HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer |
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer |
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Applications\oft.gfd |
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{20D04FE0-3AEA-1069-A2D8-08002B30309D} |
HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\InProcServer32 |
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume |
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{475c7950-e3d2-11e0-8d7a-806d6172696f}\ |
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{475c7952-e3d2-11e0-8d7a-806d6172696f}\ |
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{475c7952-e3d2-11e0-8d7a-806d6172696f}\ |
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{475c7950-e3d2-11e0-8d7a-806d6172696f}\ |
HKEY_CLASSES_ROOT\Drive\shellex\FolderExtensions |
HKEY_CLASSES_ROOT\Drive\shellex\FolderExtensions\{fbeb8a05-beee-4442-804e-409d6c4515e9} |
HKEY_CLASSES_ROOT\Directory |
HKEY_CLASSES_ROOT\Directory\CurVer |
HKEY_CLASSES_ROOT\Directory\ |
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer |
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ |
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System |
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced |
HKEY_CLASSES_ROOT\Directory\\ShellEx\IconHandler |
HKEY_CLASSES_ROOT\Directory\\Clsid |
HKEY_CLASSES_ROOT\Folder |
HKEY_CLASSES_ROOT\Folder\Clsid |
HKEY_CURRENT_USER\SOFTWARE\$(^Name) |
HKEY_CURRENT_USER\SOFTWARE\heterophylly\Components |
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders |
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders |
HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004 |
HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\SOFTWARE\Microsoft\Cryptography\Providers\Type 024 |
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Defaults\Provider\Microsoft Enhanced RSA and AES Cryptographic Provider (Prototype) |
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager |
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography |
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Offload |
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\DESHashSessionKeyBackward |
HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\SOFTWARE\Microsoft\Cryptography\Providers\Type 001 |
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Defaults\Provider\Microsoft Strong Cryptographic Provider |
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\ComputerName |
ActiveComputerName |
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion |
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography |
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList |
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\IMM |
HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers |
HKEY_CURRENT_USER\SOFTWARE\Microsoft\CTF |
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\SystemShared |
HKEY_LOCAL_MACHINE\SOFTWARE\Doctor Web |
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AAzfMZ.dll |