File: 1e6c3cfac9915c307a471e29895a297d
Metadata
| PhotoShopCS5_81_50184.exe | |
| PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed | 1020504 bytes |
| 2017-04-26 23:35:16 | |
| 1e6c3cfac9915c307a471e29895a297d | |
| 7609db58258f582fcca34910d07bdced9aa0c902 | |
| 865a9264d24ce928c6c0852c5607affbc5bd990b38cc0ff4e6b15f8dfc9a9de2 | |
| d4f4a02d6515abe5fdb346748faa75c8a9aa7a628df5557a21e21f8227d3bf70b03220c0a6c3ae6e3807a449dde7f145040d7b9f892fd6c2b9967f91907fafcd | |
| 24576:vEtS5IiksH/qWDQuzQFgZ1PZpfpu5uSbD1yh/4KdVu:vKuffH/qWDQusFg5pf87RyWKdE | |
| 3b1cfcc83d1fe28ab8c5c8f8e6782670 | |
| N/A | |
APTNotes
Cyber threat intelligence reports associated with 1e6c3cfac9915c307a471e29895a297d.
Cyber threat intelligence reports associated with 1e6c3cfac9915c307a471e29895a297d.
Domains
Domains the malware sample communicates with.
Domains the malware sample communicates with.
Hosts
Hosts the malware sample communicates with.
Hosts the malware sample communicates with.
HTTP Requests
HTTP requests the malware sample makes.
HTTP requests the malware sample makes.
| Host | URL | User-Agent |
|---|---|---|
| dl2.360safe.com | /partner/Inst13__3112087__3f7372633d6c6d266c733d6e31343463316364383939__68616f2e3336302e636e__0c70.exe | Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) |
| cdn.baizhu.cc | /youxi/index_1_1.htm | Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; InfoPath.2; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022) |
| cdn.baizhu.cc | /baizhu.zip | Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) |
| z4.cnzz.com | /stat.htm?id=1257656622&r=&lg=en-us&ntime=none&cnzz_eid=2050948627-1493273869-&showp=800x600&t=&umuuid=15bad8cae39186-03c2756732a8314-561c5d2c-75300-15bad8cae5739a&h=1&rnd=666329192 | Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; InfoPath.2; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022) |
| api.baizhu.cc | /api/getlist | Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 5.1; WOW32; Trident/5.0) |
| cdn.baizhu.cc | /exe/skin-laojiemian.zip | Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) |
| s4.cnzz.com | /z_stat.php?id=1259684196&web_id=1259684196 | Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; InfoPath.2; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022) |
| s95.cnzz.com | /z_stat.php?id=1257656622&web_id=1257656622 | Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; InfoPath.2; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022) |
| c.cnzz.com | /core.php?web_id=1257656622&t=z | Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; InfoPath.2; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022) |
| z11.cnzz.com | /stat.htm?id=1259684196&r=&lg=en-us&ntime=none&cnzz_eid=87556621-1493272845-&showp=800x600&t=&umuuid=15bad8cae39186-03c2756732a8314-561c5d2c-75300-15bad8cae5739a&h=1&rnd=378262934 | Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; InfoPath.2; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022) |
| c.cnzz.com | /core.php?web_id=1259684196&t=z | Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; InfoPath.2; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022) |
| api.baizhu.cc | /api/getinfo | Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 5.1; WOW32; Trident/5.0) |
AV Detections
AV detection names associated with the malware sample.
AV detection names associated with the malware sample.
Mutants
Mutants created by the malware sample.
Mutants created by the malware sample.
Registry keys
Registry keys created by the malware sample.
Registry keys created by the malware sample.
| HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Locale |
| HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Locale\Alternate Sorts |
| HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Language Groups |
| HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\ComputerName |
| ActiveComputerName |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\IMM |
| HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\CTF |
| HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\SystemShared |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\RASAPI32 |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp |
| HKEY_LOCAL_MACHINE\Software\Microsoft\windows\CurrentVersion\Internet Settings\Connections |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp\UnsafeSslApps |
| HKEY_CLASSES_ROOT\Shell.Explorer |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID |
| HKEY_LOCAL_MACHINE\Software\Microsoft\COM3 |
| HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004_Classes |
| HKEY_LOCAL_MACHINE\Software\Classes |
| \REGISTRY\USER |
| HKEY_LOCAL_MACHINE\Software\Classes\CLSID |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2} |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2}\TreatAs |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\ |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2} |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2}\InprocServer32 |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2}\InprocServerX86 |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2}\LocalServer32 |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2}\InprocHandler32 |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2}\InprocHandlerX86 |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2}\LocalServer |
| HKEY_CLASSES_ROOT\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2} |
| HKEY_CLASSES_ROOT\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2}\TreatAs |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Security\P3Global |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Security\P3Sites |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer |
| HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings |
| HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl |
| HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl |
| HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache |
| HKEY_LOCAL_MACHINE\System\Setup |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\Path1 |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\Path2 |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\Path3 |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\Path4 |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Special Paths |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Cookies |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Cookies |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\History |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\History |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012014092220140929 |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012014092920140930 |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_AUTOPROXY_CACHE_ANAME_KB921400 |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_TEMPORARYFILES_FOR_NOCACHE_840387 |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_TEMPORARYFILES_FOR_NOCACHE_840386 |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\RETRY_HEADERONLYPOST_ONCONNECTIONRESET |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_CHUNK_TIMEOUT_KB914453 |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_CERT_TRUST_VERIFIED_KB936882 |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache |
| HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache |
| HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BUFFERBREAKING_818408 |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SKIP_POST_RETRY_ON_INTERNETWRITEFILE_KB895954 |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENSURE_FQDN_FOR_NEGOTIATE_KB899417 |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_DISABLE_NTLM_PREAUTH_IF_ABORTED_KB902409 |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PERMIT_CACHE_FOR_AUTHENTICATED_FTP_KB910274 |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WPAD_STORE_URL_AS_FQDN_KB903926 |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_CNAME_FOR_SPN_KB911149 |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_KEEP_CACHE_INDEX_OPEN_KB899342 |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WAIT_TIME_THREAD_TERMINATE_KB886801 |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FIX_CHUNKED_PROXY_SCRIPT_DOWNLOAD_KB843289 |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\xef\xfe\xba\xef\xfe\xa3\xef\xff\x8c\xef\xff\x941\xef\xfe\xba\xef\xff\x85 |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\xef\xff\x86\xef\xff\xa6\xef\xff\x80\xef\xff\x96\xef\xff\x93\xef\xff\x8e\xef\xff\x8f\xef\xfe\xb7\xef\xfe\xba\xef\xff\x90 |
| HKEY_CURRENT_USER\SOFTWARE\\xef\xfe\xb1\xef\xff\xb9\xef\xfe\xb4\xef\xfe\xa8\xef\xff\x8d\xef\xff\xb8\xef\xff\x82\xef\xff\xa7\\xef\xff\x81\xef\xff\xba\xef\xff\x8e\xef\xff\xa4 |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DF48EBD2-24BD-4f52-9D31-2AEBAC8133B0} |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QQ\xef\xff\x93\xef\xff\x8e\xef\xff\x8f\xef\xfe\xb7 |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\xef\xff\x93\xef\xff\x8e\xef\xff\x97\xef\xff\xa5\xef\xfe\xb5\xef\xff\x81\xef\xff\x84\xef\xfe\xb9\xef\xfe\xb1\xef\xff\x8a\xef\xfe\xbc\xef\xff\x87 |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KuwanBox |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\xef\xff\x8b\xef\xfe\xb3\xef\xff\x8d\xef\xff\xb8\xef\xff\x90\xef\xff\x9e\xef\xff\x8c\xef\xff\xac\xef\xfe\xbe\xef\xff\xb6 |
| HKEY_LOCAL_MACHINE\SOFTWARE\SmartCloudInput |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\xef\xfe\xb3\xef\xfe\xac\xef\xfe\xb0\xef\xff\x94\xef\xfe\xb4\xef\xfe\xab\xef\xff\x86\xef\xff\xa6 install |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MaohaAP |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\51\xef\xff\x88\xef\xff\x8b\xef\xff\x93\xef\xff\xa3\xef\xfe\xb4\xef\xfe\xab\xef\xff\x8b\xef\xfe\xb5 |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ADSafe |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\xef\xff\x90\xef\xfe\xa1\xef\xff\x93\xef\xff\xa6\xef\xfe\xb1\xef\xff\x9a |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\\xef\xfe\xbb\xef\xfe\xa8\xef\xff\x91\xef\xff\xb9\xef\xff\x96\xef\xfe\xb1\xef\xfe\xb2\xef\xfe\xa5 |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\xef\xfe\xbc\xef\xfe\xab\xef\xff\x8b\xef\xff\x99PDF\xef\xff\x94\xef\xff\x84\xef\xfe\xb6\xef\xff\x81\xef\xff\x86\xef\xff\xb7 |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HiZip |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\SogouExplorer |
| HKEY_LOCAL_MACHINE\SOFTWARE\QIYI\QiSu |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\2144\xef\xff\x8d\xef\xff\x80\xef\xff\x81\xef\xff\xba\xef\xff\x95\xef\xfe\xbd\xef\xfe\xbc\xef\xff\x87 |
| HKEY_CURRENT_USER\SOFTWARE\\xef\xfe\xb7\xef\xfe\xb6\xef\xff\x8e\xef\xfe\xb0\xef\xfe\xb4\xef\xff\xb2\xef\xff\x8c\xef\xff\xac\xef\xff\x8f\xef\xff\x82\game2_mir_v351\\xef\xfe\xb8\xef\xff\xa7\xef\xff\x83\xef\xff\x87\xef\xff\x8d\xef\xff\xb8\xef\xfe\xb9\xef\xfe\xa5\xef\xff\x89\xef\xfe\xb3 |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{66CFE21A-636F-441A-BE5D-13A4CE75F729}_is1 |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\xef\xff\x80\xef\xfe\xb6\xef\xff\x94\xef\xff\x82\xef\xfe\xb4\xef\xfe\xab\xef\xff\x86\xef\xff\xa6 |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\tlzjscmdsix |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\2345Pinyin |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\xef\xff\x8d\xef\xff\xa6\xef\xff\x93\xef\xff\x8e\xef\xff\x8f\xef\xfe\xb7\xef\xfe\xba\xef\xff\x90 |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\xef\xfe\xbc\xef\xfe\xab\xef\xff\x8b\xef\xff\x99PDF\xef\xff\x97\xef\xfe\xaaWORD |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\xef\xff\x86\xef\xff\xab\xef\xff\x86\xef\xff\xab\xef\xff\x96\xef\xfe\xb1\xef\xfe\xb2\xef\xfe\xa5 |
| HKEY_CURRENT_USER\SOFTWARE\SogouInput.user |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\2345Pic |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KuaiZip |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\StormPlayer |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\xef\xff\x86\xef\xff\xa6\xef\xfe\xbc\xef\xfe\xa3\xef\xfe\xbc\xef\xff\x8d\xef\xff\x94\xef\xfe\xaa |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\xef\xfe\xb3\xef\xff\xa0\xef\xff\x94\xef\xff\x82\xef\xfe\xb4\xef\xfe\xab\xef\xff\x8b\xef\xfe\xb52\xef\xff\x8e\xef\xfe\xa2\xef\xfe\xb6\xef\xff\x8b |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\xef\xff\x8d\xef\xff\x80\xef\xff\x81\xef\xff\xba\xef\xff\x95\xef\xfe\xbd\xef\xfe\xbc\xef\xff\x87 |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\xef\xff\x93\xef\xfe\xb0\xef\xff\x8e\xef\xff\xa4\xef\xff\x95\xef\xff\x9f |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iDesk |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SSS\xef\xfe\xbc\xef\xfe\xb6\xef\xff\x8d\xef\xff\x80\xef\xff\x81\xef\xff\xba |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\xef\xff\x92\xef\xfe\xbb\xef\xfe\xb5\xef\xfe\xb6999\xef\xfe\xbc\xef\xfe\xb6 |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\luyou |
| HKEY_LOCAL_MACHINE\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{21E5EE35-AAD0-40FF-BC55-6CF604906097} |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\xef\xff\x81\xef\xfe\xba\xef\xff\x89\xef\xfe\xbd\xef\xfe\xb4\xef\xfe\xab\xef\xff\x86\xef\xff\xa627 |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\JXQYBQP |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\MonVideoDestop |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PowerShadow |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PP1Stream |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{20D04FE0-3AEA-1069-A2D8-08002B30309D} |
| HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\InProcServer32 |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{475c7950-e3d2-11e0-8d7a-806d6172696f}\ |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{475c7952-e3d2-11e0-8d7a-806d6172696f}\ |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{475c7952-e3d2-11e0-8d7a-806d6172696f}\ |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{475c7950-e3d2-11e0-8d7a-806d6172696f}\ |
| HKEY_CLASSES_ROOT\Directory |
| HKEY_CLASSES_ROOT\Directory\CurVer |
| HKEY_CLASSES_ROOT\Directory\ |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced |
| HKEY_CLASSES_ROOT\Directory\\ShellEx\IconHandler |
| HKEY_CLASSES_ROOT\Directory\\Clsid |
| HKEY_CLASSES_ROOT\Folder |
| HKEY_CLASSES_ROOT\Folder\Clsid |
| HKEY_LOCAL_MACHINE\SOFTWARE\Tencent\qqlive |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{01EB3F15-6569-4FCD-A1AA-913E906E2194} |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\xef\xff\x91\xef\xfe\xb8\xef\xff\x80\xef\xff\x97\xef\xff\x93\xef\xfe\xb0\xef\xff\x92\xef\xff\xb4 |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YoukuClient |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Funshion |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Kingsoft Office |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KwMusic7 |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\xef\xfe\xbf\xef\xff\xa1\xef\xfe\xb9\xef\xfe\xb7\xef\xff\x92\xef\xff\xb4\xef\xff\x80\xef\xff\x96 |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QQBrowser |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\UCBrowser.exe |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PPStream |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E0A3EEE1-956D-4A12-8DB2-940E4D1F5FEA} |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ludashi_is1 |
| HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004 |
| HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Control Panel\Desktop |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\FontSubstitutes |
| HKEY_CLASSES_ROOT\http |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_CLOSE_EMPTY_BROWSER_KB920982 |
| HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\New Windows |
| HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49} |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Ole |
| HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4F3C-8081-5663EE0C6C49} |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4F3C-8081-5663EE0C6C49} |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4F3C-8081-5663EE0C6C49}\Lang0409 |
| HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\{92780B25-18CC-41C8-B9BE-3C9C571A8263} |
| HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\{92780B25-18CC-41C8-B9BE-3C9C571A8263} |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\{92780B25-18CC-41C8-B9BE-3C9C571A8263}\Lang0409 |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} |
| HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\{E2E2DD38-D088-4134-82B7-F2BA38496583} |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\{E2E2DD38-D088-4134-82B7-F2BA38496583} |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\{E2E2DD38-D088-4134-82B7-F2BA38496583}\Lang0409 |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache\ |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683} |
| HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11D2-BB9E-00C04F795683} |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11D2-BB9E-00C04F795683} |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11D2-BB9E-00C04F795683}\Lang0409 |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\International |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\MediaTypeClass |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Accepted Documents |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Ratings |
| HKEY_CLASSES_ROOT\PROTOCOLS\Name-Space Handler\ |
| HKEY_CLASSES_ROOT\PROTOCOLS\Name-Space Handler\http\ |
| HKEY_CLASSES_ROOT\PROTOCOLS\Name-Space Handler\*\ |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\UA Tokens |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Pre Platform |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Pre Platform |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\UrlMon Settings |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Http Filters\RPA |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Http Filters\RPA |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INCLUDE_PORT_IN_SPN_KB908209 |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING |
| HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ |
| HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\\Ranges\ |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\TravelLog |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\TravelLog |
| HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Microsoft\windows\CurrentVersion\Internet Settings |
| HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList |
| HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Environment |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-1547161642-507921405-839522115-1004 |
| HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Microsoft\Windows NT\CurrentVersion\Winlogon |
| HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Environment |
| HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Volatile Environment |
| HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders |
| HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Microsoft\windows\CurrentVersion\Internet Settings\Connections |
| HKEY_CURRENT_CONFIG\Software\Microsoft\windows\CurrentVersion\Internet Settings |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\\0 |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\\1 |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\\2 |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\\3 |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\\4 |
| HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 |
| HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 |
| HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 |
| HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 |
| HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 |
| HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 |
| HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\ |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\ |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\ |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 |
| HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 |
| HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 |
| HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 |
| HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 |
| HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_URLHOSTNAME |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\\Domains\baizhu.cc |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\baizhu.cc |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\\ProtocolDefaults\ |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESPECT_OBJECTSAFETY_POLICY_KB905547 |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings |
| HKEY_CLASSES_ROOT\MIME\Database\Content Type\text/html |
| HKEY_CURRENT_USER\SOFTWARE\Classes\PROTOCOLS\Filter\text/html |
| HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\text/html |
| HKEY_CLASSES_ROOT\\xed\xfe\x9e\xe7\xdf\x9d |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13} |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\TreatAs |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13} |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InprocServer32 |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InprocServerX86 |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\LocalServer32 |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InprocHandler32 |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InprocHandlerX86 |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\LocalServer |
| HKEY_CLASSES_ROOT\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13} |
| HKEY_CLASSES_ROOT\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\TreatAs |
| HKEY_CURRENT_USER\Control Panel\International |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Security\Floppy Access |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Security\Adv AddrBar Spoof Detection |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Printing |
| HKEY_CLASSES_ROOT\PROTOCOLS\Name-Space Handler\about\ |
| HKEY_CURRENT_USER\SOFTWARE\Classes\PROTOCOLS\Handler\about |
| HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\about |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B} |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B}\TreatAs |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B} |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B}\InprocServer32 |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B}\InprocServerX86 |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B}\LocalServer32 |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B}\InprocHandler32 |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B}\InprocHandlerX86 |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B}\LocalServer |
| HKEY_CLASSES_ROOT\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B} |
| HKEY_CLASSES_ROOT\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B}\TreatAs |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\\Domains\blank |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\blank |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults\ |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\Progid |
| HKEY_CURRENT_USER\Software\Microsoft\windows\CurrentVersion\Internet Settings\Url History |
| HKEY_LOCAL_MACHINE\Software\Microsoft\windows\CurrentVersion\Internet Settings\Url History |
| HKEY_CURRENT_USER\Software\Microsoft\windows\CurrentVersion\Internet Settings |
| HKEY_LOCAL_MACHINE\Software\Microsoft\windows\CurrentVersion\Internet Settings |
| HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer |
| HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main |
| HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts |
| HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings |
| HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Styles |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies |
| HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt |
| HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel |
| HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CodePage |
| HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\3 |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Version Vector |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\CLSID\{7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4} |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\CLSID\{7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4}\TreatAs |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4} |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4}\InprocServer32 |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4}\InprocServerX86 |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4}\LocalServer32 |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4}\InprocHandler32 |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4}\InprocHandlerX86 |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4}\LocalServer |
| HKEY_CLASSES_ROOT\CLSID\{7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4} |
| HKEY_CLASSES_ROOT\CLSID\{7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4}\TreatAs |
| HKEY_CLASSES_ROOT\CLSID\{7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4}\InProcServer32 |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\\Domains\cnzz.com |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\cnzz.com |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions |
| HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Restrictions |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTELLIFORMS_ALTERNATE_RELEASE_KB924301 |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\CLSID\{50D5107A-D278-4871-8989-F4CEAAF59CFC} |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\CLSID\{50D5107A-D278-4871-8989-F4CEAAF59CFC}\TreatAs |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{50D5107A-D278-4871-8989-F4CEAAF59CFC} |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{50D5107A-D278-4871-8989-F4CEAAF59CFC}\InprocServer32 |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{50D5107A-D278-4871-8989-F4CEAAF59CFC}\InprocServerX86 |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{50D5107A-D278-4871-8989-F4CEAAF59CFC}\LocalServer32 |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{50D5107A-D278-4871-8989-F4CEAAF59CFC}\InprocHandler32 |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{50D5107A-D278-4871-8989-F4CEAAF59CFC}\InprocHandlerX86 |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{50D5107A-D278-4871-8989-F4CEAAF59CFC}\LocalServer |
| HKEY_CLASSES_ROOT\CLSID\{50D5107A-D278-4871-8989-F4CEAAF59CFC} |
| HKEY_CLASSES_ROOT\CLSID\{50D5107A-D278-4871-8989-F4CEAAF59CFC}\TreatAs |
| HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP |
| HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{70FAF614-E0B1-11D3-8F5C-00C04F9CF4AC}\LanguageProfile |
| HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{78CB5B0E-26ED-4FCC-854C-77E8F3D1AA80}\LanguageProfile |
| HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{C1EE01F2-B3B6-4A6A-9DDD-E988C088EC82}\LanguageProfile |
| HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{DCBD6FA8-032F-11D3-B5B1-00C04FC324A1}\LanguageProfile |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\CTF\TIP\{DCBD6FA8-032F-11D3-B5B1-00C04FC324A1}\LanguageProfile |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\CTF\TIP\{DCBD6FA8-032F-11D3-B5B1-00C04FC324A1}\LanguageProfile\0x00000409 |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\CTF\TIP\{DCBD6FA8-032F-11D3-B5B1-00C04FC324A1}\LanguageProfile\0x00000409\{09EA4E4B-46CE-4469-B450-0DE76A435BBB} |
| HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{F89E9E58-BD2F-4008-9AC2-0F816C09F4EE}\LanguageProfile |
| HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{FA445657-9379-11D6-B41A-00065B83EE53}\LanguageProfile |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\CTF\TIP\{FA445657-9379-11D6-B41A-00065B83EE53}\LanguageProfile |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{FA445657-9379-11D6-B41A-00065B83EE53}\LanguageProfile |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{FA445657-9379-11D6-B41A-00065B83EE53}\LanguageProfile\0x0000FFFF |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{FA445657-9379-11D6-B41A-00065B83EE53}\LanguageProfile\0x0000FFFF\{38445657-9381-11D6-B41A-00065B83EE53} |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\SystemShared |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\CLSID\{3CE74DE4-53D3-4D74-8B83-431B3828BA53} |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\CLSID\{3CE74DE4-53D3-4D74-8B83-431B3828BA53}\TreatAs |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{3CE74DE4-53D3-4D74-8B83-431B3828BA53} |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{3CE74DE4-53D3-4D74-8B83-431B3828BA53}\InprocServer32 |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{3CE74DE4-53D3-4D74-8B83-431B3828BA53}\InprocServerX86 |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{3CE74DE4-53D3-4D74-8B83-431B3828BA53}\LocalServer32 |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{3CE74DE4-53D3-4D74-8B83-431B3828BA53}\InprocHandler32 |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{3CE74DE4-53D3-4D74-8B83-431B3828BA53}\InprocHandlerX86 |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{3CE74DE4-53D3-4D74-8B83-431B3828BA53}\LocalServer |
| HKEY_CLASSES_ROOT\CLSID\{3CE74DE4-53D3-4D74-8B83-431B3828BA53} |
| HKEY_CLASSES_ROOT\CLSID\{3CE74DE4-53D3-4D74-8B83-431B3828BA53}\TreatAs |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\CLSID\{A4B544A1-438D-4B41-9325-869523E2D6C7} |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\CLSID\{A4B544A1-438D-4B41-9325-869523E2D6C7}\TreatAs |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{A4B544A1-438D-4B41-9325-869523E2D6C7} |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{A4B544A1-438D-4B41-9325-869523E2D6C7}\InprocServer32 |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{A4B544A1-438D-4B41-9325-869523E2D6C7}\InprocServerX86 |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{A4B544A1-438D-4B41-9325-869523E2D6C7}\LocalServer32 |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{A4B544A1-438D-4B41-9325-869523E2D6C7}\InprocHandler32 |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{A4B544A1-438D-4B41-9325-869523E2D6C7}\InprocHandlerX86 |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{A4B544A1-438D-4B41-9325-869523E2D6C7}\LocalServer |
| HKEY_CLASSES_ROOT\CLSID\{A4B544A1-438D-4B41-9325-869523E2D6C7} |
| HKEY_CLASSES_ROOT\CLSID\{A4B544A1-438D-4B41-9325-869523E2D6C7}\TreatAs |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\ |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\\{70FAF614-E0B1-11D3-8F5C-00C04F9CF4AC}\Category\Category\{B95F181B-EA4C-4AF1-8056-7C321ABBB091} |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\\{78CB5B0E-26ED-4FCC-854C-77E8F3D1AA80}\Category\Category\{B95F181B-EA4C-4AF1-8056-7C321ABBB091} |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\\{C1EE01F2-B3B6-4A6A-9DDD-E988C088EC82}\Category\Category\{B95F181B-EA4C-4AF1-8056-7C321ABBB091} |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\\{DCBD6FA8-032F-11D3-B5B1-00C04FC324A1}\Category\Category\{B95F181B-EA4C-4AF1-8056-7C321ABBB091} |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\\{F89E9E58-BD2F-4008-9AC2-0F816C09F4EE}\Category\Category\{B95F181B-EA4C-4AF1-8056-7C321ABBB091} |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\\{FA445657-9379-11D6-B41A-00065B83EE53}\Category\Category\{B95F181B-EA4C-4AF1-8056-7C321ABBB091} |
| HKEY_CURRENT_USER\Keyboard Layout\Toggle |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\CTF\LangBarAddIn\ |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\LangBarAddIn\ |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\\{70FAF614-E0B1-11D3-8F5C-00C04F9CF4AC}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90} |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\\{78CB5B0E-26ED-4FCC-854C-77E8F3D1AA80}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90} |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\\{C1EE01F2-B3B6-4A6A-9DDD-E988C088EC82}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90} |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\\{DCBD6FA8-032F-11D3-B5B1-00C04FC324A1}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90} |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\\{F89E9E58-BD2F-4008-9AC2-0F816C09F4EE}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90} |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\\{FA445657-9379-11D6-B41A-00065B83EE53}\Category\Category\{534C48C1-0607-4098-A521-4FC899C73E90} |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\\{70FAF614-E0B1-11D3-8F5C-00C04F9CF4AC}\Category\Item\{5130A009-5540-4FCF-97EB-AAD33FC0EE09} |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\\{78CB5B0E-26ED-4FCC-854C-77E8F3D1AA80}\Category\Item\{5130A009-5540-4FCF-97EB-AAD33FC0EE09} |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\\{70FAF614-E0B1-11D3-8F5C-00C04F9CF4AC}\Category\Item\{7AE86BB7-262C-431E-9111-C974B6B7CAC3} |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\\{78CB5B0E-26ED-4FCC-854C-77E8F3D1AA80}\Category\Item\{7AE86BB7-262C-431E-9111-C974B6B7CAC3} |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\\{70FAF614-E0B1-11D3-8F5C-00C04F9CF4AC}\Category\Item\{C6DEBC0A-F2B2-4F17-930E-CA9FAFF4CD04} |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\\{78CB5B0E-26ED-4FCC-854C-77E8F3D1AA80}\Category\Item\{C6DEBC0A-F2B2-4F17-930E-CA9FAFF4CD04} |
| HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_AnchorsMarkedVisited_KB918965 |
| HKEY_CLASSES_ROOT\MIME\Database\Content Type\application/javascript |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\CLSID\{F414C260-6AC0-11CF-B6D1-00AA00BBBB58} |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\CLSID\{F414C260-6AC0-11CF-B6D1-00AA00BBBB58}\TreatAs |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{F414C260-6AC0-11CF-B6D1-00AA00BBBB58} |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{F414C260-6AC0-11CF-B6D1-00AA00BBBB58}\InprocServer32 |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{F414C260-6AC0-11CF-B6D1-00AA00BBBB58}\InprocServerX86 |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{F414C260-6AC0-11CF-B6D1-00AA00BBBB58}\LocalServer32 |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{F414C260-6AC0-11CF-B6D1-00AA00BBBB58}\InprocHandler32 |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{F414C260-6AC0-11CF-B6D1-00AA00BBBB58}\InprocHandlerX86 |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{F414C260-6AC0-11CF-B6D1-00AA00BBBB58}\LocalServer |
| HKEY_CLASSES_ROOT\CLSID\{F414C260-6AC0-11CF-B6D1-00AA00BBBB58} |
| HKEY_CLASSES_ROOT\CLSID\{F414C260-6AC0-11CF-B6D1-00AA00BBBB58}\TreatAs |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility\{F414C260-6AC0-11CF-B6D1-00AA00BBBB58} |
| HKEY_CLASSES_ROOT\AppID\PhotoShopCS5_81_50184.exe |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLE |
| HKEY_CLASSES_ROOT\xml |
| HKEY_CLASSES_ROOT\xml\CLSID |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\CLSID\{989D1DC0-B162-11D1-B6EC-D27DDCF9A923} |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\CLSID\{989D1DC0-B162-11D1-B6EC-D27DDCF9A923}\TreatAs |
| HKEY_CLASSES_ROOT\CLSID\{989D1DC0-B162-11D1-B6EC-D27DDCF9A923}\Implemented Categories\{F0B7A1A2-9847-11CF-8F20-00805F2CD064} |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\P3P\History |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0 |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\P3P\History\baizhu.cc |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_INACTIVATE_MODE_REMOVAL_REVERT |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_COMPLETE_PROGRESSBAR_ONFLASH_925973 |
| HKEY_CLASSES_ROOT\Drive\shellex\FolderExtensions |
| HKEY_CLASSES_ROOT\Drive\shellex\FolderExtensions\{fbeb8a05-beee-4442-804e-409d6c4515e9} |
| HKEY_CLASSES_ROOT\CLSID\{FF393560-C2A7-11CF-BFF4-444553540000} |
| HKEY_CLASSES_ROOT\CLSID\{FF393560-C2A7-11CF-BFF4-444553540000}\shell |
| HKEY_CLASSES_ROOT\CLSID\{FF393560-C2A7-11CF-BFF4-444553540000}\ShellEx\IconHandler |
| HKEY_CLASSES_ROOT\CLSID\{FF393560-C2A7-11CF-BFF4-444553540000}\Clsid |
| HKEY_CLASSES_ROOT\CLSID\{FF393560-C2A7-11CF-BFF4-444553540000}\InProcServer32 |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached |
| HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\AppCompatibility |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\CLSID\{FF393560-C2A7-11CF-BFF4-444553540000} |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\CLSID\{FF393560-C2A7-11CF-BFF4-444553540000}\TreatAs |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{FF393560-C2A7-11CF-BFF4-444553540000} |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{FF393560-C2A7-11CF-BFF4-444553540000}\InprocServer32 |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{FF393560-C2A7-11CF-BFF4-444553540000}\InprocServerX86 |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{FF393560-C2A7-11CF-BFF4-444553540000}\LocalServer32 |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{FF393560-C2A7-11CF-BFF4-444553540000}\InprocHandler32 |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{FF393560-C2A7-11CF-BFF4-444553540000}\InprocHandlerX86 |
| HKEY_CLASSES_ROOT\Shell.Explorer\CLSID\\CLSID\{FF393560-C2A7-11CF-BFF4-444553540000}\LocalServer |
| HKEY_CLASSES_ROOT\CLSID\{FF393560-C2A7-11CF-BFF4-444553540000}\TreatAs |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{FF393560-C2A7-11CF-BFF4-444553540000} |
| HKEY_CLASSES_ROOT\MIME\Database\Content Type\image/gif |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012017042720170428 |
| HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D} |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\NonEnum |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\NonEnum |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder |
| HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D} |
| HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ |
| HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\PhotoSupport |
Comments
User comments about 1e6c3cfac9915c307a471e29895a297d.
User comments about 1e6c3cfac9915c307a471e29895a297d.
