}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE1253D1-1B7F-4E2C-A4F7-BCC472C6D87E}\Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Time Synchronization\SynchronizeTime\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{044A6734-E90E-4F8F-B357-B2DC8AB3B5EC}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{044A6734-E90E-4F8F-B357-B2DC8AB3B5EC}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{044A6734-E90E-4F8F-B357-B2DC8AB3B5EC}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{659CDEA7-489E-11D9-A9CD-000D56965251}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03CA98D6-FF5D-49B8-ABC6-03DD84127020}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6D18AD12-BDE3-4393-B311-099C346E6DF9}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F087771F-D74F-4C1A-BB8A-E16ACA9124EA}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4991D34B-80A1-4291-83B6-3328366B9097}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{69AD4AEE-51BE-439B-A92C-86AE490E8B30}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{046FBEF8-2DD6-4A92-A08E-608464EDCC44}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{046FBEF8-2DD6-4A92-A08E-608464EDCC44}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{046FBEF8-2DD6-4A92-A08E-608464EDCC44}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Tcpip\IpAddressConflict1\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{088482FA-65B8-4E17-9ABF-1DCD48E8D373}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{088482FA-65B8-4E17-9ABF-1DCD48E8D373}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{088482FA-65B8-4E17-9ABF-1DCD48E8D373}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Tcpip\IpAddressConflict2\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09F06BFE-A3C8-40E3-846A-6E6F4000C238}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09F06BFE-A3C8-40E3-846A-6E6F4000C238}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09F06BFE-A3C8-40E3-846A-6E6F4000C238}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows Defender\MpIdleTask\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1AF4338F-6C18-4FC7-9691-7BF990A00048}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1AF4338F-6C18-4FC7-9691-7BF990A00048}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1AF4338F-6C18-4FC7-9691-7BF990A00048}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Task Manager\Interactive\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F7B7221-AE8F-44F3-BA82-F7D260F51964}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F7B7221-AE8F-44F3-BA82-F7D260F51964}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855FEC53-D2E4-4999-9E87-3414E9CF0FF4}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F7B7221-AE8F-44F3-BA82-F7D260F51964}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2171D673-DA91-42EB-99AA-8377558033A6}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2171D673-DA91-42EB-99AA-8377558033A6}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2171D673-DA91-42EB-99AA-8377558033A6}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WindowsBackup\ConfigNotification\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ConfigureInternetTimeService\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{384D247E-5044-403E-8815-663857F019E4}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{384D247E-5044-403E-8815-663857F019E4}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{384D247E-5044-403E-8815-663857F019E4}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Customer Experience Improvement Program\UsbCeip\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{47536D45-EEEC-4BDC-8183-A4DC1F8DA9E4}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{47536D45-EEEC-4BDC-8183-A4DC1F8DA9E4}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C27F6B1D-FE0B-45E4-9257-38799FA69BC8}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{47536D45-EEEC-4BDC-8183-A4DC1F8DA9E4}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Offline Files\Background Synchronization\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F50E1B5-2F4B-4EFE-AE7A-842B3315F32F}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F50E1B5-2F4B-4EFE-AE7A-842B3315F32F}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F50E1B5-2F4B-4EFE-AE7A-842B3315F32F}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ActivateWindowsSearch\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F7CC921-910F-4928-A3C6-140C6114A475}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F7CC921-910F-4928-A3C6-140C6114A475}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F7CC921-910F-4928-A3C6-140C6114A475}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PeriodicScanRetry\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{502CD1F9-96CB-4A12-A9B3-B6E0B1A39F24}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{502CD1F9-96CB-4A12-A9B3-B6E0B1A39F24}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{502CD1F9-96CB-4A12-A9B3-B6E0B1A39F24}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UPnP\UPnPHostConfig\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A40E926-9E86-4B89-9CFD-B12311724371}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A40E926-9E86-4B89-9CFD-B12311724371}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A40E926-9E86-4B89-9CFD-B12311724371}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Defrag\ScheduledDefrag\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C0AEEEA-C154-45BE-8499-BEA5F11BAFF6}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C0AEEEA-C154-45BE-8499-BEA5F11BAFF6}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C0AEEEA-C154-45BE-8499-BEA5F11BAFF6}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\User Profile Service\HiveUploadTask\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6738BA6E-EA75-4B6B-B8B8-71F0336DD8EF}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6738BA6E-EA75-4B6B-B8B8-71F0336DD8EF}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BA677074-762C-444B-94C8-8C83F93F6605}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6738BA6E-EA75-4B6B-B8B8-71F0336DD8EF}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\mcupdate\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E0CAA7B-B2E3-426E-9EBC-D2E0F803CE6B}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E0CAA7B-B2E3-426E-9EBC-D2E0F803CE6B}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E0CAA7B-B2E3-426E-9EBC-D2E0F803CE6B}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Media Sharing\UpdateLibrary\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{753C47AE-EC5E-44B3-95A9-2C8E553F0E39}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{753C47AE-EC5E-44B3-95A9-2C8E553F0E39}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{753C47AE-EC5E-44B3-95A9-2C8E553F0E39}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscovery\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{786F5419-95A1-4B6A-82DE-32EF997C5BD9}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{786F5419-95A1-4B6A-82DE-32EF997C5BD9}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{786F5419-95A1-4B6A-82DE-32EF997C5BD9}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURActivate\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C6FA9F4-69A9-419C-8646-AD6F7EC02D09}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C6FA9F4-69A9-419C-8646-AD6F7EC02D09}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C6FA9F4-69A9-419C-8646-AD6F7EC02D09}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\NetTrace\GatherNetworkInfo\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{81540B9F-B5BF-47EB-9C95-BE195BF2C664}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{81540B9F-B5BF-47EB-9C95-BE195BF2C664}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\PreferExternalManifest
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ShellHWDetection\Parameters\ServiceDllUnloadOnStop
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\KindMap\.vbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.vbs\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VBSFile\IsShortcut
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VBSFile\NoStaticDefaultVerb
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VBSFile\Shell\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VBSFile\Shell\Open\NeverDefault
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VBSFile\Shell\Open\Command\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{81540B9F-B5BF-47EB-9C95-BE195BF2C664}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrRecoveryTask\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{82E14523-E495-4D88-BA3A-2BC274EF1200}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{82E14523-E495-4D88-BA3A-2BC274EF1200}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FA3A1C3-3C87-40DE-AC16-B6E2815A4CC8}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{82E14523-E495-4D88-BA3A-2BC274EF1200}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW2\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{83687E64-03CD-4A47-8CBB-508DD54B726E}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{83687E64-03CD-4A47-8CBB-508DD54B726E}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{83687E64-03CD-4A47-8CBB-508DD54B726E}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW1\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{888700E2-603D-461E-BC12-C17DFE30776F}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{888700E2-603D-461E-BC12-C17DFE30776F}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{888700E2-603D-461E-BC12-C17DFE30776F}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\UpdateRecordPath\Id
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C04A2AF-1DC1-4B64-8B32-FE6389548119}\Hash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C04A2AF-1DC1-4B64-8B32-FE6389548119}\Triggers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C04A2AF-1DC1-4B64-8B32-FE6389548119}\DynamicInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{900BE39D-6BE8-461A-BC4D-B0FA71F5ECB1}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9435F817-FED2-454E-88CD-7F78FDA62C48}\DynamicInfo
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\ThemeManager\LMVersion
HKEY_USERS\S-1-5-21-1822907384-1282624486-319450072-1000\Software\Microsoft\Windows\CurrentVersion\ThemeManager\LMVersion
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\COM3\Com+Enabled
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\AccessPermission
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TraceFlags
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\NoReflection
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AeDebug\Debugger
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\Debug\WaitonExceptionRecord
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\CurrentType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\Debug\WaitOnStart
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\MachineID
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\Consent\DefaultConsent
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\DontSendAdditionalData
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\Disabled
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\Consent\DefaultConsent
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\Consent\DefaultOverrideBehavior
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\Consent\APPCRASH
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\LoggingDisabled
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\DontShowUI
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\DisableArchive
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\ConfigureArchive
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\DisableQueue
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\MaxQueueCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\MaxArchiveCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\ForceQueue
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\QueuePesterInterval
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\SendEFSFiles
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\BypassDataThrottling
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\ForceUserModeCabCollection
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\DontSendAdditionalData
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\Disabled
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\Consent\DefaultOverrideBehavior
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\Consent\APPCRASH
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\LoggingDisabled
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\DontShowUI
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\DisableArchive
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\ConfigureArchive
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\DisableQueue
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\MaxQueueCount
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\MaxArchiveCount
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\ForceQueue
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\QueuePesterInterval
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\SendEFSFiles
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\BypassDataThrottling
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\ForceUserModeCabCollection
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\CorporateWerServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\CorporateWerUseSSL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\CorporateWerPortNumber
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\CorporateWerUseAuthentication
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Reliability Analysis\RAC\RacWerSampleTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\Debug\OfflineMode
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SESSION MANAGER\SafeProcessSearchMode
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\ScrollInset
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\DragDelay
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\DragMinDist
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\ScrollDelay
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\ScrollInterval
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\TurnOffSPIAnimations
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\Segoe UI
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProductName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EditionID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\BuildLabEx
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\CSDBuildNumber
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\BIOSVersion
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Windows\CSDBuildNumber
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\LastWatsonCabUploaded
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\WinHttpSettings
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\Windows\DisabledProcesses\6FD5A890
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize\DisableMetaFiles

Write Keys

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WerSvc\Type
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SSDPSRV\Type
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS\Performance\PerfMMFileName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ThemeManager\ServerChangeNumber
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\Parameters\Guid
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\BackupRestore\FilesNotToBackup\BITS_LOG
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\BackupRestore\FilesNotToBackup\BITS_BAK
HKEY_USERS\S-1-5-21-1822907384-1282624486-319450072-1000\Software\Microsoft\Windows\CurrentVersion\ThemeManager\ThemeActive
HKEY_USERS\S-1-5-21-1822907384-1282624486-319450072-1000\Software\Microsoft\Windows\CurrentVersion\ThemeManager\LoadedBefore
HKEY_USERS\S-1-5-21-1822907384-1282624486-319450072-1000\Software\Microsoft\Windows\CurrentVersion\ThemeManager\LastUserLangID
HKEY_USERS\S-1-5-21-1822907384-1282624486-319450072-1000\Software\Microsoft\Windows\CurrentVersion\ThemeManager\LastLoadedDPI
HKEY_USERS\S-1-5-21-1822907384-1282624486-319450072-1000\Software\Microsoft\Windows\CurrentVersion\ThemeManager\DllName
HKEY_USERS\S-1-5-21-1822907384-1282624486-319450072-1000\Software\Microsoft\Windows\CurrentVersion\ThemeManager\ColorName
HKEY_USERS\S-1-5-21-1822907384-1282624486-319450072-1000\Software\Microsoft\Windows\CurrentVersion\ThemeManager\SizeName
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Windows Error Reporting\Debug
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\Debug\ExceptionRecord
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\Debug\UIHandles
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\Debug\UIHandles\FirstLevelConsentDialog
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Windows Error Reporting\Debug\UIHandles
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\Debug\UIHandles\FirstLevelConsentDialog
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\Debug\UIHandles\CheckingForSolutionDialog
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\Debug\UIHandles\CheckingForSolutionDialog
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\Debug\StoreLocation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\Debug\StoreLocation

Delete Keys

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\IDE\CdRomVBOX_CD-ROM_____________________________1.0_____\5&106af171&0&1.0.0\CustomPropertyHwIdKey
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCIIDE\IDEChannel\4&2f42c713&0&1\CustomPropertyHwIdKey
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\IDE\DISKVBOX_HARDDISK___________________________1.0_____\5&33D1638A&0&0.0.0\CustomPropertyHwIdKey
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\Parameters\Guid

Mutexes

Global\CLR_CASOFF_MUTEX
DBWinMutex
Local\WERReportingForProcess2996
Global\\xe5\x88\x90\xc7\x90

Resolved APIs

advapi32.dll.RegOpenKeyExW
advapi32.dll.RegQueryInfoKeyW
advapi32.dll.RegEnumKeyExW
advapi32.dll.RegEnumValueW
advapi32.dll.RegCloseKey
advapi32.dll.RegQueryValueExW
kernel32.dll.FlsAlloc
kernel32.dll.FlsFree
kernel32.dll.FlsGetValue
kernel32.dll.FlsSetValue
kernel32.dll.InitializeCriticalSectionEx
kernel32.dll.CreateEventExW
kernel32.dll.CreateSemaphoreExW
kernel32.dll.SetThreadStackGuarantee
kernel32.dll.CreateThreadpoolTimer
kernel32.dll.SetThreadpoolTimer
kernel32.dll.WaitForThreadpoolTimerCallbacks
kernel32.dll.CloseThreadpoolTimer
kernel32.dll.CreateThreadpoolWait
kernel32.dll.SetThreadpoolWait
kernel32.dll.CloseThreadpoolWait
kernel32.dll.FlushProcessWriteBuffers
kernel32.dll.FreeLibraryWhenCallbackReturns
kernel32.dll.GetCurrentProcessorNumber
kernel32.dll.GetLogicalProcessorInformation
kernel32.dll.CreateSymbolicLinkW
kernel32.dll.EnumSystemLocalesEx
kernel32.dll.CompareStringEx
kernel32.dll.GetDateFormatEx
kernel32.dll.GetLocaleInfoEx
kernel32.dll.GetTimeFormatEx
kernel32.dll.GetUserDefaultLocaleName
kernel32.dll.IsValidLocaleName
kernel32.dll.LCMapStringEx
kernel32.dll.GetTickCount64
advapi32.dll.EventRegister
mscoree.dll.#142
mscoreei.dll.RegisterShimImplCallback
mscoreei.dll.OnShimDllMainCalled
mscoreei.dll._CorExeMain
shlwapi.dll.UrlIsW
version.dll.GetFileVersionInfoSizeW
version.dll.GetFileVersionInfoW
version.dll.VerQueryValueW
kernel32.dll.InitializeCriticalSectionAndSpinCount
kernel32.dll.IsProcessorFeaturePresent
msvcrt.dll._set_error_mode
msvcrt.dll.?set_terminate@@YAP6AXXZP6AXXZ@Z
kernel32.dll.FindActCtxSectionStringW
kernel32.dll.GetSystemWindowsDirectoryW
mscoree.dll.GetProcessExecutableHeap
mscoreei.dll.GetProcessExecutableHeap
mscorwks.dll._CorExeMain
mscorwks.dll.GetCLRFunction
advapi32.dll.RegisterTraceGuidsW
advapi32.dll.UnregisterTraceGuids
advapi32.dll.GetTraceLoggerHandle
advapi32.dll.GetTraceEnableLevel
advapi32.dll.GetTraceEnableFlags
advapi32.dll.TraceEvent
mscoree.dll.IEE
mscoreei.dll.IEE
mscorwks.dll.IEE
mscoree.dll.GetStartupFlags
mscoreei.dll.GetStartupFlags
mscoree.dll.GetHostConfigurationFile
mscoreei.dll.GetHostConfigurationFile
mscoreei.dll.GetCORVersion
mscoree.dll.GetCORSystemDirectory
mscoreei.dll.GetCORSystemDirectory_RetAddr
mscoreei.dll.CreateConfigStream
ntdll.dll.RtlUnwind
kernel32.dll.IsWow64Process
advapi32.dll.AllocateAndInitializeSid
advapi32.dll.OpenProcessToken
advapi32.dll.GetTokenInformation
advapi32.dll.InitializeAcl
advapi32.dll.AddAccessAllowedAce
advapi32.dll.FreeSid
kernel32.dll.AddVectoredContinueHandler
kernel32.dll.RemoveVectoredContinueHandler
advapi32.dll.ConvertSidToStringSidW
shell32.dll.SHGetFolderPathW
kernel32.dll.GetWriteWatch
kernel32.dll.ResetWriteWatch
kernel32.dll.CreateMemoryResourceNotification
kernel32.dll.QueryMemoryResourceNotification
ole32.dll.CoInitializeEx
cryptbase.dll.SystemFunction036
uxtheme.dll.ThemeInitApiHook
user32.dll.IsProcessDPIAware
kernel32.dll.QueryActCtxW
ole32.dll.CoGetContextToken
kernel32.dll.GetVersionExW
kernel32.dll.GetFullPathNameW
advapi32.dll.CryptAcquireContextA
advapi32.dll.CryptReleaseContext
advapi32.dll.CryptCreateHash
advapi32.dll.CryptDestroyHash
advapi32.dll.CryptHashData
advapi32.dll.CryptGetHashParam
advapi32.dll.CryptImportKey
advapi32.dll.CryptExportKey
advapi32.dll.CryptGenKey
advapi32.dll.CryptGetKeyParam
advapi32.dll.CryptDestroyKey
advapi32.dll.CryptVerifySignatureA
advapi32.dll.CryptSignHashA
advapi32.dll.CryptGetProvParam
advapi32.dll.CryptGetUserKey
advapi32.dll.CryptEnumProvidersA
mscoree.dll.GetMetaDataInternalInterface
mscoreei.dll.GetMetaDataInternalInterface
mscorwks.dll.GetMetaDataInternalInterface
mscorjit.dll.getJit
kernel32.dll.GetUserDefaultUILanguage
kernel32.dll.SetErrorMode
kernel32.dll.GetFileAttributesExW
bcrypt.dll.BCryptGetFipsAlgorithmMode
kernel32.dll.lstrlen
kernel32.dll.lstrlenW
kernel32.dll.GetModuleHandleW
kernel32.dll.GetProcAddress
user32.dll.DefWindowProcW
gdi32.dll.GetStockObject
user32.dll.RegisterClassW
ole32.dll.CoTaskMemAlloc
ole32.dll.CoTaskMemFree
user32.dll.CreateWindowExW
user32.dll.SetWindowLongW
user32.dll.GetWindowLongW
kernel32.dll.GetCurrentProcess
kernel32.dll.GetCurrentThread
kernel32.dll.DuplicateHandle
kernel32.dll.GetCurrentThreadId
user32.dll.CallWindowProcW
user32.dll.RegisterWindowMessageW
dwmapi.dll.DwmIsCompositionEnabled
cryptsp.dll.CryptAcquireContextW
cryptsp.dll.CryptCreateHash
ole32.dll.CreateBindCtx
ole32.dll.CoGetObjectContext
sechost.dll.LookupAccountNameLocalW
advapi32.dll.LookupAccountSidW
sechost.dll.LookupAccountSidLocalW
cryptsp.dll.CryptGenRandom
ole32.dll.NdrOleInitializeExtension
ole32.dll.CoGetClassObject
ole32.dll.CoGetMarshalSizeMax
ole32.dll.CoMarshalInterface
ole32.dll.CoUnmarshalInterface
ole32.dll.StringFromIID
ole32.dll.CoGetPSClsid
ole32.dll.CoCreateInstance
ole32.dll.CoReleaseMarshalData
ole32.dll.DcomChannelSetHResult
rpcrtremote.dll.I_RpcExtInitializeExtensionPoint
ole32.dll.MkParseDisplayName
kernel32.dll.GetThreadPreferredUILanguages
kernel32.dll.SetThreadPreferredUILanguages
kernel32.dll.LocaleNameToLCID
kernel32.dll.LCIDToLocaleName
kernel32.dll.GetSystemDefaultLocaleName
ole32.dll.BindMoniker
sxs.dll.SxsOleAut32RedirectTypeLibrary
advapi32.dll.RegOpenKeyW
advapi32.dll.RegEnumKeyW
advapi32.dll.RegQueryValueW
sxs.dll.SxsOleAut32MapConfiguredClsidToReferenceClsid
sxs.dll.SxsLookupClrGuid
kernel32.dll.ReleaseActCtx
oleaut32.dll.#9
oleaut32.dll.#4
mscoreei.dll._CorDllMain
mscoree.dll.GetTokenForVTableEntry
mscoree.dll.SetTargetForVTableEntry
mscoree.dll.GetTargetForVTableEntry
mscoreei.dll.GetTokenForVTableEntry
mscoreei.dll.SetTargetForVTableEntry
mscoreei.dll.GetTargetForVTableEntry
kernel32.dll.GetLastError
kernel32.dll.LocalAlloc
oleaut32.dll.VariantInit
oleaut32.dll.VariantClear
oleaut32.dll.#7
kernel32.dll.CreateEventW
kernel32.dll.CloseHandle
kernel32.dll.SwitchToThread
kernel32.dll.SetEvent
ole32.dll.CoWaitForMultipleHandles
ole32.dll.IIDFromString
kernel32.dll.LoadLibraryA
wminet_utils.dll.ResetSecurity
wminet_utils.dll.SetSecurity
wminet_utils.dll.BlessIWbemServices
wminet_utils.dll.BlessIWbemServicesObject
wminet_utils.dll.GetPropertyHandle
wminet_utils.dll.WritePropertyValue
wminet_utils.dll.Clone
wminet_utils.dll.VerifyClientKey
wminet_utils.dll.GetQualifierSet
wminet_utils.dll.Get
wminet_utils.dll.Put
wminet_utils.dll.Delete
wminet_utils.dll.GetNames
wminet_utils.dll.BeginEnumeration
wminet_utils.dll.Next
wminet_utils.dll.EndEnumeration
wminet_utils.dll.GetPropertyQualifierSet
wminet_utils.dll.GetObjectText
wminet_utils.dll.SpawnDerivedClass
wminet_utils.dll.SpawnInstance
wminet_utils.dll.CompareTo
wminet_utils.dll.GetPropertyOrigin
wminet_utils.dll.InheritsFrom
wminet_utils.dll.GetMethod
wminet_utils.dll.PutMethod
wminet_utils.dll.DeleteMethod
wminet_utils.dll.BeginMethodEnumeration
wminet_utils.dll.NextMethod
wminet_utils.dll.EndMethodEnumeration
wminet_utils.dll.GetMethodQualifierSet
wminet_utils.dll.GetMethodOrigin
wminet_utils.dll.QualifierSet_Get
wminet_utils.dll.QualifierSet_Put
wminet_utils.dll.QualifierSet_Delete
wminet_utils.dll.QualifierSet_GetNames
wminet_utils.dll.QualifierSet_BeginEnumeration
wminet_utils.dll.QualifierSet_Next
wminet_utils.dll.QualifierSet_EndEnumeration
wminet_utils.dll.GetCurrentApartmentType
wminet_utils.dll.GetDemultiplexedStub
wminet_utils.dll.CreateInstanceEnumWmi
wminet_utils.dll.CreateClassEnumWmi
wminet_utils.dll.ExecQueryWmi
wminet_utils.dll.ExecNotificationQueryWmi
wminet_utils.dll.PutInstanceWmi
wminet_utils.dll.PutClassWmi
wminet_utils.dll.CloneEnumWbemClassObject
wminet_utils.dll.ConnectServerWmi
ole32.dll.CoUninitialize
oleaut32.dll.#500
oleaut32.dll.SysStringLen
kernel32.dll.RtlZeroMemory
kernel32.dll.RegOpenKeyExW
mscoreei.dll.LoadLibraryShim
culture.dll.ConvertLangIdToCultureName
advapi32.dll.GetUserNameW
kernel32.dll.GetComputerNameW
kernel32.dll.GetEnvironmentVariableW
kernel32.dll.GetCurrentProcessId
advapi32.dll.LookupPrivilegeValueW
advapi32.dll.AdjustTokenPrivileges
ntdll.dll.NtQuerySystemInformation
ole32.dll.CoCreateGuid
kernel32.dll.CreateIoCompletionPort
kernel32.dll.PostQueuedCompletionStatus
ntdll.dll.NtQueryInformationThread
ntdll.dll.NtGetCurrentProcessorNumber
shfolder.dll.SHGetFolderPathW
kernel32.dll.CreateFileW
vaultcli.dll.VaultEnumerateVaults
kernel32.dll.GetSystemTimeAsFileTime
user32.dll.GetLastInputInfo
kernel32.dll.GlobalMemoryStatusEx
kernel32.dll.FindFirstFileW
kernel32.dll.FindClose
ole32.dll.CLSIDFromProgIDEx
logoncli.dll.I_RpcExtInitializeExtensionPoint
cryptsp.dll.CryptDestroyHash
oleaut32.dll.#2
oleaut32.dll.#6
oleaut32.dll.#201
user32.dll.GetSystemMetrics
user32.dll.GetClientRect
user32.dll.GetWindowRect
user32.dll.GetParent
ole32.dll.OleInitialize
ole32.dll.CoRegisterMessageFilter
user32.dll.PeekMessageW
user32.dll.WaitMessage
user32.dll.IsWindowUnicode
user32.dll.GetMessageW
user32.dll.TranslateMessage
user32.dll.DispatchMessageW
wbemcore.dll.Reinitialize
wtsapi32.dll.WTSQueryUserToken
kernel32.dll.SortGetHandle
kernel32.dll.SortCloseHandle
ntmarta.dll.GetMartaExtensionInterface
fastprox.dll.DllGetClassObject
fastprox.dll.DllCanUnloadNow
kernel32.dll.RegQueryValueExW
kernel32.dll.RegCloseKey
advapi32.dll.EventUnregister
advapi32.dll.EventWrite
advapi32.dll.EventActivityIdControl
advapi32.dll.EventWriteTransfer
advapi32.dll.EventEnabled
wmi.dll.WmiQueryAllDataW
wmi.dll.WmiQuerySingleInstanceW
wmi.dll.WmiSetSingleItemW
wmi.dll.WmiSetSingleInstanceW
wmi.dll.WmiExecuteMethodW
wmi.dll.WmiNotificationRegistrationW
wmi.dll.WmiMofEnumerateResourcesW
wmi.dll.WmiFileHandleToInstanceNameW
wmi.dll.WmiDevInstToInstanceNameW
wmi.dll.WmiQueryGuidInformation
wmi.dll.WmiOpenBlock
wmi.dll.WmiCloseBlock
wmi.dll.WmiFreeBuffer
wmi.dll.WmiEnumerateGuids
rpcrt4.dll.UuidFromStringW
radarrs.dll.WdiDiagnosticModuleMain
radarrs.dll.WdiHandleInstance
radarrs.dll.WdiGetDiagnosticModuleInterfaceVersion
gdi32.dll.GetLayout
gdi32.dll.GdiRealizationInfo
gdi32.dll.FontIsLinked
gdi32.dll.GetTextFaceAliasW
gdi32.dll.GetFontAssocStatus
advapi32.dll.RegQueryValueExA
wersvc.dll.ServiceMain
wersvc.dll.SvchostPushServiceGlobals
advapi32.dll.RegGetValueW
sechost.dll.ConvertStringSecurityDescriptorToSecurityDescriptorW
faultrep.dll.WerpInitiateCrashReporting
wer.dll.WerpCreateMachineStore
shell32.dll.SHGetFolderPathEx
ole32.dll.StringFromGUID2
profapi.dll.#104
userenv.dll.CreateEnvironmentBlock
sechost.dll.ConvertSidToStringSidW
sspicli.dll.GetUserNameExW
userenv.dll.DestroyEnvironmentBlock
ole32.dll.CoInitializeSecurity
aelupsvc.dll.ServiceMain
aelupsvc.dll.SvchostPushServiceGlobals
qmgr.dll.ServiceMain
advapi32.dll.SetEntriesInAclW
themeservice.dll.ThemeServiceMain
advapi32.dll.RegSetValueExW
shsvcs.dll.HardwareDetectionServiceMain
schedsvc.dll.ServiceMain
winsta.dll.WinStationOpenServerW
winsta.dll.WinStationEnumerateW
srvsvc.dll.ServiceMain
srvsvc.dll.SvchostPushServiceGlobals
rpcrt4.dll.NdrClientCall3
rpcrt4.dll.RpcBindingCreateW
rpcrt4.dll.RpcBindingBind
rpcrt4.dll.I_RpcMapWin32Status
advapi32.dll.CreateWellKnownSid
rpcrt4.dll.RpcStringBindingComposeW
rpcrt4.dll.RpcBindingFromStringBindingW
rpcrt4.dll.RpcStringFreeW
rpcrt4.dll.RpcBindingSetAuthInfoExW
rpcrt4.dll.RpcBindingFree
rpcrt4.dll.I_RpcExceptionFilter
ws2_32.dll.#115
winsta.dll.WinStationFreeMemory
winsta.dll.WinStationCloseServer
ws2_32.dll.WSASocketW
secur32.dll.InitSecurityInterfaceW
advapi32.dll.GetSecurityInfo
advapi32.dll.GetAce
advapi32.dll.GetLengthSid
advapi32.dll.AddAccessAllowedAceEx
advapi32.dll.SetSecurityInfo
cryptsp.dll.SystemFunction035
advapi32.dll.ImpersonateLoggedOnUser
advapi32.dll.RevertToSelf
ws2_32.dll.WSAIoctl
ws2_32.dll.#111
advapi32.dll.LsaOpenPolicy
advapi32.dll.LsaQueryInformationPolicy
netutils.dll.NetApiBufferAllocate
advapi32.dll.LsaFreeMemory
advapi32.dll.LsaClose
netutils.dll.NetApiBufferFree
ole32.dll.CoRegisterClassObject
advapi32.dll.GetCurrentHwProfileW
cfgmgr32.dll.CMP_RegisterNotification
sechost.dll.I_ScPnPGetServiceName
bitsigd.dll.InitializeEx
sscore.dll.SsCoreInitialize
sscore.dll.SsCoreUninitialize
sscore.dll.SsCoreShareAdd
sscore.dll.SsCoreShareSetInfo
sscore.dll.SsCoreShareDel
sscore.dll.SsCoreShareCleanup
firewallapi.dll.IcfChangeNotificationCreate
firewallapi.dll.IcfChangeNotificationDestroy
clusapi.dll.OpenCluster
cfgmgr32.dll.CM_MapCrToWin32Err
taskcomp.dll.InitializeAdapter
taskcomp.dll.UpdateJobStatus
taskcomp.dll.ShutdownAdapter
taskcomp.dll.RegisterTaskNotification
taskcomp.dll.DeleteTaskNotification
taskcomp.dll.SetSdNotification
taskcomp.dll.IsRegistering
clusapi.dll.CloseCluster
clusapi.dll.OpenClusterGroup
clusapi.dll.ClusterGroupOpenEnum
clusapi.dll.ClusterGroupEnum
clusapi.dll.ClusterGroupCloseEnum
clusapi.dll.CloseClusterGroup
clusapi.dll.CreateClusterResource
clusapi.dll.OpenClusterResource
clusapi.dll.OnlineClusterResource
clusapi.dll.OfflineClusterResource
clusapi.dll.AddClusterResourceDependency
clusapi.dll.ClusterResourceControl
clusapi.dll.GetClusterResourceState
clusapi.dll.ClusterResourceOpenEnum
clusapi.dll.ClusterResourceEnum
clusapi.dll.ClusterResourceCloseEnum
clusapi.dll.CloseClusterResource
clusapi.dll.DeleteClusterResource
clusapi.dll.CreateClusterNotifyPort
clusapi.dll.RegisterClusterNotify
clusapi.dll.GetClusterNotify
clusapi.dll.CloseClusterNotifyPort
clusapi.dll.ClusterRegCloseKey
clusapi.dll.ClusterRegOpenKey
clusapi.dll.GetClusterResourceKey
resutils.dll.ResUtilFindSzProperty
resutils.dll.ResUtilFindDwordProperty
resutils.dll.ResUtilEnumResourcesEx
resutils.dll.ResUtilPropertyListFromParameterBlock
resutils.dll.ResUtilGetResourceName
resutils.dll.ResUtilResourceTypesEqual
resutils.dll.ResUtilGetResourceDependency
resutils.dll.ResUtilFreeParameterBlock
resutils.dll.ResUtilGetPropertiesToParameterBlock
resutils.dll.ResUtilResourcesEqual
setupapi.dll.CM_Get_Device_Interface_List_Size_ExW
upnp.dll.DllGetClassObject
upnp.dll.DllCanUnloadNow
rpcrt4.dll.RpcStringBindingComposeA
rpcrt4.dll.RpcBindingFromStringBindingA
rpcrt4.dll.RpcStringFreeA
setupapi.dll.CM_Get_Device_Interface_List_ExW
setupapi.dll.SetupDiCreateDeviceInfoList
setupapi.dll.SetupDiOpenDeviceInterfaceW
setupapi.dll.SetupDiGetDeviceInterfaceDetailW
setupapi.dll.SetupDiGetDeviceRegistryPropertyW
setupapi.dll.SetupDiDeleteDeviceInterfaceData
setupapi.dll.SetupDiDestroyDeviceInfoList
sspicli.dll.LsaRegisterLogonProcess
sspicli.dll.LsaLookupAuthenticationPackage
sspicli.dll.LsaCallAuthenticationPackage
sspicli.dll.LsaDeregisterLogonProcess
sechost.dll.OpenSCManagerA
cryptsp.dll.CryptImportKey
sechost.dll.OpenServiceA
sechost.dll.QueryServiceStatus
sechost.dll.StartServiceA
cryptsp.dll.CryptHashData
cryptsp.dll.CryptVerifySignatureW
cryptsp.dll.CryptDestroyKey
cryptsp.dll.CryptReleaseContext
uxtheme.dll.#78
uxtheme.dll.#80
uxtheme.dll.#83
uxtheme.dll.#81
uxtheme.dll.#82
uxtheme.dll.#79
wintrust.dll.WinVerifyTrust
apphelp.dll.ApphelpCheckRunAppEx
cfgmgr32.dll.CMP_UnregisterNotification
uxtheme.dll.#43
setupapi.dll.SetupDiGetDevicePropertyW
setupapi.dll.CM_Get_DevNode_Registry_Property_ExW
setupapi.dll.CM_Get_Parent_Ex
setupapi.dll.CM_Get_DevNode_Custom_PropertyW
ws2_32.dll.#21
ws2_32.dll.#9
ws2_32.dll.#2
ws2_32.dll.#6
ws2_32.dll.#13
ws2_32.dll.#15
ws2_32.dll.WSAProviderConfigChange
ws2_32.dll.getaddrinfo
wtsapi32.dll.WTSEnumerateSessionsW
sspicli.dll.LsaRegisterPolicyChangeNotification
wtsapi32.dll.WTSFreeMemory
netutils.dll.NetpwPathType
cryptsp.dll.CryptGetHashParam
sspicli.dll.LsaUnregisterPolicyChangeNotification
rpcrt4.dll.RpcBindingSetOption
rpcrt4.dll.RpcAsyncInitializeHandle
rpcrt4.dll.Ndr64AsyncClientCall
fveapi.dll.FveOpenVolumeW
sechost.dll.CloseServiceHandle
fveapi.dll.FveGetStatus
fveapi.dll.FveIsVolumeEncryptable
fveapi.dll.FveCloseVolume
ws2_32.dll.#116
advapi32.dll.LogonUserW
sspicli.dll.LogonUserExExW
winsta.dll.WinStationQueryInformationW
advapi32.dll.QueryAllTracesW
vssapi.dll.CreateWriter
wiarpc.dll.WiaEventsInitialize
setupapi.dll.SetupDiGetClassDevsW
oleaut32.dll.#283
oleaut32.dll.#284
advapi32.dll.LookupAccountNameW
samcli.dll.NetLocalGroupGetMembers
samlib.dll.SamConnect
setupapi.dll.SetupDiEnumDeviceInterfaces
samlib.dll.SamOpenDomain
samlib.dll.SamLookupNamesInDomain
samlib.dll.SamOpenAlias
samlib.dll.SamFreeMemory
samlib.dll.SamCloseHandle
samlib.dll.SamGetMembersInAlias
ole32.dll.StringFromCLSID
propsys.dll.VariantToPropVariant
iphlpapi.dll.GetAdaptersAddresses
advapi32.dll.EnumDependentServicesW
ole32.dll.CoRevokeClassObject
comctl32.dll.#328
comctl32.dll.#334
ole32.dll.CoDisconnectContext
shell32.dll.#102
propsys.dll.#430
propsys.dll.InitPropVariantFromStringAsVector
propsys.dll.PSCoerceToCanonicalValue
propsys.dll.PropVariantToStringAlloc
ole32.dll.PropVariantClear
advapi32.dll.OpenThreadToken
ole32.dll.CLSIDFromOle1Class
clbcatq.dll.GetCatalogObject
clbcatq.dll.GetCatalogObject2
imm32.dll.ImmDisableIME
psapi.dll.GetModuleFileNameExW
wer.dll.WerpCreateIntegratorReportId
wer.dll.WerReportCreate
wer.dll.WerpSetIntegratorReportId
wer.dll.WerReportSetParameter
dbgeng.dll.DebugCreate
ntdll.dll.CsrGetProcessId
ntdll.dll.DbgBreakPoint
ntdll.dll.DbgPrint
ntdll.dll.DbgPrompt
ntdll.dll.DbgUiConvertStateChangeStructure
ntdll.dll.DbgUiGetThreadDebugObject
ntdll.dll.DbgUiIssueRemoteBreakin
ntdll.dll.DbgUiSetThreadDebugObject
ntdll.dll.NtAllocateVirtualMemory
ntdll.dll.NtClose
ntdll.dll.NtCreateDebugObject
ntdll.dll.NtCreateFile
ntdll.dll.NtDebugActiveProcess
ntdll.dll.NtDebugContinue
ntdll.dll.NtFreeVirtualMemory
ntdll.dll.NtOpenProcess
ntdll.dll.NtOpenThread
ntdll.dll.NtQueryInformationProcess
ntdll.dll.NtQueryMutant
ntdll.dll.NtQueryObject
ntdll.dll.NtRemoveProcessDebug
ntdll.dll.NtResumeThread
ntdll.dll.NtSetInformationDebugObject
ntdll.dll.NtSetInformationProcess
ntdll.dll.NtSystemDebugControl
ntdll.dll.NtWaitForDebugEvent
ntdll.dll.RtlAnsiStringToUnicodeString
ntdll.dll.RtlCreateProcessParameters
ntdll.dll.RtlCreateUserProcess
ntdll.dll.RtlDestroyProcessParameters
ntdll.dll.RtlDosPathNameToNtPathName_U
ntdll.dll.RtlFindMessage
ntdll.dll.RtlFreeHeap
ntdll.dll.RtlFreeUnicodeString
ntdll.dll.RtlGetFunctionTableListHead
ntdll.dll.RtlGetUnloadEventTrace
ntdll.dll.RtlGetUnloadEventTraceEx
ntdll.dll.RtlInitAnsiString
ntdll.dll.RtlInitUnicodeString
ntdll.dll.RtlTryEnterCriticalSection
ntdll.dll.RtlUnicodeStringToAnsiString
ntdll.dll.NtOpenProcessToken
ntdll.dll.NtOpenThreadToken
ntdll.dll.NtQueryInformationToken
kernel32.dll.CloseProfileUserMapping
kernel32.dll.CreateToolhelp32Snapshot
kernel32.dll.DebugActiveProcessStop
kernel32.dll.DebugBreak
kernel32.dll.DebugBreakProcess
kernel32.dll.DebugSetProcessKillOnExit
kernel32.dll.Module32First
kernel32.dll.Module32FirstW
kernel32.dll.Module32Next
kernel32.dll.Module32NextW
kernel32.dll.OpenThread
kernel32.dll.Process32First
kernel32.dll.Process32FirstW
kernel32.dll.Process32Next
kernel32.dll.Process32NextW
kernel32.dll.ProcessIdToSessionId
kernel32.dll.SetProcessShutdownParameters
kernel32.dll.Thread32First
kernel32.dll.Thread32Next
kernel32.dll.GetTimeZoneInformation
kernel32.dll.Wow64GetThreadSelectorEntry
advapi32.dll.CloseServiceHandle
advapi32.dll.ControlService
advapi32.dll.CreateServiceA
advapi32.dll.CreateServiceW
advapi32.dll.DeleteService
advapi32.dll.EnumServicesStatusExA
advapi32.dll.EnumServicesStatusExW
advapi32.dll.GetEventLogInformation
advapi32.dll.OpenSCManagerA
advapi32.dll.OpenSCManagerW
advapi32.dll.OpenServiceA
advapi32.dll.OpenServiceW
advapi32.dll.StartServiceA
advapi32.dll.StartServiceW
advapi32.dll.GetSidSubAuthority
advapi32.dll.GetSidSubAuthorityCount
version.dll.GetFileVersionInfoSizeExW
version.dll.GetFileVersionInfoExW
dbghelp.dll.WinDbgExtensionDllInit
dbghelp.dll.ExtensionApiVersion
wer.dll.WerpSetDynamicParameter
wer.dll.WerReportAddDump
wer.dll.WerpSetCallBack
wer.dll.WerReportSetUIOption
wer.dll.WerpAddRegisteredDataToReport
wer.dll.WerReportSubmit
user32.dll.LoadStringW
advapi32.dll.CheckTokenMembership
user32.dll.GetProcessWindowStation
user32.dll.GetThreadDesktop
user32.dll.GetUserObjectInformationW
sensapi.dll.IsNetworkAlive
user32.dll.CharUpperW
werui.dll.WerUICreate
werui.dll.WerUIStart
ole32.dll.CoInitialize
dui70.dll.InitProcessPriv
comctl32.dll.LoadIconWithScaleDown
ntdll.dll.RtlRunEncodeUnicodeString
ntdll.dll.RtlRunDecodeUnicodeString
dui70.dll.InitThread
duser.dll.InitGadgets
user32.dll.RegisterMessagePumpHook
dui70.dll.?GetClassInfoPtr@CCBase@DirectUI@@SAPEAUIClassInfo@2@XZ
dui70.dll.?GetFactoryLock@Element@DirectUI@@SAPEAU_RTL_CRITICAL_SECTION@@XZ
dui70.dll.??0CritSecLock@DirectUI@@QEAA@PEAU_RTL_CRITICAL_SECTION@@@Z
dui70.dll.?ClassExist@ClassInfoBase@DirectUI@@SA_NPEAPEAUIClassInfo@2@PEBQEBUPropertyInfo@2@IPEAU32@PEAUHINSTANCE__@@PEBG_N@Z
dui70.dll.??0ClassInfoBase@DirectUI@@QEAA@XZ
dui70.dll.?Initialize@ClassInfoBase@DirectUI@@QEAAJPEAUHINSTANCE__@@PEBG_NPEBQEBUPropertyInfo@2@I@Z
dui70.dll.?Register@ClassInfoBase@DirectUI@@QEAAJXZ
dui70.dll.?IsGlobal@ClassInfoBase@DirectUI@@UEBA_NXZ
dui70.dll.?GetName@ClassInfoBase@DirectUI@@UEBAPEBGXZ
dui70.dll.?GetModule@ClassInfoBase@DirectUI@@UEBAPEAUHINSTANCE__@@XZ
dui70.dll.??1CritSecLock@DirectUI@@QEAA@XZ
dui70.dll.??0CCBase@DirectUI@@QEAA@KPEBG@Z
dui70.dll.?Initialize@CCBase@DirectUI@@QEAAJIPEAVElement@2@PEAK@Z
duser.dll.CreateGadget
duser.dll.SetGadgetMessageFilter
duser.dll.SetGadgetStyle
dui70.dll.?OnPropertyChanging@Element@DirectUI@@UEAA_NPEBUPropertyInfo@2@HPEAVValue@2@1@Z
dui70.dll.?HandleUiaPropertyChangingListener@Element@DirectUI@@UEAAXPEBUPropertyInfo@2@@Z
dui70.dll.?HandleUiaPropertyListener@Element@DirectUI@@UEAAXPEBUPropertyInfo@2@HPEAVValue@2@1@Z
dui70.dll.?DirectionProp@Element@DirectUI@@SAPEBUPropertyInfo@2@XZ
dui70.dll.?OnPropertyChanged@CCBase@DirectUI@@UEAAXPEBUPropertyInfo@2@HPEAVValue@2@1@Z
dui70.dll.?SetFontSize@Element@DirectUI@@QEAAJH@Z
dui70.dll.?SetWidth@Element@DirectUI@@QEAAJH@Z
dui70.dll.?SetHeight@Element@DirectUI@@QEAAJH@Z
dui70.dll.?EndDefer@Element@DirectUI@@QEAAXK@Z
dui70.dll.?OnGroupChanged@Element@DirectUI@@UEAAXH_N@Z
duser.dll.InvalidateGadget
dui70.dll.CreateDUIWrapper
shell32.dll.ExtractIconExW
comctl32.dll.TaskDialogIndirect
uxtheme.dll.IsThemeActive
duser.dll.SetGadgetRootInfo
uxtheme.dll.IsAppThemed
uxtheme.dll.GetThemeAppProperties
ole32.dll.CreateStreamOnHGlobal
xmllite.dll.CreateXmlReader
xmllite.dll.CreateXmlReaderInputWithEncodingName
uxtheme.dll.OpenThemeData
uxtheme.dll.GetThemeMargins
uxtheme.dll.GetThemeFont
uxtheme.dll.GetThemeColor
uxtheme.dll.GetThemeMetric
duser.dll.SetGadgetParent
duser.dll.GetDUserModule
duser.dll.FindStdColor
duser.dll.AttachWndProcW
comctl32.dll.RegisterClassNameW
duser.dll.GetGadgetRect
duser.dll.GetGadgetRgn
duser.dll.GetGadgetTicket
gdi32.dll.GdiIsMetaPrintDC
dui70.dll.?GetPICount@ClassInfoBase@DirectUI@@UEBAIXZ
dui70.dll.?GetByClassIndex@ClassInfoBase@DirectUI@@UEAAPEBUPropertyInfo@2@I@Z
dui70.dll.?OnHosted@HWNDHost@DirectUI@@MEAAXPEAVElement@2@@Z
dui70.dll.?CreateAccNameLabel@HWNDHost@DirectUI@@IEAAPEAUHWND__@@PEAU3@@Z
uxtheme.dll.EnableThemeDialogTexture
dui70.dll.?OnMessage@HWNDHost@DirectUI@@UEAA_NI_K_JPEA_J@Z
dui70.dll.?CreateHWND@CCBase@DirectUI@@UEAAPEAUHWND__@@PEAU3@@Z
comctl32.dll.HIMAGELIST_QueryInterface
comctl32.dll.DrawShadowText
comctl32.dll.DrawSizeBox
comctl32.dll.DrawScrollBar
comctl32.dll.SizeBoxHwnd
comctl32.dll.ScrollBar_MouseMove
comctl32.dll.ScrollBar_Menu
comctl32.dll.HandleScrollCmd
comctl32.dll.DetachScrollBars
comctl32.dll.AttachScrollBars
comctl32.dll.CCSetScrollInfo
comctl32.dll.CCGetScrollInfo
comctl32.dll.CCEnableScrollBar
comctl32.dll.QuerySystemGestureStatus
uxtheme.dll.#49
uxtheme.dll.CloseThemeData
dui70.dll.?PostCreate@CCBase@DirectUI@@MEAAXPEAUHWND__@@@Z
dui70.dll.?IsContentProtected@Element@DirectUI@@UEAA_NXZ
uxtheme.dll.GetThemeBool
duser.dll.GetGadgetFocus
uxtheme.dll.GetThemeBackgroundContentRect
uxtheme.dll.GetThemeTextMetrics
uxtheme.dll.GetThemePartSize
uxtheme.dll.GetThemeTextExtent
uxtheme.dll.GetThemeBackgroundExtent
duser.dll.SetGadgetFocus
duser.dll.DUserSendEvent
duser.dll.SetGadgetRect
comctl32.dll.SetWindowSubclass
comctl32.dll.DefSubclassProc
dui70.dll.?GetHWND@HWNDHost@DirectUI@@UEAAPEAUHWND__@@XZ
advapi32.dll.RegCreateKeyExW
uxtheme.dll.#47
uxtheme.dll.BufferedPaintInit
uxtheme.dll.BeginBufferedPaint
uxtheme.dll.BufferedPaintRenderAnimation
uxtheme.dll.BeginBufferedAnimation
uxtheme.dll.IsThemeBackgroundPartiallyTransparent
uxtheme.dll.DrawThemeParentBackground
uxtheme.dll.DrawThemeBackground
uxtheme.dll.DrawThemeText
uxtheme.dll.EndBufferedAnimation
uxtheme.dll.GetThemeTransitionDuration
uxtheme.dll.GetBufferedPaintDC
uxtheme.dll.GetBufferedPaintTargetDC
uxtheme.dll.EndBufferedPaint
duser.dll.ForwardGadgetMessage
uxtheme.dll.GetThemeInt
duser.dll.DUserPostEvent
duser.dll.DisableContainerHwnd
uxtheme.dll.BufferedPaintUnInit
werui.dll.WerUIUpdateUIForState
duser.dll.DeleteHandle
duser.dll.DetachWndProc
comctl32.dll.RemoveWindowSubclass
dui70.dll.?OnUnHosted@HWNDHost@DirectUI@@MEAAXPEAVElement@2@@Z
dui70.dll.?MessageCallback@HWNDHost@DirectUI@@UEAAIPEAUtagGMSG@@@Z
dui70.dll.?HandleUiaDestroyListener@Element@DirectUI@@UEAAXXZ
dui70.dll.?OnDestroy@HWNDHost@DirectUI@@UEAAXXZ
uxtheme.dll.BufferedPaintStopAllAnimations
dui70.dll.??1CCBase@DirectUI@@UEAA@XZ
uxtheme.dll.DrawThemeParentBackgroundEx
uxtheme.dll.GetThemeEnumValue
user32.dll.MsgWaitForMultipleObjects
winhttp.dll.WinHttpOpen
winhttp.dll.WinHttpSetTimeouts
winhttp.dll.WinHttpSetOption
winhttp.dll.WinHttpConnect
winhttp.dll.WinHttpOpenRequest
winhttp.dll.WinHttpSetStatusCallback
winhttp.dll.WinHttpGetDefaultProxyConfiguration
winhttp.dll.WinHttpGetIEProxyConfigForCurrentUser
winhttp.dll.WinHttpGetProxyForUrl
winhttp.dll.WinHttpSendRequest
ws2_32.dll.GetAddrInfoW
ws2_32.dll.FreeAddrInfoW
ws2_32.dll.#5
ws2_32.dll.WSARecv
ws2_32.dll.WSASend
winhttp.dll.WinHttpReceiveResponse
winhttp.dll.WinHttpQueryHeaders
winhttp.dll.WinHttpReadData
ws2_32.dll.#22
ws2_32.dll.#3
winhttp.dll.WinHttpCloseHandle
advapi32.dll.IsValidSid
advapi32.dll.CopySid
advapi32.dll.RegisterEventSourceW
advapi32.dll.ReportEventW
advapi32.dll.DeregisterEventSource
werui.dll.WerUITerminate
duser.dll.DUserFlushMessages
duser.dll.DUserFlushDeferredMessages
dui70.dll.UnInitThread
user32.dll.UnregisterMessagePumpHook
dui70.dll.UnInitProcessPriv
dui70.dll.?Release@ClassInfoBase@DirectUI@@UEAAHXZ
dui70.dll.?GetGlobalIndex@ClassInfoBase@DirectUI@@UEBAIXZ
dui70.dll.??1ClassInfoBase@DirectUI@@UEAA@XZ
werui.dll.WerUIDelete
shlwapi.dll.PathIsDirectoryW
wer.dll.WerReportCloseHandle
advapi32.dll.DuplicateToken
wer.dll.WerpFreeString

Execute Commands

C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
C:\Windows\system32\lsass.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\WerFault.exe -u -p 2996 -s 284

Started Services

VaultSvc
WerSvc
SSDPSRV

Created Services

Nothing to display