Analysis Report · CAPE Sandbox

Analysis Details

Category	Package	Started	Completed	Duration	Options	Logs
URL	edge	2026-05-28 18:01:45	2026-05-28 18:03:34	109s
Reports	JSON

Options

interactive=1
nohuman=yes
vnc_port=5910

Analysis Log

2026-05-28 17:52:18,890 [root] INFO: Date set to: 20260528T18:01:50, timeout set to: 200
2026-05-28 18:01:50,012 [root] DEBUG: Starting analyzer from: C:\_a4sjgfa
2026-05-28 18:01:50,013 [root] DEBUG: Storing results at: C:\nKjZGmJV
2026-05-28 18:01:50,013 [root] DEBUG: Pipe server name: \\.\PIPE\vgJhjNQ
2026-05-28 18:01:50,013 [root] DEBUG: Python path: C:\Users\admin\AppData\Local\Python\pythoncore-3.14-64
2026-05-28 18:01:50,014 [root] INFO: analysis running as an admin
2026-05-28 18:01:50,014 [root] INFO: analysis package specified: "edge"
2026-05-28 18:01:50,014 [root] DEBUG: importing analysis package module: "modules.packages.edge"...
2026-05-28 18:01:50,015 [root] DEBUG: imported analysis package "edge"
2026-05-28 18:01:50,015 [root] DEBUG: initializing analysis package "edge"...
2026-05-28 18:01:50,015 [root] DEBUG: New location of moved file: https://sugarcraft.net/
2026-05-28 18:01:50,015 [root] INFO: Analyzer: Package modules.packages.edge does not specify a dll option
2026-05-28 18:01:50,015 [root] INFO: Analyzer: Package modules.packages.edge does not specify a dll_64 option
2026-05-28 18:01:50,015 [root] INFO: Analyzer: Package modules.packages.edge does not specify a loader option
2026-05-28 18:01:50,016 [root] INFO: Analyzer: Package modules.packages.edge does not specify a loader_64 option
2026-05-28 18:01:50,030 [root] DEBUG: Imported auxiliary module "modules.auxiliary.browser"
2026-05-28 18:01:50,042 [root] DEBUG: Imported auxiliary module "modules.auxiliary.digisig"
2026-05-28 18:01:50,048 [root] DEBUG: Imported auxiliary module "modules.auxiliary.disguise"
2026-05-28 18:01:50,057 [root] DEBUG: Imported auxiliary module "modules.auxiliary.human"
2026-05-28 18:01:50,060 [lib.api.screenshot] DEBUG: Importing 'PIL.ImageChops'
2026-05-28 18:01:50,060 [lib.api.screenshot] ERROR: No module named 'PIL'
2026-05-28 18:01:50,061 [root] DEBUG: Imported auxiliary module "modules.auxiliary.screenshots"
2026-05-28 18:01:50,062 [root] DEBUG: Imported auxiliary module "modules.auxiliary.tlsdump"
2026-05-28 18:01:50,062 [root] DEBUG: Initialized auxiliary module "Browser"
2026-05-28 18:01:50,062 [root] DEBUG: attempting to configure 'Browser' from data
2026-05-28 18:01:50,062 [root] DEBUG: module Browser does not support data configuration, ignoring
2026-05-28 18:01:50,063 [root] DEBUG: Trying to start auxiliary module "modules.auxiliary.browser"...
2026-05-28 18:01:50,063 [root] DEBUG: Started auxiliary module modules.auxiliary.browser
2026-05-28 18:01:50,063 [root] DEBUG: Initialized auxiliary module "DigiSig"
2026-05-28 18:01:50,063 [root] DEBUG: attempting to configure 'DigiSig' from data
2026-05-28 18:01:50,064 [root] DEBUG: module DigiSig does not support data configuration, ignoring
2026-05-28 18:01:50,064 [root] DEBUG: Trying to start auxiliary module "modules.auxiliary.digisig"...
2026-05-28 18:01:50,064 [modules.auxiliary.digisig] DEBUG: Skipping authenticode validation, analysis is not a file
2026-05-28 18:01:50,064 [root] DEBUG: Started auxiliary module modules.auxiliary.digisig
2026-05-28 18:01:50,064 [root] DEBUG: Initialized auxiliary module "Disguise"
2026-05-28 18:01:50,065 [root] DEBUG: attempting to configure 'Disguise' from data
2026-05-28 18:01:50,065 [root] DEBUG: module Disguise does not support data configuration, ignoring
2026-05-28 18:01:50,065 [root] DEBUG: Trying to start auxiliary module "modules.auxiliary.disguise"...
2026-05-28 18:01:50,067 [modules.auxiliary.disguise] INFO: Launched background process notepad.exe hidden (PID: 7940)
2026-05-28 18:01:50,068 [modules.auxiliary.disguise] INFO: Disguising GUID to f236088c-d77a-4da3-9aa2-7c7045457595
2026-05-28 18:01:50,068 [root] DEBUG: Started auxiliary module modules.auxiliary.disguise
2026-05-28 18:01:50,073 [root] DEBUG: Initialized auxiliary module "Human"
2026-05-28 18:01:50,073 [root] DEBUG: attempting to configure 'Human' from data
2026-05-28 18:01:50,073 [root] DEBUG: module Human does not support data configuration, ignoring
2026-05-28 18:01:50,074 [root] DEBUG: Trying to start auxiliary module "modules.auxiliary.human"...
2026-05-28 18:01:50,074 [root] DEBUG: Started auxiliary module modules.auxiliary.human
2026-05-28 18:01:50,075 [root] DEBUG: Initialized auxiliary module "Screenshots"
2026-05-28 18:01:50,075 [root] DEBUG: attempting to configure 'Screenshots' from data
2026-05-28 18:01:50,075 [root] DEBUG: module Screenshots does not support data configuration, ignoring
2026-05-28 18:01:50,076 [root] DEBUG: Trying to start auxiliary module "modules.auxiliary.screenshots"...
2026-05-28 18:01:50,077 [modules.auxiliary.screenshots] WARNING: Python Image Library is not installed, screenshots are disabled
2026-05-28 18:01:50,077 [root] DEBUG: Started auxiliary module modules.auxiliary.screenshots
2026-05-28 18:01:50,078 [root] DEBUG: Initialized auxiliary module "TLSDumpMasterSecrets"
2026-05-28 18:01:50,078 [root] DEBUG: attempting to configure 'TLSDumpMasterSecrets' from data
2026-05-28 18:01:50,078 [root] DEBUG: module TLSDumpMasterSecrets does not support data configuration, ignoring
2026-05-28 18:01:50,079 [root] DEBUG: Trying to start auxiliary module "modules.auxiliary.tlsdump"...
2026-05-28 18:01:50,081 [modules.auxiliary.tlsdump] WARNING: Unable to find lsass.exe process
2026-05-28 18:01:50,081 [root] DEBUG: Started auxiliary module modules.auxiliary.tlsdump
2026-05-28 18:01:50,081 [root] INFO: Interactive mode enabled - injecting into explorer shell
2026-05-28 18:01:50,115 [lib.api.process] INFO: Monitor config for process 4584: C:\_a4sjgfa\dll\4584.ini
2026-05-28 18:01:50,119 [lib.api.process] INFO: Option 'interactive' with value '1' sent to monitor
2026-05-28 18:01:50,121 [lib.api.process] INFO: 64-bit DLL to inject is C:\_a4sjgfa\dll\tHnPbxs.dll, loader C:\_a4sjgfa\bin\GGsGuLID.exe
2026-05-28 18:01:50,164 [root] DEBUG: Loader: Injecting process 4584 with C:\_a4sjgfa\dll\tHnPbxs.dll.
2026-05-28 18:01:50,340 [root] DEBUG: 4584: Python path set to 'C:\Users\admin\AppData\Local\Python\pythoncore-3.14-64'.
2026-05-28 18:01:50,341 [root] DEBUG: 4584: Disabling sleep skipping.
2026-05-28 18:01:50,341 [root] DEBUG: 4584: Interactive desktop enabled.
2026-05-28 18:01:50,342 [root] DEBUG: 4584: Dropped file limit defaulting to 100.
2026-05-28 18:01:50,343 [root] DEBUG: 4584: Interactive desktop - injecting Explorer Shell
2026-05-28 18:01:50,348 [root] DEBUG: 4584: YaraInit: Compiled 44 rule files
2026-05-28 18:01:50,354 [root] DEBUG: 4584: YaraInit: Compiled rules saved to file C:\_a4sjgfa\data\yara\capemon.yac
2026-05-28 18:01:50,374 [root] DEBUG: 4584: RtlInsertInvertedFunctionTable 0x00007FFC77FE090E, LdrpInvertedFunctionTableSRWLock 0x00007FFC7813D4F0
2026-05-28 18:01:50,375 [root] DEBUG: 4584: YaraScan: Scanning 0x00007FF65E010000, size 0x545316
2026-05-28 18:01:50,463 [root] DEBUG: 4584: Monitor initialised: 64-bit capemon loaded in process 4584 at 0x00007FFC33AB0000, thread 5268, image base 0x00007FF65E010000, stack from 0x000000000F0F1000-0x000000000F100000
2026-05-28 18:01:50,464 [root] DEBUG: 4584: Commandline: C:\Windows\Explorer.EXE
2026-05-28 18:01:50,477 [root] DEBUG: 4584: Hooked 69 out of 69 functions
2026-05-28 18:01:50,509 [root] DEBUG: 4584: Syscall hook installed, syscall logging level 1
2026-05-28 18:01:50,515 [root] DEBUG: InjectDllViaThread: Successfully injected Dll into process via RtlCreateUserThread.
2026-05-28 18:01:50,516 [root] DEBUG: Successfully injected DLL C:\_a4sjgfa\dll\tHnPbxs.dll.
2026-05-28 18:01:50,517 [lib.api.process] INFO: Injected into 64-bit <Process 4584 explorer.exe>
2026-05-28 18:01:52,673 [root] DEBUG: 4584: AllocationHandler: Adding allocation to tracked region list: 0x00007DF47AC61000, size: 0x1000.
2026-05-28 18:01:52,703 [root] DEBUG: 4584: AllocationHandler: Adding allocation to tracked region list: 0x00007DF47AC51000, size: 0x1000.
2026-05-28 18:01:52,703 [root] DEBUG: 4584: AllocationHandler: Adding allocation to tracked region list: 0x00007DF47AC41000, size: 0x1000.
2026-05-28 18:01:52,705 [root] DEBUG: 4584: AllocationHandler: Adding allocation to tracked region list: 0x00007DF47AC31000, size: 0x1000.
2026-05-28 18:01:53,918 [root] DEBUG: 4584: caller_dispatch: Added region at 0x00007FF65E010000 to tracked regions list (combase::CoCreateInstance returns to 0x00007FF65E0B8FBA, thread 4636).
2026-05-28 18:01:53,921 [root] DEBUG: 4584: YaraScan: Scanning 0x00007FF65E010000, size 0x545316
2026-05-28 18:01:53,923 [root] DEBUG: 4584: YaraScan: Scanning 0x00007FF65E010000, size 0x545316
2026-05-28 18:01:53,960 [root] DEBUG: 4584: ProcessImageBase: Main module image at 0x00007FF65E010000 unmodified (entropy change 5.180712e-07)
2026-05-28 18:01:53,962 [root] DEBUG: 4584: ProcessImageBase: Main module image at 0x00007FF65E010000 unmodified (entropy change 5.180712e-07)
2026-05-28 18:01:54,650 [lib.api.process] INFO: Monitor config for process 740: C:\_a4sjgfa\dll\740.ini
2026-05-28 18:01:54,652 [lib.api.process] INFO: Option 'interactive' with value '1' sent to monitor
2026-05-28 18:01:54,653 [lib.api.process] INFO: 64-bit DLL to inject is C:\_a4sjgfa\dll\tHnPbxs.dll, loader C:\_a4sjgfa\bin\GGsGuLID.exe
2026-05-28 18:01:54,658 [root] DEBUG: Loader: Injecting process 740 with C:\_a4sjgfa\dll\tHnPbxs.dll.
2026-05-28 18:01:54,659 [root] DEBUG: 740: Python path set to 'C:\Users\admin\AppData\Local\Python\pythoncore-3.14-64'.
2026-05-28 18:01:54,660 [root] DEBUG: 740: Disabling sleep skipping.
2026-05-28 18:01:54,660 [root] DEBUG: 740: Interactive desktop enabled.
2026-05-28 18:01:54,660 [root] DEBUG: 740: Dropped file limit defaulting to 100.
2026-05-28 18:01:54,663 [root] DEBUG: 740: Services hook set enabled
2026-05-28 18:01:54,665 [root] DEBUG: 740: YaraInit: Compiled rules loaded from existing file C:\_a4sjgfa\data\yara\capemon.yac
2026-05-28 18:01:54,677 [root] DEBUG: 740: RtlInsertInvertedFunctionTable 0x00007FFC77FE090E, LdrpInvertedFunctionTableSRWLock 0x00007FFC7813D4F0
2026-05-28 18:01:54,677 [root] DEBUG: 740: Monitor initialised: 64-bit capemon loaded in process 740 at 0x00007FFC33AB0000, thread 4964, image base 0x00007FF780360000, stack from 0x000000754D074000-0x000000754D080000
2026-05-28 18:01:54,678 [root] DEBUG: 740: Commandline: C:\Windows\system32\svchost.exe -k DcomLaunch -p
2026-05-28 18:01:54,688 [root] DEBUG: 740: Hooked 69 out of 69 functions
2026-05-28 18:01:54,689 [root] INFO: Loaded monitor into process with pid 740
2026-05-28 18:01:54,690 [root] DEBUG: InjectDllViaThread: Successfully injected Dll into process via RtlCreateUserThread.
2026-05-28 18:01:54,690 [root] DEBUG: Successfully injected DLL C:\_a4sjgfa\dll\tHnPbxs.dll.
2026-05-28 18:01:54,691 [lib.api.process] INFO: Injected into 64-bit <Process 740 svchost.exe>
2026-05-28 18:01:56,732 [root] DEBUG: 4584: CreateProcessHandler: Injection info set for new process 7912: C:\Windows\system32\taskmgr.exe, ImageBase: 0x00007FF6C28B0000
2026-05-28 18:01:56,733 [root] INFO: Announced 64-bit process name: Taskmgr.exe pid: 7912
2026-05-28 18:01:56,733 [lib.api.process] INFO: Monitor config for process 7912: C:\_a4sjgfa\dll\7912.ini
2026-05-28 18:01:56,734 [lib.api.process] INFO: Option 'interactive' with value '1' sent to monitor
2026-05-28 18:01:56,735 [lib.api.process] INFO: 64-bit DLL to inject is C:\_a4sjgfa\dll\tHnPbxs.dll, loader C:\_a4sjgfa\bin\GGsGuLID.exe
2026-05-28 18:01:56,740 [root] DEBUG: Loader: Injecting process 7912 (thread 1496) with C:\_a4sjgfa\dll\tHnPbxs.dll.
2026-05-28 18:01:56,741 [root] DEBUG: InjectDllViaIAT: Successfully patched IAT.
2026-05-28 18:01:56,741 [root] DEBUG: Successfully injected DLL C:\_a4sjgfa\dll\tHnPbxs.dll.
2026-05-28 18:01:56,742 [lib.api.process] INFO: Injected into 64-bit <Process 7912 Taskmgr.exe>
2026-05-28 18:01:56,744 [root] INFO: Announced 64-bit process name: Taskmgr.exe pid: 7912
2026-05-28 18:01:56,744 [lib.api.process] INFO: Monitor config for process 7912: C:\_a4sjgfa\dll\7912.ini
2026-05-28 18:01:56,745 [lib.api.process] INFO: Option 'interactive' with value '1' sent to monitor
2026-05-28 18:01:56,745 [lib.api.process] INFO: 64-bit DLL to inject is C:\_a4sjgfa\dll\tHnPbxs.dll, loader C:\_a4sjgfa\bin\GGsGuLID.exe
2026-05-28 18:01:56,749 [root] DEBUG: Loader: Injecting process 7912 (thread 1496) with C:\_a4sjgfa\dll\tHnPbxs.dll.
2026-05-28 18:01:56,750 [root] DEBUG: InjectDllViaIAT: This image has already been patched.
2026-05-28 18:01:56,750 [root] DEBUG: Successfully injected DLL C:\_a4sjgfa\dll\tHnPbxs.dll.
2026-05-28 18:01:56,751 [lib.api.process] INFO: Injected into 64-bit <Process 7912 Taskmgr.exe>
2026-05-28 18:01:56,753 [root] DEBUG: 4584: DLL loaded at 0x00007FFC64EC0000: C:\Windows\SYSTEM32\MPR (0x1d000 bytes).
2026-05-28 18:01:56,753 [root] DEBUG: 4584: DLL loaded at 0x00007FFC66D50000: C:\Windows\SYSTEM32\pcacli (0x16000 bytes).
2026-05-28 18:01:56,754 [root] DEBUG: 4584: DLL loaded at 0x00007FFC630F0000: C:\Windows\System32\sfc_os (0x12000 bytes).
2026-05-28 18:01:56,760 [root] INFO: Announced 64-bit process name: Taskmgr.exe pid: 7912
2026-05-28 18:01:56,760 [lib.api.process] INFO: Monitor config for process 7912: C:\_a4sjgfa\dll\7912.ini
2026-05-28 18:01:56,761 [lib.api.process] INFO: Option 'interactive' with value '1' sent to monitor
2026-05-28 18:01:56,761 [lib.api.process] INFO: 64-bit DLL to inject is C:\_a4sjgfa\dll\tHnPbxs.dll, loader C:\_a4sjgfa\bin\GGsGuLID.exe
2026-05-28 18:01:56,765 [root] DEBUG: Loader: Injecting process 7912 with C:\_a4sjgfa\dll\tHnPbxs.dll.
2026-05-28 18:01:56,766 [root] DEBUG: InjectDll: No thread ID supplied, initial thread ID 1496, handle 0x124
2026-05-28 18:01:56,766 [root] DEBUG: InjectDllViaIAT: This image has already been patched.
2026-05-28 18:01:56,767 [root] DEBUG: Successfully injected DLL C:\_a4sjgfa\dll\tHnPbxs.dll.
2026-05-28 18:01:56,768 [lib.api.process] INFO: Injected into 64-bit <Process 7912 Taskmgr.exe>
2026-05-28 18:01:56,866 [root] DEBUG: 7912: Python path set to 'C:\Users\admin\AppData\Local\Python\pythoncore-3.14-64'.
2026-05-28 18:01:56,867 [root] DEBUG: 7912: Interactive desktop enabled.
2026-05-28 18:01:56,867 [root] DEBUG: 7912: Dropped file limit defaulting to 100.
2026-05-28 18:01:56,951 [root] DEBUG: 7912: Disabling sleep skipping.
2026-05-28 18:01:56,955 [root] DEBUG: 7912: YaraInit: Compiled rules loaded from existing file C:\_a4sjgfa\data\yara\capemon.yac
2026-05-28 18:01:56,970 [root] DEBUG: 7912: RtlInsertInvertedFunctionTable 0x00007FFC77FE090E, LdrpInvertedFunctionTableSRWLock 0x00007FFC7813D4F0
2026-05-28 18:01:56,971 [root] DEBUG: 7912: YaraScan: Scanning 0x00007FF6C28B0000, size 0x12fcfe
2026-05-28 18:01:56,978 [root] DEBUG: 7912: Monitor initialised: 64-bit capemon loaded in process 7912 at 0x00007FFC33AB0000, thread 1496, image base 0x00007FF6C28B0000, stack from 0x000000F09D764000-0x000000F09D770000
2026-05-28 18:01:56,979 [root] DEBUG: 7912: Commandline: "C:\Windows\system32\taskmgr.exe" /4
2026-05-28 18:01:56,988 [root] DEBUG: 7912: hook_api: LdrpCallInitRoutine export address 0x00007FFC77FE99BC obtained via GetFunctionAddress
2026-05-28 18:01:57,027 [root] WARNING: b'Unable to create trampoline for LockResource, hook type 2'
2026-05-28 18:01:57,028 [root] DEBUG: 7912: set_hooks: Unable to hook LockResource
2026-05-28 18:01:57,044 [root] DEBUG: 7912: Hooked 627 out of 628 functions
2026-05-28 18:01:57,052 [root] DEBUG: 7912: Syscall hook installed, syscall logging level 1
2026-05-28 18:01:57,057 [root] DEBUG: 7912: RestoreHeaders: Restored original import table.
2026-05-28 18:01:57,057 [root] INFO: Loaded monitor into process with pid 7912
2026-05-28 18:01:57,068 [root] DEBUG: 7912: DLL loaded at 0x00007FFC75440000: C:\Windows\system32\UMPDC (0x12000 bytes).
2026-05-28 18:01:57,156 [root] DEBUG: 7912: caller_dispatch: Added region at 0x00007FF6C28B0000 to tracked regions list (ntdll::NtAllocateVirtualMemory returns to 0x00007FF6C28DFF02, thread 1496).
2026-05-28 18:01:57,157 [root] DEBUG: 7912: YaraScan: Scanning 0x00007FF6C28B0000, size 0x12fcfe
2026-05-28 18:01:57,165 [root] DEBUG: 7912: ProcessImageBase: Main module image at 0x00007FF6C28B0000 unmodified (entropy change 0.000000e+00)
2026-05-28 18:01:57,196 [root] DEBUG: 7912: DLL loaded at 0x00007FFC75FA0000: C:\Windows\System32\bcryptPrimitives (0x82000 bytes).
2026-05-28 18:01:57,202 [root] DEBUG: 7912: DLL loaded at 0x00007FFC765F0000: C:\Windows\System32\clbcatq (0xa9000 bytes).
2026-05-28 18:01:57,212 [root] DEBUG: 7912: DLL loaded at 0x00007FFC77400000: C:\Windows\System32\MSCTF (0x114000 bytes).
2026-05-28 18:01:57,254 [root] DEBUG: 7912: DLL loaded at 0x00007FFC66930000: C:\Windows\system32\TextShaping (0xac000 bytes).
2026-05-28 18:01:57,281 [root] DEBUG: 7912: DLL loaded at 0x00007FFC747F0000: C:\Windows\SYSTEM32\ntmarta (0x33000 bytes).
2026-05-28 18:01:57,282 [root] DEBUG: 7912: DLL loaded at 0x00007FFC729F0000: C:\Windows\System32\CoreMessaging (0xf2000 bytes).
2026-05-28 18:01:57,283 [root] DEBUG: 7912: DLL loaded at 0x00007FFC71EC0000: C:\Windows\SYSTEM32\wintypes (0x155000 bytes).
2026-05-28 18:01:57,283 [root] DEBUG: 7912: DLL loaded at 0x00007FFC72590000: C:\Windows\System32\CoreUIComponents (0x35b000 bytes).
2026-05-28 18:01:57,284 [root] DEBUG: 7912: DLL loaded at 0x00007FFC69D70000: C:\Windows\SYSTEM32\textinputframework (0xf9000 bytes).
2026-05-28 18:01:57,305 [root] DEBUG: 7912: DLL loaded at 0x00007FFC74740000: C:\Windows\system32\msvcp110_win (0x8a000 bytes).
2026-05-28 18:01:57,306 [root] DEBUG: 7912: DLL loaded at 0x00007FFC6FCE0000: C:\Windows\SYSTEM32\policymanager (0xa1000 bytes).
2026-05-28 18:01:57,415 [root] DEBUG: 7912: DLL loaded at 0x00007FFC68F00000: C:\Windows\System32\NetworkUXBroker (0x6d000 bytes).
2026-05-28 18:01:57,436 [root] DEBUG: 7912: DLL loaded at 0x00007FFC65120000: C:\Windows\system32\srumapi (0x14000 bytes).
2026-05-28 18:01:57,438 [root] DEBUG: 7912: DLL loaded at 0x00007FFC65620000: C:\Windows\SYSTEM32\atlthunk (0xd000 bytes).
2026-05-28 18:01:57,442 [root] DEBUG: 7912: DLL loaded at 0x00007FFC72B20000: C:\Windows\system32\WTSAPI32 (0x14000 bytes).
2026-05-28 18:01:57,446 [root] DEBUG: 7912: DLL loaded at 0x00007FFC75020000: C:\Windows\system32\Wldp (0x2d000 bytes).
2026-05-28 18:01:57,447 [root] DEBUG: 7912: DLL loaded at 0x00007FFC73790000: C:\Windows\SYSTEM32\windows.storage (0x79b000 bytes).
2026-05-28 18:01:57,473 [root] DEBUG: 7912: DLL loaded at 0x00007FFC75370000: C:\Windows\system32\WINSTA (0x5b000 bytes).
2026-05-28 18:01:57,492 [root] DEBUG: 7912: DLL loaded at 0x00007FFC711F0000: C:\Windows\system32\XmlLite (0x36000 bytes).
2026-05-28 18:01:57,496 [root] DEBUG: 7912: DLL loaded at 0x00007FFC701E0000: C:\Windows\system32\WindowsCodecs (0x1b4000 bytes).
2026-05-28 18:01:57,575 [root] DEBUG: 7912: DLL loaded at 0x00007FFC755E0000: C:\Windows\System32\profapi (0x25000 bytes).
2026-05-28 18:01:57,577 [root] DEBUG: 7912: DLL loaded at 0x00007FFC69BE0000: C:\Windows\System32\Windows.UI.Immersive (0x139000 bytes).
2026-05-28 18:01:57,580 [root] DEBUG: 7912: DLL loaded at 0x00007FFC5F9A0000: C:\Windows\system32\OLEACC (0x66000 bytes).
2026-05-28 18:01:57,614 [root] DEBUG: 7912: DLL loaded at 0x00007FFC6EDF0000: C:\Windows\System32\ActXPrxy (0xa2000 bytes).
2026-05-28 18:01:57,626 [root] DEBUG: 7912: api-rate-cap: NtWaitForSingleObject hook disabled due to rate
2026-05-28 18:01:57,628 [root] DEBUG: 7912: DLL loaded at 0x00007FFC6BB00000: C:\Windows\system32\samcli (0x19000 bytes).
2026-05-28 18:01:57,642 [root] DEBUG: 7912: DLL loaded at 0x00007FFC72AF0000: C:\Windows\system32\SAMLIB (0x28000 bytes).
2026-05-28 18:01:57,643 [root] DEBUG: 7912: api-rate-cap: NtReleaseMutant hook disabled due to rate
2026-05-28 18:01:57,656 [root] DEBUG: 7912: DLL loaded at 0x00007FFC74B80000: C:\Windows\system32\netutils (0xc000 bytes).
2026-05-28 18:01:57,659 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 92, handle 0x5e4:
2026-05-28 18:01:57,661 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 428, handle 0x5b0: C:\Windows\System32\csrss.exe
2026-05-28 18:01:57,663 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 512, handle 0x5a8: C:\Windows\System32\csrss.exe
2026-05-28 18:01:57,664 [root] DEBUG: 7912: DLL loaded at 0x00007FFC5F2A0000: C:\Windows\System32\thumbcache (0x66000 bytes).
2026-05-28 18:01:57,666 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 600, handle 0x5a8: C:\Windows\System32\winlogon.exe
2026-05-28 18:01:57,669 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 600 (handle 0x610): 0x00007FF767B80000.
2026-05-28 18:01:57,670 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 740, handle 0x610: C:\Windows\System32\svchost.exe
2026-05-28 18:01:57,672 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 740 (handle 0x634): 0x00007FF780360000.
2026-05-28 18:01:57,673 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 756, handle 0x634: C:\Windows\System32\fontdrvhost.exe
2026-05-28 18:01:57,675 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 756 (handle 0x634): 0x00007FF7EE860000.
2026-05-28 18:01:57,676 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 900, handle 0x634: C:\Windows\System32\svchost.exe
2026-05-28 18:01:57,691 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 900 (handle 0x634): 0x00007FF780360000.
2026-05-28 18:01:57,693 [root] DEBUG: 7912: DLL loaded at 0x00007FFC728F0000: C:\Windows\system32\propsys (0xf6000 bytes).
2026-05-28 18:01:57,698 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 420, handle 0x634: C:\Windows\System32\svchost.exe
2026-05-28 18:01:57,701 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 420 (handle 0x654): 0x00007FF780360000.
2026-05-28 18:01:57,702 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 712, handle 0x654: C:\Windows\System32\svchost.exe
2026-05-28 18:01:57,705 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 1064, handle 0x654: C:\Windows\System32\svchost.exe
2026-05-28 18:01:57,713 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 1064 (handle 0x644): 0x00007FF780360000.
2026-05-28 18:01:57,714 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 1144, handle 0x644: C:\Windows\System32\svchost.exe
2026-05-28 18:01:57,721 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 1144 (handle 0x644): 0x00007FF780360000.
2026-05-28 18:01:57,722 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 1208, handle 0x644: C:\Windows\System32\svchost.exe
2026-05-28 18:01:57,733 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 1208 (handle 0x644): 0x00007FF780360000.
2026-05-28 18:01:57,734 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 1260, handle 0x644: C:\Windows\System32\svchost.exe
2026-05-28 18:01:57,737 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 1260 (handle 0x644): 0x00007FF780360000.
2026-05-28 18:01:57,738 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 1432, handle 0x644: C:\Windows\System32\svchost.exe
2026-05-28 18:01:57,746 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 1432 (handle 0x6a0): 0x00007FF780360000.
2026-05-28 18:01:57,750 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 1520, handle 0x6a0: C:\Windows\System32\svchost.exe
2026-05-28 18:01:57,757 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 1520 (handle 0x6a0): 0x00007FF780360000.
2026-05-28 18:01:57,764 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 1620, handle 0x6a0: C:\Windows\System32\svchost.exe
2026-05-28 18:01:57,766 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 1620 (handle 0x6a0): 0x00007FF780360000.
2026-05-28 18:01:57,767 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 1720, handle 0x6a0: C:\Windows\System32\svchost.exe
2026-05-28 18:01:57,769 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 1720 (handle 0x6a0): 0x00007FF780360000.
2026-05-28 18:01:57,776 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 1748, handle 0x6a0: C:\Windows\System32\svchost.exe
2026-05-28 18:01:57,778 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 1748 (handle 0x6a0): 0x00007FF780360000.
2026-05-28 18:01:57,782 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 1844, handle 0x6a0: C:\Windows\System32\svchost.exe
2026-05-28 18:01:57,785 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 1844 (handle 0x6a0): 0x00007FF780360000.
2026-05-28 18:01:57,789 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 1892, handle 0x6a0: C:\Windows\System32\svchost.exe
2026-05-28 18:01:57,792 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 1892 (handle 0x6a0): 0x00007FF780360000.
2026-05-28 18:01:57,793 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 1976, handle 0x6a0: C:\Windows\System32\svchost.exe
2026-05-28 18:01:57,796 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 1976 (handle 0x6a0): 0x00007FF780360000.
2026-05-28 18:01:57,796 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 348, handle 0x6a0: C:\Windows\System32\svchost.exe
2026-05-28 18:01:57,799 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 348 (handle 0x6a8): 0x00007FF780360000.
2026-05-28 18:01:57,800 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 2100, handle 0x6a8: C:\Windows\System32\svchost.exe
2026-05-28 18:01:57,805 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 2100 (handle 0x6ac): 0x00007FF780360000.
2026-05-28 18:01:57,807 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 2276, handle 0x6ac: C:\Windows\System32\spoolsv.exe
2026-05-28 18:01:57,810 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 2348, handle 0x6ac: C:\Windows\System32\svchost.exe
2026-05-28 18:01:57,816 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 2348 (handle 0x6ac): 0x00007FF780360000.
2026-05-28 18:01:57,824 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 2512, handle 0x6ac: C:\Windows\System32\svchost.exe
2026-05-28 18:01:57,827 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 2512 (handle 0x6ac): 0x00007FF780360000.
2026-05-28 18:01:57,828 [root] INFO: Restarting WMI Service
2026-05-28 18:01:57,830 [root] DEBUG: 7912: DLL loaded at 0x00007FFC6FF20000: C:\Windows\System32\twinapi.appcore (0x203000 bytes).
2026-05-28 18:01:57,831 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 2636, handle 0x6ac: C:\Windows\System32\svchost.exe
2026-05-28 18:01:57,835 [root] DEBUG: 7912: DLL loaded at 0x00007FFC63700000: C:\Windows\System32\Windows.ApplicationModel (0xe9000 bytes).
2026-05-28 18:01:57,836 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 2636 (handle 0x6ac): 0x00007FF780360000.
2026-05-28 18:01:57,845 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 2792, handle 0x6ac: C:\Windows\System32\svchost.exe
2026-05-28 18:01:57,846 [root] DEBUG: 7912: DLL loaded at 0x00007FFC665A0000: C:\Windows\System32\Windows.StateRepositoryPS (0x146000 bytes).
2026-05-28 18:01:57,851 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 2792 (handle 0x6ac): 0x00007FF780360000.
2026-05-28 18:01:57,852 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 2808, handle 0x6ac: C:\Windows\System32\svchost.exe
2026-05-28 18:01:57,854 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 2808 (handle 0x6ac): 0x00007FF780360000.
2026-05-28 18:01:57,855 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 2996, handle 0x6ac: C:\Windows\System32\svchost.exe
2026-05-28 18:01:57,857 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 2996 (handle 0x6ac): 0x00007FF780360000.
2026-05-28 18:01:57,858 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 3824, handle 0x6ac: C:\Windows\System32\SearchIndexer.exe
2026-05-28 18:01:57,860 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 3824 (handle 0x6ac): 0x00007FF781A20000.
2026-05-28 18:01:57,861 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 2344, handle 0x6ac: C:\Windows\System32\sihost.exe
2026-05-28 18:01:57,862 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 2344 (handle 0x6ac): 0x00007FF6BC710000.
2026-05-28 18:01:57,862 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 2464, handle 0x6ac: C:\Windows\System32\svchost.exe
2026-05-28 18:01:57,865 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 2464 (handle 0x6ac): 0x00007FF780360000.
2026-05-28 18:01:57,865 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 3752, handle 0x6ac: C:\Windows\System32\taskhostw.exe
2026-05-28 18:01:57,867 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 3752 (handle 0x6ac): 0x00007FF77B4D0000.
2026-05-28 18:01:57,868 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 392, handle 0x6ac: C:\Windows\System32\svchost.exe
2026-05-28 18:01:57,870 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 392 (handle 0x6ac): 0x00007FF780360000.
2026-05-28 18:01:57,871 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 4276, handle 0x6ac: C:\Windows\System32\svchost.exe
2026-05-28 18:01:57,873 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 4484, handle 0x6ac: C:\Windows\System32\svchost.exe
2026-05-28 18:01:57,875 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 4484 (handle 0x6ac): 0x00007FF780360000.
2026-05-28 18:01:57,876 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 4728, handle 0x6ac: C:\Windows\System32\svchost.exe
2026-05-28 18:01:57,878 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 4728 (handle 0x6ac): 0x00007FF780360000.
2026-05-28 18:01:57,879 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 3060, handle 0x6ac: C:\Windows\System32\SearchProtocolHost.exe
2026-05-28 18:01:57,934 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 3060 (handle 0x6ac): 0x00007FF716940000.
2026-05-28 18:01:57,938 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 5152, handle 0x6ac: C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
2026-05-28 18:01:57,941 [root] DEBUG: 7912: DLL loaded at 0x00007FFC6A640000: C:\Windows\System32\Bcp47Langs (0x5b000 bytes).
2026-05-28 18:01:57,969 [root] DEBUG: 7912: DLL loaded at 0x00007FFC741C0000: C:\Windows\System32\sppc (0x25000 bytes).
2026-05-28 18:01:57,970 [root] DEBUG: 7912: DLL loaded at 0x00007FFC741F0000: C:\Windows\System32\SLC (0x29000 bytes).
2026-05-28 18:01:57,970 [root] DEBUG: 7912: DLL loaded at 0x00007FFC75560000: C:\Windows\System32\USERENV (0x2e000 bytes).
2026-05-28 18:01:57,970 [root] DEBUG: 7912: DLL loaded at 0x00007FFC610F0000: C:\Windows\System32\appresolver (0x90000 bytes).
2026-05-28 18:01:57,991 [root] DEBUG: 7912: DLL loaded at 0x00007FFC72EF0000: C:\Windows\SYSTEM32\apphelp (0x90000 bytes).
2026-05-28 18:01:57,997 [root] DEBUG: 7912: DLL loaded at 0x00007FFC6AB30000: C:\Windows\System32\StateRepository.Core (0xb1000 bytes).
2026-05-28 18:01:57,998 [root] DEBUG: 7912: DLL loaded at 0x00007FFC6AC50000: C:\Windows\System32\Windows.StateRepository (0x58e000 bytes).
2026-05-28 18:01:57,998 [root] DEBUG: 7912: DLL loaded at 0x00007FFC61260000: C:\Windows\System32\TileDataRepository (0x99000 bytes).
2026-05-28 18:01:58,017 [root] DEBUG: 7912: DLL loaded at 0x00007FFC6A6A0000: C:\Windows\SYSTEM32\windows.staterepositorycore (0x11000 bytes).
2026-05-28 18:01:58,022 [root] DEBUG: 7912: DLL loaded at 0x00007FFC6A120000: C:\Windows\System32\MrmCoreR (0xf4000 bytes).
2026-05-28 18:01:58,030 [root] DEBUG: 7912: DLL loaded at 0x00007FFC70130000: C:\Windows\System32\WindowManagementAPI (0xa1000 bytes).
2026-05-28 18:01:58,031 [root] DEBUG: 7912: DLL loaded at 0x00007FFC69E70000: C:\Windows\System32\InputHost (0x152000 bytes).
2026-05-28 18:01:58,031 [root] DEBUG: 7912: DLL loaded at 0x00007FFC69FD0000: C:\Windows\System32\Windows.UI (0x141000 bytes).
2026-05-28 18:01:58,034 [root] DEBUG: 7912: DLL loaded at 0x00007FFC69D20000: C:\Windows\SYSTEM32\languageoverlayutil (0x41000 bytes).
2026-05-28 18:01:58,040 [root] DEBUG: 7912: DLL loaded at 0x00007FFC6A6C0000: C:\Windows\System32\bcp47mrm (0x2d000 bytes).
2026-05-28 18:01:58,042 [root] DEBUG: 7912: DLL loaded at 0x00007FFC6B370000: C:\Windows\System32\iertutil (0x2bc000 bytes).
2026-05-28 18:01:58,055 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 5152 (handle 0x740): 0x00007FF70F680000.
2026-05-28 18:01:58,062 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 5216, handle 0x798: C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3745_none_7ded3f327ca60a41\TiWorker.exe
2026-05-28 18:01:58,065 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 5216 (handle 0x798): 0x00007FF6B6CB0000.
2026-05-28 18:01:58,066 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 5328, handle 0x798: C:\Windows\System32\svchost.exe
2026-05-28 18:01:58,069 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 5328 (handle 0x798): 0x00007FF780360000.
2026-05-28 18:01:58,070 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 5536, handle 0x798: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
2026-05-28 18:01:58,088 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 5536 (handle 0x7a8): 0x00007FF6EB870000.
2026-05-28 18:01:58,090 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 5796, handle 0x7a8: C:\Windows\System32\RuntimeBroker.exe
2026-05-28 18:01:58,094 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 5796 (handle 0x7a8): 0x00007FF77B710000.
2026-05-28 18:01:58,095 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 5956, handle 0x7a8: C:\Windows\System32\RuntimeBroker.exe
2026-05-28 18:01:58,096 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 5956 (handle 0x7a8): 0x00007FF77B710000.
2026-05-28 18:01:58,097 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 3680, handle 0x7a8: C:\Windows\System32\SecurityHealthSystray.exe
2026-05-28 18:01:58,100 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 3680 (handle 0x7a8): 0x00007FF661AB0000.
2026-05-28 18:01:58,101 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 6084, handle 0x7a8: C:\Windows\System32\svchost.exe
2026-05-28 18:01:58,102 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 6084 (handle 0x7a8): 0x00007FF780360000.
2026-05-28 18:01:58,103 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 4944, handle 0x7a8: C:\Users\admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe
2026-05-28 18:01:58,104 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 4944 (handle 0x7a8): 0x0000000000320000.
2026-05-28 18:01:58,105 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 5876, handle 0x7a8: C:\Windows\System32\svchost.exe
2026-05-28 18:01:58,106 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 5876 (handle 0x7a8): 0x00007FF780360000.
2026-05-28 18:01:58,107 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 3552, handle 0x7a8: C:\Program Files (x86)\Steam\steam.exe
2026-05-28 18:01:58,108 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 3552 (handle 0x7a8): 0x00007FF7CB360000.
2026-05-28 18:01:58,109 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 6200, handle 0x7a8: C:\Users\admin\AppData\Local\Discord\app-1.0.9238\Discord.exe
2026-05-28 18:01:58,110 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 6200 (handle 0x7a8): 0x00007FF6B1860000.
2026-05-28 18:01:58,110 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 6600, handle 0x7a8: C:\Users\admin\AppData\Local\Discord\app-1.0.9238\Discord.exe
2026-05-28 18:01:58,111 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 6600 (handle 0x7a8): 0x00007FF6B1860000.
2026-05-28 18:01:58,112 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 3392, handle 0x7a8: C:\Program Files (x86)\Steam\bin\cef\cef.win64\steamwebhelper.exe
2026-05-28 18:01:58,114 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 3392 (handle 0x7a8): 0x00007FF7D0050000.
2026-05-28 18:01:58,117 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 6908, handle 0x7a8: C:\Program Files (x86)\Common Files\Steam\steamservice.exe
2026-05-28 18:01:58,118 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 6908 (handle 0x7a8): 0x0000000000390000.
2026-05-28 18:01:58,119 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 6448, handle 0x7a8: C:\Program Files (x86)\Steam\bin\cef\cef.win64\steamwebhelper.exe
2026-05-28 18:01:58,120 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 6448 (handle 0x7a8): 0x00007FF7D0050000.
2026-05-28 18:01:58,120 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 7632, handle 0x7a8: C:\Program Files (x86)\Steam\bin\cef\cef.win64\steamwebhelper.exe
2026-05-28 18:01:58,121 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 7632 (handle 0x7a8): 0x00007FF7D0050000.
2026-05-28 18:01:58,122 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 7988, handle 0x7a8: C:\Windows\System32\svchost.exe
2026-05-28 18:01:58,124 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 7988 (handle 0x7a8): 0x00007FF780360000.
2026-05-28 18:01:58,124 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 796, handle 0x7a8: C:\Windows\System32\ApplicationFrameHost.exe
2026-05-28 18:01:58,126 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 796 (handle 0x7a8): 0x00007FF7EECE0000.
2026-05-28 18:01:58,126 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 7940, handle 0x7a8: C:\Windows\System32\notepad.exe
2026-05-28 18:01:58,128 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 7940 (handle 0x7a8): 0x00007FF7241A0000.
2026-05-28 18:01:58,129 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 4452, handle 0x7a8: C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
2026-05-28 18:01:58,141 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 4452 (handle 0x7a4): 0x00007FF78C870000.
2026-05-28 18:01:58,203 [root] INFO: Added new file to list with pid 7912 and path C:\Users\admin\AppData\Local\Microsoft\Windows\Explorer\iconcache_idx.db
2026-05-28 18:01:58,223 [root] INFO: Added new file to list with pid 7912 and path C:\Users\admin\AppData\Local\Microsoft\Windows\Explorer\iconcache_16.db
2026-05-28 18:01:58,350 [root] DEBUG: 7912: DLL loaded at 0x00007FFC74A70000: C:\Windows\system32\IPHLPAPI (0x3b000 bytes).
2026-05-28 18:01:58,353 [root] DEBUG: 7912: DLL loaded at 0x00007FFC6E0E0000: C:\Windows\SYSTEM32\WINNSI (0xb000 bytes).
2026-05-28 18:01:58,374 [root] DEBUG: 7912: api-rate-cap: NtQueryValueKey hook disabled due to rate
2026-05-28 18:01:58,572 [root] DEBUG: 7912: DLL loaded at 0x00007FFC73480000: C:\Windows\system32\dwmapi (0x2f000 bytes).
2026-05-28 18:01:58,573 [root] DEBUG: 7912: DLL loaded at 0x0000029255550000: C:\Windows\system32\d3d9 (0x1cd000 bytes).
2026-05-28 18:01:58,600 [root] DEBUG: 7912: DLL loaded at 0x00007FFC731A0000: C:\Windows\SYSTEM32\resourcepolicyclient (0x14000 bytes).
2026-05-28 18:01:58,606 [root] DEBUG: 7912: DLL loaded at 0x00007FFC5EEF0000: C:\Windows\system32\D3D12Core (0x1cd000 bytes).
2026-05-28 18:01:58,609 [root] DEBUG: 7912: DLL loaded at 0x00007FFC6E3B0000: C:\Windows\system32\d3d10warp (0x6f6000 bytes).
2026-05-28 18:01:58,614 [root] DEBUG: 7912: DLL loaded at 0x00007FFC5F430000: C:\Windows\system32\dxilconv (0x139000 bytes).
2026-05-28 18:01:58,616 [root] DEBUG: 7912: DLL loaded at 0x00007FFC6A9E0000: C:\Windows\system32\D3DSCache (0x2a000 bytes).
2026-05-28 18:01:58,639 [root] DEBUG: 7912: DLL loaded at 0x00007FFC6E3B0000: C:\Windows\system32\d3d10warp (0x6f6000 bytes).
2026-05-28 18:01:58,642 [root] DEBUG: 7912: DLL loaded at 0x00007FFC753D0000: C:\Windows\system32\DEVOBJ (0x33000 bytes).
2026-05-28 18:01:58,644 [root] DEBUG: 7912: DLL loaded at 0x00007FFC6E0C0000: C:\Windows\SYSTEM32\dhcpcsvc6 (0x17000 bytes).
2026-05-28 18:01:58,648 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 336, handle 0x808: C:\Windows\System32\smss.exe
2026-05-28 18:01:58,649 [root] DEBUG: 7912: DLL loaded at 0x00007FFC6E0A0000: C:\Windows\SYSTEM32\dhcpcsvc (0x1d000 bytes).
2026-05-28 18:01:58,651 [root] DEBUG: 7912: DLL loaded at 0x00007FFC74AB0000: C:\Windows\SYSTEM32\DNSAPI (0xca000 bytes).
2026-05-28 18:01:58,656 [root] DEBUG: 7912: DLL loaded at 0x00007FFC747D0000: C:\Windows\system32\wkscli (0x19000 bytes).
2026-05-28 18:01:58,668 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 500, handle 0xa44: C:\Windows\System32\wininit.exe
2026-05-28 18:01:58,673 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 592, handle 0xa30: C:\Windows\System32\services.exe
2026-05-28 18:01:58,678 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 640, handle 0x7d4: C:\Windows\System32\lsass.exe
2026-05-28 18:01:58,681 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 640 (handle 0xa3c): 0x00007FF657A90000.
2026-05-28 18:01:58,682 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 748, handle 0xa3c: C:\Windows\System32\fontdrvhost.exe
2026-05-28 18:01:58,682 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 860, handle 0xa3c: C:\Windows\System32\svchost.exe
2026-05-28 18:01:58,684 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 860 (handle 0xa3c): 0x00007FF780360000.
2026-05-28 18:01:58,684 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 984, handle 0xa3c: C:\Windows\System32\dwm.exe
2026-05-28 18:01:58,689 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 984 (handle 0xa30): 0x00007FF6D4CD0000.
2026-05-28 18:01:58,689 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 492, handle 0xa30: C:\Windows\System32\svchost.exe
2026-05-28 18:01:58,691 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 492 (handle 0xa30): 0x00007FF780360000.
2026-05-28 18:01:58,694 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 560, handle 0xa30: C:\Windows\System32\svchost.exe
2026-05-28 18:01:58,696 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 560 (handle 0xa30): 0x00007FF780360000.
2026-05-28 18:01:58,696 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 1072, handle 0xa30: C:\Windows\System32\svchost.exe
2026-05-28 18:01:58,698 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 1072 (handle 0xa30): 0x00007FF780360000.
2026-05-28 18:01:58,699 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 1172, handle 0xa30: C:\Windows\System32\svchost.exe
2026-05-28 18:01:58,700 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 1172 (handle 0xa30): 0x00007FF780360000.
2026-05-28 18:01:58,701 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 1224, handle 0xa30: C:\Windows\System32\svchost.exe
2026-05-28 18:01:58,703 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 1224 (handle 0xa30): 0x00007FF780360000.
2026-05-28 18:01:58,704 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 1316, handle 0xa30: C:\Windows\System32\svchost.exe
2026-05-28 18:01:58,706 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 1316 (handle 0xa30): 0x00007FF780360000.
2026-05-28 18:01:58,706 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 1468, handle 0xa30: C:\Windows\System32\svchost.exe
2026-05-28 18:01:58,709 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 1468 (handle 0xa30): 0x00007FF780360000.
2026-05-28 18:01:58,709 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 1604, handle 0xa30: C:\Windows\System32\svchost.exe
2026-05-28 18:01:58,711 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 1604 (handle 0xa30): 0x00007FF780360000.
2026-05-28 18:01:58,712 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 1688, handle 0xa30: C:\Windows\System32\svchost.exe
2026-05-28 18:01:58,713 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 1688 (handle 0xa30): 0x00007FF780360000.
2026-05-28 18:01:58,714 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 1732, handle 0xa30: C:\Windows\System32\svchost.exe
2026-05-28 18:01:58,716 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 1732 (handle 0xa30): 0x00007FF780360000.
2026-05-28 18:01:58,716 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 1852, handle 0xa30: C:\Windows\System32\svchost.exe
2026-05-28 18:01:58,718 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 1852 (handle 0xa30): 0x00007FF780360000.
2026-05-28 18:01:58,719 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 1900, handle 0xa30: C:\Windows\System32\svchost.exe
2026-05-28 18:01:58,720 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 1900 (handle 0xa30): 0x00007FF780360000.
2026-05-28 18:01:58,721 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 1396, handle 0xa30: C:\Windows\System32\svchost.exe
2026-05-28 18:01:58,724 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 1396 (handle 0xa30): 0x00007FF780360000.
2026-05-28 18:01:58,725 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 1644, handle 0xa30: C:\Windows\System32\svchost.exe
2026-05-28 18:01:58,726 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 1644 (handle 0xa30): 0x00007FF780360000.
2026-05-28 18:01:58,727 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 2184, handle 0xa30: C:\Windows\System32\svchost.exe
2026-05-28 18:01:58,729 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 2184 (handle 0xa30): 0x00007FF780360000.
2026-05-28 18:01:58,729 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 2308, handle 0xa30: C:\Windows\System32\svchost.exe
2026-05-28 18:01:58,731 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 2308 (handle 0xa30): 0x00007FF780360000.
2026-05-28 18:01:58,732 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 2504, handle 0xa30: C:\Windows\System32\svchost.exe
2026-05-28 18:01:58,733 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 2504 (handle 0xa30): 0x00007FF780360000.
2026-05-28 18:01:58,734 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 2628, handle 0xa30: C:\Windows\System32\svchost.exe
2026-05-28 18:01:58,736 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 2628 (handle 0xa30): 0x00007FF780360000.
2026-05-28 18:01:58,737 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 2644, handle 0xa30: C:\Windows\System32\svchost.exe
2026-05-28 18:01:58,741 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 2644 (handle 0xa30): 0x00007FF780360000.
2026-05-28 18:01:58,742 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 2800, handle 0xa30: C:\Windows\System32\svchost.exe
2026-05-28 18:01:58,743 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 2800 (handle 0xa30): 0x00007FF780360000.
2026-05-28 18:01:58,744 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 2932, handle 0xa30: C:\Windows\System32\svchost.exe
2026-05-28 18:01:58,746 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 2932 (handle 0xa30): 0x00007FF780360000.
2026-05-28 18:01:58,746 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 3672, handle 0xa30: C:\Windows\System32\svchost.exe
2026-05-28 18:01:58,748 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 3672 (handle 0xa30): 0x00007FF780360000.
2026-05-28 18:01:58,749 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 736, handle 0xa30: C:\Windows\System32\svchost.exe
2026-05-28 18:01:58,750 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 736 (handle 0xa30): 0x00007FF780360000.
2026-05-28 18:01:58,751 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 3068, handle 0xa30: C:\Windows\System32\svchost.exe
2026-05-28 18:01:58,753 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 3068 (handle 0xa30): 0x00007FF780360000.
2026-05-28 18:01:58,755 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 2672, handle 0xa30: C:\Windows\System32\taskhostw.exe
2026-05-28 18:01:58,757 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 2672 (handle 0xa30): 0x00007FF77B4D0000.
2026-05-28 18:01:58,758 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 3456, handle 0xa30: C:\Windows\System32\svchost.exe
2026-05-28 18:01:58,760 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 3456 (handle 0xa30): 0x00007FF780360000.
2026-05-28 18:01:58,760 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 4148, handle 0xa30: C:\Windows\System32\svchost.exe
2026-05-28 18:01:58,762 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 4148 (handle 0xa30): 0x00007FF780360000.
2026-05-28 18:01:58,763 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 4344, handle 0xa30: C:\Windows\System32\ctfmon.exe
2026-05-28 18:01:58,766 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 4344 (handle 0xa3c): 0x00007FF7DC490000.
2026-05-28 18:01:58,766 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 4584, handle 0xa3c: C:\Windows\explorer.exe
2026-05-28 18:01:58,769 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 4584 (handle 0xa30): 0x00007FF65E010000.
2026-05-28 18:01:58,772 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 4836, handle 0xa30: C:\Windows\System32\svchost.exe
2026-05-28 18:01:58,774 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 4836 (handle 0x7d4): 0x00007FF780360000.
2026-05-28 18:01:58,775 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 4128, handle 0x7d4: C:\Windows\System32\dllhost.exe
2026-05-28 18:01:58,779 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 4128 (handle 0xa30): 0x00007FF699DF0000.
2026-05-28 18:01:58,780 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 5176, handle 0xa30: C:\Windows\servicing\TrustedInstaller.exe
2026-05-28 18:01:58,784 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 5176 (handle 0xa50): 0x00007FF662190000.
2026-05-28 18:01:58,785 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 5320, handle 0xa50: C:\Windows\System32\RuntimeBroker.exe
2026-05-28 18:01:58,792 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 5320 (handle 0xa50): 0x00007FF77B710000.
2026-05-28 18:01:58,793 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 5416, handle 0xa50: C:\Windows\System32\MoUsoCoreWorker.exe
2026-05-28 18:01:58,798 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 5416 (handle 0xa38): 0x00007FF68F1D0000.
2026-05-28 18:01:58,799 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 5684, handle 0xa38: C:\Windows\System32\SearchFilterHost.exe
2026-05-28 18:01:58,802 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 5684 (handle 0xa30): 0x00007FF6EC310000.
2026-05-28 18:01:58,802 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 3120, handle 0xa30: C:\Windows\System32\svchost.exe
2026-05-28 18:01:58,804 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 3280, handle 0xa30: C:\Windows\System32\smartscreen.exe
2026-05-28 18:01:58,808 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 3280 (handle 0x7d4): 0x00007FF7AC790000.
2026-05-28 18:01:58,809 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 3692, handle 0x7d4: C:\Windows\System32\SecurityHealthService.exe
2026-05-28 18:01:58,813 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 6040, handle 0xa50: C:\Windows\System32\conhost.exe
2026-05-28 18:01:58,816 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 6040 (handle 0xa90): 0x00007FF799880000.
2026-05-28 18:01:58,816 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 5920, handle 0xa90: C:\Windows\System32\svchost.exe
2026-05-28 18:01:58,819 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 5920 (handle 0xa90): 0x00007FF780360000.
2026-05-28 18:01:58,820 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 3484, handle 0xa90: C:\Users\admin\AppData\Local\Discord\app-1.0.9238\Discord.exe
2026-05-28 18:01:58,821 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 3484 (handle 0xa90): 0x00007FF6B1860000.
2026-05-28 18:01:58,822 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 3344, handle 0xa90: C:\Users\admin\AppData\Local\Discord\app-1.0.9238\Discord.exe
2026-05-28 18:01:58,823 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 3344 (handle 0xa90): 0x00007FF6B1860000.
2026-05-28 18:01:58,823 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 6236, handle 0xa90: C:\Users\admin\AppData\Local\Discord\app-1.0.9238\Discord.exe
2026-05-28 18:01:58,825 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 6236 (handle 0xa90): 0x00007FF6B1860000.
2026-05-28 18:01:58,826 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 6772, handle 0xa90: C:\Users\admin\AppData\Local\Discord\app-1.0.9238\Discord.exe
2026-05-28 18:01:58,827 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 6772 (handle 0xa90): 0x00007FF6B1860000.
2026-05-28 18:01:58,828 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 6580, handle 0xa90: C:\Program Files (x86)\Steam\bin\cef\cef.win64\steamwebhelper.exe
2026-05-28 18:01:58,829 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 6580 (handle 0xa90): 0x00007FF7D0050000.
2026-05-28 18:01:58,829 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 7052, handle 0xa90: C:\Program Files (x86)\Steam\bin\cef\cef.win64\steamwebhelper.exe
2026-05-28 18:01:58,830 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 7052 (handle 0xa90): 0x00007FF7D0050000.
2026-05-28 18:01:58,831 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 6320, handle 0xa90: C:\Program Files (x86)\Steam\bin\cef\cef.win64\steamwebhelper.exe
2026-05-28 18:01:58,832 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 6320 (handle 0xa90): 0x00007FF7D0050000.
2026-05-28 18:01:58,833 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 7956, handle 0xa90: C:\Windows\System32\svchost.exe
2026-05-28 18:01:58,835 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 7956 (handle 0xa90): 0x00007FF780360000.
2026-05-28 18:01:58,836 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 4576, handle 0xa90: C:\Program Files (x86)\Steam\bin\cef\cef.win64\steamwebhelper.exe
2026-05-28 18:01:58,837 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 4576 (handle 0xa90): 0x00007FF7D0050000.
2026-05-28 18:01:58,838 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 1084, handle 0xa90: C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1002.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe
2026-05-28 18:01:58,847 [root] DEBUG: 7912: DLL loaded at 0x00007FFC6E250000: C:\Windows\SYSTEM32\AppxDeploymentClient (0x102000 bytes).
2026-05-28 18:01:58,860 [root] DEBUG: 7912: DLL loaded at 0x00007FFC6E250000: C:\Windows\SYSTEM32\AppxDeploymentClient (0x102000 bytes).
2026-05-28 18:01:58,871 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 1084 (handle 0x7d4): 0x00007FF69C720000.
2026-05-28 18:01:58,872 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 7444, handle 0x7d4: C:\Windows\System32\RuntimeBroker.exe
2026-05-28 18:01:58,877 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 7444 (handle 0x7d4): 0x00007FF77B710000.
2026-05-28 18:01:58,881 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 2904, handle 0xa98: C:\Windows\System32\net.exe
2026-05-28 18:01:58,884 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 2904 (handle 0xa94): 0x00007FF7EC240000.
2026-05-28 18:01:58,884 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 1016, handle 0xa94: C:\Windows\System32\net1.exe
2026-05-28 18:01:58,888 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 1016 (handle 0xa94): 0x00007FF6BAB80000.
2026-05-28 18:01:58,889 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 8196, handle 0xa94: C:\Windows\System32\svchost.exe
2026-05-28 18:01:58,891 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 8196 (handle 0xa94): 0x00007FF780360000.
2026-05-28 18:01:59,860 [root] DEBUG: 7912: DLL loaded at 0x00007FFC50D30000: C:\Windows\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.19041.3636_none_91a19322cc8a92a3\gdiplus (0x1a5000 bytes).
2026-05-28 18:01:59,861 [root] DEBUG: 7912: DLL loaded at 0x00007FFC63C20000: C:\Windows\system32\CHARTV (0x25000 bytes).
2026-05-28 18:01:59,869 [root] DEBUG: package modules.packages.edge does not support configure, ignoring
2026-05-28 18:01:59,870 [root] WARNING: configuration error for package modules.packages.edge: error importing data.packages.edge: No module named 'data.packages'
2026-05-28 18:01:59,871 [lib.core.compound] INFO: C:\Users\admin\AppData\Local\Temp already exists, skipping creation
2026-05-28 18:01:59,874 [lib.api.process] INFO: Successfully executed process from path "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" with arguments ""https://sugarcraft.net/"" with pid 9188
2026-05-28 18:01:59,875 [lib.api.process] INFO: Monitor config for process 9188: C:\_a4sjgfa\dll\9188.ini
2026-05-28 18:01:59,877 [lib.api.process] INFO: Option 'interactive' with value '1' sent to monitor
2026-05-28 18:01:59,879 [lib.api.process] INFO: 64-bit DLL to inject is C:\_a4sjgfa\dll\tHnPbxs.dll, loader C:\_a4sjgfa\bin\GGsGuLID.exe
2026-05-28 18:01:59,885 [root] DEBUG: Loader: Injecting process 9188 (thread 9192) with C:\_a4sjgfa\dll\tHnPbxs.dll.
2026-05-28 18:01:59,886 [root] DEBUG: InjectDllViaIAT: Successfully patched IAT.
2026-05-28 18:01:59,886 [root] DEBUG: Successfully injected DLL C:\_a4sjgfa\dll\tHnPbxs.dll.
2026-05-28 18:01:59,889 [lib.api.process] INFO: Injected into 64-bit <Process 9188 msedge.exe>
2026-05-28 18:02:00,368 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 9188, handle 0xa9c: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
2026-05-28 18:02:00,371 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 9188 (handle 0xa84): 0x00007FF734750000.
2026-05-28 18:02:01,899 [lib.api.process] INFO: Successfully resumed process with pid 9188
2026-05-28 18:02:01,979 [root] DEBUG: 9188: Python path set to 'C:\Users\admin\AppData\Local\Python\pythoncore-3.14-64'.
2026-05-28 18:02:01,980 [root] DEBUG: 9188: Interactive desktop enabled.
2026-05-28 18:02:01,980 [root] DEBUG: 9188: Dropped file limit defaulting to 100.
2026-05-28 18:02:01,989 [root] DEBUG: 9188: Edge-specific hook-set enabled.
2026-05-28 18:02:01,991 [root] DEBUG: 9188: Disabling sleep skipping.
2026-05-28 18:02:01,992 [root] DEBUG: 9188: YaraInit: Compiled rules loaded from existing file C:\_a4sjgfa\data\yara\capemon.yac
2026-05-28 18:02:02,003 [root] DEBUG: 9188: RtlInsertInvertedFunctionTable 0x00007FFC77FE090E, LdrpInvertedFunctionTableSRWLock 0x00007FFC7813D4F0
2026-05-28 18:02:02,003 [root] DEBUG: 9188: Monitor initialised: 64-bit capemon loaded in process 9188 at 0x00007FFC33AB0000, thread 9192, image base 0x00007FF734750000, stack from 0x000000C8193F4000-0x000000C819400000
2026-05-28 18:02:02,004 [root] DEBUG: 9188: Commandline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" "https://sugarcraft.net/"
2026-05-28 18:02:02,015 [root] DEBUG: 9188: Hooked 2 out of 2 functions
2026-05-28 18:02:02,051 [root] DEBUG: 9188: Syscall hook installed, syscall logging level 1
2026-05-28 18:02:02,057 [root] DEBUG: 9188: RestoreHeaders: Restored original import table.
2026-05-28 18:02:02,057 [root] INFO: Loaded monitor into process with pid 9188
2026-05-28 18:02:02,059 [root] DEBUG: 9188: DLL loaded at 0x00007FFC75FA0000: C:\Windows\System32\bcryptprimitives (0x82000 bytes).
2026-05-28 18:02:02,064 [root] DEBUG: 9188: DLL loaded at 0x00007FFC63BA0000: C:\Windows\SYSTEM32\version (0xa000 bytes).
2026-05-28 18:02:02,068 [root] DEBUG: 9188: DLL loaded at 0x00007FFC775B0000: C:\Windows\System32\shcore (0xad000 bytes).
2026-05-28 18:02:02,070 [root] DEBUG: 9188: DLL loaded at 0x00007FFC75020000: C:\Windows\SYSTEM32\Wldp (0x2d000 bytes).
2026-05-28 18:02:02,070 [root] DEBUG: 9188: DLL loaded at 0x00007FFC73790000: C:\Windows\SYSTEM32\windows.storage (0x79b000 bytes).
2026-05-28 18:02:02,071 [root] DEBUG: 9188: DLL loaded at 0x00007FFC775B0000: C:\Windows\System32\SHCORE (0xad000 bytes).
2026-05-28 18:02:02,072 [root] DEBUG: 9188: DLL loaded at 0x00007FFC747F0000: C:\Windows\SYSTEM32\ntmarta (0x33000 bytes).
2026-05-28 18:02:02,216 [root] DEBUG: 9188: DLL loaded at 0x00007FFC5CA40000: C:\Windows\SYSTEM32\WINMM (0x27000 bytes).
2026-05-28 18:02:02,217 [root] DEBUG: 9188: DLL loaded at 0x00007FFC1E940000: C:\Program Files (x86)\Microsoft\Edge\Application\148.0.3967.83\msedge (0x136be000 bytes).
2026-05-28 18:02:02,219 [root] DEBUG: 9188: DLL loaded at 0x00007FFC620A0000: C:\Windows\SYSTEM32\KBDUS (0x9000 bytes).
2026-05-28 18:02:02,221 [root] DEBUG: 9188: DLL loaded at 0x00007FFC730A0000: C:\Windows\system32\uxtheme (0x9e000 bytes).
2026-05-28 18:02:02,226 [root] DEBUG: 9188: DLL loaded at 0x00007FFC734B0000: C:\Windows\SYSTEM32\kernel.appcore (0x12000 bytes).
2026-05-28 18:02:02,226 [root] DEBUG: 9188: CreateProcessHandler: Injection info set for new process 9204: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe, ImageBase: 0x00007FF734750000
2026-05-28 18:02:02,227 [root] DEBUG: 9188: ProcessMessage: Skipping monitoring process 9204
2026-05-28 18:02:02,228 [root] DEBUG: 9188: DLL loaded at 0x00007FFC765F0000: C:\Windows\System32\clbcatq (0xa9000 bytes).
2026-05-28 18:02:02,228 [root] DEBUG: 9188: ProcessMessage: Skipping monitoring process 9204
2026-05-28 18:02:02,229 [root] DEBUG: 9188: DLL loaded at 0x00007FFC6AA20000: C:\Windows\System32\Windows.System.Profile.PlatformDiagnosticsAndUsageDataSettings (0x16000 bytes).
2026-05-28 18:02:02,230 [root] DEBUG: 9188: DLL loaded at 0x00007FFC74740000: C:\Windows\SYSTEM32\msvcp110_win (0x8a000 bytes).
2026-05-28 18:02:02,231 [root] DEBUG: 9188: DLL loaded at 0x00007FFC6FCE0000: C:\Windows\SYSTEM32\policymanager (0xa1000 bytes).
2026-05-28 18:02:02,235 [root] DEBUG: 9188: DLL loaded at 0x00007FFC75560000: C:\Windows\SYSTEM32\USERENV (0x2e000 bytes).
2026-05-28 18:02:02,236 [root] DEBUG: 9188: DLL loaded at 0x00007FFC73F40000: C:\Windows\SYSTEM32\gpapi (0x23000 bytes).
2026-05-28 18:02:02,237 [root] DEBUG: 9188: DLL loaded at 0x00007FFC747D0000: C:\Windows\SYSTEM32\wkscli (0x19000 bytes).
2026-05-28 18:02:02,238 [root] DEBUG: 9188: DLL loaded at 0x00007FFC74B80000: C:\Windows\SYSTEM32\netutils (0xc000 bytes).
2026-05-28 18:02:02,240 [root] DEBUG: 9188: DLL loaded at 0x00007FFC74740000: C:\Windows\SYSTEM32\msvcp110_win (0x8a000 bytes).
2026-05-28 18:02:02,241 [root] DEBUG: 9188: DLL loaded at 0x00007FFC5FA20000: C:\Windows\SYSTEM32\MDMRegistration (0x68000 bytes).
2026-05-28 18:02:02,243 [root] DEBUG: 9188: DLL loaded at 0x00007FFC75460000: C:\Windows\SYSTEM32\powrprof (0x4b000 bytes).
2026-05-28 18:02:02,243 [root] DEBUG: 9188: DLL loaded at 0x00007FFC74F70000: C:\Windows\SYSTEM32\CRYPTSP (0x18000 bytes).
2026-05-28 18:02:02,244 [root] DEBUG: 9188: DLL loaded at 0x00007FFC75090000: C:\Windows\SYSTEM32\ncrypt (0x27000 bytes).
2026-05-28 18:02:02,245 [root] DEBUG: 9188: DLL loaded at 0x00007FFC77F00000: C:\Windows\System32\imagehlp (0x1d000 bytes).
2026-05-28 18:02:02,245 [root] DEBUG: 9188: DLL loaded at 0x00007FFC6DA10000: C:\Windows\SYSTEM32\tbs (0x1b000 bytes).
2026-05-28 18:02:02,246 [root] DEBUG: 9188: DLL loaded at 0x00007FFC5B690000: C:\Windows\SYSTEM32\DMCmnUtils (0x7c000 bytes).
2026-05-28 18:02:02,246 [root] DEBUG: 9188: DLL loaded at 0x00007FFC63BE0000: C:\Windows\SYSTEM32\omadmapi (0x3a000 bytes).
2026-05-28 18:02:02,247 [root] DEBUG: 9188: DLL loaded at 0x00007FFC75440000: C:\Windows\SYSTEM32\UMPDC (0x12000 bytes).
2026-05-28 18:02:02,247 [root] DEBUG: 9188: DLL loaded at 0x00007FFC75050000: C:\Windows\SYSTEM32\NTASN1 (0x3b000 bytes).
2026-05-28 18:02:02,249 [root] DEBUG: 9188: DLL loaded at 0x00007FFC6C4D0000: C:\Windows\SYSTEM32\netapi32 (0x19000 bytes).
2026-05-28 18:02:02,250 [root] DEBUG: 9188: DLL loaded at 0x00007FFC74740000: C:\Windows\SYSTEM32\msvcp110_win (0x8a000 bytes).
2026-05-28 18:02:02,250 [root] DEBUG: 9188: DLL loaded at 0x00007FFC74F70000: C:\Windows\SYSTEM32\cryptsp (0x18000 bytes).
2026-05-28 18:02:02,251 [root] DEBUG: 9188: DLL loaded at 0x00007FFC72B70000: C:\Windows\SYSTEM32\DSREG (0x141000 bytes).
2026-05-28 18:02:02,252 [root] DEBUG: 9188: DLL loaded at 0x00007FFC755E0000: C:\Windows\SYSTEM32\profapi (0x25000 bytes).
2026-05-28 18:02:02,259 [root] DEBUG: 9188: DLL loaded at 0x00007FFC77400000: C:\Windows\System32\MSCTF (0x114000 bytes).
2026-05-28 18:02:02,261 [root] DEBUG: 9188: DLL loaded at 0x00007FFC6A9C0000: C:\Windows\System32\AssignedAccessRuntime (0x14000 bytes).
2026-05-28 18:02:02,261 [root] DEBUG: 9188: DLL loaded at 0x00007FFC75460000: C:\Windows\SYSTEM32\powrprof (0x4b000 bytes).
2026-05-28 18:02:02,262 [root] DEBUG: 9188: DLL loaded at 0x00007FFC75440000: C:\Windows\SYSTEM32\UMPDC (0x12000 bytes).
2026-05-28 18:02:02,263 [root] DEBUG: 9188: DLL loaded at 0x00007FFC6BCE0000: C:\Windows\System32\SystemSettings.DataModel (0x74000 bytes).
2026-05-28 18:02:02,264 [root] DEBUG: 9188: DLL loaded at 0x00007FFC69960000: C:\Windows\SYSTEM32\DWrite (0x27f000 bytes).
2026-05-28 18:02:02,267 [root] DEBUG: 9188: DLL loaded at 0x00007FFC61E00000: C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.3636_none_60b6a03d71f818d5\COMCTL32 (0x29a000 bytes).
2026-05-28 18:02:02,268 [root] DEBUG: 9188: DLL loaded at 0x00007FFC75430000: C:\Windows\SYSTEM32\DPAPI (0xa000 bytes).
2026-05-28 18:02:02,269 [root] DEBUG: 9188: DLL loaded at 0x00007FFC6F400000: C:\Windows\System32\OneCoreUAPCommonProxyStub (0x7d0000 bytes).
2026-05-28 18:02:02,270 [root] DEBUG: 9188: DLL loaded at 0x00007FFC74A70000: C:\Windows\SYSTEM32\IPHLPAPI (0x3b000 bytes).
2026-05-28 18:02:02,271 [root] DEBUG: 9188: DLL loaded at 0x00007FFC70B80000: C:\Windows\system32\NLAapi (0x1d000 bytes).
2026-05-28 18:02:02,272 [root] DEBUG: 9188: DLL loaded at 0x00007FFC771D0000: C:\Windows\System32\NSI (0x8000 bytes).
2026-05-28 18:02:02,274 [root] DEBUG: 9188: DLL loaded at 0x00007FFC6E0C0000: C:\Windows\SYSTEM32\dhcpcsvc6 (0x17000 bytes).
2026-05-28 18:02:02,274 [root] DEBUG: 9188: DLL loaded at 0x00007FFC75F50000: C:\Windows\System32\CFGMGR32 (0x4e000 bytes).
2026-05-28 18:02:02,275 [root] DEBUG: 9188: DLL loaded at 0x00007FFC6BA50000: C:\Windows\System32\StructuredQuery (0xa6000 bytes).
2026-05-28 18:02:02,276 [root] DEBUG: 9188: DLL loaded at 0x00007FFC6E0A0000: C:\Windows\SYSTEM32\dhcpcsvc (0x1d000 bytes).
2026-05-28 18:02:02,277 [root] DEBUG: 9188: DLL loaded at 0x00007FFC728F0000: C:\Windows\SYSTEM32\PROPSYS (0xf6000 bytes).
2026-05-28 18:02:02,278 [root] DEBUG: 9188: DLL loaded at 0x00007FFC74AB0000: C:\Windows\SYSTEM32\DNSAPI (0xca000 bytes).
2026-05-28 18:02:02,280 [root] DEBUG: 9188: DLL loaded at 0x00007FFC665A0000: C:\Windows\System32\Windows.StateRepositoryPS (0x146000 bytes).
2026-05-28 18:02:02,282 [root] DEBUG: 9188: DLL loaded at 0x00007FFC729F0000: C:\Windows\System32\CoreMessaging (0xf2000 bytes).
2026-05-28 18:02:02,283 [root] DEBUG: 9188: DLL loaded at 0x00007FFC71EC0000: C:\Windows\SYSTEM32\wintypes (0x155000 bytes).
2026-05-28 18:02:02,284 [root] DEBUG: 9188: DLL loaded at 0x00007FFC72590000: C:\Windows\System32\CoreUIComponents (0x35b000 bytes).
2026-05-28 18:02:02,285 [root] DEBUG: 9188: DLL loaded at 0x00007FFC69D70000: C:\Windows\SYSTEM32\textinputframework (0xf9000 bytes).
2026-05-28 18:02:02,289 [root] DEBUG: 9188: DLL loaded at 0x00007FFC664D0000: C:\Windows\system32\Windows.Storage.Search (0xc6000 bytes).
2026-05-28 18:02:02,290 [root] DEBUG: 9188: DLL loaded at 0x00007FFC6FF20000: C:\Windows\System32\twinapi.appcore (0x203000 bytes).
2026-05-28 18:02:02,292 [root] DEBUG: 9188: DLL loaded at 0x00007FFC60C70000: C:\Windows\system32\twinapi (0xa9000 bytes).
2026-05-28 18:02:02,294 [root] DEBUG: 9188: DLL loaded at 0x00007FFC65B50000: C:\Windows\system32\mssprxy (0x28000 bytes).
2026-05-28 18:02:02,295 [root] DEBUG: 9188: DLL loaded at 0x00007FFC6ED50000: C:\Windows\SYSTEM32\wevtapi (0x65000 bytes).
2026-05-28 18:02:02,298 [root] DEBUG: 9188: DLL loaded at 0x00007FFC70130000: C:\Windows\System32\WindowManagementAPI (0xa1000 bytes).
2026-05-28 18:02:02,298 [root] DEBUG: 9188: DLL loaded at 0x00007FFC69E70000: C:\Windows\System32\InputHost (0x152000 bytes).
2026-05-28 18:02:02,299 [root] DEBUG: 9188: DLL loaded at 0x00007FFC69FD0000: C:\Windows\System32\Windows.UI (0x141000 bytes).
2026-05-28 18:02:02,300 [root] DEBUG: 9188: DLL loaded at 0x00007FFC650F0000: C:\Windows\SYSTEM32\edputil (0x24000 bytes).
2026-05-28 18:02:02,314 [root] DEBUG: 9188: DLL loaded at 0x00007FFC72B20000: C:\Windows\SYSTEM32\WTSAPI32 (0x14000 bytes).
2026-05-28 18:02:02,316 [root] DEBUG: 9188: DLL loaded at 0x00007FFC75370000: C:\Windows\SYSTEM32\WINSTA (0x5b000 bytes).
2026-05-28 18:02:02,320 [root] DEBUG: 9188: DLL loaded at 0x00007FFC6FD90000: C:\Windows\SYSTEM32\ColorAdapterClient (0x11000 bytes).
2026-05-28 18:02:02,320 [root] DEBUG: 9188: DLL loaded at 0x00007FFC6FDB0000: C:\Windows\SYSTEM32\mscms (0xae000 bytes).
2026-05-28 18:02:02,323 [root] DEBUG: 9188: DLL loaded at 0x00007FFC707B0000: C:\Windows\SYSTEM32\WINHTTP (0x10a000 bytes).
2026-05-28 18:02:02,325 [root] INFO: Announced starting service "b'MicrosoftEdgeElevationService'"
2026-05-28 18:02:02,325 [lib.api.process] INFO: Monitor config for process 592: C:\_a4sjgfa\dll\592.ini
2026-05-28 18:02:02,326 [lib.api.process] INFO: Option 'interactive' with value '1' sent to monitor
2026-05-28 18:02:02,327 [lib.api.process] INFO: 64-bit DLL to inject is C:\_a4sjgfa\dll\tHnPbxs.dll, loader C:\_a4sjgfa\bin\GGsGuLID.exe
2026-05-28 18:02:02,332 [root] DEBUG: Loader: Injecting process 592 with C:\_a4sjgfa\dll\tHnPbxs.dll.
2026-05-28 18:02:02,332 [root] DEBUG: 9188: DLL loaded at 0x00007FFC1E370000: C:\Program Files (x86)\Microsoft\Edge\Application\148.0.3967.83\oneauth (0x5c4000 bytes).
2026-05-28 18:02:02,334 [root] DEBUG: Loader: Copied config file C:\_a4sjgfa\dll\592.ini to system path C:\592.ini
2026-05-28 18:02:02,337 [root] DEBUG: Loader: Unable to open process, launched: PPLinject64.exe 592 C:\_a4sjgfa\dll\tHnPbxs.dll
2026-05-28 18:02:02,338 [root] DEBUG: Successfully injected DLL C:\_a4sjgfa\dll\tHnPbxs.dll.
2026-05-28 18:02:02,341 [lib.api.process] INFO: Injected into 64-bit <Process 592 services.exe>
2026-05-28 18:02:02,345 [root] DEBUG: 9188: DLL loaded at 0x00007FFC68DC0000: C:\Windows\SYSTEM32\Secur32 (0xc000 bytes).
2026-05-28 18:02:02,350 [root] DEBUG: 9188: DLL loaded at 0x00007FFC6B370000: C:\Windows\System32\iertutil (0x2bc000 bytes).
2026-05-28 18:02:02,354 [root] DEBUG: 9188: CreateProcessHandler: Injection info set for new process 9660: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe, ImageBase: 0x00007FF734750000
2026-05-28 18:02:02,355 [root] DEBUG: 9188: DLL loaded at 0x00007FFC65020000: C:\Windows\System32\Windows.Web (0xc3000 bytes).
2026-05-28 18:02:02,361 [root] DEBUG: 9188: ProcessMessage: Skipping monitoring process 9660
2026-05-28 18:02:02,368 [root] DEBUG: 9188: DLL loaded at 0x00007FFC69BE0000: C:\Windows\System32\Windows.UI.Immersive (0x139000 bytes).
2026-05-28 18:02:02,370 [root] DEBUG: 9188: caller_dispatch: Added region at 0x00007FF734750000 to tracked regions list (kernel32::CreateProcessInternalW returns to 0x00007FF734847D66, thread 9472).
2026-05-28 18:02:02,421 [root] DEBUG: 9188: ProcessMessage: Skipping monitoring process 9660
2026-05-28 18:02:02,435 [root] DEBUG: 9188: ProcessImageBase: Main module image at 0x00007FF734750000 unmodified (entropy change 0.000000e+00)
2026-05-28 18:02:02,437 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 9204, handle 0xa88: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
2026-05-28 18:02:02,437 [root] DEBUG: 9188: DLL loaded at 0x00007FFC5E640000: C:\Windows\SYSTEM32\LINKINFO (0xd000 bytes).
2026-05-28 18:02:02,440 [root] DEBUG: 9188: CreateProcessHandler: Injection info set for new process 9744: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe, ImageBase: 0x00007FF734750000
2026-05-28 18:02:02,472 [root] DEBUG: 9188: CreateProcessHandler: Injection info set for new process 9756: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe, ImageBase: 0x00007FF734750000
2026-05-28 18:02:02,473 [root] DEBUG: 9188: DLL loaded at 0x00007FFC73F70000: C:\Windows\system32\dxgi (0xf3000 bytes).
2026-05-28 18:02:02,478 [root] DEBUG: 9188: ProcessMessage: Skipping monitoring process 9744
2026-05-28 18:02:02,479 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 9204 (handle 0xa88): 0x00007FF734750000.
2026-05-28 18:02:02,480 [root] DEBUG: 9188: DLL loaded at 0x00007FFC71690000: C:\Windows\system32\d3d11 (0x263000 bytes).
2026-05-28 18:02:02,481 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 9616, handle 0xa88: C:\_a4sjgfa\bin\PPLinject64.exe
2026-05-28 18:02:02,481 [root] DEBUG: 9188: ProcessMessage: Skipping monitoring process 9744
2026-05-28 18:02:02,482 [root] DEBUG: 9188: DLL loaded at 0x00007FFC72020000: C:\Windows\system32\dcomp (0x1e3000 bytes).
2026-05-28 18:02:02,483 [root] DEBUG: 9188: ProcessMessage: Skipping monitoring process 9756
2026-05-28 18:02:02,484 [root] DEBUG: 9188: ProcessMessage: Skipping monitoring process 9756
2026-05-28 18:02:02,490 [root] DEBUG: 9188: DLL loaded at 0x00007FFC5F830000: C:\Windows\system32\dataexchange (0x3e000 bytes).
2026-05-28 18:02:02,602 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 9616 (handle 0xaa4): 0x00007FF668FE0000.
2026-05-28 18:02:02,612 [root] DEBUG: 9188: DLL loaded at 0x00007FFC63BF0000: C:\Windows\System32\Windows.System.Profile.RetailInfo (0x28000 bytes).
2026-05-28 18:02:02,621 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 9632, handle 0xaa4: C:\Windows\System32\conhost.exe
2026-05-28 18:02:02,624 [root] DEBUG: 9188: CreateProcessHandler: Injection info set for new process 10004: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe, ImageBase: 0x00007FF734750000
2026-05-28 18:02:02,624 [root] DEBUG: 9188: CreateProcessHandler: Injection info set for new process 9972: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe, ImageBase: 0x00007FF734750000
2026-05-28 18:02:02,625 [root] DEBUG: 9188: ProcessMessage: Skipping monitoring process 10004
2026-05-28 18:02:02,626 [root] DEBUG: 9188: ProcessMessage: Skipping monitoring process 9972
2026-05-28 18:02:02,627 [root] DEBUG: 9188: ProcessMessage: Skipping monitoring process 10004
2026-05-28 18:02:02,627 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 9632 (handle 0xaa4): 0x00007FF799880000.
2026-05-28 18:02:02,628 [root] DEBUG: 9188: ProcessMessage: Skipping monitoring process 9972
2026-05-28 18:02:02,629 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 9660, handle 0xaa4: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
2026-05-28 18:02:02,642 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 9660 (handle 0xaa4): 0x00007FF734750000.
2026-05-28 18:02:02,649 [root] DEBUG: 9188: DLL loaded at 0x00007FFC5F9A0000: C:\Windows\SYSTEM32\OLEACC (0x66000 bytes).
2026-05-28 18:02:02,672 [root] DEBUG: 9188: DLL loaded at 0x00007FFC67700000: C:\Windows\system32\directmanipulation (0x9d000 bytes).
2026-05-28 18:02:02,752 [root] DEBUG: 9188: DLL loaded at 0x00007FFC73480000: C:\Windows\SYSTEM32\dwmapi (0x2f000 bytes).
2026-05-28 18:02:02,824 [root] DEBUG: 9188: DLL loaded at 0x00007FFC751B0000: C:\Windows\SYSTEM32\MSASN1 (0x12000 bytes).
2026-05-28 18:02:02,853 [root] DEBUG: 9188: DLL loaded at 0x00007FFC1A480000: C:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Well Known Domains\1.2.0.0\well_known_domains (0x9e000 bytes).
2026-05-28 18:02:02,870 [root] DEBUG: 9188: DLL loaded at 0x00007FFC74F70000: C:\Windows\SYSTEM32\CRYPTSP (0x18000 bytes).
2026-05-28 18:02:02,873 [root] DEBUG: 9188: DLL loaded at 0x00007FFC746B0000: C:\Windows\system32\rsaenh (0x34000 bytes).
2026-05-28 18:02:02,883 [root] DEBUG: 9188: DLL loaded at 0x00007FFC63280000: C:\Windows\System32\Windows.Security.Authentication.Web.Core (0x11d000 bytes).
2026-05-28 18:02:02,887 [root] DEBUG: 9188: DLL loaded at 0x00007FFC66790000: C:\Windows\System32\OneCoreCommonProxyStub (0x7f000 bytes).
2026-05-28 18:02:02,889 [root] DEBUG: 9188: DLL loaded at 0x00007FFC5E650000: C:\Windows\System32\vaultcli (0x51000 bytes).
2026-05-28 18:02:02,914 [root] DEBUG: 9188: DLL loaded at 0x00007FFC1A3F0000: C:\Windows\System32\MicrosoftAccountWAMExtension (0x8c000 bytes).
2026-05-28 18:02:03,376 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 9744, handle 0xaa8: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
2026-05-28 18:02:03,379 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 9744 (handle 0xaa8): 0x00007FF734750000.
2026-05-28 18:02:03,380 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 9756, handle 0xaa8: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
2026-05-28 18:02:03,384 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 9756 (handle 0xaa8): 0x00007FF734750000.
2026-05-28 18:02:03,386 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 9972, handle 0xaa8: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
2026-05-28 18:02:03,388 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 9972 (handle 0xab0): 0x00007FF734750000.
2026-05-28 18:02:03,388 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 10004, handle 0xab0: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
2026-05-28 18:02:03,390 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 10004 (handle 0xab0): 0x00007FF734750000.
2026-05-28 18:02:04,232 [root] DEBUG: 9188: DLL loaded at 0x00007FFC74740000: C:\Windows\SYSTEM32\msvcp110_win (0x8a000 bytes).
2026-05-28 18:02:04,234 [root] DEBUG: 9188: DLL loaded at 0x00007FFC6FCE0000: C:\Windows\SYSTEM32\policymanager (0xa1000 bytes).
2026-05-28 18:02:05,391 [root] DEBUG: 9188: DLL loaded at 0x00007FFC754B0000: C:\Windows\SYSTEM32\sxs (0xa2000 bytes).
2026-05-28 18:02:05,402 [root] DEBUG: 9188: DLL loaded at 0x00007FFC70650000: C:\Windows\SYSTEM32\usermgrcli (0x16000 bytes).
2026-05-28 18:02:05,403 [root] DEBUG: 9188: DLL loaded at 0x00007FFC5D4D0000: C:\Windows\System32\Windows.Internal.UI.Shell.WindowTabManager (0x6d000 bytes).
2026-05-28 18:02:06,624 [root] DEBUG: 9188: DLL loaded at 0x00007FFC5CAE0000: C:\Windows\System32\ShellCommonCommonProxyStub (0xe4000 bytes).
2026-05-28 18:02:09,177 [root] DEBUG: 9188: CreateProcessHandler: Injection info set for new process 10420: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe, ImageBase: 0x00007FF734750000
2026-05-28 18:02:09,178 [root] DEBUG: 9188: ProcessMessage: Skipping monitoring process 10420
2026-05-28 18:02:09,180 [root] DEBUG: 9188: ProcessMessage: Skipping monitoring process 10420
2026-05-28 18:02:09,389 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 10420, handle 0xa84: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
2026-05-28 18:02:09,400 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 10420 (handle 0xa84): 0x00007FF734750000.
2026-05-28 18:02:10,390 [root] DEBUG: 9188: DLL loaded at 0x00007FFC77700000: C:\Windows\System32\SETUPAPI (0x46e000 bytes).
2026-05-28 18:02:10,392 [root] DEBUG: 9188: DLL loaded at 0x00007FFC70770000: C:\Windows\System32\netprofm (0x3f000 bytes).
2026-05-28 18:02:10,393 [root] DEBUG: 9188: DLL loaded at 0x00007FFC753D0000: C:\Windows\SYSTEM32\DEVOBJ (0x33000 bytes).
2026-05-28 18:02:10,394 [root] DEBUG: 9188: DLL loaded at 0x00007FFC75EE0000: C:\Windows\System32\WINTRUST (0x67000 bytes).
2026-05-28 18:02:10,395 [root] DEBUG: 9188: DLL loaded at 0x00007FFC6CEE0000: C:\Windows\System32\npmproxy (0x10000 bytes).
2026-05-28 18:02:10,450 [root] DEBUG: 9188: CreateProcessHandler: Injection info set for new process 10532: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe, ImageBase: 0x00007FF734750000
2026-05-28 18:02:10,452 [root] DEBUG: 9188: ProcessMessage: Skipping monitoring process 10532
2026-05-28 18:02:10,454 [root] DEBUG: 9188: ProcessMessage: Skipping monitoring process 10532
2026-05-28 18:02:10,472 [root] DEBUG: 9188: DLL loaded at 0x00007FFC1A000000: C:\Program Files (x86)\Microsoft\Edge\Application\148.0.3967.83\telclient (0x3ed000 bytes).
2026-05-28 18:02:10,533 [root] DEBUG: 9188: DLL loaded at 0x00007FFC199A0000: C:\Program Files (x86)\Microsoft\Edge\Application\148.0.3967.83\oneds (0x33f000 bytes).
2026-05-28 18:02:10,558 [root] DEBUG: 9188: DLL loaded at 0x00007FFC1CB70000: C:\Program Files (x86)\Microsoft\Edge\Application\148.0.3967.83\ffmpeg (0x467000 bytes).
2026-05-28 18:02:10,561 [root] DEBUG: 9188: DLL loaded at 0x00007FFC742D0000: C:\Windows\System32\FirewallAPI (0x96000 bytes).
2026-05-28 18:02:10,563 [root] DEBUG: 9188: DLL loaded at 0x00007FFC74290000: C:\Windows\System32\fwbase (0x36000 bytes).
2026-05-28 18:02:10,588 [root] DEBUG: 9188: DLL loaded at 0x00007FFC67500000: C:\Windows\system32\TenantRestrictionsPlugin (0x1b000 bytes).
2026-05-28 18:02:10,592 [root] DEBUG: 9188: DLL loaded at 0x00007FFC5FA10000: C:\Program Files (x86)\Microsoft\Edge\Application\148.0.3967.83\microsoft_shell_integration (0x78000 bytes).
2026-05-28 18:02:10,614 [root] DEBUG: 9188: DLL loaded at 0x00007FFC73380000: C:\Windows\System32\RMCLIENT (0x2a000 bytes).
2026-05-28 18:02:10,616 [root] DEBUG: 9188: DLL loaded at 0x00007FFC711F0000: C:\Windows\System32\XmlLite (0x36000 bytes).
2026-05-28 18:02:10,617 [root] DEBUG: 9188: DLL loaded at 0x00007FFC60E20000: C:\Windows\System32\wpnapps (0x15b000 bytes).
2026-05-28 18:02:10,689 [root] DEBUG: 9188: CreateProcessHandler: Injection info set for new process 10636: C:\Program Files (x86)\Microsoft\Edge\Application\148.0.3967.83\identity_helper.exe, ImageBase: 0x00007FF66CA90000
2026-05-28 18:02:10,691 [root] INFO: Announced 64-bit process name: identity_helper.exe pid: 10636
2026-05-28 18:02:10,691 [lib.api.process] INFO: Monitor config for process 10636: C:\_a4sjgfa\dll\10636.ini
2026-05-28 18:02:10,692 [lib.api.process] INFO: Option 'interactive' with value '1' sent to monitor
2026-05-28 18:02:11,512 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 10532, handle 0xa84: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
2026-05-28 18:02:11,531 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 10532 (handle 0xa84): 0x00007FF734750000.
2026-05-28 18:02:11,534 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 10636, handle 0xa84: C:\Program Files (x86)\Microsoft\Edge\Application\148.0.3967.83\identity_helper.exe
2026-05-28 18:02:11,777 [lib.api.process] INFO: Potential dll side-loading detected in local directory: onnxruntime.dll
2026-05-28 18:02:11,778 [lib.api.process] INFO: Potential dll side-loading detected in local directory: d3dcompiler_47.dll
2026-05-28 18:02:11,785 [lib.api.process] INFO: 64-bit DLL to inject is C:\_a4sjgfa\dll\tHnPbxs.dll, loader C:\_a4sjgfa\bin\GGsGuLID.exe
2026-05-28 18:02:11,791 [root] DEBUG: Loader: Injecting process 10636 (thread 10640) with C:\_a4sjgfa\dll\tHnPbxs.dll.
2026-05-28 18:02:11,792 [root] DEBUG: InjectDllViaIAT: Successfully patched IAT.
2026-05-28 18:02:11,792 [root] DEBUG: Successfully injected DLL C:\_a4sjgfa\dll\tHnPbxs.dll.
2026-05-28 18:02:11,794 [lib.api.process] INFO: Injected into 64-bit <Process 10636 identity_helper.exe>
2026-05-28 18:02:11,811 [root] DEBUG: 9188: DLL loaded at 0x00007FFC6DB50000: C:\Windows\SYSTEM32\capauthz (0x51000 bytes).
2026-05-28 18:02:11,814 [root] DEBUG: 9188: DLL loaded at 0x00007FFC6A6A0000: C:\Windows\SYSTEM32\windows.staterepositorycore (0x11000 bytes).
2026-05-28 18:02:11,816 [root] DEBUG: 9188: CreateProcessHandler: Injection info set for new process 10720: C:\Program Files (x86)\Microsoft\Edge\Application\148.0.3967.83\identity_helper.exe, ImageBase: 0x00007FF66CA90000
2026-05-28 18:02:11,817 [root] INFO: Announced 64-bit process name: identity_helper.exe pid: 10720
2026-05-28 18:02:11,818 [lib.api.process] INFO: Monitor config for process 10720: C:\_a4sjgfa\dll\10720.ini
2026-05-28 18:02:11,819 [lib.api.process] INFO: Option 'interactive' with value '1' sent to monitor
2026-05-28 18:02:11,926 [lib.api.process] INFO: Potential dll side-loading detected in local directory: onnxruntime.dll
2026-05-28 18:02:11,927 [lib.api.process] INFO: Potential dll side-loading detected in local directory: d3dcompiler_47.dll
2026-05-28 18:02:11,929 [lib.api.process] INFO: 64-bit DLL to inject is C:\_a4sjgfa\dll\tHnPbxs.dll, loader C:\_a4sjgfa\bin\GGsGuLID.exe
2026-05-28 18:02:11,934 [root] DEBUG: Loader: Injecting process 10720 (thread 10724) with C:\_a4sjgfa\dll\tHnPbxs.dll.
2026-05-28 18:02:11,935 [root] DEBUG: InjectDllViaIAT: Successfully patched IAT.
2026-05-28 18:02:11,937 [root] DEBUG: Successfully injected DLL C:\_a4sjgfa\dll\tHnPbxs.dll.
2026-05-28 18:02:11,939 [lib.api.process] INFO: Injected into 64-bit <Process 10720 identity_helper.exe>
2026-05-28 18:02:11,942 [root] INFO: Announced 64-bit process name: identity_helper.exe pid: 10720
2026-05-28 18:02:11,942 [lib.api.process] INFO: Monitor config for process 10720: C:\_a4sjgfa\dll\10720.ini
2026-05-28 18:02:11,942 [lib.api.process] INFO: Option 'interactive' with value '1' sent to monitor
2026-05-28 18:02:12,052 [lib.api.process] INFO: Potential dll side-loading detected in local directory: onnxruntime.dll
2026-05-28 18:02:12,058 [lib.api.process] INFO: Potential dll side-loading detected in local directory: d3dcompiler_47.dll
2026-05-28 18:02:12,063 [lib.api.process] INFO: 64-bit DLL to inject is C:\_a4sjgfa\dll\tHnPbxs.dll, loader C:\_a4sjgfa\bin\GGsGuLID.exe
2026-05-28 18:02:12,069 [root] DEBUG: Loader: Injecting process 10720 (thread 10724) with C:\_a4sjgfa\dll\tHnPbxs.dll.
2026-05-28 18:02:12,070 [root] DEBUG: InjectDllViaIAT: This image has already been patched.
2026-05-28 18:02:12,085 [root] DEBUG: Successfully injected DLL C:\_a4sjgfa\dll\tHnPbxs.dll.
2026-05-28 18:02:12,088 [lib.api.process] INFO: Injected into 64-bit <Process 10720 identity_helper.exe>
2026-05-28 18:02:12,112 [root] DEBUG: 10720: Python path set to 'C:\Users\admin\AppData\Local\Python\pythoncore-3.14-64'.
2026-05-28 18:02:12,113 [root] DEBUG: 10720: Interactive desktop enabled.
2026-05-28 18:02:12,114 [root] DEBUG: 10720: Dropped file limit defaulting to 100.
2026-05-28 18:02:12,120 [root] DEBUG: 10720: Disabling sleep skipping.
2026-05-28 18:02:12,122 [root] DEBUG: 10720: YaraInit: Compiled rules loaded from existing file C:\_a4sjgfa\data\yara\capemon.yac
2026-05-28 18:02:12,139 [root] DEBUG: 10720: RtlInsertInvertedFunctionTable 0x00007FFC77FE090E, LdrpInvertedFunctionTableSRWLock 0x00007FFC7813D4F0
2026-05-28 18:02:12,140 [root] DEBUG: 10720: YaraScan: Scanning 0x00007FF66CA90000, size 0x28b4d8
2026-05-28 18:02:12,177 [root] DEBUG: 10720: Monitor initialised: 64-bit capemon loaded in process 10720 at 0x00007FFC33AB0000, thread 10724, image base 0x00007FF66CA90000, stack from 0x000000B8F7924000-0x000000B8F7930000
2026-05-28 18:02:12,179 [root] DEBUG: 10720: Commandline: "C:\Program Files (x86)\Microsoft\Edge\Application\148.0.3967.83\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=windows_package_identity --skip-read-main-dll --metrics-shmem-handle=5988,i,16463646965434194640,9756354988950792942,524288 --field-trial-handle=2464,i,11618049249894349634,12934656804764563957,262144 --variations-seed-version --pseudonymization-salt-handle=2472,i,15884246703223372676,91259951654935
2026-05-28 18:02:12,179 [root] DEBUG: 10720: add_all_dlls_to_dll_ranges: skipping C:\Program Files (x86)\Microsoft\Edge\Application\148.0.3967.83\msedge_elf.dll
2026-05-28 18:02:12,190 [root] DEBUG: 10720: hook_api: LdrpCallInitRoutine export address 0x00007FFC77FE99BC obtained via GetFunctionAddress
2026-05-28 18:02:12,217 [root] WARNING: b'Unable to create trampoline for LockResource, hook type 2'
2026-05-28 18:02:12,218 [root] DEBUG: 10720: set_hooks: Unable to hook LockResource
2026-05-28 18:02:12,224 [root] DEBUG: 10720: Hooked 627 out of 628 functions
2026-05-28 18:02:12,252 [root] DEBUG: 10720: Syscall hook installed, syscall logging level 1
2026-05-28 18:02:12,257 [root] DEBUG: 10720: RestoreHeaders: Restored original import table.
2026-05-28 18:02:12,258 [root] INFO: Loaded monitor into process with pid 10720
2026-05-28 18:02:12,261 [root] DEBUG: 10720: YaraScan: Scanning 0x00007FFC32000000, size 0x4b9994
2026-05-28 18:02:12,332 [root] DEBUG: 10720: YaraScan: Scanning 0x00007FFC32000000, size 0x4b9994
2026-05-28 18:02:12,368 [root] DEBUG: 10720: YaraScan: Scanning 0x00007FFC32000000, size 0x4b9994
2026-05-28 18:02:12,426 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 10720, handle 0xa84: C:\Program Files (x86)\Microsoft\Edge\Application\148.0.3967.83\identity_helper.exe
2026-05-28 18:02:12,433 [root] DEBUG: 10720: YaraScan: Scanning 0x00007FFC32000000, size 0x4b9994
2026-05-28 18:02:12,467 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 10720 (handle 0xab0): 0x00007FF66CA90000.
2026-05-28 18:02:12,470 [root] DEBUG: 10720: YaraScan: Scanning 0x00007FFC32000000, size 0x4b9994
2026-05-28 18:02:12,521 [root] DEBUG: 10720: YaraScan: Scanning 0x00007FFC32000000, size 0x4b9994
2026-05-28 18:02:12,570 [root] DEBUG: 10720: YaraScan: Scanning 0x00007FFC32000000, size 0x4b9994
2026-05-28 18:02:12,619 [root] DEBUG: 10720: caller_dispatch: Added region at 0x00007FFC32000000 to tracked regions list (ntdll::NtProtectVirtualMemory returns to 0x00007FFC321FF156, thread 10724).
2026-05-28 18:02:12,620 [root] DEBUG: 10720: caller_dispatch: Scanning calling region at 0x00007FFC32000000...
2026-05-28 18:02:12,625 [root] DEBUG: 10720: ProcessTrackedRegion: Region at 0x00007FFC32000000 mapped as \Device\HarddiskVolume2\Program Files (x86)\Microsoft\Edge\Application\148.0.3967.83\msedge_elf.dll appears unmodified, skipping
2026-05-28 18:02:12,629 [root] DEBUG: 10720: DLL loaded at 0x00007FFC75FA0000: C:\Windows\System32\bcryptprimitives (0x82000 bytes).
2026-05-28 18:02:12,671 [root] DEBUG: 10720: YaraScan: Scanning 0x00007FF66CA90000, size 0x28b4d8
2026-05-28 18:02:12,692 [root] DEBUG: 10720: YaraScan: Scanning 0x00007FF66CA90000, size 0x28b4d8
2026-05-28 18:02:12,711 [root] DEBUG: 10720: YaraScan: Scanning 0x00007FF66CA90000, size 0x28b4d8
2026-05-28 18:02:12,745 [root] DEBUG: 10720: YaraScan: Scanning 0x00007FF66CA90000, size 0x28b4d8
2026-05-28 18:02:12,769 [root] DEBUG: 10720: YaraScan: Scanning 0x00007FF66CA90000, size 0x28b4d8
2026-05-28 18:02:12,787 [root] DEBUG: 10720: YaraScan: Scanning 0x00007FF66CA90000, size 0x28b4d8
2026-05-28 18:02:12,822 [root] DEBUG: 10720: caller_dispatch: Added region at 0x00007FF66CA90000 to tracked regions list (ntdll::NtProtectVirtualMemory returns to 0x00007FF66CB84096, thread 10724).
2026-05-28 18:02:12,823 [root] DEBUG: 10720: YaraScan: Scanning 0x00007FF66CA90000, size 0x28b4d8
2026-05-28 18:02:12,845 [root] DEBUG: 10720: ProcessImageBase: Main module image at 0x00007FF66CA90000 unmodified (entropy change 0.000000e+00)
2026-05-28 18:02:12,851 [root] DEBUG: 10720: DLL loaded at 0x00007FFC775B0000: C:\Windows\System32\shcore (0xad000 bytes).
2026-05-28 18:02:12,876 [root] DEBUG: 10720: DLL loaded at 0x00007FFC1E940000: C:\Program Files (x86)\Microsoft\Edge\Application\148.0.3967.83\msedge (0x136be000 bytes).
2026-05-28 18:02:12,915 [root] DEBUG: 10720: DLL loaded at 0x00007FFC730A0000: C:\Windows\system32\uxtheme (0x9e000 bytes).
2026-05-28 18:02:12,938 [root] DEBUG: 10720: DLL loaded at 0x00007FFC734B0000: C:\Windows\SYSTEM32\kernel.appcore (0x12000 bytes).
2026-05-28 18:02:12,942 [root] DEBUG: 10720: DLL loaded at 0x00007FFC77400000: C:\Windows\System32\MSCTF (0x114000 bytes).
2026-05-28 18:02:13,248 [root] DEBUG: 9188: DLL loaded at 0x00007FFC6D710000: C:\Windows\system32\wlanapi (0x74000 bytes).
2026-05-28 18:02:13,251 [root] DEBUG: 9188: DLL loaded at 0x00007FFC63700000: C:\Windows\System32\Windows.ApplicationModel (0xe9000 bytes).
2026-05-28 18:02:13,252 [root] DEBUG: 9188: DLL loaded at 0x00007FFC6E250000: C:\Windows\System32\AppXDeploymentClient (0x102000 bytes).
2026-05-28 18:02:13,600 [root] DEBUG: 9188: DLL loaded at 0x00007FFC6C4D0000: C:\Windows\SYSTEM32\NETAPI32 (0x19000 bytes).
2026-05-28 18:02:13,602 [root] DEBUG: 9188: DLL loaded at 0x00007FFC75090000: C:\Windows\SYSTEM32\ncrypt (0x27000 bytes).
2026-05-28 18:02:13,604 [root] DEBUG: 9188: DLL loaded at 0x00007FFC75050000: C:\Windows\SYSTEM32\NTASN1 (0x3b000 bytes).
2026-05-28 18:02:13,605 [root] DEBUG: 9188: DLL loaded at 0x00007FFC6DA30000: C:\Windows\system32\PCPKsp (0x118000 bytes).
2026-05-28 18:02:13,607 [root] DEBUG: 9188: DLL loaded at 0x00007FFC77F00000: C:\Windows\System32\imagehlp (0x1d000 bytes).
2026-05-28 18:02:13,608 [root] DEBUG: 9188: DLL loaded at 0x00007FFC6DA10000: C:\Windows\SYSTEM32\tbs (0x1b000 bytes).
2026-05-28 18:02:13,609 [root] DEBUG: 9188: DLL loaded at 0x00007FFC61590000: C:\Windows\system32\ncryptprov (0x5a000 bytes).
2026-05-28 18:02:13,796 [root] DEBUG: 9188: DLL loaded at 0x00007FFC74D80000: C:\Windows\system32\mswsock (0x6a000 bytes).
2026-05-28 18:02:13,850 [root] DEBUG: 10720: DLL loaded at 0x00007FFC765F0000: C:\Windows\System32\clbcatq (0xa9000 bytes).
2026-05-28 18:02:13,855 [root] DEBUG: 10720: DLL loaded at 0x00007FFC775B0000: C:\Windows\System32\shcore (0xad000 bytes).
2026-05-28 18:02:13,856 [root] DEBUG: 10720: DLL loaded at 0x00007FFC71EC0000: C:\Windows\SYSTEM32\wintypes (0x155000 bytes).
2026-05-28 18:02:13,857 [root] DEBUG: 10720: DLL loaded at 0x00007FFC73380000: C:\Windows\System32\RMCLIENT (0x2a000 bytes).
2026-05-28 18:02:13,875 [root] DEBUG: 10720: DLL loaded at 0x00007FFC711F0000: C:\Windows\System32\XmlLite (0x36000 bytes).
2026-05-28 18:02:13,876 [root] DEBUG: 10720: DLL loaded at 0x00007FFC6FF20000: C:\Windows\System32\twinapi.appcore (0x203000 bytes).
2026-05-28 18:02:13,877 [root] DEBUG: 10720: DLL loaded at 0x00007FFC60E20000: C:\Windows\System32\wpnapps (0x15b000 bytes).
2026-05-28 18:02:13,920 [root] DEBUG: 10720: DLL loaded at 0x00007FFC70650000: C:\Windows\SYSTEM32\usermgrcli (0x16000 bytes).
2026-05-28 18:02:13,928 [root] DEBUG: 10720: DLL loaded at 0x00007FFC6F400000: C:\Windows\System32\OneCoreUAPCommonProxyStub (0x7d0000 bytes).
2026-05-28 18:02:13,971 [root] DEBUG: 10720: DLL loaded at 0x00007FFC728F0000: C:\Windows\System32\PROPSYS (0xf6000 bytes).
2026-05-28 18:02:13,973 [root] DEBUG: 10720: DLL loaded at 0x00007FFC729F0000: C:\Windows\System32\CoreMessaging (0xf2000 bytes).
2026-05-28 18:02:13,974 [root] DEBUG: 10720: DLL loaded at 0x00007FFC63990000: C:\Windows\System32\execmodelclient (0x63000 bytes).
2026-05-28 18:02:13,993 [root] DEBUG: 10720: DLL loaded at 0x00007FFC66790000: C:\Windows\System32\OneCoreCommonProxyStub (0x7f000 bytes).
2026-05-28 18:02:14,000 [root] DEBUG: 10720: DLL loaded at 0x00007FFC614E0000: C:\Windows\system32\execmodelproxy (0x18000 bytes).
2026-05-28 18:02:14,006 [root] DEBUG: 10720: DLL loaded at 0x00007FFC74740000: C:\Windows\System32\msvcp110_win (0x8a000 bytes).
2026-05-28 18:02:14,007 [root] DEBUG: 10720: DLL loaded at 0x00007FFC6FCE0000: C:\Windows\SYSTEM32\policymanager (0xa1000 bytes).
2026-05-28 18:02:14,027 [root] DEBUG: 10720: DLL loaded at 0x00007FFC665A0000: C:\Windows\System32\Windows.StateRepositoryPS (0x146000 bytes).
2026-05-28 18:02:14,035 [root] DEBUG: 10720: DLL loaded at 0x00007FFC75EE0000: C:\Windows\System32\WINTRUST (0x67000 bytes).
2026-05-28 18:02:14,036 [root] DEBUG: 10720: DLL loaded at 0x00007FFC6DB50000: C:\Windows\SYSTEM32\capauthz (0x51000 bytes).
2026-05-28 18:02:14,038 [root] DEBUG: 10720: DLL loaded at 0x00007FFC751B0000: C:\Windows\System32\MSASN1 (0x12000 bytes).
2026-05-28 18:02:14,053 [root] DEBUG: 10720: DLL loaded at 0x00007FFC5B720000: C:\Windows\System32\biwinrt (0x53000 bytes).
2026-05-28 18:02:14,088 [root] DEBUG: 10720: DLL loaded at 0x00007FFC5B910000: C:\Windows\System32\Windows.Storage.ApplicationData (0x66000 bytes).
2026-05-28 18:02:14,120 [root] DEBUG: 10720: DLL loaded at 0x00007FFC75020000: C:\Windows\System32\Wldp (0x2d000 bytes).
2026-05-28 18:02:14,122 [root] DEBUG: 10720: DLL loaded at 0x00007FFC73790000: C:\Windows\SYSTEM32\windows.storage (0x79b000 bytes).
2026-05-28 18:02:14,141 [root] DEBUG: 10720: DLL loaded at 0x00007FFC65B50000: C:\Windows\system32\mssprxy (0x28000 bytes).
2026-05-28 18:02:14,219 [root] DEBUG: 10720: DLL loaded at 0x00007FFC75F50000: C:\Windows\System32\CFGMGR32 (0x4e000 bytes).
2026-05-28 18:02:14,245 [root] DEBUG: 10720: DLL loaded at 0x00007FFC63700000: C:\Windows\System32\Windows.ApplicationModel (0xe9000 bytes).
2026-05-28 18:02:14,254 [root] DEBUG: 10720: DLL loaded at 0x00007FFC51A40000: C:\Windows\System32\CryptoWinRT (0x61000 bytes).
2026-05-28 18:02:14,279 [root] DEBUG: 10720: DLL loaded at 0x00007FFC6AB30000: C:\Windows\System32\StateRepository.Core (0xb1000 bytes).
2026-05-28 18:02:14,281 [root] DEBUG: 10720: DLL loaded at 0x00007FFC6AC50000: C:\Windows\System32\Windows.StateRepository (0x58e000 bytes).
2026-05-28 18:02:14,282 [root] DEBUG: 10720: DLL loaded at 0x00007FFC61260000: C:\Windows\System32\TileDataRepository (0x99000 bytes).
2026-05-28 18:02:14,295 [root] DEBUG: 10720: DLL loaded at 0x00007FFC6E1F0000: C:\Windows\System32\usermgrproxy (0x54000 bytes).
2026-05-28 18:02:14,311 [root] DEBUG: 10720: DLL loaded at 0x00007FFC73F70000: C:\Windows\System32\dxgi (0xf3000 bytes).
2026-05-28 18:02:14,312 [root] DEBUG: 10720: DLL loaded at 0x00007FFC71690000: C:\Windows\System32\d3d11 (0x263000 bytes).
2026-05-28 18:02:14,819 [root] DEBUG: 10720: DLL loaded at 0x00007FFC67810000: C:\Windows\System32\WININET (0x4d6000 bytes).
2026-05-28 18:02:14,821 [root] DEBUG: 10720: DLL loaded at 0x00007FFC5B5A0000: C:\Windows\System32\windows.internal.shell.broker (0xdd000 bytes).
2026-05-28 18:02:14,850 [root] DEBUG: 10720: DLL loaded at 0x00007FFC5CBD0000: C:\Windows\System32\PCShellCommonProxyStub (0x13000 bytes).
2026-05-28 18:02:14,876 [root] DEBUG: 10720: DLL loaded at 0x00007FFC75560000: C:\Windows\System32\USERENV (0x2e000 bytes).
2026-05-28 18:02:14,878 [root] DEBUG: 10720: DLL loaded at 0x00007FFC6A640000: C:\Windows\System32\Bcp47Langs (0x5b000 bytes).
2026-05-28 18:02:14,879 [root] DEBUG: 10720: DLL loaded at 0x00007FFC5FB10000: C:\Windows\System32\StartTileData (0x58a000 bytes).
2026-05-28 18:02:26,741 [root] INFO: Process with pid 10720 has terminated
2026-05-28 18:02:26,953 [root] INFO: Process lock is locked
2026-05-28 18:02:27,619 [root] DEBUG: 10720: NtTerminateProcess hook: Attempting to dump process 10720
2026-05-28 18:02:28,502 [root] DEBUG: 10720: DoProcessDump: Skipping process dump as code is identical on disk.
2026-05-28 18:02:33,115 [root] DEBUG: 9188: CreateProcessHandler: Injection info set for new process 5484: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe, ImageBase: 0x00007FF734750000
2026-05-28 18:02:34,211 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 5484, handle 0xab0: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
2026-05-28 18:02:35,151 [root] DEBUG: 9188: ProcessMessage: Skipping monitoring process 5484
2026-05-28 18:02:35,355 [root] DEBUG: 9188: ProcessMessage: Skipping monitoring process 5484
2026-05-28 18:02:35,634 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 5484 (handle 0xab0): 0x00007FF734750000.
2026-05-28 18:02:38,111 [root] DEBUG: 9188: DLL loaded at 0x00007FFC708F0000: C:\Windows\System32\Windows.System.UserProfile.DiagnosticsSettings (0x15000 bytes).
2026-05-28 18:02:39,462 [root] DEBUG: 9188: DLL loaded at 0x00007FFC708D0000: C:\Windows\System32\Windows.System.Diagnostics.Telemetry.PlatformTelemetryClient (0x12000 bytes).
2026-05-28 18:02:39,775 [root] DEBUG: 9188: CreateProcessHandler: Injection info set for new process 3656: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe, ImageBase: 0x00007FF734750000
2026-05-28 18:02:39,777 [root] DEBUG: 9188: ProcessMessage: Skipping monitoring process 3656
2026-05-28 18:02:39,778 [root] DEBUG: 9188: ProcessMessage: Skipping monitoring process 3656
2026-05-28 18:02:40,076 [root] INFO: Announced starting service "b'MicrosoftEdgeElevationService'"
2026-05-28 18:02:40,465 [root] INFO: Process with pid 9188 appears to have terminated
2026-05-28 18:02:40,502 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 3656, handle 0xac8: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
2026-05-28 18:02:40,504 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 3656 (handle 0xac8): 0x00007FF734750000.
2026-05-28 18:02:40,505 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 2196, handle 0xac8: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
2026-05-28 18:02:40,506 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 2196 (handle 0xac8): 0x00007FF734750000.
2026-05-28 18:02:40,507 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 764, handle 0xac8: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
2026-05-28 18:02:40,509 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 764 (handle 0xac8): 0x00007FF734750000.
2026-05-28 18:02:40,510 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 1180, handle 0xac8: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
2026-05-28 18:02:40,514 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 1180 (handle 0xac0): 0x00007FF734750000.
2026-05-28 18:02:40,516 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 2660, handle 0xac0: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
2026-05-28 18:02:40,517 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 2660 (handle 0xac0): 0x00007FF734750000.
2026-05-28 18:02:40,518 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 11124, handle 0xac0: C:\Program Files (x86)\Microsoft\Edge\Application\148.0.3967.83\identity_helper.exe
2026-05-28 18:02:40,520 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 11124 (handle 0xac0): 0x00007FF66CA90000.
2026-05-28 18:02:45,499 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 9856, handle 0xac0: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
2026-05-28 18:02:45,530 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 9856 (handle 0xac0): 0x00007FF734750000.
2026-05-28 18:02:45,547 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 10572, handle 0xac0: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
2026-05-28 18:02:45,566 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 10572 (handle 0xac0): 0x00007FF734750000.
2026-05-28 18:02:57,530 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 3640, handle 0x320: C:\Windows\System32\svchost.exe
2026-05-28 18:03:00,018 [root] DEBUG: 740: CreateProcessHandler: Injection info set for new process 9716: C:\Windows\system32\DllHost.exe, ImageBase: 0x00007FF699DF0000
2026-05-28 18:03:00,062 [root] DEBUG: 740: CreateProcessHandler: Injection info set for new process 9816: C:\Windows\system32\wbem\wmiprvse.exe, ImageBase: 0x00007FF6209B0000
2026-05-28 18:03:00,095 [root] INFO: Announced 64-bit process name: dllhost.exe pid: 9716
2026-05-28 18:03:00,112 [lib.api.process] INFO: Monitor config for process 9716: C:\_a4sjgfa\dll\9716.ini
2026-05-28 18:03:00,111 [root] INFO: Announced 64-bit process name: WmiPrvSE.exe pid: 9816
2026-05-28 18:03:00,125 [lib.api.process] INFO: Monitor config for process 9816: C:\_a4sjgfa\dll\9816.ini
2026-05-28 18:03:00,134 [lib.api.process] INFO: Option 'interactive' with value '1' sent to monitor
2026-05-28 18:03:00,152 [lib.api.process] INFO: 64-bit DLL to inject is C:\_a4sjgfa\dll\tHnPbxs.dll, loader C:\_a4sjgfa\bin\GGsGuLID.exe
2026-05-28 18:03:00,169 [lib.api.process] INFO: Option 'interactive' with value '1' sent to monitor
2026-05-28 18:03:00,260 [root] DEBUG: Loader: Injecting process 9716 (thread 9720) with C:\_a4sjgfa\dll\tHnPbxs.dll.
2026-05-28 18:03:00,337 [root] DEBUG: InjectDllViaIAT: Successfully patched IAT.
2026-05-28 18:03:00,394 [lib.api.process] INFO: 64-bit DLL to inject is C:\_a4sjgfa\dll\tHnPbxs.dll, loader C:\_a4sjgfa\bin\GGsGuLID.exe
2026-05-28 18:03:00,397 [root] DEBUG: Successfully injected DLL C:\_a4sjgfa\dll\tHnPbxs.dll.
2026-05-28 18:03:00,447 [root] DEBUG: Loader: Injecting process 9816 (thread 9648) with C:\_a4sjgfa\dll\tHnPbxs.dll.
2026-05-28 18:03:00,469 [lib.api.process] INFO: Injected into 64-bit <Process 9716 dllhost.exe>
2026-05-28 18:03:00,480 [root] DEBUG: InjectDllViaIAT: Successfully patched IAT.
2026-05-28 18:03:00,517 [root] INFO: Announced 64-bit process name: dllhost.exe pid: 9716
2026-05-28 18:03:00,527 [lib.api.process] INFO: Monitor config for process 9716: C:\_a4sjgfa\dll\9716.ini
2026-05-28 18:03:00,527 [root] DEBUG: Successfully injected DLL C:\_a4sjgfa\dll\tHnPbxs.dll.
2026-05-28 18:03:00,527 [lib.api.process] INFO: Option 'interactive' with value '1' sent to monitor
2026-05-28 18:03:00,540 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 9192, handle 0x8dc: C:\Windows\System32\svchost.exe
2026-05-28 18:03:00,543 [lib.api.process] INFO: 64-bit DLL to inject is C:\_a4sjgfa\dll\tHnPbxs.dll, loader C:\_a4sjgfa\bin\GGsGuLID.exe
2026-05-28 18:03:00,565 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 9192 (handle 0x8dc): 0x00007FF780360000.
2026-05-28 18:03:00,569 [lib.api.process] INFO: Injected into 64-bit <Process 9816 WmiPrvSE.exe>
2026-05-28 18:03:00,592 [root] DEBUG: Loader: Injecting process 9716 (thread 9720) with C:\_a4sjgfa\dll\tHnPbxs.dll.
2026-05-28 18:03:00,600 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 9492, handle 0x8dc: C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
2026-05-28 18:03:00,619 [root] DEBUG: InjectDllViaIAT: Successfully patched IAT.
2026-05-28 18:03:00,620 [root] INFO: Announced 64-bit process name: WmiPrvSE.exe pid: 9816
2026-05-28 18:03:00,623 [lib.api.process] INFO: Monitor config for process 9816: C:\_a4sjgfa\dll\9816.ini
2026-05-28 18:03:00,624 [lib.api.process] INFO: Option 'interactive' with value '1' sent to monitor
2026-05-28 18:03:00,627 [root] DEBUG: Successfully injected DLL C:\_a4sjgfa\dll\tHnPbxs.dll.
2026-05-28 18:03:00,623 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 9492 (handle 0xad0): 0x0000000000030000.
2026-05-28 18:03:00,733 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 9716, handle 0xad0: C:\Windows\System32\dllhost.exe
2026-05-28 18:03:00,733 [lib.api.process] INFO: Injected into 64-bit <Process 9716 dllhost.exe>
2026-05-28 18:03:00,777 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 9816, handle 0xad0: C:\Windows\System32\wbem\WmiPrvSE.exe
2026-05-28 18:03:00,781 [lib.api.process] INFO: 64-bit DLL to inject is C:\_a4sjgfa\dll\tHnPbxs.dll, loader C:\_a4sjgfa\bin\GGsGuLID.exe
2026-05-28 18:03:00,871 [root] DEBUG: 9716: Python path set to 'C:\Users\admin\AppData\Local\Python\pythoncore-3.14-64'.
2026-05-28 18:03:00,871 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 9816 (handle 0xa74): 0x00007FF6209B0000.
2026-05-28 18:03:00,928 [root] DEBUG: 9716: Interactive desktop enabled.
2026-05-28 18:03:00,966 [root] DEBUG: Loader: Injecting process 9816 (thread 9648) with C:\_a4sjgfa\dll\tHnPbxs.dll.
2026-05-28 18:03:00,979 [root] DEBUG: 9716: Dropped file limit defaulting to 100.
2026-05-28 18:03:00,990 [root] DEBUG: InjectDllViaIAT: This image has already been patched.
2026-05-28 18:03:01,037 [root] DEBUG: Successfully injected DLL C:\_a4sjgfa\dll\tHnPbxs.dll.
2026-05-28 18:03:01,040 [root] DEBUG: 9716: Disabling sleep skipping.
2026-05-28 18:03:01,082 [lib.api.process] INFO: Injected into 64-bit <Process 9816 WmiPrvSE.exe>
2026-05-28 18:03:01,104 [root] DEBUG: 9716: YaraInit: Compiled rules loaded from existing file C:\_a4sjgfa\data\yara\capemon.yac
2026-05-28 18:03:01,104 [root] DEBUG: 9816: Python path set to 'C:\Users\admin\AppData\Local\Python\pythoncore-3.14-64'.
2026-05-28 18:03:01,125 [root] DEBUG: 9716: RtlInsertInvertedFunctionTable 0x00007FFC77FE090E, LdrpInvertedFunctionTableSRWLock 0x00007FFC7813D4F0
2026-05-28 18:03:01,127 [root] DEBUG: 9816: Interactive desktop enabled.
2026-05-28 18:03:01,158 [root] DEBUG: 9716: YaraScan: Scanning 0x00007FF699DF0000, size 0x8026
2026-05-28 18:03:01,184 [root] DEBUG: 9816: Dropped file limit defaulting to 100.
2026-05-28 18:03:01,189 [root] DEBUG: 9716: Monitor initialised: 64-bit capemon loaded in process 9716 at 0x00007FFC33AB0000, thread 9720, image base 0x00007FF699DF0000, stack from 0x0000009B1AFD4000-0x0000009B1AFE0000
2026-05-28 18:03:01,201 [root] DEBUG: 9816: Disabling sleep skipping.
2026-05-28 18:03:01,201 [root] DEBUG: 9716: Commandline: C:\Windows\system32\DllHost.exe /Processid:{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}
2026-05-28 18:03:01,239 [root] DEBUG: 9816: Services hook set enabled
2026-05-28 18:03:01,244 [root] DEBUG: 9716: hook_api: LdrpCallInitRoutine export address 0x00007FFC77FE99BC obtained via GetFunctionAddress
2026-05-28 18:03:01,317 [root] WARNING: b'Unable to create trampoline for LockResource, hook type 2'
2026-05-28 18:03:01,319 [root] DEBUG: 9816: YaraInit: Compiled rules loaded from existing file C:\_a4sjgfa\data\yara\capemon.yac
2026-05-28 18:03:01,353 [root] DEBUG: 9716: set_hooks: Unable to hook LockResource
2026-05-28 18:03:01,380 [root] DEBUG: 9816: RtlInsertInvertedFunctionTable 0x00007FFC77FE090E, LdrpInvertedFunctionTableSRWLock 0x00007FFC7813D4F0
2026-05-28 18:03:01,457 [root] DEBUG: 9716: Hooked 627 out of 628 functions
2026-05-28 18:03:01,461 [root] DEBUG: 9816: Monitor initialised: 64-bit capemon loaded in process 9816 at 0x00007FFC33AB0000, thread 9648, image base 0x00007FF6209B0000, stack from 0x000000DA57190000-0x000000DA571A0000
2026-05-28 18:03:01,475 [root] DEBUG: 9716: Syscall hook installed, syscall logging level 1
2026-05-28 18:03:01,490 [root] DEBUG: 9816: Commandline: C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
2026-05-28 18:03:01,534 [root] DEBUG: 9716: RestoreHeaders: Restored original import table.
2026-05-28 18:03:01,538 [root] DEBUG: 9816: Hooked 69 out of 69 functions
2026-05-28 18:03:01,563 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 9716 (handle 0xa60): 0x00007FF699DF0000.
2026-05-28 18:03:01,583 [root] INFO: Loaded monitor into process with pid 9716
2026-05-28 18:03:01,598 [root] DEBUG: 9816: RestoreHeaders: Restored original import table.
2026-05-28 18:03:01,604 [root] DEBUG: 9716: caller_dispatch: Added region at 0x00007FF699DF0000 to tracked regions list (kernel32::SetUnhandledExceptionFilter returns to 0x00007FF699DF1349, thread 9720).
2026-05-28 18:03:01,608 [root] INFO: Loaded monitor into process with pid 9816
2026-05-28 18:03:01,624 [root] DEBUG: 9716: YaraScan: Scanning 0x00007FF699DF0000, size 0x8026
2026-05-28 18:03:01,641 [root] DEBUG: 9816: DLL loaded at 0x00007FFC734B0000: C:\Windows\SYSTEM32\kernel.appcore (0x12000 bytes).
2026-05-28 18:03:01,664 [root] DEBUG: 9716: ProcessImageBase: Main module image at 0x00007FF699DF0000 unmodified (entropy change 0.000000e+00)
2026-05-28 18:03:01,692 [root] DEBUG: 9816: DLL loaded at 0x00007FFC75FA0000: C:\Windows\System32\bcryptPrimitives (0x82000 bytes).
2026-05-28 18:03:01,704 [root] DEBUG: 9716: DLL loaded at 0x00007FFC734B0000: C:\Windows\SYSTEM32\kernel.appcore (0x12000 bytes).
2026-05-28 18:03:01,738 [root] DEBUG: 9716: DLL loaded at 0x00007FFC75FA0000: C:\Windows\System32\bcryptPrimitives (0x82000 bytes).
2026-05-28 18:03:01,783 [root] DEBUG: 9816: DLL loaded at 0x00007FFC765F0000: C:\Windows\System32\clbcatq (0xa9000 bytes).
2026-05-28 18:03:01,822 [root] DEBUG: 9716: DLL loaded at 0x00007FFC765F0000: C:\Windows\System32\clbcatq (0xa9000 bytes).
2026-05-28 18:03:01,857 [lib.api.process] INFO: Monitor config for process 8196: C:\_a4sjgfa\dll\8196.ini
2026-05-28 18:03:01,931 [lib.api.process] INFO: Option 'interactive' with value '1' sent to monitor
2026-05-28 18:03:01,943 [lib.api.process] INFO: 64-bit DLL to inject is C:\_a4sjgfa\dll\tHnPbxs.dll, loader C:\_a4sjgfa\bin\GGsGuLID.exe
2026-05-28 18:03:02,001 [root] DEBUG: 9716: DLL loaded at 0x00007FFC730A0000: C:\Windows\system32\uxtheme (0x9e000 bytes).
2026-05-28 18:03:02,029 [root] DEBUG: Loader: Injecting process 8196 with C:\_a4sjgfa\dll\tHnPbxs.dll.
2026-05-28 18:03:02,090 [root] DEBUG: 8196: Python path set to 'C:\Users\admin\AppData\Local\Python\pythoncore-3.14-64'.
2026-05-28 18:03:02,158 [root] DEBUG: 9716: DLL loaded at 0x00007FFC74BA0000: C:\Windows\system32\logoncli (0x43000 bytes).
2026-05-28 18:03:02,176 [root] DEBUG: 8196: Disabling sleep skipping.
2026-05-28 18:03:02,193 [root] DEBUG: 9716: DLL loaded at 0x00007FFC74B80000: C:\Windows\system32\netutils (0xc000 bytes).
2026-05-28 18:03:02,213 [root] DEBUG: 8196: Interactive desktop enabled.
2026-05-28 18:03:02,224 [root] DEBUG: 9716: DLL loaded at 0x00007FFC6E0A0000: C:\Windows\system32\dhcpcsvc (0x1d000 bytes).
2026-05-28 18:03:02,245 [root] DEBUG: 8196: Dropped file limit defaulting to 100.
2026-05-28 18:03:02,250 [root] DEBUG: 9716: DLL loaded at 0x00007FFC707B0000: C:\Windows\system32\WINHTTP (0x10a000 bytes).
2026-05-28 18:03:02,282 [root] DEBUG: 8196: Services hook set enabled
2026-05-28 18:03:02,302 [root] DEBUG: 9716: DLL loaded at 0x00007FFC747F0000: C:\Windows\SYSTEM32\ntmarta (0x33000 bytes).
2026-05-28 18:03:02,356 [root] DEBUG: 8196: YaraInit: Compiled rules loaded from existing file C:\_a4sjgfa\data\yara\capemon.yac
2026-05-28 18:03:02,392 [root] DEBUG: 9716: DLL loaded at 0x00007FFC775B0000: C:\Windows\System32\shcore (0xad000 bytes).
2026-05-28 18:03:02,393 [root] DEBUG: 8196: RtlInsertInvertedFunctionTable 0x00007FFC77FE090E, LdrpInvertedFunctionTableSRWLock 0x00007FFC7813D4F0
2026-05-28 18:03:02,410 [root] DEBUG: 9716: DLL loaded at 0x00007FFC74A70000: C:\Windows\system32\IPHLPAPI (0x3b000 bytes).
2026-05-28 18:03:02,430 [root] DEBUG: 8196: Monitor initialised: 64-bit capemon loaded in process 8196 at 0x00007FFC33AB0000, thread 2780, image base 0x00007FF780360000, stack from 0x00000093D7AF4000-0x00000093D7B00000
2026-05-28 18:03:02,444 [root] DEBUG: 9716: DLL loaded at 0x00007FFC75560000: C:\Windows\system32\USERENV (0x2e000 bytes).
2026-05-28 18:03:02,447 [root] DEBUG: 8196: Commandline: C:\Windows\system32\svchost.exe -k netsvcs -p
2026-05-28 18:03:02,488 [root] DEBUG: 9716: DLL loaded at 0x00007FFC755E0000: C:\Windows\system32\profapi (0x25000 bytes).
2026-05-28 18:03:02,525 [root] DEBUG: 8196: Hooked 69 out of 69 functions
2026-05-28 18:03:02,552 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 4608, handle 0xa60: C:\_a4sjgfa\bin\GGsGuLID.exe
2026-05-28 18:03:02,566 [root] INFO: Loaded monitor into process with pid 8196
2026-05-28 18:03:02,584 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 4608 (handle 0xa74): 0x00007FF79BBD0000.
2026-05-28 18:03:02,606 [root] DEBUG: 9716: DLL loaded at 0x00007FFC711F0000: C:\Windows\system32\XmlLite (0x36000 bytes).
2026-05-28 18:03:02,615 [root] DEBUG: InjectDllViaThread: Successfully injected Dll into process via RtlCreateUserThread.
2026-05-28 18:03:02,645 [root] DEBUG: 9716: DLL loaded at 0x00007FFC74AB0000: C:\Windows\system32\DNSAPI (0xca000 bytes).
2026-05-28 18:03:02,653 [root] DEBUG: Successfully injected DLL C:\_a4sjgfa\dll\tHnPbxs.dll.
2026-05-28 18:03:02,683 [root] DEBUG: 9716: DLL loaded at 0x00007FFC1A000000: C:\Windows\system32\domgmt (0x86000 bytes).
2026-05-28 18:03:02,723 [lib.api.process] INFO: Injected into 64-bit <Process 8196 svchost.exe>
2026-05-28 18:03:02,754 [root] DEBUG: 9716: DLL loaded at 0x00007FFC771D0000: C:\Windows\System32\NSI (0x8000 bytes).
2026-05-28 18:03:02,785 [root] DEBUG: 9716: DLL loaded at 0x00007FFC66790000: C:\Windows\System32\OneCoreCommonProxyStub (0x7f000 bytes).
2026-05-28 18:03:04,615 [root] DEBUG: 4584: DLL loaded at 0x00007FFC601B0000: C:\Windows\System32\wscinterop (0x3d000 bytes).
2026-05-28 18:03:04,625 [root] DEBUG: 4584: DLL loaded at 0x00007FFC6A330000: C:\Windows\System32\WSCAPI (0x4d000 bytes).
2026-05-28 18:03:04,652 [root] DEBUG: 4584: DLL loaded at 0x00007FFC50D30000: C:\Windows\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.19041.3636_none_91a19322cc8a92a3\gdiplus (0x1a5000 bytes).
2026-05-28 18:03:04,677 [root] DEBUG: 4584: DLL loaded at 0x00007FFC63BE0000: C:\Windows\System32\wscui.cpl (0x19000 bytes).
2026-05-28 18:03:04,738 [root] DEBUG: 4584: DLL loaded at 0x00007FFC19950000: C:\Windows\System32\framedynos (0x52000 bytes).
2026-05-28 18:03:04,797 [root] DEBUG: 4584: DLL loaded at 0x00007FFC732A0000: C:\Windows\System32\wer (0xde000 bytes).
2026-05-28 18:03:04,830 [root] DEBUG: 9816: DLL loaded at 0x00007FFC61080000: C:\Windows\system32\wbem\wbemprox (0x11000 bytes).
2026-05-28 18:03:04,830 [root] DEBUG: 4584: DLL loaded at 0x00007FFC199B0000: C:\Windows\System32\werconcpl (0xde000 bytes).
2026-05-28 18:03:04,879 [root] DEBUG: 4584: DLL loaded at 0x00007FFC5FAF0000: C:\Windows\System32\hcproviders (0x14000 bytes).
2026-05-28 18:03:04,895 [root] DEBUG: 9816: DLL loaded at 0x00007FFC63BB0000: C:\Windows\system32\wbem\wbemsvc (0x14000 bytes).
2026-05-28 18:03:04,968 [root] DEBUG: 4584: DLL loaded at 0x00007FFC19860000: C:\Windows\System32\ieproxy (0xee000 bytes).
2026-05-28 18:03:05,118 [root] DEBUG: 9816: DLL loaded at 0x00007FFC708E0000: C:\Windows\system32\wbem\wmiutils (0x28000 bytes).
2026-05-28 18:03:05,332 [root] DEBUG: 9816: DLL loaded at 0x00007FFC75460000: C:\Windows\SYSTEM32\powrprof (0x4b000 bytes).
2026-05-28 18:03:05,363 [root] DEBUG: 9816: DLL loaded at 0x00007FFC19950000: C:\Windows\SYSTEM32\framedynos (0x52000 bytes).
2026-05-28 18:03:05,411 [root] DEBUG: 9816: DLL loaded at 0x00007FFC19650000: C:\Windows\system32\wbem\cimwin32 (0x20c000 bytes).
2026-05-28 18:03:05,449 [root] DEBUG: 9816: DLL loaded at 0x00007FFC75440000: C:\Windows\SYSTEM32\UMPDC (0x12000 bytes).
2026-05-28 18:03:05,551 [root] DEBUG: 9816: DLL loaded at 0x000002C2EE1B0000: C:\Windows\SYSTEM32\WMI (0x3000 bytes).
2026-05-28 18:03:05,567 [root] DEBUG: 9816: DLL loaded at 0x00007FFC6F2C0000: C:\Windows\SYSTEM32\wmiclnt (0x11000 bytes).
2026-05-28 18:03:05,624 [root] DEBUG: 9816: CreateThreadBreakpoints: Failed to open thread and get a handle.
2026-05-28 18:03:06,551 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 11284, handle 0xa60: C:\Windows\System32\svchost.exe
2026-05-28 18:03:06,589 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 11284 (handle 0xa60): 0x00007FF780360000.
2026-05-28 18:03:06,628 [root] DEBUG: 7912: OpenProcessHandler: Injection info created for process 11304, handle 0xa60: C:\Windows\System32\svchost.exe
2026-05-28 18:03:06,665 [root] DEBUG: 7912: OpenProcessHandler: Image base for process 11304 (handle 0xa60): 0x00007FF780360000.
2026-05-28 18:03:07,932 [root] INFO: Process with pid 9716 has terminated
2026-05-28 18:03:08,022 [root] DEBUG: 9716: NtTerminateProcess hook: Attempting to dump process 9716
2026-05-28 18:03:08,093 [root] DEBUG: 9716: DoProcessDump: Skipping process dump as code is identical on disk.

Process Log

Pre-Script Log

During-Script Log

Machine Information

Name	Label	Manager	Started On	Shutdown On	Route
cuckoo1	cuckoo1	KVM	2026-05-28 18:01:45	2026-05-28 18:03:34	`none`

URL Details

Processing 2.33s

1.689s UrlAnalysis
0.618s BehaviorAnalysis
0.019s AnalysisInfo
0.001s Debug
0.001s script_log_processing

Signatures 1.10s

0.399s antiav_detectreg
0.138s infostealer_ftp
0.132s territorial_disputes_sigs
0.086s antianalysis_detectreg
0.078s infostealer_im
0.045s antivm_vbox_keys
0.031s antivm_vmware_keys
0.024s antivm_parallels_keys
0.023s antivm_xen_keys
0.016s antivm_generic_diskreg
0.015s antivm_vpc_keys
0.015s infostealer_mail
0.009s masquerade_process_name
0.008s antivm_hyperv_keys
0.008s bypass_firewall
0.007s antiav_detectfile
0.007s antivm_bochs_keys
0.007s suspicious_command_tools
0.007s uses_windows_utilities
0.006s antivm_generic_bios
0.004s antianalysis_detectfile
0.004s infostealer_bitcoin
0.004s ransomware_files
0.003s antivm_vbox_files
0.003s ketrican_regkeys
0.003s recon_fingerprint
0.002s odbcconf_bypass
0.002s ransomware_extensions_known
0.001s accesses_netlogon_regkey
0.001s antidebug_devices
0.001s antivm_vbox_devices
0.001s antivm_vmware_files
0.001s checks_uac_status
0.001s uac_bypass_cmstpcom
0.001s registry_lsa_secrets_access
0.001s disables_windows_defender_logging
0.001s removes_windows_defender_contextmenu
0.001s folder_enumeration
0.001s discover_registry_mount_points
0.001s accesses_office_username
0.001s packer_armadillo_regkey

Reporting 0.04s

0.036s JsonDump

Signatures

Checks available memory

Queries computer hostname

Queries the keyboard layout

Queries the computer locale (possible geofencing)

A file was accessed within the Public folder.

file: C:\Users\Public\Desktop\GGsGuLID.exe

file: C:\Users\Public\Desktop

SetUnhandledExceptionFilter detected (possible anti-debug)

Checks adapter addresses which can be used to detect virtual network interfaces

Possible date expiration check, exits too soon after checking local time

process: dllhost.exe, PID 9716

Checks system language via registry key (possible geofencing)

regkey: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\en-AU

regkey: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\en-AU

Checks for mouse movement

mouse_movement: Checks for mouse movement (mouse movement observed in sandbox during sampling).

Queries process token information to check for Administrator privileges or UAC elevation status

Queried the FIPS cryptography policy, can be used to adapt C2 network encryption or by legitimate encryption software

behavioral_fips_reconnaissance: ["dllhost.exe (PID: 9716) probed FIPS encryption policy at 'HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Lsa\\FipsAlgorithmPolicy'", "dllhost.exe (PID: 9716) probed FIPS encryption policy at 'HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Lsa\\FipsAlgorithmPolicy\\MDMEnabled'", "dllhost.exe (PID: 9716) probed FIPS encryption policy at 'HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Lsa\\FipsAlgorithmPolicy\\Enabled'", "Taskmgr.exe (PID: 7912) probed FIPS encryption policy at 'HKEY_LOCAL_MACHINE\\System\\CurrentControlSet\\Control\\Lsa\\FipsAlgorithmPolicy'", "Taskmgr.exe (PID: 7912) probed FIPS encryption policy at 'HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Lsa\\FipsAlgorithmPolicy\\STE'", "dllhost.exe (PID: 9716) probed FIPS encryption policy at 'HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Lsa\\FipsAlgorithmPolicy\\STE'", "Taskmgr.exe (PID: 7912) probed FIPS encryption policy at 'HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Lsa\\FipsAlgorithmPolicy'", "Taskmgr.exe (PID: 7912) probed FIPS encryption policy at 'HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Lsa\\FipsAlgorithmPolicy\\MDMEnabled'", "Taskmgr.exe (PID: 7912) probed FIPS encryption policy at 'HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Lsa\\FipsAlgorithmPolicy\\Enabled'", "dllhost.exe (PID: 9716) probed FIPS encryption policy at 'HKEY_LOCAL_MACHINE\\System\\CurrentControlSet\\Control\\Lsa\\FipsAlgorithmPolicy'"]

Queries the mount points and then resolves volume paths to enumerate storage devices

A DLL was loaded from a suspicious directory

suspicious_dll_load: Process msedge.exe loaded a DLL from a suspicious directory, this is possibly indicative of DLL side loading/search order hijacking

Registers a vectored exception handler (VEH), possibly to hijack execution flow

Creates a process in a suspended state, likely for injection

Resumed a thread in another process

thread_resumed: Process explorer.exe with process ID 4584 resumed a thread in another process with the process ID 7912

Reads from the memory of another process

read_memory: Process taskmgr.exe with process ID 7912 read from the memory of process handle 0x00000610

Queries registry mount points to identify historical or connected removable/network drives

mount_point_key: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{528c102f-0000-0000-0000-100000000000}\Generation

mount_point_key: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{528c102f-0000-0000-0000-100000000000}\Data

mount_point_key: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{e32a94c0-5af2-11f1-ae2c-806e6f6e6963}\

mount_point_key: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{528c102f-0000-0000-0000-300300000000}\

mount_point_key: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{528c102f-0000-0000-0000-c0dd0e000000}\

mount_point_key: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{528c102f-0000-0000-0000-300300000000}\Data

mount_point_key: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{e32a94c0-5af2-11f1-ae2c-806e6f6e6963}\Data

mount_point_key: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{528c102f-0000-0000-0000-c0dd0e000000}\Generation

mount_point_key: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{528c102f-0000-0000-0000-100000000000}\

mount_point_key: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{e32a94c0-5af2-11f1-ae2c-806e6f6e6963}\Generation

mount_point_key: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{528c102f-0000-0000-0000-300300000000}\Generation

mount_point_key: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{528c102f-0000-0000-0000-c0dd0e000000}\Data

Tries to unhook or modify Windows functions monitored by CAPE

unhook: function_name: CommandLineToArgvW, type: restored

Queries the Volume Serial Number or Physical Hardware ID, possibly for anti-sandbox, victim profiling or environmental keying

Attempts to query display device information, possibly to determine if the process is running in a virtualized environment

Uses suspicious IO control codes, indicative of disk enumeration or a bootkit/wiper

Collects information to fingerprint the system

regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\MachineGuid

Seek in progress...

00:00 / 00:00

Summary

Accessed Files Modified Files Registry Keys Read Registry Keys Modified Registry Keys Deleted Registry Keys Resolved APIs Executed Commands Mutexes Started Services

\Device\Bam
C:\Windows\explorer.exe
C:\Windows\System32\d3d10warp.dll
C:\Windows\System32\en-US\explorerframe.dll.mui
C:\Windows\System32
C:\
C:\Windows\
C:\Windows\System32\
C:\Windows\System32\Taskmgr.exe
C:\Windows\System32\Taskmgr.exe\
C:\Windows
C:
\??\MountPointManager
\??\Volume{528c102f-0000-0000-0000-300300000000}
C:\Windows\System32\en-US\taskmgr.exe.mui
C:\Windows\System32\pcacli.dll
C:\Windows\System32\mpr.dll
C:\Windows\WinSxS\FileMaps\$$_system32_21f9a9c4a2f8b514.cdf-ms
C:\Windows\apppatch\sysmain.sdb
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations
C:\Windows\System32\en-US\Taskmgr.exe.mui
C:\Program Files (x86)\Microsoft\
C:\Program Files (x86)\Microsoft\Edge\Application\
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
C:\Windows\System32\twinui.pcshell.dll
C:\Users\admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\ShellFeeds\GLEAM-LIGHT.svg
C:\Users\admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\ShellFeeds\GLEAM-DARK.svg
C:\Windows\System32\SecurityHealthSSO.dll
C:\Windows\System32\wscui.cpl
C:\Windows\System32\en-US\wscui.cpl.mui
C:\Windows\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.19041.3636_none_91a19322cc8a92a3
C:\Windows\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.19041.3636_none_91a19322cc8a92a3\GdiPlus.dll
C:\Windows\System32\en-US\Actioncenter.dll.mui
C:\Windows\System32\Actioncenter.dll.3.Manifest
\??\PhysicalDrive0
C:\Windows\System32\wbem\WmiPrvSE.exe
C:\Windows\System32\umpdc.dll
C:\Windows\WindowsShell.Manifest
\Device\CNG
C:\Windows\System32\taskmgr.exe.3.Manifest
C:\Windows\Fonts\staticcache.dat
C:\Windows\System32\TextShaping.dll
C:\Windows\System32\textinputframework.dll
C:\Windows\System32\CoreUIComponents.dll
C:\Windows\System32\CoreMessaging.dll
C:\Windows\System32\ntmarta.dll
C:\Windows\System32\WinTypes.dll
C:\Windows\Globalization\Sorting\sortdefault.nls
C:\Windows\System32\policymanager.dll
C:\Windows\System32\msvcp110_win.dll
\Device\PcwDrv
C:\Windows\System32\wtsapi32.dll
C:\Windows\System32\WDI\LogFiles\StartupInfo\S-1-5-21-3968686040-3210279463-847977608-1001_StartupInfo1.xml
C:\Windows\System32\windows.storage.dll
C:\Windows\System32\wldp.dll
C:\Windows\System32\WDI\LogFiles\StartupInfo\S-1-5-21-3968686040-3210279463-847977608-1001_StartupInfo2.xml
C:\Windows\System32\WDI\LogFiles\StartupInfo\S-1-5-21-3968686040-3210279463-847977608-1001_StartupInfo3.xml
C:\Windows\System32\WDI\LogFiles\StartupInfo\S-1-5-21-3968686040-3210279463-847977608-1001_StartupInfo4.xml
C:\Windows\System32\WDI\LogFiles\StartupInfo\S-1-5-21-3968686040-3210279463-847977608-1001_StartupInfo5.xml
C:\Windows\System32\winsta.dll
C:\Windows\System32\xmllite.dll
C:\Windows\System32\WindowsCodecs.dll
C:\Program Files (x86)\Steam\bin\cef\cef.win64\steamwebhelper.exe
C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe
C:\Program Files\Google\Chrome\Application\148.0.7778.217\Installer\chrmstp.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files
C:\Windows\System32\reg.exe
C:\Users\admin\AppData\Local\Discord\app-1.0.9238\Discord.exe
C:\Program Files (x86)\Steam\steamsysinfo.exe
C:\Windows\System32\SecurityHealthSystray.exe
C:\Users\admin\AppData\Local\Microsoft\WindowsApps\python.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.*
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\*.*
C:\Windows\System32\en-US\SecurityHealthSystray.exe.mui
C:\Windows\System32\en\SecurityHealthSystray.exe.mui
C:\Windows\System32\shell32.dll
C:\Windows\System32\oleacc.dll
C:\Users\admin
C:\Users\admin\AppData\Local
C:\Users\admin\AppData\Local\IconCache.db
C:\Windows\System32\en-US\OLEACCRC.DLL.mui
C:\Windows\System32\UxTheme.dll.Config
C:\Windows\System32\uxtheme.dll
C:\Windows\System32\resmon.exe
C:\Windows\System32\samcli.dll
C:\Windows\System32\samlib.dll
C:\Windows\System32\en-US\csrss.exe.mui
C:\Users\admin\AppData\Local\Microsoft\Windows\Explorer
C:\Windows\System32\en-US\winlogon.exe.mui
C:\Users\admin\AppData\Local\Microsoft\Windows\Explorer\IconCacheToDelete
C:\Users\admin\AppData\Local\Microsoft\Windows\Explorer\iconcache_idx.db
C:\Windows\System32\en-US\svchost.exe.mui
C:\Users\admin\AppData\Local\Microsoft\Windows\Explorer\iconcache_16.db
C:\Users\admin\AppData\Local\Microsoft\Windows\Caches
C:\Users\admin\AppData\Local\Microsoft\Windows\Caches\cversions.1.db
C:\Users\admin\AppData\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000002.db
C:\Users\desktop.ini
C:\Users
C:\Users\admin\AppData
C:\Users\admin\AppData\Local\Microsoft
C:\Users\admin\AppData\Local\Microsoft\WindowsApps
C:\Users\admin\AppData\Local\Microsoft\WindowsApps\desktop.ini
C:\Windows\SysWOW64\propsys.dll
C:\Windows\System32\propsys.dll
C:\Windows\System32\en-US\propsys.dll.mui
C:\Windows\System32\svchost.exe
C:\Users\admin\AppData\Local\microsoft\windowsapps\python.exe
C:\Windows\System32\imageres.dll
C:\Windows\System32\en-US\imageres.dll.mui
C:\Windows\System32\SystemResources\imageres.dll.mui.mun
C:\Windows\SystemResources\imageres.dll.mun
C:\Users\admin\AppData\Local\Python\pythoncore-3.14-64\python.exe
C:\Windows\System32\conhost.exe
C:\??\c:\windows\system32\conhost.exe
C:\Users\admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\admin\AppData\Local\Discord\Update.exe
C:\Users\admin\AppData\Local\SystemResources\update.exe.mun
C:\Windows\System32\en-US\reg.exe.mui
C:\Windows\SystemResources\reg.exe.mun
C:\Users\admin\AppData\Local\Discord\app-1.0.9238\modules\discord_voice-1\discord_voice\gpu_encoder_helper.exe
C:\Users\admin\AppData\Local\Discord\app-1.0.9238\modules\discord_voice-1\SystemResources\gpu_encoder_helper.exe.mun
C:\Program Files (x86)\Steam\steam.exe
C:\Windows\System32\bin\vulkandriverquery64.exe
C:\Windows\System32\en-US\spoolsv.exe.mui
C:\Windows\System32\bin\vulkandriverquery.exe
C:\Windows\System32\bin\gldriverquery64.exe
C:\Windows\System32\bin\gldriverquery.exe
C:\Program Files (x86)
C:\Program Files (x86)\desktop.ini
C:\Program Files (x86)\Steam
C:\program files (x86)\Steam\steamsysinfo.exe
C:\program files (x86)\SystemResources\steamsysinfo.exe.mun
C:\Windows\System32\en-US\SearchIndexer.exe.mui
C:\Windows\System32\en-US\taskhostw.exe.mui
C:\Windows\System32\apphelp.dll
C:\Windows\System32\windows.staterepositorycore.dll
C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\resources.pri
C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\pris\resources*.pri
C:\Windows\System32\languageoverlayutil.dll
C:\Windows\rescache\_merged\24768367\3374421605.pri
C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\pris\resources.en-US.pri
C:\Windows\System32\BCP47mrm.dll
C:\Windows\System32\iertutil.dll
C:\Windows\system32
C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3745_none_7ded3f327ca60a41\en-US\TiWorker.exe.mui
C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3745_none_7ded3f327ca60a41\en\TiWorker.exe.mui
C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3745_none_7ded3f327ca60a41\TiWorker.exe
C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\resources.pri
C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\pris\resources*.pri
C:\Windows\rescache\_merged\4225414570\2601266601.pri
C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\pris\resources.en-US.pri
C:\Windows\System32\en-US\notepad.exe.mui
C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\resources.pri
C:\ProgramData\Microsoft\User Account Pictures\user.png
C:\Windows\System32\ntoskrnl.exe
C:\Windows\SystemResources\ntoskrnl.exe.mun
C:\Windows\System32\csrss.exe
C:\Windows\SystemResources\csrss.exe.mun
C:\Windows\System32\fontdrvhost.exe
C:\Windows\SystemResources\fontdrvhost.exe.mun
C:\Windows\System32\sihost.exe
C:\Windows\SystemResources\sihost.exe.mun
C:\Windows\System32\taskhostw.exe
C:\Windows\SystemResources\taskhostw.exe.mun
C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\Assets\smalllogo.scale-100.png
C:\Windows\WinSxS\SystemResources\tiworker.exe.mun
C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\Assets\Icons\AppListIcon.scale-100.png
C:\Windows\System32\runtimebroker.exe
C:\Windows\SystemResources\runtimebroker.exe.mun
C:\Windows\System32\applicationframehost.exe
C:\Windows\SystemResources\applicationframehost.exe.mun
C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\Assets\SquareLogo44x44.scale-100.png
C:\Windows\System32\net1.exe
C:\Windows\SystemResources\net1.exe.mun
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\IPHLPAPI.DLL
\Device\DeviceApi\Dev\Query
\??\SCSI#Disk&Ven_SAMSUNG&Prod_MZ76E120#4&35424867&0&000000#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}
\??\Volume{528c102f-0000-0000-0000-100000000000}
\??\Volume{528c102f-0000-0000-0000-c0dd0e000000}
\??\Volume{e32a94c0-5af2-11f1-ae2c-806e6f6e6963}
C:\Windows\System32\winnsi.dll
\??\Nsi
\Device\DeviceApi\CMNotify
C:\Windows\System32\dxilconv.dll
C:\Windows\System32\D3DSCache.dll
C:\Users\admin\AppData\Local\D3DSCache
C:\Users\admin\AppData\Local\D3DSCache\e8010882af4f153f\
C:\Users\admin\AppData\Local\D3DSCache\e8010882af4f153f\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock
C:\Users\admin\AppData\Local\D3DSCache\e8010882af4f153f\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx
C:\Users\admin\AppData\Local\D3DSCache\e8010882af4f153f\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val
\Device\{4C572733-2FBA-4346-9601-F86DBA666EF2}
C:\Windows\System32\wkscli.dll
\??\PIPE\wkssvc
C:\Windows\System32\smss.exe
C:\Windows\SystemResources\smss.exe.mun
C:\Windows\System32\en-US\smss.exe.mui
C:\Windows\System32\wininit.exe
C:\Windows\SystemResources\wininit.exe.mun
C:\Windows\System32\en-US\wininit.exe.mui
C:\Windows\System32\services.exe
C:\Windows\SystemResources\services.exe.mun
C:\Windows\System32\en-US\services.exe.mui
C:\Windows\System32\lsass.exe
C:\Windows\SystemResources\lsass.exe.mun
C:\Windows\System32\dwm.exe
C:\Windows\SystemResources\dwm.exe.mun
C:\Windows\System32\en-US\dwm.exe.mui
C:\Windows\System32\en-US\ctfmon.exe.mui
C:\Windows\en-US\explorer.exe.mui
C:\Windows\System32\dllhost.exe
C:\Windows\SystemResources\dllhost.exe.mun
C:\Windows\servicing\trustedinstaller.exe
C:\Windows\SystemResources\trustedinstaller.exe.mun
C:\Windows\servicing\en-US\TrustedInstaller.exe.mui
C:\Windows\System32\mousocoreworker.exe
C:\Windows\SystemResources\mousocoreworker.exe.mun
C:\Windows\System32\en-US\MoUsoCoreWorker.exe.mui
C:\Windows\System32\en\MoUsoCoreWorker.exe.mui
C:\Windows\System32\MoUsoCoreWorker.exe
C:\Windows\System32\smartscreen.exe
C:\Windows\SystemResources\smartscreen.exe.mun
C:\Windows\System32\en-US\smartscreen.exe.mui
C:\Windows\System32\securityhealthservice.exe
C:\Windows\SystemResources\securityhealthservice.exe.mun
C:\Windows\System32\en-US\conhost.exe.mui
C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1002.5.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\S-1-5-21-3968686040-3210279463-847977608-1001-MergedResources-0.pri
C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1002.5.0_x64__8wekyb3d8bbwe\resources.pri
C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1002.5.0_neutral_split.scale-100_8wekyb3d8bbwe\resources.pri
C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1002.5.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\StoreAppList.scale-100.png
C:\Windows\System32\net.exe
C:\Windows\SystemResources\net.exe.mun
C:\Windows\System32\chartv.dll
C:\_a4sjgfa\bin\pplinject64.exe
C:\_a4sjgfa
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
C:\program files (x86)\microsoft\Edge\application\148.0.3967.83\identity_helper.exe
C:\program files (x86)\microsoft\Edge\application\SystemResources\identity_helper.exe.mun
C:\Program Files (x86)\Microsoft\Edge\Application\resources.pri
C:\Program Files (x86)\Microsoft\Edge\Application\SmallLogo.png
C:\program files (x86)\microsoft\edgeupdate\microsoftedgeupdate.exe
C:\program files (x86)\microsoft\SystemResources\microsoftedgeupdate.exe.mun
C:\Windows\System32\ggsgulid.exe
C:\Windows\System\ggsgulid.exe
C:\Windows\ggsgulid.exe
C:\Windows\System32\wbem\ggsgulid.exe
C:\Windows\System32\WindowsPowerShell\v1.0\ggsgulid.exe
C:\Windows\System32\OpenSSH\ggsgulid.exe
C:\Users\admin\AppData\Local\Microsoft\WindowsApps\ggsgulid.exe
C:\Users\admin\Desktop
C:\Users\admin\Desktop\GGsGuLID.exe
C:\Users\Public\Desktop
C:\Users\Public\Desktop\GGsGuLID.exe
C:\_a4sjgfa\bin\GGsGuLID.exe
C:\Windows\System32\usp10.dll
\??\pipe\crashpad_9188_ZJBFJUVMSIRHHEHU
C:\Program Files (x86)\Microsoft\Edge\Application\148.0.3967.83\148.0.3967.83\msedge.dll
C:\Program Files (x86)\Microsoft\Edge\Application\148.0.3967.83\msedge.dll
C:\Program Files (x86)\Microsoft\Edge\Application\148.0.3967.83\icudtl.dat
C:\Program Files (x86)\Microsoft\Edge\Application\148.0.3967.83\v8_context_snapshot.bin
C:\Program Files (x86)\Microsoft\Edge\Application\148.0.3967.83\msedge_100_percent.pak
C:\Program Files (x86)\Microsoft\Edge\Application\148.0.3967.83\msedge_200_percent.pak
C:\Program Files (x86)\Microsoft\Edge\Application\148.0.3967.83\Locales
C:\Program Files (x86)\Microsoft\Edge\Application\148.0.3967.83\Locales\en-US.pak
C:\Program Files (x86)\Microsoft\Edge\Application\148.0.3967.83\resources.pak
C:\Windows\System32\kernel.appcore.dll
C:\Windows\System32\usermgrcli.dll
C:\Program Files (x86)\Microsoft\Edge\Application\msvcp110_win.dll
C:\Windows\System32\capauthz.dll
C:\Program Files (x86)\Microsoft\Edge\Application\MSASN1.dll
C:\Windows\System32\msasn1.dll
C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.MicrosoftEdge.Stable_148.0.3967.83_neutral__8wekyb3d8bbwe\S-1-5-21-3968686040-3210279463-847977608-1001.pckgdep
C:\Program Files (x86)\Microsoft\Edge\Application\Wldp.dll
C:\Users\admin\AppData\Local\Packages\Microsoft.MicrosoftEdge.Stable_8wekyb3d8bbwe
C:\Users\admin\AppData\Local\Packages\Microsoft.MicrosoftEdge.Stable_8wekyb3d8bbwe\
C:\Users\admin\AppData\Local\Packages
C:\Users\admin\AppData\Local\Packages\
C:\Users\admin\AppData\Local\
C:\Users\admin\AppData\
C:\Users\admin\
C:\Users\
\Device\DeviceApi\CMApi
C:\Users\admin\AppData\Local\Packages\Microsoft.MicrosoftEdge.Stable_8wekyb3d8bbwe\LocalState\ToastCollectionIcons\*
C:\Windows\System32\en-US\KERNELBASE.dll.mui
C:\Windows\SystemResources\USER32.dll.mun
C:\Windows\System32\en-US\USER32.dll.mui
C:\Windows\System32\rpcss.dll
\??\pipe\PIPE_EVENTROOT\CIMV2PROVIDERSUBSYSTEM
C:\Windows\System32\wmiclnt.dll
\??\WMIDataDevice

C:\Users\admin\AppData\Local\Microsoft\Windows\Explorer\iconcache_idx.db
C:\Users\admin\AppData\Local\Microsoft\Windows\Explorer\iconcache_16.db
C:\Users\admin\AppData\Local\D3DSCache
C:\Users\admin\AppData\Local\D3DSCache\e8010882af4f153f\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock
C:\Users\admin\AppData\Local\D3DSCache\e8010882af4f153f\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx
C:\Users\admin\AppData\Local\D3DSCache\e8010882af4f153f\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val
\Device\{4C572733-2FBA-4346-9601-F86DBA666EF2}
\??\PIPE\wkssvc
\??\pipe\crashpad_9188_ZJBFJUVMSIRHHEHU
\??\pipe\PIPE_EVENTROOT\CIMV2PROVIDERSUBSYSTEM
\??\WMIDataDevice

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SideBySide
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\PreferExternalManifest
HKEY_CURRENT_USER
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\TaskManager
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\TaskManager\StartUpTab
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\TaskManager
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System
HKEY_LOCAL_MACHINE\Software\Microsoft\DirectUI\DynamicScaling
HKEY_LOCAL_MACHINE\Software\Microsoft\DirectUI
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\FipsAlgorithmPolicy\STE
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\FipsAlgorithmPolicy\Enabled
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\FipsAlgorithmPolicy
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\FipsAlgorithmPolicy\MDMEnabled
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Policies\Microsoft\Cryptography\Configuration
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\en-AU
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\en-AU
HKEY_LOCAL_MACHINE\Software\Microsoft\LanguageOverlay\OverlayPackages\en-US
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\TaskManager\Preferences
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\TaskManager\UseStatusSetting
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\en-US
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\en-US
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\ResourcePolicies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontLink\SystemLink
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\DataStore_V1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\DataStore_V1.0\Disable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\DataStore_V1.0\DataFilePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane3
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane4
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane5
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane7
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane8
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane9
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane10
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane11
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane12
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane13
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane14
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane15
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane16
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Segoe UI
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\Compatibility\taskmgr.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\OOBE
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\OOBE\LaunchUserOOBE
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Sorting\Versions\000603xx
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Sorting\Ids
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\Compatibility\AppCompatClassName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\EnableAnchorContext
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\IsVailContainer
HKEY_LOCAL_MACHINE\Software\Microsoft\Input
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Input\ResyncResetTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Input\MaxResyncAttempts
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\QfePolicyDefinitions\{A48F1A32-A340-11D1-BC6B-00A0C90312E1}\{572FD217-F7FF-479C-8D96-BC938D6867F5}
HKEY_LOCAL_MACHINE\Software\Microsoft\PolicyManager\default\WindowsLogon\HideFastUserSwitching
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\WindowsLogon\HideFastUserSwitching\PolicyType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\WindowsLogon\HideFastUserSwitching\Behavior
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\WindowsLogon\HideFastUserSwitching\MergeAlgorithm
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\WindowsLogon\HideFastUserSwitching\RegKeyPathRedirectMapped
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\WindowsLogon\HideFastUserSwitching\RegKeyPathRedirect
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\WindowsLogon\HideFastUserSwitching\RegValueNameRedirect
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\WindowsLogon\HideFastUserSwitching\grouppolicyname
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\WindowsLogon\HideFastUserSwitching\ADMXMetadataUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\WindowsLogon\HideFastUserSwitching\ADMXMetadataDevice
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\WindowsLogon\HideFastUserSwitching\ADMXMetadataBoth
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\WindowsLogon\HideFastUserSwitching\30Value
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\WindowsLogon\HideFastUserSwitching\Value
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\HideFastUserSwitching
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Networking.UX.UXManager
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Networking.UX.UXManager\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Networking.UX.UXManager\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Networking.UX.UXManager\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Networking.UX.UXManager\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Networking.UX.UXManager\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Networking.UX.UXManager\CustomAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Networking.UX.UXManager\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Networking.UX.UXManager\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Networking.UX.UXManager\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Networking.UX.UXManager\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Networking.UX.UXManager\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Networking.UX.UXManager\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLE\Diagnosis
HKEY_LOCAL_MACHINE\Software\Microsoft\OLE
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\MaxSxSHashCount
HKEY_LOCAL_MACHINE\Software\Microsoft\SecurityManager\AdminCapabilities
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SecurityManager\AdminCapabilities\shellExperience
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\NetworkUXManager
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkUxManager\Windows.Networking.UX.Internal.DAMediaManager
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkUxManager\Windows.Networking.UX.Internal.DAMediaManager\Active
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkUxManager\Windows.Networking.UX.Internal.DAMediaManager\MediaType
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkUxManager\Windows.Networking.UX.Internal.EthernetMediaManager
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkUxManager\Windows.Networking.UX.Internal.EthernetMediaManager\Active
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkUxManager\Windows.Networking.UX.Internal.EthernetMediaManager\MediaType
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkUxManager\Windows.Networking.UX.Internal.MBMediaManager
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkUxManager\Windows.Networking.UX.Internal.MBMediaManager\Active
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkUxManager\Windows.Networking.UX.Internal.MBMediaManager\MediaType
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkUxManager\Windows.Networking.UX.Internal.RasMediaManager
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkUxManager\Windows.Networking.UX.Internal.RasMediaManager\Active
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkUxManager\Windows.Networking.UX.Internal.RasMediaManager\MediaType
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkUxManager\Windows.Networking.UX.Internal.WlanMediaManager
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkUxManager\Windows.Networking.UX.Internal.WlanMediaManager\Active
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkUxManager\Windows.Networking.UX.Internal.WlanMediaManager\MediaType
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Explorer
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Explorer
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Sorting\Ids\en-AU
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Sorting\Ids\en
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Themes\Personalize
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Themes\Personalize\AppsUseLightTheme
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\FontSubstitutes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\Segoe UI
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\DefinitionFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\PropertyBag
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir (x86)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444B-8957-A3773F02200E}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444b-8957-A3773F02200E}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444b-8957-A3773F02200E}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444b-8957-A3773F02200E}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444b-8957-A3773F02200E}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444b-8957-A3773F02200E}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444b-8957-A3773F02200E}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444b-8957-A3773F02200E}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444b-8957-A3773F02200E}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444b-8957-A3773F02200E}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444b-8957-A3773F02200E}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444b-8957-A3773F02200E}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444b-8957-A3773F02200E}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444b-8957-A3773F02200E}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444b-8957-A3773F02200E}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444b-8957-A3773F02200E}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444b-8957-A3773F02200E}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444b-8957-A3773F02200E}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444b-8957-A3773F02200E}\DefinitionFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444b-8957-A3773F02200E}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444b-8957-A3773F02200E}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444b-8957-A3773F02200E}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444b-8957-A3773F02200E}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\EnableBalloonTips
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ListviewAlphaSelect
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ListviewShadow
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\Category
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\DefinitionFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{26460E96-1D01-43E4-9FB8-B7ED958F362B}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{26460E96-1D01-43E4-9FB8-B7ED958F362B}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\PropertyBag
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\AccountPicture\Users
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905E63B6-C1BF-494E-B29C-65B732D3D21A}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\DefinitionFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\PropertyBag
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\KnownFolderSettings
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\InProcServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\7\Pattern
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\8
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\8\Pattern
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\0\Position
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\0\EndOfStream
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\0\Mask
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\1\Position
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\1\Mask
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\10\Position
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\10\EndOfStream
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\10\Pattern
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\10\Mask
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\11
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\11\Position
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\12
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder
HKEY_CURRENT_USER\Software\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\12
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\12\Position
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\12\EndOfStream
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\12\Pattern
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\12\Mask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\2\Position
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\2\EndOfStream
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\2\Mask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\DefinitionFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\3\Mask
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\KnownFolders
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\4\Position
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Startup
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\4\Mask
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\5\Mask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\6\Position
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\6\EndOfStream
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\7
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}\DefinitionFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\7\Mask
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Common Startup
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\8\Position
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SecurityHealth
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\9\Pattern
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\9\Mask
HKEY_LOCAL_MACHINE\Software\Microsoft\LanguageOverlay\OverlayPackages\en
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Max Cached Icons
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\DefinitionFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\PropertyBag
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Local AppData
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\DefinitionFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\PropertyBag
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3968686040-3210279463-847977608-1001
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3968686040-3210279463-847977608-1001\ProfileImagePath
HKEY_CLASSES_ROOT\Interface\{618736E0-3C3D-11CF-810C-00AA00389B71}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{618736E0-3C3D-11CF-810C-00AA00389B71}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\AccListViewV6
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\UseDoubleClickTimer
HKEY_CURRENT_USER\Software\Classes\Interface\{D782CCBA-AFB0-43F1-94DB-FDA3779EACCB}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D782CCBA-AFB0-43F1-94DB-FDA3779EACCB}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D782CCBA-AFB0-43F1-94DB-FDA3779EACCB}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Segoe MDL2 Assets
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Icons
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\UseDefaultTile
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\AccountPicture\Users\S-1-5-21-3968686040-3210279463-847977608-1001
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Scaling
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\GlobalAssocChangedCounter
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\ThumbnailCache
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\CAPEAgent
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\CAPEAgent
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPropertiesMyComputer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPropertiesRecycleBin
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoControlPanel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetFolders
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoInternetIcon
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Applications\taskmgr.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\ValidateRegItems
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\MonitorRegistry
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoCommonGroups
HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\CallForAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\RestrictedAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\FolderValueFlags
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\NonEnum
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\NonEnum
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{20D04FE0-3AEA-1069-A2D8-08002B30309D}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\ValidateRegItems
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\MonitorRegistry
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{528c102f-0000-0000-0000-300300000000}\
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{528c102f-0000-0000-0000-300300000000}\Data
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{528c102f-0000-0000-0000-300300000000}\Generation
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{528c102f-0000-0000-0000-100000000000}\
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{528c102f-0000-0000-0000-100000000000}\Data
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{528c102f-0000-0000-0000-100000000000}\Generation
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{528c102f-0000-0000-0000-c0dd0e000000}\
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{528c102f-0000-0000-0000-c0dd0e000000}\Data
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{528c102f-0000-0000-0000-c0dd0e000000}\Generation
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{e32a94c0-5af2-11f1-ae2c-806e6f6e6963}\
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{e32a94c0-5af2-11f1-ae2c-806e6f6e6963}\Data
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{e32a94c0-5af2-11f1-ae2c-806e6f6e6963}\Generation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DontShowSuperHidden
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellState
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoWebView
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ClassicShell
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\SeparateProcess
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoNetCrawling
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Hidden
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowCompColor
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\HideFileExt
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\DontPrettyPath
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowInfoTip
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\HideIcons
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\MapNetDrvBtn
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\WebView
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Filter
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowSuperHidden
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\SeparateProcess
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\NoNetCrawling
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\AutoCheckSelect
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\IconsOnly
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowTypeOverlay
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowStatusBar
HKEY_CLASSES_ROOT\Directory
HKEY_CURRENT_USER\Software\Classes\Directory\ShellEx\IconHandler
HKEY_CLASSES_ROOT\Folder
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\ShellEx\IconHandler
HKEY_CLASSES_ROOT\AllFilesystemObjects
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\ShellEx\IconHandler
HKEY_CURRENT_USER\Software\Classes\Directory\DocObject
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\DocObject
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\DocObject
HKEY_CURRENT_USER\Software\Classes\Directory\BrowseInPlace
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\BrowseInPlace
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\BrowseInPlace
HKEY_CURRENT_USER\Software\Classes\Directory\Clsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\Clsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\Clsid
HKEY_CURRENT_USER\Software\Classes\Directory\IsShortcut
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\IsShortcut
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\IsShortcut
HKEY_CURRENT_USER\Software\Classes\Directory\AlwaysShowExt
HKEY_CURRENT_USER\Software\Classes\Directory\NeverShowExt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\NeverShowExt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\NeverShowExt
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\KindMap
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\KindMap\.exe
HKEY_CLASSES_ROOT\.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.exe\Content Type
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\AllowFileCLSIDJunctions
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.exe\(Default)
HKEY_CLASSES_ROOT\exefile
HKEY_CURRENT_USER\Software\Classes\exefile\CurVer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\CurVer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\ShellEx\IconHandler
HKEY_CLASSES_ROOT\SystemFileAssociations\.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.exe\ShellEx\IconHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\DocObject
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.exe\DocObject
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\BrowseInPlace
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.exe\BrowseInPlace
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\Clsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.exe\Clsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\IsShortcut
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.exe\IsShortcut
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\AlwaysShowExt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.exe\AlwaysShowExt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\NeverShowExt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.exe\NeverShowExt
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\SafeProcessSearchMode
HKEY_CURRENT_USER\Software\Classes\DelegateFolders
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\DelegateFolders
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\DelegateFolders\
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\Desktop\NameSpace
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\Desktop\NameSpace\DelegateFolders
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\DelegateFolders\StorageDelegateSuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\DelegateFolders\StorageDelegate
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OneDrive
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\OneDrive
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Discord
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\Discord
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Steam
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\Steam
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Internal.StartupTaskInternal
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Internal.StartupTaskInternal\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Internal.StartupTaskInternal\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Internal.StartupTaskInternal\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Internal.StartupTaskInternal\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Internal.StartupTaskInternal\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Internal.StartupTaskInternal\CustomAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Internal.StartupTaskInternal\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Internal.StartupTaskInternal\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Internal.StartupTaskInternal\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Internal.StartupTaskInternal\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Internal.StartupTaskInternal\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Internal.StartupTaskInternal\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SecurityManager\AdminCapabilities\automatedAppLaunch
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Diagnostics.AsyncCausalityTracer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Diagnostics.AsyncCausalityTracer\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Diagnostics.AsyncCausalityTracer\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Diagnostics.AsyncCausalityTracer\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Diagnostics.AsyncCausalityTracer\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Diagnostics.AsyncCausalityTracer\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Diagnostics.AsyncCausalityTracer\CustomAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Diagnostics.AsyncCausalityTracer\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Diagnostics.AsyncCausalityTracer\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Diagnostics.AsyncCausalityTracer\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Diagnostics.AsyncCausalityTracer\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Diagnostics.AsyncCausalityTracer\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Diagnostics.AsyncCausalityTracer\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.ApplicationExtension
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.ApplicationExtension\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.ApplicationExtension\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.ApplicationExtension\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.ApplicationExtension\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.ApplicationExtension\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.ApplicationExtension\CustomAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.ApplicationExtension\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.ApplicationExtension\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.ApplicationExtension\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.ApplicationExtension\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.ApplicationExtension\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.ApplicationExtension\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\StateRepository
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\StateRepository\ExePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\StateRepository\CommandLine
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\StateRepository\IdentityType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\StateRepository\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\StateRepository\ActivatableClasses
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\StateRepository\ServerType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\StateRepository\AppId
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\StateRepository\Identity
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\StateRepository\ServiceName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\StateRepository\ExplicitPsmActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\StateRepository\CustomAttributes
HKEY_CURRENT_USER\Software\Classes\Interface\{B94B62A2-4012-4B7E-A395-F21CC665FD12}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{b94b62a2-4012-4b7e-a395-f21cc665fd12}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{b94b62a2-4012-4b7e-a395-f21cc665fd12}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\CLSID\{C53E07EC-25F3-4093-AA39-FC67EA22E99D}
HKEY_CURRENT_USER\Software\Classes\CLSID\{c53e07ec-25f3-4093-aa39-fc67ea22e99d}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c53e07ec-25f3-4093-aa39-fc67ea22e99d}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c53e07ec-25f3-4093-aa39-fc67ea22e99d}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c53e07ec-25f3-4093-aa39-fc67ea22e99d}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c53e07ec-25f3-4093-aa39-fc67ea22e99d}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c53e07ec-25f3-4093-aa39-fc67ea22e99d}\InProcServer32\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c53e07ec-25f3-4093-aa39-fc67ea22e99d}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c53e07ec-25f3-4093-aa39-fc67ea22e99d}\InProcServer32\ThreadingModel
HKEY_CURRENT_USER\Software\Classes\CLSID\{c53e07ec-25f3-4093-aa39-fc67ea22e99d}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c53e07ec-25f3-4093-aa39-fc67ea22e99d}\InprocHandler32
HKEY_CURRENT_USER\Software\Classes\CLSID\{c53e07ec-25f3-4093-aa39-fc67ea22e99d}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c53e07ec-25f3-4093-aa39-fc67ea22e99d}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c53e07ec-25f3-4093-aa39-fc67ea22e99d}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c53e07ec-25f3-4093-aa39-fc67ea22e99d}\AppID
HKEY_CURRENT_USER\Software\Classes\CLSID\{c53e07ec-25f3-4093-aa39-fc67ea22e99d}\LocalServer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c53e07ec-25f3-4093-aa39-fc67ea22e99d}\LocalServer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c53e07ec-25f3-4093-aa39-fc67ea22e99d}\Elevation
HKEY_CURRENT_USER\Software\Classes\Interface\{AF86E2E0-B12D-4C6A-9C5A-D7AA65101E90}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AF86E2E0-B12D-4c6a-9C5A-D7AA65101E90}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AF86E2E0-B12D-4c6a-9C5A-D7AA65101E90}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\Interface\{6CB10ED7-4BCA-5561-B2E1-40E1197C1B0C}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6cb10ed7-4bca-5561-b2e1-40e1197c1b0c}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6cb10ed7-4bca-5561-b2e1-40e1197c1b0c}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.Package
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.Package\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.Package\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.Package\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.Package\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.Package\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.Package\CustomAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.Package\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.Package\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.Package\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.Package\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.Package\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.Package\ActivateOnHostFlags
HKEY_CURRENT_USER\Software\Classes\Interface\{0450CE77-AF0D-40AC-93FD-1E5D48C89419}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0450ce77-af0d-40ac-93fd-1e5d48c89419}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0450ce77-af0d-40ac-93fd-1e5d48c89419}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\
HKEY_CURRENT_USER\Control Panel\International\User Profile
HKEY_CURRENT_USER\Control Panel\International\User Profile\Languages
HKEY_CURRENT_USER\Control Panel\International\Geo
HKEY_CURRENT_USER\Control Panel\International\Geo\Nation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1E87508D-89C2-42F0-8A7E-645A0F50CA58}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1e87508d-89c2-42f0-8a7e-645a0f50ca58}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1e87508d-89c2-42f0-8a7e-645a0f50ca58}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1e87508d-89c2-42f0-8a7e-645a0f50ca58}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1e87508d-89c2-42f0-8a7e-645a0f50ca58}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1e87508d-89c2-42f0-8a7e-645a0f50ca58}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1e87508d-89c2-42f0-8a7e-645a0f50ca58}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1e87508d-89c2-42f0-8a7e-645a0f50ca58}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1e87508d-89c2-42f0-8a7e-645a0f50ca58}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1e87508d-89c2-42f0-8a7e-645a0f50ca58}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1e87508d-89c2-42f0-8a7e-645a0f50ca58}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1e87508d-89c2-42f0-8a7e-645a0f50ca58}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1e87508d-89c2-42f0-8a7e-645a0f50ca58}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1e87508d-89c2-42f0-8a7e-645a0f50ca58}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1e87508d-89c2-42f0-8a7e-645a0f50ca58}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1e87508d-89c2-42f0-8a7e-645a0f50ca58}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1e87508d-89c2-42f0-8a7e-645a0f50ca58}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1e87508d-89c2-42f0-8a7e-645a0f50ca58}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1e87508d-89c2-42f0-8a7e-645a0f50ca58}\DefinitionFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1e87508d-89c2-42f0-8a7e-645a0f50ca58}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1e87508d-89c2-42f0-8a7e-645a0f50ca58}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1e87508d-89c2-42f0-8a7e-645a0f50ca58}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1e87508d-89c2-42f0-8a7e-645a0f50ca58}\PropertyBag
HKEY_CLASSES_ROOT\CLSID\{4234D49B-0245-4DF3-B780-3893943456E1}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4234d49b-0245-4df3-b780-3893943456e1}\SortOrderIndex
HKEY_CLASSES_ROOT\CLSID\{4234D49B-0245-4DF3-B780-3893943456E1}\ShellFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4234d49b-0245-4df3-b780-3893943456e1}\ShellFolder\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4234d49b-0245-4df3-b780-3893943456e1}\ShellFolder\CallForAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4234d49b-0245-4df3-b780-3893943456e1}\ShellFolder\RestrictedAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4234d49b-0245-4df3-b780-3893943456e1}\ShellFolder\FolderValueFlags
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{4234D49B-0245-4DF3-B780-3893943456E1}\ShellFolder
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{4234D49B-0245-4DF3-B780-3893943456E1}\ShellFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{4234D49B-0245-4DF3-B780-3893943456E1}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{4234D49B-0245-4DF3-B780-3893943456E1}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{4234D49B-0245-4DF3-B780-3893943456E1}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{4234D49B-0245-4DF3-B780-3893943456E1}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\PreXPSP2ShellProtocolBehavior
HKEY_CLASSES_ROOT\CLSID\{4234D49B-0245-4DF3-B780-3893943456E1}\Instance
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{4234D49B-0245-4DF3-B780-3893943456E1}\InProcServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4234d49b-0245-4df3-b780-3893943456e1}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4234d49b-0245-4df3-b780-3893943456e1}\InProcServer32\LoadWithoutCOM
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\LogFlags
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{4234d49b-0245-4df3-b780-3893943456e1}\InProcServer32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached\{4234D49B-0245-4DF3-B780-3893943456E1} {000214E6-0000-0000-C000-000000000046} 0xFFFF
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.TileStore
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.TileStore\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.TileStore\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.TileStore\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.TileStore\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.TileStore\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.TileStore\CustomAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.TileStore\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.TileStore\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.TileStore\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.TileStore\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.TileStore\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.TileStore\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.User
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.User\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.User\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.User\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.User\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.User\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.User\CustomAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.User\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.User\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.User\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.User\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.User\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.User\ActivateOnHostFlags
HKEY_CURRENT_USER\Software\Classes\Interface\{84103CCB-2FD7-4D6C-962E-5D8582B4C720}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{84103ccb-2fd7-4d6c-962e-5d8582b4c720}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{84103ccb-2fd7-4d6c-962e-5d8582b4c720}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\Interface\{5232F8EA-49C7-4840-BFBB-66E785689E88}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5232f8ea-49c7-4840-bfbb-66e785689e88}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5232f8ea-49c7-4840-bfbb-66e785689e88}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.TileView
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.TileView\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.TileView\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.TileView\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.TileView\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.TileView\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.TileView\CustomAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.TileView\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.TileView\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.TileView\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.TileView\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.TileView\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.TileView\ActivateOnHostFlags
HKEY_CURRENT_USER\Software\Classes\Interface\{6D3BC882-23A4-4706-B8FA-FC7DE2FC325D}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6d3bc882-23a4-4706-b8fa-fc7de2fc325d}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6d3bc882-23a4-4706-b8fa-fc7de2fc325d}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.TileQueryFilter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.TileQueryFilter\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.TileQueryFilter\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.TileQueryFilter\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.TileQueryFilter\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.TileQueryFilter\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.TileQueryFilter\CustomAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.TileQueryFilter\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.TileQueryFilter\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.TileQueryFilter\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.TileQueryFilter\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.TileQueryFilter\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.TileQueryFilter\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.TileViewQueryFilter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.TileViewQueryFilter\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.TileViewQueryFilter\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.TileViewQueryFilter\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.TileViewQueryFilter\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.TileViewQueryFilter\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.TileViewQueryFilter\CustomAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.TileViewQueryFilter\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.TileViewQueryFilter\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.TileViewQueryFilter\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.TileViewQueryFilter\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.TileViewQueryFilter\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.TileViewQueryFilter\ActivateOnHostFlags
HKEY_CURRENT_USER\Software\Classes\Interface\{E3DD5D31-892E-4AD6-9CE9-8FE1F185047B}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{e3dd5d31-892e-4ad6-9ce9-8fe1f185047b}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{e3dd5d31-892e-4ad6-9ce9-8fe1f185047b}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\Interface\{6A905A4B-CD66-5C7C-AB57-F5EB16C97257}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6a905a4b-cd66-5c7c-ab57-f5eb16c97257}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6a905a4b-cd66-5c7c-ab57-f5eb16c97257}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\Interface\{2BE22368-4C98-5E9F-AC2B-DE493C0C3E43}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2be22368-4c98-5e9f-ac2b-de493c0c3e43}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2be22368-4c98-5e9f-ac2b-de493c0c3e43}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\Interface\{F502008F-7A0E-5757-8E65-EBAD2E5A0E21}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{f502008f-7a0e-5757-8e65-ebad2e5a0e21}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{f502008f-7a0e-5757-8e65-ebad2e5a0e21}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\Interface\{19AD9E30-89F3-48F6-9C50-E34A59494544}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{19ad9e30-89f3-48f6-9c50-e34a59494544}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{19ad9e30-89f3-48f6-9c50-e34a59494544}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\Interface\{8A43ED9F-F4E6-4421-ACF9-1DAB2986820C}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{8a43ed9f-f4e6-4421-acf9-1dab2986820c}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{8a43ed9f-f4e6-4421-acf9-1dab2986820c}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\CLSID\{11659A23-5884-4D1B-9CF6-67D6F4F90B36}
HKEY_CURRENT_USER\Software\Classes\CLSID\{11659a23-5884-4d1b-9cf6-67d6f4f90b36}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11659a23-5884-4d1b-9cf6-67d6f4f90b36}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11659a23-5884-4d1b-9cf6-67d6f4f90b36}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11659a23-5884-4d1b-9cf6-67d6f4f90b36}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11659a23-5884-4d1b-9cf6-67d6f4f90b36}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11659a23-5884-4d1b-9cf6-67d6f4f90b36}\InProcServer32\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11659a23-5884-4d1b-9cf6-67d6f4f90b36}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11659a23-5884-4d1b-9cf6-67d6f4f90b36}\InProcServer32\ThreadingModel
HKEY_CURRENT_USER\Software\Classes\CLSID\{11659a23-5884-4d1b-9cf6-67d6f4f90b36}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11659a23-5884-4d1b-9cf6-67d6f4f90b36}\InprocHandler32
HKEY_CURRENT_USER\Software\Classes\CLSID\{11659a23-5884-4d1b-9cf6-67d6f4f90b36}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11659a23-5884-4d1b-9cf6-67d6f4f90b36}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11659a23-5884-4d1b-9cf6-67d6f4f90b36}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11659a23-5884-4d1b-9cf6-67d6f4f90b36}\AppID
HKEY_CURRENT_USER\Software\Classes\CLSID\{11659a23-5884-4d1b-9cf6-67d6f4f90b36}\LocalServer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11659a23-5884-4d1b-9cf6-67d6f4f90b36}\LocalServer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11659a23-5884-4d1b-9cf6-67d6f4f90b36}\Elevation
HKEY_CURRENT_USER\Software\Classes\Interface\{3BED20A5-6DEE-4297-B976-3B30DF69A7AA}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3bed20a5-6dee-4297-b976-3b30df69a7aa}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3bed20a5-6dee-4297-b976-3b30df69a7aa}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\Interface\{195F5943-0C04-4EAB-B907-735817FDAC77}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{195f5943-0c04-4eab-b907-735817fdac77}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{195f5943-0c04-4eab-b907-735817fdac77}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Metadata
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Index\PackageFullName\Microsoft.Windows.StartMenuExperienceHost_10.0.19041.3636_neutral_neutral_cw5n1h2txyewy
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\User\Index\UserSid\S-1-5-21-3968686040-3210279463-847977608-1001
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\PackageExternalLocation\Index\UserAndPackage\3^1f
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\PackageExternalLocation\Index\UserAndPackage\0^1f
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\1f
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\1f\InstalledLocation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\1f\MutableLink
HKEY_CURRENT_USER\Software\Classes\Interface\{1B0D3570-0877-5EC2-8A2C-3B9539506ACA}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1b0d3570-0877-5ec2-8a2c-3b9539506aca}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1b0d3570-0877-5ec2-8a2c-3b9539506aca}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\AppModel\StateChange\PackageList\Microsoft.Windows.StartMenuExperienceHost_10.0.19041.3636_neutral_neutral_cw5n1h2txyewy
HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Repository\Packages\Microsoft.Windows.StartMenuExperienceHost_10.0.19041.3636_neutral_neutral_cw5n1h2txyewy
HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Repository\Packages\Microsoft.Windows.StartMenuExperienceHost_10.0.19041.3636_neutral_neutral_cw5n1h2txyewy\PackageStatus
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\1f\PackageOrigin
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\1f\Flags
HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\ResourcesConfig
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Core.CoreWindow
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Core.CoreWindow\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Core.CoreWindow\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Core.CoreWindow\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Core.CoreWindow\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Core.CoreWindow\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Core.CoreWindow\CustomAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Core.CoreWindow\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Core.CoreWindow\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Core.CoreWindow\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Core.CoreWindow\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Core.CoreWindow\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Core.CoreWindow\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Mrt\_Merged
HKEY_LOCAL_MACHINE\Software\Microsoft\LanguageOverlay\OverlayPackages
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\FrameTabWindow
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FrameTabWindow
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\FrameMerging
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FrameMerging
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\SessionMerging
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\SessionMerging
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\AdminTabProcs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\AdminTabProcs
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Security
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Security\RunBinaryControlHostProcessInSeparateAppContainer
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Security\RunBinaryControlHostProcessInSeparateAppContainer
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main
HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\TabProcGrowth
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\TabProcGrowth
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings
HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.Application
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.Application\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.Application\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.Application\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.Application\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.Application\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.Application\CustomAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.Application\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.Application\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.Application\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.Application\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.Application\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.Application\ActivateOnHostFlags
HKEY_CURRENT_USER\Software\Classes\Interface\{D81E96F1-A89C-417E-9335-59531026309D}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{d81e96f1-a89c-417e-9335-59531026309d}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{d81e96f1-a89c-417e-9335-59531026309d}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\Interface\{8DA928C9-4266-55D4-947A-48BE47300831}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{8da928c9-4266-55d4-947a-48be47300831}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{8da928c9-4266-55d4-947a-48be47300831}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Index\PackageFullName\Microsoft.Windows.Search_1.14.10.19041_neutral_neutral_cw5n1h2txyewy
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\PackageExternalLocation\Index\UserAndPackage\3^1a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\PackageExternalLocation\Index\UserAndPackage\0^1a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\1a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\1a\InstalledLocation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\1a\MutableLink
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\AppModel\StateChange\PackageList\Microsoft.Windows.Search_1.14.10.19041_neutral_neutral_cw5n1h2txyewy
HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Repository\Packages\Microsoft.Windows.Search_1.14.10.19041_neutral_neutral_cw5n1h2txyewy
HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Repository\Packages\Microsoft.Windows.Search_1.14.10.19041_neutral_neutral_cw5n1h2txyewy\PackageStatus
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\1a\PackageOrigin
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\1a\Flags
HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\Microsoft.Windows.Search_cw5n1h2txyewy\ResourcesConfig
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentPalette
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Index\PackageFullName\MicrosoftWindows.Client.CBS_1000.19053.1000.0_x64__cw5n1h2txyewy
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\PackageExternalLocation\Index\UserAndPackage\3^22
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\PackageExternalLocation\Index\UserAndPackage\0^22
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\22
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\22\InstalledLocation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\22\MutableLink
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\AppModel\StateChange\PackageList\MicrosoftWindows.Client.CBS_1000.19053.1000.0_x64__cw5n1h2txyewy
HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Repository\Packages\MicrosoftWindows.Client.CBS_1000.19053.1000.0_x64__cw5n1h2txyewy
HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Repository\Packages\MicrosoftWindows.Client.CBS_1000.19053.1000.0_x64__cw5n1h2txyewy\PackageStatus
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\22\PackageOrigin
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\22\Flags
HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\ResourcesConfig
HKEY_CLASSES_ROOT\CLSID\{56AD4C5D-B908-4F85-8FF1-7940C29B3BCF}\Instance
HKEY_CURRENT_USER\Software\Microsoft\CTF\DirectSwitchHotkeys
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\TurnOffSPIAnimations
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\DevQuery
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\1
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\1\IdType
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\1\Transport
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\1\QueryFile
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\1\NoStateFile
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\10
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\10\IdType
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\10\Transport
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\10\UUID
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\11
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\11\IdType
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\11\Transport
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\11\QueryFile
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\11\NoStateFile
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\2
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\2\IdType
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\2\Transport
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\2\QueryFile
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\2\NoStateFile
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\3
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\3\IdType
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\3\Transport
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\3\QueryFile
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\3\NoStateFile
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\4
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\4\IdType
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\4\Transport
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\4\QueryFile
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\4\NoStateFile
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\5
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\5\IdType
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\5\Transport
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\5\UUID
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\6
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\6\IdType
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\6\Transport
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\6\UUID
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\7
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\7\IdType
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\7\Transport
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\7\QueryFile
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\7\NoStateFile
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\8
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\8\IdType
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\8\Transport
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\8\DllName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\8\DevQueryEntry
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\9
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\9\IdType
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\9\Transport
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\9\DllName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\9\DevQueryEntry
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\Last Help
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{16fa106f-26c3-42a5-982b-400779ea8970}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{16fa106f-26c3-42a5-982b-400779ea8970}\ProviderType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{16fa106f-26c3-42a5-982b-400779ea8970}\ProviderName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{16fa106f-26c3-42a5-982b-400779ea8970}\ApplicationIdentity
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{16fa106f-26c3-42a5-982b-400779ea8970}\{a4b0515f-2c2f-4fc4-87f5-b3a3a8747225}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{16fa106f-26c3-42a5-982b-400779ea8970}\{a4b0515f-2c2f-4fc4-87f5-b3a3a8747225}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{16fa106f-26c3-42a5-982b-400779ea8970}\{a4b0515f-2c2f-4fc4-87f5-b3a3a8747225}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{16fa106f-26c3-42a5-982b-400779ea8970}\{a4b0515f-2c2f-4fc4-87f5-b3a3a8747225}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{16fa106f-26c3-42a5-982b-400779ea8970}\{a4b0515f-2c2f-4fc4-87f5-b3a3a8747225}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{16fa106f-26c3-42a5-982b-400779ea8970}\{a4b0515f-2c2f-4fc4-87f5-b3a3a8747225}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{16fa106f-26c3-42a5-982b-400779ea8970}\{a4b0515f-2c2f-4fc4-87f5-b3a3a8747225}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{16fa106f-26c3-42a5-982b-400779ea8970}\{a4b0515f-2c2f-4fc4-87f5-b3a3a8747225}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{1ffc4a37-aabd-49e0-8b3d-fce8b099febb}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{1ffc4a37-aabd-49e0-8b3d-fce8b099febb}\ProviderType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{1ffc4a37-aabd-49e0-8b3d-fce8b099febb}\ProviderName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{1ffc4a37-aabd-49e0-8b3d-fce8b099febb}\ApplicationIdentity
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{1ffc4a37-aabd-49e0-8b3d-fce8b099febb}\{d049a97f-9f42-4c11-ad73-5d8c68b30258}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{1ffc4a37-aabd-49e0-8b3d-fce8b099febb}\{d049a97f-9f42-4c11-ad73-5d8c68b30258}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{1ffc4a37-aabd-49e0-8b3d-fce8b099febb}\{d049a97f-9f42-4c11-ad73-5d8c68b30258}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{1ffc4a37-aabd-49e0-8b3d-fce8b099febb}\{d049a97f-9f42-4c11-ad73-5d8c68b30258}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{1ffc4a37-aabd-49e0-8b3d-fce8b099febb}\{d049a97f-9f42-4c11-ad73-5d8c68b30258}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{1ffc4a37-aabd-49e0-8b3d-fce8b099febb}\{d049a97f-9f42-4c11-ad73-5d8c68b30258}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{1ffc4a37-aabd-49e0-8b3d-fce8b099febb}\{d049a97f-9f42-4c11-ad73-5d8c68b30258}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{1ffc4a37-aabd-49e0-8b3d-fce8b099febb}\{d049a97f-9f42-4c11-ad73-5d8c68b30258}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{20fe1a3a-af21-413c-8a7b-b7fbf6c9a059}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{20fe1a3a-af21-413c-8a7b-b7fbf6c9a059}\ProviderType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{20fe1a3a-af21-413c-8a7b-b7fbf6c9a059}\ProviderName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{20fe1a3a-af21-413c-8a7b-b7fbf6c9a059}\ApplicationIdentity
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{20fe1a3a-af21-413c-8a7b-b7fbf6c9a059}\{8a922684-7993-4b38-9929-b7366f01ec4a}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{20fe1a3a-af21-413c-8a7b-b7fbf6c9a059}\{8a922684-7993-4b38-9929-b7366f01ec4a}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{20fe1a3a-af21-413c-8a7b-b7fbf6c9a059}\{8a922684-7993-4b38-9929-b7366f01ec4a}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{20fe1a3a-af21-413c-8a7b-b7fbf6c9a059}\{8a922684-7993-4b38-9929-b7366f01ec4a}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{20fe1a3a-af21-413c-8a7b-b7fbf6c9a059}\{8a922684-7993-4b38-9929-b7366f01ec4a}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{20fe1a3a-af21-413c-8a7b-b7fbf6c9a059}\{8a922684-7993-4b38-9929-b7366f01ec4a}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{20fe1a3a-af21-413c-8a7b-b7fbf6c9a059}\{8a922684-7993-4b38-9929-b7366f01ec4a}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{20fe1a3a-af21-413c-8a7b-b7fbf6c9a059}\{8a922684-7993-4b38-9929-b7366f01ec4a}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2538387c-08b7-44b8-86d3-47f59cf6d056}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2538387c-08b7-44b8-86d3-47f59cf6d056}\ProviderType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2538387c-08b7-44b8-86d3-47f59cf6d056}\ProviderName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2538387c-08b7-44b8-86d3-47f59cf6d056}\ApplicationIdentity
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2538387c-08b7-44b8-86d3-47f59cf6d056}\{2538387c-08b7-44b8-86d3-47f59cf6d057}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2538387c-08b7-44b8-86d3-47f59cf6d056}\{2538387c-08b7-44b8-86d3-47f59cf6d057}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2538387c-08b7-44b8-86d3-47f59cf6d056}\{2538387c-08b7-44b8-86d3-47f59cf6d057}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2538387c-08b7-44b8-86d3-47f59cf6d056}\{2538387c-08b7-44b8-86d3-47f59cf6d057}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2538387c-08b7-44b8-86d3-47f59cf6d056}\{2538387c-08b7-44b8-86d3-47f59cf6d057}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2538387c-08b7-44b8-86d3-47f59cf6d056}\{2538387c-08b7-44b8-86d3-47f59cf6d057}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2538387c-08b7-44b8-86d3-47f59cf6d056}\{2538387c-08b7-44b8-86d3-47f59cf6d057}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2538387c-08b7-44b8-86d3-47f59cf6d056}\{2538387c-08b7-44b8-86d3-47f59cf6d057}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2a32a3f9-ee0c-40ff-8a75-e1e747d15b1f}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2a32a3f9-ee0c-40ff-8a75-e1e747d15b1f}\ProviderType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2a32a3f9-ee0c-40ff-8a75-e1e747d15b1f}\ProviderName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2a32a3f9-ee0c-40ff-8a75-e1e747d15b1f}\ApplicationIdentity
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2a32a3f9-ee0c-40ff-8a75-e1e747d15b1f}\{d11168c5-9f29-43bc-9269-0548637a62b0}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2a32a3f9-ee0c-40ff-8a75-e1e747d15b1f}\{d11168c5-9f29-43bc-9269-0548637a62b0}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2a32a3f9-ee0c-40ff-8a75-e1e747d15b1f}\{d11168c5-9f29-43bc-9269-0548637a62b0}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2a32a3f9-ee0c-40ff-8a75-e1e747d15b1f}\{d11168c5-9f29-43bc-9269-0548637a62b0}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2a32a3f9-ee0c-40ff-8a75-e1e747d15b1f}\{d11168c5-9f29-43bc-9269-0548637a62b0}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2a32a3f9-ee0c-40ff-8a75-e1e747d15b1f}\{d11168c5-9f29-43bc-9269-0548637a62b0}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2a32a3f9-ee0c-40ff-8a75-e1e747d15b1f}\{d11168c5-9f29-43bc-9269-0548637a62b0}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2a32a3f9-ee0c-40ff-8a75-e1e747d15b1f}\{d11168c5-9f29-43bc-9269-0548637a62b0}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2ccb0d8d-ea94-4235-986b-c97f61f63969}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2ccb0d8d-ea94-4235-986b-c97f61f63969}\ProviderType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2ccb0d8d-ea94-4235-986b-c97f61f63969}\ProviderName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2ccb0d8d-ea94-4235-986b-c97f61f63969}\ApplicationIdentity
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2ccb0d8d-ea94-4235-986b-c97f61f63969}\{ef82017e-50e2-4ca2-b9ec-b9895ab70e08}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2ccb0d8d-ea94-4235-986b-c97f61f63969}\{ef82017e-50e2-4ca2-b9ec-b9895ab70e08}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2ccb0d8d-ea94-4235-986b-c97f61f63969}\{ef82017e-50e2-4ca2-b9ec-b9895ab70e08}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2ccb0d8d-ea94-4235-986b-c97f61f63969}\{ef82017e-50e2-4ca2-b9ec-b9895ab70e08}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2ccb0d8d-ea94-4235-986b-c97f61f63969}\{ef82017e-50e2-4ca2-b9ec-b9895ab70e08}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2ccb0d8d-ea94-4235-986b-c97f61f63969}\{ef82017e-50e2-4ca2-b9ec-b9895ab70e08}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2ccb0d8d-ea94-4235-986b-c97f61f63969}\{ef82017e-50e2-4ca2-b9ec-b9895ab70e08}\NeutralName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2ccb0d8d-ea94-4235-986b-c97f61f63969}\{ef82017e-50e2-4ca2-b9ec-b9895ab70e08}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2ccb0d8d-ea94-4235-986b-c97f61f63969}\{ef82017e-50e2-4ca2-b9ec-b9895ab70e08}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2ea0b998-e7e8-41c6-8abc-093083ea21d7}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2ea0b998-e7e8-41c6-8abc-093083ea21d7}\ProviderType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2ea0b998-e7e8-41c6-8abc-093083ea21d7}\ProviderName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2ea0b998-e7e8-41c6-8abc-093083ea21d7}\ApplicationIdentity
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2ea0b998-e7e8-41c6-8abc-093083ea21d7}\{687d8f80-ffea-4de5-a41f-3e1c83378839}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2ea0b998-e7e8-41c6-8abc-093083ea21d7}\{687d8f80-ffea-4de5-a41f-3e1c83378839}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2ea0b998-e7e8-41c6-8abc-093083ea21d7}\{687d8f80-ffea-4de5-a41f-3e1c83378839}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2ea0b998-e7e8-41c6-8abc-093083ea21d7}\{687d8f80-ffea-4de5-a41f-3e1c83378839}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2ea0b998-e7e8-41c6-8abc-093083ea21d7}\{687d8f80-ffea-4de5-a41f-3e1c83378839}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2ea0b998-e7e8-41c6-8abc-093083ea21d7}\{687d8f80-ffea-4de5-a41f-3e1c83378839}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2ea0b998-e7e8-41c6-8abc-093083ea21d7}\{687d8f80-ffea-4de5-a41f-3e1c83378839}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2ea0b998-e7e8-41c6-8abc-093083ea21d7}\{687d8f80-ffea-4de5-a41f-3e1c83378839}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{31a5ebe2-c765-490a-937c-b0ab2787fe15}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{31a5ebe2-c765-490a-937c-b0ab2787fe15}\ProviderType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{31a5ebe2-c765-490a-937c-b0ab2787fe15}\ProviderName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{31a5ebe2-c765-490a-937c-b0ab2787fe15}\ApplicationIdentity
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{31a5ebe2-c765-490a-937c-b0ab2787fe15}\{c73dfef0-11b8-4a3f-a1ad-0dcbbc5186ef}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{31a5ebe2-c765-490a-937c-b0ab2787fe15}\{c73dfef0-11b8-4a3f-a1ad-0dcbbc5186ef}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{31a5ebe2-c765-490a-937c-b0ab2787fe15}\{c73dfef0-11b8-4a3f-a1ad-0dcbbc5186ef}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{31a5ebe2-c765-490a-937c-b0ab2787fe15}\{c73dfef0-11b8-4a3f-a1ad-0dcbbc5186ef}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{31a5ebe2-c765-490a-937c-b0ab2787fe15}\{c73dfef0-11b8-4a3f-a1ad-0dcbbc5186ef}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{31a5ebe2-c765-490a-937c-b0ab2787fe15}\{c73dfef0-11b8-4a3f-a1ad-0dcbbc5186ef}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{31a5ebe2-c765-490a-937c-b0ab2787fe15}\{c73dfef0-11b8-4a3f-a1ad-0dcbbc5186ef}\NeutralName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{31a5ebe2-c765-490a-937c-b0ab2787fe15}\{c73dfef0-11b8-4a3f-a1ad-0dcbbc5186ef}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{31a5ebe2-c765-490a-937c-b0ab2787fe15}\{c73dfef0-11b8-4a3f-a1ad-0dcbbc5186ef}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3817cb9c-49a8-436b-bc29-5518877d3c3a}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3817cb9c-49a8-436b-bc29-5518877d3c3a}\ProviderType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3817cb9c-49a8-436b-bc29-5518877d3c3a}\ProviderName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3817cb9c-49a8-436b-bc29-5518877d3c3a}\ApplicationIdentity
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3817cb9c-49a8-436b-bc29-5518877d3c3a}\{82fa211f-e7f8-4ab5-a04c-cc523073b971}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3817cb9c-49a8-436b-bc29-5518877d3c3a}\{82fa211f-e7f8-4ab5-a04c-cc523073b971}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3817cb9c-49a8-436b-bc29-5518877d3c3a}\{82fa211f-e7f8-4ab5-a04c-cc523073b971}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3817cb9c-49a8-436b-bc29-5518877d3c3a}\{82fa211f-e7f8-4ab5-a04c-cc523073b971}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3817cb9c-49a8-436b-bc29-5518877d3c3a}\{82fa211f-e7f8-4ab5-a04c-cc523073b971}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3817cb9c-49a8-436b-bc29-5518877d3c3a}\{82fa211f-e7f8-4ab5-a04c-cc523073b971}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3817cb9c-49a8-436b-bc29-5518877d3c3a}\{82fa211f-e7f8-4ab5-a04c-cc523073b971}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3817cb9c-49a8-436b-bc29-5518877d3c3a}\{82fa211f-e7f8-4ab5-a04c-cc523073b971}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\ProviderType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\ProviderName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\ApplicationIdentity
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{2f66fd0a-9f6c-4d91-9f2f-2a1b5e41b7dc}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{2f66fd0a-9f6c-4d91-9f2f-2a1b5e41b7dc}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{2f66fd0a-9f6c-4d91-9f2f-2a1b5e41b7dc}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{2f66fd0a-9f6c-4d91-9f2f-2a1b5e41b7dc}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{2f66fd0a-9f6c-4d91-9f2f-2a1b5e41b7dc}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{2f66fd0a-9f6c-4d91-9f2f-2a1b5e41b7dc}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{2f66fd0a-9f6c-4d91-9f2f-2a1b5e41b7dc}\NeutralName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{2f66fd0a-9f6c-4d91-9f2f-2a1b5e41b7dc}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{2f66fd0a-9f6c-4d91-9f2f-2a1b5e41b7dc}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{370e979a-377a-4f30-b2c4-9a0fd072890b}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{370e979a-377a-4f30-b2c4-9a0fd072890b}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{370e979a-377a-4f30-b2c4-9a0fd072890b}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{370e979a-377a-4f30-b2c4-9a0fd072890b}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{370e979a-377a-4f30-b2c4-9a0fd072890b}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{370e979a-377a-4f30-b2c4-9a0fd072890b}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{370e979a-377a-4f30-b2c4-9a0fd072890b}\NeutralName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{370e979a-377a-4f30-b2c4-9a0fd072890b}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{370e979a-377a-4f30-b2c4-9a0fd072890b}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{42cd0051-9dd9-4fe2-8db9-d37885d2d749}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{42cd0051-9dd9-4fe2-8db9-d37885d2d749}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{42cd0051-9dd9-4fe2-8db9-d37885d2d749}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{42cd0051-9dd9-4fe2-8db9-d37885d2d749}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{42cd0051-9dd9-4fe2-8db9-d37885d2d749}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{42cd0051-9dd9-4fe2-8db9-d37885d2d749}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{42cd0051-9dd9-4fe2-8db9-d37885d2d749}\NeutralName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{42cd0051-9dd9-4fe2-8db9-d37885d2d749}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{42cd0051-9dd9-4fe2-8db9-d37885d2d749}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{52bc5412-dac2-449c-8bc2-96443888fe6b}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{52bc5412-dac2-449c-8bc2-96443888fe6b}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{52bc5412-dac2-449c-8bc2-96443888fe6b}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{52bc5412-dac2-449c-8bc2-96443888fe6b}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{52bc5412-dac2-449c-8bc2-96443888fe6b}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{52bc5412-dac2-449c-8bc2-96443888fe6b}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{52bc5412-dac2-449c-8bc2-96443888fe6b}\NeutralName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{52bc5412-dac2-449c-8bc2-96443888fe6b}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{52bc5412-dac2-449c-8bc2-96443888fe6b}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{b4fc721a-0378-476f-89ba-a5a79f810b36}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{b4fc721a-0378-476f-89ba-a5a79f810b36}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{b4fc721a-0378-476f-89ba-a5a79f810b36}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{b4fc721a-0378-476f-89ba-a5a79f810b36}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{b4fc721a-0378-476f-89ba-a5a79f810b36}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{b4fc721a-0378-476f-89ba-a5a79f810b36}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{b4fc721a-0378-476f-89ba-a5a79f810b36}\NeutralName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{b4fc721a-0378-476f-89ba-a5a79f810b36}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{b4fc721a-0378-476f-89ba-a5a79f810b36}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{ed83b00b-6afd-4063-9420-16fe0fa3b36f}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{ed83b00b-6afd-4063-9420-16fe0fa3b36f}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{ed83b00b-6afd-4063-9420-16fe0fa3b36f}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{ed83b00b-6afd-4063-9420-16fe0fa3b36f}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{ed83b00b-6afd-4063-9420-16fe0fa3b36f}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{ed83b00b-6afd-4063-9420-16fe0fa3b36f}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{ed83b00b-6afd-4063-9420-16fe0fa3b36f}\NeutralName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{ed83b00b-6afd-4063-9420-16fe0fa3b36f}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{ed83b00b-6afd-4063-9420-16fe0fa3b36f}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{f596750d-b109-4247-a62f-dea47a46e505}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{f596750d-b109-4247-a62f-dea47a46e505}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{f596750d-b109-4247-a62f-dea47a46e505}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{f596750d-b109-4247-a62f-dea47a46e505}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{f596750d-b109-4247-a62f-dea47a46e505}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{f596750d-b109-4247-a62f-dea47a46e505}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{f596750d-b109-4247-a62f-dea47a46e505}\NeutralName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{f596750d-b109-4247-a62f-dea47a46e505}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{f596750d-b109-4247-a62f-dea47a46e505}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\ProviderType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\ProviderName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\ApplicationIdentity
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{2617bf8d-bedc-4231-b92b-1dd2d34ee225}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{2617bf8d-bedc-4231-b92b-1dd2d34ee225}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{2617bf8d-bedc-4231-b92b-1dd2d34ee225}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{2617bf8d-bedc-4231-b92b-1dd2d34ee225}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{2617bf8d-bedc-4231-b92b-1dd2d34ee225}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{2617bf8d-bedc-4231-b92b-1dd2d34ee225}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{2617bf8d-bedc-4231-b92b-1dd2d34ee225}\NeutralName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{2617bf8d-bedc-4231-b92b-1dd2d34ee225}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{2617bf8d-bedc-4231-b92b-1dd2d34ee225}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{4ad2297e-ee20-42b4-9cb7-13f6f1598dbd}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{4ad2297e-ee20-42b4-9cb7-13f6f1598dbd}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{4ad2297e-ee20-42b4-9cb7-13f6f1598dbd}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{4ad2297e-ee20-42b4-9cb7-13f6f1598dbd}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{4ad2297e-ee20-42b4-9cb7-13f6f1598dbd}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{4ad2297e-ee20-42b4-9cb7-13f6f1598dbd}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{4ad2297e-ee20-42b4-9cb7-13f6f1598dbd}\NeutralName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{4ad2297e-ee20-42b4-9cb7-13f6f1598dbd}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{4ad2297e-ee20-42b4-9cb7-13f6f1598dbd}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{59ceb84f-55ff-48c0-80cc-df0068501814}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{59ceb84f-55ff-48c0-80cc-df0068501814}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{59ceb84f-55ff-48c0-80cc-df0068501814}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{59ceb84f-55ff-48c0-80cc-df0068501814}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{59ceb84f-55ff-48c0-80cc-df0068501814}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{59ceb84f-55ff-48c0-80cc-df0068501814}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{59ceb84f-55ff-48c0-80cc-df0068501814}\NeutralName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{59ceb84f-55ff-48c0-80cc-df0068501814}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{59ceb84f-55ff-48c0-80cc-df0068501814}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{882d9f58-d338-4a83-bc3d-23f5b0a98fa9}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{882d9f58-d338-4a83-bc3d-23f5b0a98fa9}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{882d9f58-d338-4a83-bc3d-23f5b0a98fa9}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{882d9f58-d338-4a83-bc3d-23f5b0a98fa9}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{882d9f58-d338-4a83-bc3d-23f5b0a98fa9}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{882d9f58-d338-4a83-bc3d-23f5b0a98fa9}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{882d9f58-d338-4a83-bc3d-23f5b0a98fa9}\NeutralName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{882d9f58-d338-4a83-bc3d-23f5b0a98fa9}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{882d9f58-d338-4a83-bc3d-23f5b0a98fa9}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{987a3601-c362-48e4-a856-e28f070efb07}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{987a3601-c362-48e4-a856-e28f070efb07}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{987a3601-c362-48e4-a856-e28f070efb07}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{987a3601-c362-48e4-a856-e28f070efb07}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{987a3601-c362-48e4-a856-e28f070efb07}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{987a3601-c362-48e4-a856-e28f070efb07}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{987a3601-c362-48e4-a856-e28f070efb07}\NeutralName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{987a3601-c362-48e4-a856-e28f070efb07}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{987a3601-c362-48e4-a856-e28f070efb07}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{9acaa205-c3ed-4acd-a911-6554d156b095}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{9acaa205-c3ed-4acd-a911-6554d156b095}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{9acaa205-c3ed-4acd-a911-6554d156b095}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{9acaa205-c3ed-4acd-a911-6554d156b095}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{9acaa205-c3ed-4acd-a911-6554d156b095}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{9acaa205-c3ed-4acd-a911-6554d156b095}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{9acaa205-c3ed-4acd-a911-6554d156b095}\NeutralName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{9acaa205-c3ed-4acd-a911-6554d156b095}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{9acaa205-c3ed-4acd-a911-6554d156b095}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{9acaa206-c3ed-4acd-a911-6554d156b095}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{9acaa206-c3ed-4acd-a911-6554d156b095}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{9acaa206-c3ed-4acd-a911-6554d156b095}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{9acaa206-c3ed-4acd-a911-6554d156b095}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{9acaa206-c3ed-4acd-a911-6554d156b095}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{9acaa206-c3ed-4acd-a911-6554d156b095}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{9acaa206-c3ed-4acd-a911-6554d156b095}\NeutralName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{9acaa206-c3ed-4acd-a911-6554d156b095}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{9acaa206-c3ed-4acd-a911-6554d156b095}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{c0fe4189-5cfa-4659-9eba-10541cc395a0}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{c0fe4189-5cfa-4659-9eba-10541cc395a0}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{c0fe4189-5cfa-4659-9eba-10541cc395a0}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{c0fe4189-5cfa-4659-9eba-10541cc395a0}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{c0fe4189-5cfa-4659-9eba-10541cc395a0}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{c0fe4189-5cfa-4659-9eba-10541cc395a0}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{c0fe4189-5cfa-4659-9eba-10541cc395a0}\NeutralName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{c0fe4189-5cfa-4659-9eba-10541cc395a0}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{c0fe4189-5cfa-4659-9eba-10541cc395a0}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{c5a19aba-349b-49cc-94c8-f36404082727}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{c5a19aba-349b-49cc-94c8-f36404082727}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{c5a19aba-349b-49cc-94c8-f36404082727}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{c5a19aba-349b-49cc-94c8-f36404082727}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{c5a19aba-349b-49cc-94c8-f36404082727}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{c5a19aba-349b-49cc-94c8-f36404082727}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{c5a19aba-349b-49cc-94c8-f36404082727}\NeutralName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{c5a19aba-349b-49cc-94c8-f36404082727}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{c5a19aba-349b-49cc-94c8-f36404082727}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3e785595-30c2-437d-96ed-677d14724610}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3e785595-30c2-437d-96ed-677d14724610}\ProviderType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3e785595-30c2-437d-96ed-677d14724610}\ProviderName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3e785595-30c2-437d-96ed-677d14724610}\ApplicationIdentity
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3e785595-30c2-437d-96ed-677d14724610}\{6ca1716d-53cd-468a-a1b3-59032c19c166}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3e785595-30c2-437d-96ed-677d14724610}\{6ca1716d-53cd-468a-a1b3-59032c19c166}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3e785595-30c2-437d-96ed-677d14724610}\{6ca1716d-53cd-468a-a1b3-59032c19c166}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3e785595-30c2-437d-96ed-677d14724610}\{6ca1716d-53cd-468a-a1b3-59032c19c166}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3e785595-30c2-437d-96ed-677d14724610}\{6ca1716d-53cd-468a-a1b3-59032c19c166}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3e785595-30c2-437d-96ed-677d14724610}\{6ca1716d-53cd-468a-a1b3-59032c19c166}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3e785595-30c2-437d-96ed-677d14724610}\{6ca1716d-53cd-468a-a1b3-59032c19c166}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3e785595-30c2-437d-96ed-677d14724610}\{6ca1716d-53cd-468a-a1b3-59032c19c166}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\ProviderType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\ProviderName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\ApplicationIdentity
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{c3cf1c57-275d-4b71-a5a6-e4e90401b821}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{c3cf1c57-275d-4b71-a5a6-e4e90401b821}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{c3cf1c57-275d-4b71-a5a6-e4e90401b821}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{c3cf1c57-275d-4b71-a5a6-e4e90401b821}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{c3cf1c57-275d-4b71-a5a6-e4e90401b821}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{c3cf1c57-275d-4b71-a5a6-e4e90401b821}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{c3cf1c57-275d-4b71-a5a6-e4e90401b821}\NeutralName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{c3cf1c57-275d-4b71-a5a6-e4e90401b821}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{c3cf1c57-275d-4b71-a5a6-e4e90401b821}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{e363bd27-bfbd-4581-a142-ecc006a7b82b}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{e363bd27-bfbd-4581-a142-ecc006a7b82b}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{e363bd27-bfbd-4581-a142-ecc006a7b82b}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{e363bd27-bfbd-4581-a142-ecc006a7b82b}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{e363bd27-bfbd-4581-a142-ecc006a7b82b}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{e363bd27-bfbd-4581-a142-ecc006a7b82b}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{e363bd27-bfbd-4581-a142-ecc006a7b82b}\NeutralName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{e363bd27-bfbd-4581-a142-ecc006a7b82b}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{e363bd27-bfbd-4581-a142-ecc006a7b82b}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{f961fa1c-6b9b-4d16-b414-499ed1f6d6f2}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{f961fa1c-6b9b-4d16-b414-499ed1f6d6f2}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{f961fa1c-6b9b-4d16-b414-499ed1f6d6f2}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{f961fa1c-6b9b-4d16-b414-499ed1f6d6f2}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{f961fa1c-6b9b-4d16-b414-499ed1f6d6f2}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{f961fa1c-6b9b-4d16-b414-499ed1f6d6f2}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{f961fa1c-6b9b-4d16-b414-499ed1f6d6f2}\NeutralName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{f961fa1c-6b9b-4d16-b414-499ed1f6d6f2}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{f961fa1c-6b9b-4d16-b414-499ed1f6d6f2}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{420a6c98-914e-40fc-9a0f-80c7db801780}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{420a6c98-914e-40fc-9a0f-80c7db801780}\ProviderType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{420a6c98-914e-40fc-9a0f-80c7db801780}\ProviderName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{420a6c98-914e-40fc-9a0f-80c7db801780}\ApplicationIdentity
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{420a6c98-914e-40fc-9a0f-80c7db801780}\{a44a45c2-664d-476c-b68c-6b123eccc31f}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{420a6c98-914e-40fc-9a0f-80c7db801780}\{a44a45c2-664d-476c-b68c-6b123eccc31f}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{420a6c98-914e-40fc-9a0f-80c7db801780}\{a44a45c2-664d-476c-b68c-6b123eccc31f}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{420a6c98-914e-40fc-9a0f-80c7db801780}\{a44a45c2-664d-476c-b68c-6b123eccc31f}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{420a6c98-914e-40fc-9a0f-80c7db801780}\{a44a45c2-664d-476c-b68c-6b123eccc31f}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{420a6c98-914e-40fc-9a0f-80c7db801780}\{a44a45c2-664d-476c-b68c-6b123eccc31f}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{420a6c98-914e-40fc-9a0f-80c7db801780}\{a44a45c2-664d-476c-b68c-6b123eccc31f}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{420a6c98-914e-40fc-9a0f-80c7db801780}\{a44a45c2-664d-476c-b68c-6b123eccc31f}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\ProviderType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\ProviderName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\ApplicationIdentity
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{d30c5234-f79d-44a9-9803-2f9d5feef791}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{d30c5234-f79d-44a9-9803-2f9d5feef791}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{d30c5234-f79d-44a9-9803-2f9d5feef791}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{d30c5234-f79d-44a9-9803-2f9d5feef791}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{d30c5234-f79d-44a9-9803-2f9d5feef791}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{d30c5234-f79d-44a9-9803-2f9d5feef791}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{d30c5234-f79d-44a9-9803-2f9d5feef791}\NeutralName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{d30c5234-f79d-44a9-9803-2f9d5feef791}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{d30c5234-f79d-44a9-9803-2f9d5feef791}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{e6e560b2-062f-41ca-89ab-f6987f2b7a25}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{e6e560b2-062f-41ca-89ab-f6987f2b7a25}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{e6e560b2-062f-41ca-89ab-f6987f2b7a25}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{e6e560b2-062f-41ca-89ab-f6987f2b7a25}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{e6e560b2-062f-41ca-89ab-f6987f2b7a25}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{e6e560b2-062f-41ca-89ab-f6987f2b7a25}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{e6e560b2-062f-41ca-89ab-f6987f2b7a25}\NeutralName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{e6e560b2-062f-41ca-89ab-f6987f2b7a25}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{e6e560b2-062f-41ca-89ab-f6987f2b7a25}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{f4681672-32dc-41db-8669-fdf490345ba5}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{f4681672-32dc-41db-8669-fdf490345ba5}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{f4681672-32dc-41db-8669-fdf490345ba5}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{f4681672-32dc-41db-8669-fdf490345ba5}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{f4681672-32dc-41db-8669-fdf490345ba5}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{f4681672-32dc-41db-8669-fdf490345ba5}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{f4681672-32dc-41db-8669-fdf490345ba5}\NeutralName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{f4681672-32dc-41db-8669-fdf490345ba5}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{f4681672-32dc-41db-8669-fdf490345ba5}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{57683f06-a08b-4708-8825-5c26f410744b}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{57683f06-a08b-4708-8825-5c26f410744b}\ProviderType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{57683f06-a08b-4708-8825-5c26f410744b}\ProviderName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{57683f06-a08b-4708-8825-5c26f410744b}\ApplicationIdentity
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{57683f06-a08b-4708-8825-5c26f410744b}\{d9ff82a4-a6a2-4fa5-899e-086ead3bab21}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{57683f06-a08b-4708-8825-5c26f410744b}\{d9ff82a4-a6a2-4fa5-899e-086ead3bab21}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{57683f06-a08b-4708-8825-5c26f410744b}\{e0e99beb-f7d6-4402-ab36-e510d7048f22}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{57ec1e30-406c-48ee-8e96-5da71298991f}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{57ec1e30-406c-48ee-8e96-5da71298991f}\{6f1a94cb-68ed-4a84-9668-64e671e1ffef}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{5c3b2414-fd1d-44fb-8b00-e3194209dd1a}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{5c3b2414-fd1d-44fb-8b00-e3194209dd1a}\{227419d5-f6d8-4fb7-85d6-2cac1725e4a9}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{5c3b2414-fd1d-44fb-8b00-e3194209dd1a}\{978c167d-4764-4d9c-9824-14747351dc81}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{5c3b2414-fd1d-44fb-8b00-e3194209dd1a}\{be2139c7-ab81-424d-b107-d87f7c9322ac}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{5c3b2414-fd1d-44fb-8b00-e3194209dd1a}\{f802502b-77b4-4713-81b3-3be05759da5d}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{5c3b2414-fd1d-44fb-8b00-e3194209dd1a}\{f9ed01f5-8f3e-4956-973f-9f05bc96f489}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{5db760bc-64b2-4da7-b4ef-7dab105fbb8c}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{5db760bc-64b2-4da7-b4ef-7dab105fbb8c}\{faa17411-9025-4b86-8b5e-ce2f32b06e13}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{5e6554b3-ccf8-4769-b82b-798f4cce5483}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{5e6554b3-ccf8-4769-b82b-798f4cce5483}\{ac5e8416-9f39-4166-951f-88ee9635b1d8}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{5e6554b3-ccf8-4769-b82b-798f4cce5483}\{b790d108-d503-47ec-9d7b-b39737b39dba}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{5e6554b3-ccf8-4769-b82b-798f4cce5483}\{e4a2b264-7187-41ca-aa73-7dc698d49ed1}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{62706b23-4f66-4c53-b6cc-c6600ccc2752}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{62706b23-4f66-4c53-b6cc-c6600ccc2752}\{08fb768b-1e55-4040-b153-e0ddbedd8042}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{62706b23-4f66-4c53-b6cc-c6600ccc2752}\{21a64f86-6cbe-47e1-a497-261226ca12f7}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{62706b23-4f66-4c53-b6cc-c6600ccc2752}\{60aa43c9-c1b7-41bf-9b4c-b7f6cc1d93b9}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{62706b23-4f66-4c53-b6cc-c6600ccc2752}\{65faa5f0-141d-4f38-acf0-c79bb0c7be2d}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{62706b23-4f66-4c53-b6cc-c6600ccc2752}\{c0df9671-a0ea-4576-9f81-853127cf8d28}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{71cb4f3b-e29c-4619-a5d5-5fd6a68120ad}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{71cb4f3b-e29c-4619-a5d5-5fd6a68120ad}\{3c8cb362-147c-4105-b98b-11fd7e671dd7}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{71cb4f3b-e29c-4619-a5d5-5fd6a68120ad}\{7b08ee8b-88d7-4cad-a06f-70d1c4b65ee7}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{74800676-866f-4bbd-8680-dac6a6fb6c8e}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{74800676-866f-4bbd-8680-dac6a6fb6c8e}\{06ebf20d-17fb-4338-a08d-7a99f17ca678}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{74800676-866f-4bbd-8680-dac6a6fb6c8e}\{ad8644c4-ae02-4b22-990d-52b491f91c26}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{890c10c3-8c2a-4fe3-a36a-9eca153d47cb}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{890c10c3-8c2a-4fe3-a36a-9eca153d47cb}\{16dcff2c-91a3-4e6a-8135-0a9e6681c1b5}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{890c10c3-8c2a-4fe3-a36a-9eca153d47cb}\{8ebb0470-da6d-485b-8441-8e06b049157a}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{890c10c3-8c2a-4fe3-a36a-9eca153d47cb}\{e829b6db-21ab-453b-83c9-d980ec708edd}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{898a4828-e6e6-4ddd-abb2-5751e3949aa4}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{898a4828-e6e6-4ddd-abb2-5751e3949aa4}\{115b92b4-7191-491a-a9b5-93c8e9fb641b}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{9eeedeb1-de39-4fba-9cd5-6521b9f19984}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{9eeedeb1-de39-4fba-9cd5-6521b9f19984}\{2b048375-f829-4b1d-b117-681e9ead1d50}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{9eeedeb1-de39-4fba-9cd5-6521b9f19984}\{c71cfb00-0ecc-43a3-bf5a-a90ca7718033}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{a18453e4-433b-4d33-ac66-2551e3bba9be}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{a18453e4-433b-4d33-ac66-2551e3bba9be}\{66f19dff-a4dd-4802-8fbb-29e6a54af9da}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{a3886623-dd46-48fc-a1f9-e3da35125995}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{a3886623-dd46-48fc-a1f9-e3da35125995}\{042478fc-1449-4b04-a0d8-ba5660ab739a}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{a3886623-dd46-48fc-a1f9-e3da35125995}\{3ab34489-ec07-4d11-a4bb-677b87cd58d9}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{a3886623-dd46-48fc-a1f9-e3da35125995}\{3f0903d7-5b0b-493e-abf2-a36fd7ce2601}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{a3886623-dd46-48fc-a1f9-e3da35125995}\{6800b902-8b06-11df-9561-f043dfd72085}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{a3886623-dd46-48fc-a1f9-e3da35125995}\{7495d5d9-ea6a-444d-afab-e3cae27c047b}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{a3886623-dd46-48fc-a1f9-e3da35125995}\{cd376bd3-9f6b-48c0-840e-1816b7a50fdc}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{b1c6de93-e020-4ad9-9ca5-4dd5553004cf}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{b1c6de93-e020-4ad9-9ca5-4dd5553004cf}\{1045bf74-023b-445a-9e2b-2038ff4789a6}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{b1c6de93-e020-4ad9-9ca5-4dd5553004cf}\{86b34670-d4bb-40c9-8301-33fb16675d61}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{b9fcf33d-ba8f-4654-a5f2-bf58a5866ca8}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{b9fcf33d-ba8f-4654-a5f2-bf58a5866ca8}\{bd4b1f37-d1f0-4fc5-996d-d4a21290f212}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{ba888490-8281-4ac7-b0de-8cc46b314d43}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{ba888490-8281-4ac7-b0de-8cc46b314d43}\{06f6022a-82f9-48a5-bc16-074c1bed416c}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{cb44ecb6-d88a-4b33-a39c-d6a9c03142a9}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{cb44ecb6-d88a-4b33-a39c-d6a9c03142a9}\{4e590c2e-2ad3-4138-8f61-4b08771dbbc8}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{cb6d8ddc-a302-4349-88fd-9fcf6d3a7308}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{cb6d8ddc-a302-4349-88fd-9fcf6d3a7308}\{19b5bae2-18c5-4ab8-99de-255f0e96760a}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{cb6d8ddc-a302-4349-88fd-9fcf6d3a7380}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{cb6d8ddc-a302-4349-88fd-9fcf6d3a7380}\{135f3513-bc27-4360-b281-0a36caceb1f2}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{cb6d8ddc-a302-4349-88fd-9fcf6d3a7380}\{19b5bae2-18c5-4ab8-99de-255f0e9676a0}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{cb6d8ddc-a302-4349-88fd-9fcf6d3a7380}\{8bc1703a-939f-4ee1-8785-b0fc5837feb2}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{cb6d8ddc-a302-4349-88fd-9fcf6d3a7380}\{cc16fe4c-d638-492e-a924-519185396ebf}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{cc549940-0edf-41b1-8298-74c2627b6af9}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{cc549940-0edf-41b1-8298-74c2627b6af9}\{35a002b8-38a7-41eb-bedd-6610bb93f046}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{cc629d13-f318-4c40-b1ed-d70bce524515}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{cc629d13-f318-4c40-b1ed-d70bce524515}\{22ca1519-4394-4a5f-be88-84a5c853a4aa}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{db314ee3-3157-4e56-8fd9-2184874d195d}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{db314ee3-3157-4e56-8fd9-2184874d195d}\{fb01b3ef-bb4a-4c48-9ab8-dc1871675e6d}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{ddf417dc-4cc3-4529-9ffc-1d04eb678da3}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{ddf417dc-4cc3-4529-9ffc-1d04eb678da3}\{d53266b4-c9f5-4808-8a0f-d17bbf493416}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{e08d5971-88fb-4799-b066-6978845f73c1}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{e08d5971-88fb-4799-b066-6978845f73c1}\{b851890b-3e61-427a-ab94-461e088d4827}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{ef63b92d-c5a6-4314-ac9f-cc6b1c56fb9c}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{ef63b92d-c5a6-4314-ac9f-cc6b1c56fb9c}\{11ace151-4bac-44b0-8a82-0a859a5355d9}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{ef63b92d-c5a6-4314-ac9f-cc6b1c56fb9c}\{1cc9da8b-58a5-4c92-9a4e-f05f2a2ae7a3}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{ef63b92d-c5a6-4314-ac9f-cc6b1c56fb9c}\{28d00a68-8309-4a3e-bf1d-0ebd27c75787}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{ef63b92d-c5a6-4314-ac9f-cc6b1c56fb9c}\{40990512-fb18-4bbd-95e2-f72e8cdae178}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{ef63b92d-c5a6-4314-ac9f-cc6b1c56fb9c}\{40e6824e-1b9b-4329-9a6e-e94c8fb03a3f}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{ef63b92d-c5a6-4314-ac9f-cc6b1c56fb9c}\{58276884-7f29-450d-bcfa-5be4b7266334}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{ef63b92d-c5a6-4314-ac9f-cc6b1c56fb9c}\{63c158d0-2a4c-4509-8d27-29e935b69e5f}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{ef63b92d-c5a6-4314-ac9f-cc6b1c56fb9c}\{6b81611f-8998-47c2-9550-f7dc0324e620}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{ef63b92d-c5a6-4314-ac9f-cc6b1c56fb9c}\{7a030929-9547-485c-ba6c-3e891612c2ce}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{ef63b92d-c5a6-4314-ac9f-cc6b1c56fb9c}\{83a3746d-a9ec-47c0-830f-6dd440b07666}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{ef63b92d-c5a6-4314-ac9f-cc6b1c56fb9c}\{9815b8f4-d337-4eb4-a468-fc9a83bcce65}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{ef63b92d-c5a6-4314-ac9f-cc6b1c56fb9c}\{a30f983f-321a-48b0-85c3-cab02781dd02}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{ef63b92d-c5a6-4314-ac9f-cc6b1c56fb9c}\{aaca5b25-a859-438d-93b6-924f63a2cb3c}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{ef63b92d-c5a6-4314-ac9f-cc6b1c56fb9c}\{e6e73867-856a-4574-a0ba-01c066d376f5}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{f25a20a5-fd7a-417b-afc3-76295ebac77c}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{f25a20a5-fd7a-417b-afc3-76295ebac77c}\{51bda498-67cb-479f-b898-57d2d73788f0}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{f25a20a5-fd7a-417b-afc3-76295ebac77c}\{811bbce5-7327-4ad9-ab62-a8b955f61eef}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{f3991d9d-fc17-4f37-b12f-8984a43e1aeb}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{f3991d9d-fc17-4f37-b12f-8984a43e1aeb}\{9ff69334-839c-41fe-96e0-c5189ac431f2}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{f3991d9d-fc17-4f37-b12f-8984a43e1aeb}\{a8180dab-81d0-4e05-b76b-eb4c5fb37357}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{f3991d9d-fc17-4f37-b12f-8984a43e1aeb}\{c0c9c676-ac38-40d4-a23c-69f05d12a306}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{f3991d9d-fc17-4f37-b12f-8984a43e1aeb}\{d7e69761-f919-4bfa-bbb6-bece1050a2ce}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{f3b975e7-e068-4f66-81ef-b23e0a0e64c9}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{f3b975e7-e068-4f66-81ef-b23e0a0e64c9}\{fc9e399c-c70a-4458-8430-ca249c371eb3}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{f6c5ad57-a5be-4259-9060-b2c4ebfccd96}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{f6c5ad57-a5be-4259-9060-b2c4ebfccd96}\{1f7207c2-0b8c-48de-9dcd-64ff98cc24e1}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{fd0dce36-af57-417b-9ce6-2d10633b4cf9}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{fd0dce36-af57-417b-9ce6-2d10633b4cf9}\{7d937e49-cfd5-438f-af4f-b3047d90a5c3}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{fd0dce36-af57-417b-9ce6-2d10633b4cf9}\{f3e82f6e-9df4-425d-a5d5-3a9832005b16}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\Version
HKEY_PERFORMANCE_DATA\Counter 0409
HKEY_PERFORMANCE_DATA\Counter 009
HKEY_PERFORMANCE_DATA\Explain 0409
HKEY_CURRENT_USER\Software\Microsoft\Direct3D
HKEY_LOCAL_MACHINE\Software\Microsoft\Direct3D
HKEY_LOCAL_MACHINE\Software\Microsoft\SecurityManager\TransientObjects\%5C%5C.%5CRpc%5CAllowLpacAppExperience%5CInterface
HKEY_CURRENT_USER\Software\Microsoft\DirectX\UserGpuPreferences
HKEY_CURRENT_USER\Software\Microsoft\Direct3D\Direct3D12
HKEY_LOCAL_MACHINE\Software\Microsoft\Direct3D\Direct3D12
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Appx
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\MachineGuid
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\Rpc
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Index\PackageFullName\Microsoft.WindowsStore_11910.1002.5.0_x64__8wekyb3d8bbwe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\PackageExternalLocation\Index\UserAndPackage\3^90
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\PackageExternalLocation\Index\UserAndPackage\0^90
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\90
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\90\InstalledLocation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\90\MutableLink
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\AppModel\StateChange\PackageList\Microsoft.WindowsStore_11910.1002.5.0_x64__8wekyb3d8bbwe
HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Repository\Packages\Microsoft.WindowsStore_11910.1002.5.0_x64__8wekyb3d8bbwe
HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Repository\Packages\Microsoft.WindowsStore_11910.1002.5.0_x64__8wekyb3d8bbwe\PackageStatus
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\90\PackageOrigin
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\90\PackageFullName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\90\PackageFamily
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\90\PackageType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\90\Flags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\90\Flags2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\90\Volume
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\90\OSMaxVersionTested
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\90\MutableLocation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\90\TargetDeviceFamilyName
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\OEM
HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\Microsoft.WindowsStore_8wekyb3d8bbwe\ResourcesConfig
HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windowsstore_8wekyb3d8bbwe\ResourcesConfig\CachedMergedResourcesPriFileName
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Mrt
HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windowsstore_8wekyb3d8bbwe\ResourcesConfig\Language
HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Repository\Families\Microsoft.WindowsStore_8wekyb3d8bbwe
HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Repository\Families\Microsoft.WindowsStore_8wekyb3d8bbwe\Microsoft.WindowsStore_11910.1002.5.0_neutral_split.scale-100_8wekyb3d8bbwe
HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Repository\Families\Microsoft.WindowsStore_8wekyb3d8bbwe\Microsoft.WindowsStore_11910.1002.5.0_neutral_split.scale-100_8wekyb3d8bbwe\Flags
HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Repository\Families\Microsoft.WindowsStore_8wekyb3d8bbwe\Microsoft.WindowsStore_11910.1002.5.0_x64__8wekyb3d8bbwe
HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Repository\Families\Microsoft.WindowsStore_8wekyb3d8bbwe\Microsoft.WindowsStore_11910.1002.5.0_x64__8wekyb3d8bbwe\Flags
HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windowsstore_8wekyb3d8bbwe\ResourcesConfig\ManifestLanguagesList
HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windowsstore_8wekyb3d8bbwe\ResourcesConfig\OverrideLanguagesList
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SideBySide\AssemblyStorageRoots
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Memory Management
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\Memory Management\ExistingPageFiles
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\Memory Management\PagingFiles
HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRun
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\SecurityHealth
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MicrosoftEdgeAutoLaunch_29EBC4579851B72EE312C449CF839B1A
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\MicrosoftEdgeAutoLaunch_29EBC4579851B72EE312C449CF839B1A
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Index\PackageFullName\Microsoft.MicrosoftEdge.Stable_148.0.3967.83_neutral__8wekyb3d8bbwe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\PackageExternalLocation\Index\UserAndPackage\3^b1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\PackageExternalLocation\Index\UserAndPackage\0^b1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\PackageExternalLocation\Data\2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\PackageExternalLocation\Data\2\Path
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\AppModel\StateChange\PackageList\Microsoft.MicrosoftEdge.Stable_148.0.3967.83_neutral__8wekyb3d8bbwe
HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Repository\Packages\Microsoft.MicrosoftEdge.Stable_148.0.3967.83_neutral__8wekyb3d8bbwe
HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Repository\Packages\Microsoft.MicrosoftEdge.Stable_148.0.3967.83_neutral__8wekyb3d8bbwe\PackageStatus
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\b1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\b1\PackageOrigin
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\b1\PackageFullName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\b1\PackageFamily
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\b1\PackageType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\b1\Flags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\b1\Flags2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\b1\Volume
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\b1\OSMaxVersionTested
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\b1\InstalledLocation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\b1\MutableLink
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\b1\MutableLocation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\b1\TargetDeviceFamilyName
HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\Microsoft.MicrosoftEdge.Stable_8wekyb3d8bbwe\ResourcesConfig
HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge.stable_8wekyb3d8bbwe\ResourcesConfig\CachedMergedResourcesPriFileName
HKEY_LOCAL_MACHINE\Software\Microsoft\PolicyManager\default\DataProtection\EDPShowIcons
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\DataProtection\EDPShowIcons\PolicyType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\DataProtection\EDPShowIcons\Behavior
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\DataProtection\EDPShowIcons\MergeAlgorithm
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\DataProtection\EDPShowIcons\RegKeyPathRedirectMapped
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\DataProtection\EDPShowIcons\RegKeyPathRedirect
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\DataProtection\EDPShowIcons\grouppolicyname
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\DataProtection\EDPShowIcons\ADMXMetadataUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\DataProtection\EDPShowIcons\ADMXMetadataDevice
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\DataProtection\EDPShowIcons\ADMXMetadataBoth
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\DataProtection\EDPShowIcons\30Value
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\DataProtection\EDPShowIcons\Value
HKEY_LOCAL_MACHINE\Software\Microsoft\PolicyManager\current\Device\DataProtection
HKEY_CLASSES_ROOT\CLSID\{AC757296-3522-4E11-9862-C17BE5A1767E}\Instance
HKEY_CLASSES_ROOT\CLSID\{2B46E70F-CDA7-473E-89F6-DC9630A2390B}\Instance
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\DefinitionFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\PropertyBag
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Desktop
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\DefinitionFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Common Desktop
HKEY_LOCAL_MACHINE\Software\WOW6432Node\Microsoft\EdgeUpdate\Clients\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\EdgeUpdate\Clients\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}\channel
HKEY_LOCAL_MACHINE\Software\WOW6432Node\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}\ap
HKEY_LOCAL_MACHINE\Software\WOW6432Node\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}\cohort
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}\cohort\name
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\OEM\DeviceForm
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\UBR
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\DisplayVersion
HKEY_CURRENT_USER\Software\Classes
HKEY_LOCAL_MACHINE\Software\Microsoft\COM3
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\COM3\Com+Enabled
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Notifications.ToastNotificationManager
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Notifications.ToastNotificationManager\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Notifications.ToastNotificationManager\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Notifications.ToastNotificationManager\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Notifications.ToastNotificationManager\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Notifications.ToastNotificationManager\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Notifications.ToastNotificationManager\CustomAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Notifications.ToastNotificationManager\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Notifications.ToastNotificationManager\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Notifications.ToastNotificationManager\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Notifications.ToastNotificationManager\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Notifications.ToastNotificationManager\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Notifications.ToastNotificationManager\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Appx\AllowDevelopmentWithoutDevLicense
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlock\AllowDevelopmentWithoutDevLicense
HKEY_LOCAL_MACHINE\Software\Microsoft\OLE\AppCompat
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\RaiseActivationAuthenticationLevel
HKEY_CURRENT_USER\Software\Classes\AppID\identity_helper.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\RaiseDefaultAuthnLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLE
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\DefaultAccessPermission
HKEY_CURRENT_USER\Software\Classes\Interface\{00000134-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{00000134-0000-0000-C000-000000000046}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{00000134-0000-0000-C000-000000000046}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc\Extensions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\Extensions\NdrOleExtDLL
HKEY_CURRENT_USER\Software\Classes\Interface\{E1CDD77A-65D3-4DB0-B339-21F6A48CC2FF}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E1CDD77A-65D3-4db0-B339-21F6A48CC2FF}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E1CDD77A-65D3-4db0-B339-21F6A48CC2FF}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\Interface\{00000035-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{00000035-0000-0000-C000-000000000046}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{00000035-0000-0000-C000-000000000046}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\Interface\{50AC103F-D235-4598-BBEF-98FE4D1A3AD4}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{50ac103f-d235-4598-bbef-98fe4d1a3ad4}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{50ac103f-d235-4598-bbef-98fe4d1a3ad4}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\CLSID\{6DB7CD52-E3B7-4ECC-BB1F-388AEEF6BB50}
HKEY_CURRENT_USER\Software\Classes\CLSID\{6db7cd52-e3b7-4ecc-bb1f-388aeef6bb50}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6db7cd52-e3b7-4ecc-bb1f-388aeef6bb50}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6db7cd52-e3b7-4ecc-bb1f-388aeef6bb50}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6db7cd52-e3b7-4ecc-bb1f-388aeef6bb50}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6db7cd52-e3b7-4ecc-bb1f-388aeef6bb50}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6db7cd52-e3b7-4ecc-bb1f-388aeef6bb50}\InProcServer32\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6db7cd52-e3b7-4ecc-bb1f-388aeef6bb50}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6db7cd52-e3b7-4ecc-bb1f-388aeef6bb50}\InProcServer32\ThreadingModel
HKEY_CURRENT_USER\Software\Classes\CLSID\{6db7cd52-e3b7-4ecc-bb1f-388aeef6bb50}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6db7cd52-e3b7-4ecc-bb1f-388aeef6bb50}\InprocHandler32
HKEY_CURRENT_USER\Software\Classes\CLSID\{6db7cd52-e3b7-4ecc-bb1f-388aeef6bb50}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6db7cd52-e3b7-4ecc-bb1f-388aeef6bb50}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6db7cd52-e3b7-4ecc-bb1f-388aeef6bb50}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6db7cd52-e3b7-4ecc-bb1f-388aeef6bb50}\AppID
HKEY_CURRENT_USER\Software\Classes\CLSID\{6db7cd52-e3b7-4ecc-bb1f-388aeef6bb50}\LocalServer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6db7cd52-e3b7-4ecc-bb1f-388aeef6bb50}\LocalServer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6db7cd52-e3b7-4ecc-bb1f-388aeef6bb50}\Elevation
HKEY_CURRENT_USER\Software\Classes\Interface\{7AB93C52-0E48-4750-BA9D-1A4113981847}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7ab93c52-0e48-4750-ba9d-1a4113981847}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7ab93c52-0e48-4750-ba9d-1a4113981847}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\Interface\{5CADDC63-01D3-4C97-986F-0533483FEE14}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5caddc63-01d3-4c97-986f-0533483fee14}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5caddc63-01d3-4c97-986f-0533483fee14}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\Interface\{3BC3D253-2F31-4092-9129-8AD5ABF067DA}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3bc3d253-2f31-4092-9129-8ad5abf067da}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3bc3d253-2f31-4092-9129-8ad5abf067da}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\CLSID\{0C9281F9-6DA1-4006-8729-DE6E6B61581C}
HKEY_CURRENT_USER\Software\Classes\CLSID\{0c9281f9-6da1-4006-8729-de6e6b61581c}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0c9281f9-6da1-4006-8729-de6e6b61581c}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0c9281f9-6da1-4006-8729-de6e6b61581c}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0c9281f9-6da1-4006-8729-de6e6b61581c}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0c9281f9-6da1-4006-8729-de6e6b61581c}\InprocServer32
HKEY_CURRENT_USER\Software\Classes\CLSID\{0c9281f9-6da1-4006-8729-de6e6b61581c}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0c9281f9-6da1-4006-8729-de6e6b61581c}\InprocHandler32
HKEY_CURRENT_USER\Software\Classes\CLSID\{0c9281f9-6da1-4006-8729-de6e6b61581c}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0c9281f9-6da1-4006-8729-de6e6b61581c}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Containers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Containers\WaitForRestore
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Microsoft\Ole
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\MaximumAllowedAllocationSize
HKEY_CURRENT_USER\Software\Classes\Interface\{DF8E9480-CA73-448E-B8F0-DA000F581428}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DF8E9480-CA73-448E-B8F0-DA000F581428}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DF8E9480-CA73-448E-B8F0-DA000F581428}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}
HKEY_CURRENT_USER\Software\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\InProcServer32\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\InProcServer32\ThreadingModel
HKEY_CURRENT_USER\Software\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\InprocHandler32
HKEY_CURRENT_USER\Software\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\AppID
HKEY_CURRENT_USER\Software\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\LocalServer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\LocalServer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\Elevation
HKEY_CURRENT_USER\Software\Classes\Interface\{DCAEE35A-508D-4419-9E56-50D658C2C812}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DCAEE35A-508D-4419-9E56-50D658C2C812}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DCAEE35A-508D-4419-9E56-50D658C2C812}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\Interface\{926516E8-D891-45BC-9DE5-6959FB8ECAC5}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{926516E8-D891-45BC-9DE5-6959FB8ECAC5}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{926516E8-D891-45BC-9DE5-6959FB8ECAC5}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\Interface\{A819F3DE-60AA-5159-8407-F0A7FB1F6832}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{a819f3de-60aa-5159-8407-f0a7fb1f6832}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{a819f3de-60aa-5159-8407-f0a7fb1f6832}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\Interface\{D6F5F569-D40D-407C-8989-88CAB42CFD14}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D6F5F569-D40D-407C-8989-88CAB42CFD14}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D6F5F569-D40D-407C-8989-88CAB42CFD14}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\Interface\{79AB57F6-43FE-487B-8A7F-99567200AE94}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{79ab57f6-43fe-487b-8a7f-99567200ae94}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{79ab57f6-43fe-487b-8a7f-99567200ae94}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\Interface\{679C64B7-81AB-42C2-8819-C958767753F4}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{679C64B7-81AB-42C2-8819-C958767753F4}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{679C64B7-81AB-42C2-8819-C958767753F4}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\Interface\{F655B052-348B-4AB0-947B-A7DAFA44D404}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F655B052-348B-4AB0-947B-A7DAFA44D404}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F655B052-348B-4AB0-947B-A7DAFA44D404}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\Interface\{58058629-16A1-438A-90C8-7E954B3734B1}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{58058629-16A1-438A-90C8-7E954B3734B1}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{58058629-16A1-438A-90C8-7E954B3734B1}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\Interface\{23EB7394-4610-4807-BAEC-9A72F86FFA0B}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{23EB7394-4610-4807-BAEC-9A72F86FFA0B}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{23EB7394-4610-4807-BAEC-9A72F86FFA0B}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\Interface\{2A1821FE-179D-49BC-B79D-A527920D3665}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2A1821FE-179D-49BC-B79D-A527920D3665}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2A1821FE-179D-49BC-B79D-A527920D3665}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundExecutionManager
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundExecutionManager\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundExecutionManager\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundExecutionManager\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundExecutionManager\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundExecutionManager\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundExecutionManager\CustomAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundExecutionManager\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundExecutionManager\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundExecutionManager\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundExecutionManager\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundExecutionManager\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundExecutionManager\ActivateOnHostFlags
HKEY_CURRENT_USER\Software\Classes\Interface\{C5543B33-5C73-4DC5-9211-24077D3B06C5}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{C5543B33-5C73-4DC5-9211-24077D3B06C5}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{C5543B33-5C73-4DC5-9211-24077D3B06C5}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\Interface\{428D4DDD-3462-43DF-9395-1EFF13AE7A4B}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{428D4DDD-3462-43DF-9395-1EFF13AE7A4B}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{428D4DDD-3462-43DF-9395-1EFF13AE7A4B}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\CLSID\{B03C2205-F02E-4D77-80DF-E1747AFDD39C}
HKEY_CURRENT_USER\Software\Classes\CLSID\{b03c2205-f02e-4d77-80df-e1747afdd39c}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b03c2205-f02e-4d77-80df-e1747afdd39c}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b03c2205-f02e-4d77-80df-e1747afdd39c}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b03c2205-f02e-4d77-80df-e1747afdd39c}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b03c2205-f02e-4d77-80df-e1747afdd39c}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b03c2205-f02e-4d77-80df-e1747afdd39c}\InprocServer32\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b03c2205-f02e-4d77-80df-e1747afdd39c}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b03c2205-f02e-4d77-80df-e1747afdd39c}\InprocServer32\ThreadingModel
HKEY_CURRENT_USER\Software\Classes\CLSID\{b03c2205-f02e-4d77-80df-e1747afdd39c}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b03c2205-f02e-4d77-80df-e1747afdd39c}\InprocHandler32
HKEY_CURRENT_USER\Software\Classes\CLSID\{b03c2205-f02e-4d77-80df-e1747afdd39c}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b03c2205-f02e-4d77-80df-e1747afdd39c}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b03c2205-f02e-4d77-80df-e1747afdd39c}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b03c2205-f02e-4d77-80df-e1747afdd39c}\AppID
HKEY_CURRENT_USER\Software\Classes\CLSID\{b03c2205-f02e-4d77-80df-e1747afdd39c}\LocalServer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b03c2205-f02e-4d77-80df-e1747afdd39c}\LocalServer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b03c2205-f02e-4d77-80df-e1747afdd39c}\Elevation
HKEY_LOCAL_MACHINE\Software\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_UserInControlOfTheseApps
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_UserInControlOfTheseApps\PolicyType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_UserInControlOfTheseApps\Behavior
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_UserInControlOfTheseApps\MergeAlgorithm
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_UserInControlOfTheseApps\RegKeyPathRedirectMapped
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_UserInControlOfTheseApps\RegKeyPathRedirect
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_UserInControlOfTheseApps\grouppolicyname
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_UserInControlOfTheseApps\grouppolicypath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_UserInControlOfTheseApps\grouppolicyismultisz
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_UserInControlOfTheseApps\grouppolicymultiszSeparatorChar
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_UserInControlOfTheseApps\ADMXMetadataUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_UserInControlOfTheseApps\ADMXMetadataDevice
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_UserInControlOfTheseApps\ADMXMetadataBoth
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_UserInControlOfTheseApps\30Value
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_UserInControlOfTheseApps\Value
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\AppPrivacy
HKEY_LOCAL_MACHINE\Software\Microsoft\PolicyManager\current\Device\Privacy
HKEY_LOCAL_MACHINE\Software\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceAllowTheseApps
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceAllowTheseApps\PolicyType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceAllowTheseApps\Behavior
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceAllowTheseApps\MergeAlgorithm
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceAllowTheseApps\RegKeyPathRedirectMapped
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceAllowTheseApps\RegKeyPathRedirect
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceAllowTheseApps\grouppolicyname
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceAllowTheseApps\grouppolicypath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceAllowTheseApps\grouppolicyismultisz
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceAllowTheseApps\grouppolicymultiszSeparatorChar
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceAllowTheseApps\ADMXMetadataUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceAllowTheseApps\ADMXMetadataDevice
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceAllowTheseApps\ADMXMetadataBoth
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceAllowTheseApps\30Value
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceAllowTheseApps\Value
HKEY_LOCAL_MACHINE\Software\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceDenyTheseApps
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceDenyTheseApps\PolicyType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceDenyTheseApps\Behavior
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceDenyTheseApps\MergeAlgorithm
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceDenyTheseApps\RegKeyPathRedirectMapped
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceDenyTheseApps\RegKeyPathRedirect
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceDenyTheseApps\grouppolicyname
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceDenyTheseApps\grouppolicypath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceDenyTheseApps\grouppolicyismultisz
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceDenyTheseApps\grouppolicymultiszSeparatorChar
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceDenyTheseApps\ADMXMetadataUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceDenyTheseApps\ADMXMetadataDevice
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceDenyTheseApps\ADMXMetadataBoth
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceDenyTheseApps\30Value
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceDenyTheseApps\Value
HKEY_LOCAL_MACHINE\Software\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground\PolicyType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground\Behavior
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground\MergeAlgorithm
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground\RegKeyPathRedirectMapped
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground\RegKeyPathRedirect
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground\grouppolicyname
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground\grouppolicypath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground\grouppolicyismultisz
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground\grouppolicymultiszSeparatorChar
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground\ADMXMetadataUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground\ADMXMetadataDevice
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground\ADMXMetadataBoth
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground\30Value
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground\Value
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\msasn1
HKEY_LOCAL_MACHINE\Software\Microsoft\SecurityManager\CapAuthz
HKEY_LOCAL_MACHINE\Software\Microsoft\SecurityManager\CapAuthz\HasRepaired
HKEY_LOCAL_MACHINE\Software\Microsoft\SecurityManager\CapAuthz\HasRepaired\VolatileChildTest
HKEY_LOCAL_MACHINE\Software\Microsoft\SecurityManager\CapDBRedirect
HKEY_LOCAL_MACHINE\Software\Microsoft\SecurityManager\CapAuthz\ApplicationsEx\Microsoft.MicrosoftEdge.Stable_148.0.3967.83_neutral__8wekyb3d8bbwe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SecurityManager\CapAuthz\ApplicationsEx\Microsoft.MicrosoftEdge.Stable_148.0.3967.83_neutral__8wekyb3d8bbwe\AppPackageType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SecurityManager\CapAuthz\ApplicationsEx\Microsoft.MicrosoftEdge.Stable_148.0.3967.83_neutral__8wekyb3d8bbwe\PackageSid
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SecurityManager\CapAuthz\ApplicationsEx\Microsoft.MicrosoftEdge.Stable_148.0.3967.83_neutral__8wekyb3d8bbwe\CapSids
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SecurityManager\CapAuthz\ApplicationsEx\Microsoft.MicrosoftEdge.Stable_148.0.3967.83_neutral__8wekyb3d8bbwe\ApplicationFlags
HKEY_LOCAL_MACHINE
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Appx
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\PackageRepositoryRoot
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundTaskRegistration
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundTaskRegistration\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundTaskRegistration\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundTaskRegistration\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundTaskRegistration\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundTaskRegistration\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundTaskRegistration\CustomAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundTaskRegistration\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundTaskRegistration\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundTaskRegistration\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundTaskRegistration\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundTaskRegistration\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundTaskRegistration\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundWorkManager
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundWorkManager\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundWorkManager\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundWorkManager\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundWorkManager\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundWorkManager\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundWorkManager\CustomAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundWorkManager\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundWorkManager\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundWorkManager\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundWorkManager\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundWorkManager\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundWorkManager\ActivateOnHostFlags
HKEY_CURRENT_USER\Software\Classes\Interface\{350E1244-4575-45EE-8595-0AA8C6506FC7}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{350E1244-4575-45EE-8595-0AA8C6506FC7}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{350E1244-4575-45EE-8595-0AA8C6506FC7}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\Interface\{01CF8BD4-E3D6-413D-8339-36D46E78D12C}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{01CF8BD4-E3D6-413D-8339-36D46E78D12C}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{01CF8BD4-E3D6-413D-8339-36D46E78D12C}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet\CustomAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter\CustomAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader\CustomAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.PropertyValue
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.PropertyValue\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.PropertyValue\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.PropertyValue\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.PropertyValue\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.PropertyValue\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.PropertyValue\CustomAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.PropertyValue\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.PropertyValue\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.PropertyValue\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.PropertyValue\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.PropertyValue\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.PropertyValue\ActivateOnHostFlags
HKEY_CURRENT_USER\Software\Classes\Interface\{2C08602F-40B1-5E97-AE21-5C04D7FB829C}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2C08602F-40B1-5E97-AE21-5C04D7FB829C}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2C08602F-40B1-5E97-AE21-5C04D7FB829C}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\Interface\{62AE0FDA-B238-554F-A275-1DC16D6CA03A}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{62AE0FDA-B238-554F-A275-1DC16D6CA03A}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{62AE0FDA-B238-554F-A275-1DC16D6CA03A}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\Interface\{8445D2AE-DD03-5B98-95E4-82B43A3F0D64}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{8445D2AE-DD03-5B98-95E4-82B43A3F0D64}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{8445D2AE-DD03-5B98-95E4-82B43A3F0D64}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\Interface\{9BCB843B-221B-5FBE-9B20-7028BC4E8653}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{9BCB843B-221B-5FBE-9B20-7028BC4E8653}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{9BCB843B-221B-5FBE-9B20-7028BC4E8653}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.ApplicationData
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.ApplicationData\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.ApplicationData\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.ApplicationData\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.ApplicationData\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.ApplicationData\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.ApplicationData\CustomAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.ApplicationData\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.ApplicationData\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.ApplicationData\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.ApplicationData\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.ApplicationData\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.ApplicationData\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\CustomAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\CustomAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Microsoft\XAML
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\XAML\OneCoreTransformsEnabledByDefault
HKEY_USERS
HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\Microsoft.MicrosoftEdge.Stable_8wekyb3d8bbwe\PSR
HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\Microsoft.MicrosoftEdge.Stable_8wekyb3d8bbwe\PSR\WnfStateName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Applications\identity_helper.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SyncRootManager
HKEY_CURRENT_USER\Software\Classes\Directory\ShellEx\LibraryDescriptionHandler
HKEY_LOCAL_MACHINE\Software\Classes\Directory\ShellEx\LibraryDescriptionHandler
HKEY_CURRENT_USER\Software\Classes\Folder\ShellEx\LibraryDescriptionHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\ShellEx\LibraryDescriptionHandler
HKEY_CURRENT_USER\Software\Classes\AllFilesystemObjects\ShellEx\LibraryDescriptionHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\ShellEx\LibraryDescriptionHandler
HKEY_CURRENT_USER\Software\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF50}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF50}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF50}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF55}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF55}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF55}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\DefinitionFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\PropertyBag
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Start Menu
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\DefinitionFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Common Start Menu
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\DefinitionFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\PropertyBag
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Recent
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\DefinitionFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\DefinitionFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\DefinitionFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\PropertyBag
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Personal
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\DefinitionFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\PropertyBag
HKEY_CURRENT_USER\Software\Classes\Directory\ShellEx\PropertyHandler
HKEY_LOCAL_MACHINE\Software\Classes\Directory\ShellEx\PropertyHandler
HKEY_CURRENT_USER\Software\Classes\Folder\ShellEx\PropertyHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\ShellEx\PropertyHandler
HKEY_CURRENT_USER\Software\Classes\AllFilesystemObjects\ShellEx\PropertyHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\ShellEx\PropertyHandler
HKEY_CLASSES_ROOT\Drive\shellex\FolderExtensions
HKEY_CLASSES_ROOT\Drive\shellex\FolderExtensions\{fbeb8a05-beee-4442-804e-409d6c4515e9}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\FolderExtensions\{fbeb8a05-beee-4442-804e-409d6c4515e9}\DriveMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.LimitedAccessFeatures
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.LimitedAccessFeatures\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.LimitedAccessFeatures\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.LimitedAccessFeatures\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.LimitedAccessFeatures\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.LimitedAccessFeatures\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.LimitedAccessFeatures\CustomAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.LimitedAccessFeatures\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.LimitedAccessFeatures\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.LimitedAccessFeatures\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.LimitedAccessFeatures\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.LimitedAccessFeatures\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.LimitedAccessFeatures\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\AppModel\LimitedAccessFeatures
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\LimitedAccessFeatures\com.microsoft.windows.taskbar.requestPinSecondaryTile
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\LimitedAccessFeatures\com.microsoft.windows.taskbar.requestPinSecondaryTile\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.CryptographicBuffer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.CryptographicBuffer\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.CryptographicBuffer\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.CryptographicBuffer\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.CryptographicBuffer\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.CryptographicBuffer\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.CryptographicBuffer\CustomAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.CryptographicBuffer\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.CryptographicBuffer\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.CryptographicBuffer\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.CryptographicBuffer\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.CryptographicBuffer\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.CryptographicBuffer\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.Core.HashAlgorithmNames
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.Core.HashAlgorithmNames\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.Core.HashAlgorithmNames\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.Core.HashAlgorithmNames\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.Core.HashAlgorithmNames\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.Core.HashAlgorithmNames\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.Core.HashAlgorithmNames\CustomAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.Core.HashAlgorithmNames\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.Core.HashAlgorithmNames\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.Core.HashAlgorithmNames\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.Core.HashAlgorithmNames\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.Core.HashAlgorithmNames\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.Core.HashAlgorithmNames\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.Core.HashAlgorithmProvider
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.Core.HashAlgorithmProvider\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.Core.HashAlgorithmProvider\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.Core.HashAlgorithmProvider\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.Core.HashAlgorithmProvider\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.Core.HashAlgorithmProvider\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.Core.HashAlgorithmProvider\CustomAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.Core.HashAlgorithmProvider\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.Core.HashAlgorithmProvider\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.Core.HashAlgorithmProvider\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.Core.HashAlgorithmProvider\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.Core.HashAlgorithmProvider\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.Core.HashAlgorithmProvider\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\LimitedAccessFeatures\com.microsoft.windows.taskbar.requestPinSecondaryTile\Expiration
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.StartScreen.SecondaryTile
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.StartScreen.SecondaryTile\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.StartScreen.SecondaryTile\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.StartScreen.SecondaryTile\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.StartScreen.SecondaryTile\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.StartScreen.SecondaryTile\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.StartScreen.SecondaryTile\CustomAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.StartScreen.SecondaryTile\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.StartScreen.SecondaryTile\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.StartScreen.SecondaryTile\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.StartScreen.SecondaryTile\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.StartScreen.SecondaryTile\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.StartScreen.SecondaryTile\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.SecondaryTileStore
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.SecondaryTileStore\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.SecondaryTileStore\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.SecondaryTileStore\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.SecondaryTileStore\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.SecondaryTileStore\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.SecondaryTileStore\CustomAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.SecondaryTileStore\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.SecondaryTileStore\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.SecondaryTileStore\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.SecondaryTileStore\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.SecondaryTileStore\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.SecondaryTileStore\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Internal.UserManager
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Internal.UserManager\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Internal.UserManager\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Internal.UserManager\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Internal.UserManager\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Internal.UserManager\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Internal.UserManager\CustomAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Internal.UserManager\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Internal.UserManager\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Internal.UserManager\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Internal.UserManager\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Internal.UserManager\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Internal.UserManager\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\UserManager
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\UserManager\ExePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\UserManager\CommandLine
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\UserManager\IdentityType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\UserManager\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\UserManager\ActivatableClasses
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\UserManager\ServerType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\UserManager\AppId
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\UserManager\Identity
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\UserManager\ServiceName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\UserManager\ExplicitPsmActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\UserManager\CustomAttributes
HKEY_CURRENT_USER\Software\Classes\Interface\{252E7F79-ACFA-4EA2-9A7E-FA27A8A4D3D9}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{252E7F79-ACFA-4EA2-9A7E-FA27A8A4D3D9}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{252E7F79-ACFA-4EA2-9A7E-FA27A8A4D3D9}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\CLSID\{1BAC8681-2965-4FFC-92D1-170CA4099E01}
HKEY_CURRENT_USER\Software\Classes\CLSID\{1BAC8681-2965-4FFC-92D1-170CA4099E01}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1BAC8681-2965-4FFC-92D1-170CA4099E01}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1BAC8681-2965-4FFC-92D1-170CA4099E01}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1BAC8681-2965-4FFC-92D1-170CA4099E01}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1BAC8681-2965-4FFC-92D1-170CA4099E01}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1BAC8681-2965-4FFC-92D1-170CA4099E01}\InProcServer32\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1BAC8681-2965-4FFC-92D1-170CA4099E01}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1BAC8681-2965-4FFC-92D1-170CA4099E01}\InProcServer32\ThreadingModel
HKEY_CURRENT_USER\Software\Classes\CLSID\{1BAC8681-2965-4FFC-92D1-170CA4099E01}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1BAC8681-2965-4FFC-92D1-170CA4099E01}\InprocHandler32
HKEY_CURRENT_USER\Software\Classes\CLSID\{1BAC8681-2965-4FFC-92D1-170CA4099E01}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1BAC8681-2965-4FFC-92D1-170CA4099E01}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1BAC8681-2965-4FFC-92D1-170CA4099E01}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1BAC8681-2965-4FFC-92D1-170CA4099E01}\AppID
HKEY_CURRENT_USER\Software\Classes\CLSID\{1BAC8681-2965-4FFC-92D1-170CA4099E01}\LocalServer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1BAC8681-2965-4FFC-92D1-170CA4099E01}\LocalServer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1BAC8681-2965-4FFC-92D1-170CA4099E01}\Elevation
HKEY_CURRENT_USER\Software\Classes\Interface\{100EB64B-B24C-4C38-8964-720D926D05A4}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{100EB64B-B24C-4C38-8964-720D926D05A4}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{100EB64B-B24C-4C38-8964-720D926D05A4}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\Interface\{DF9A26C6-E746-4BCD-B5D4-120103C4209B}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DF9A26C6-E746-4BCD-B5D4-120103C4209B}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DF9A26C6-E746-4BCD-B5D4-120103C4209B}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.SecondaryTileView
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.SecondaryTileView\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.SecondaryTileView\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.SecondaryTileView\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.SecondaryTileView\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.SecondaryTileView\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.SecondaryTileView\CustomAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.SecondaryTileView\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.SecondaryTileView\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.SecondaryTileView\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.SecondaryTileView\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.SecondaryTileView\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.SecondaryTileView\ActivateOnHostFlags
HKEY_CURRENT_USER\Software\Classes\Interface\{B3F72108-5C5C-469B-A5E5-3F64D2A39B01}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{b3f72108-5c5c-469b-a5e5-3f64d2a39b01}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{b3f72108-5c5c-469b-a5e5-3f64d2a39b01}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\Interface\{7F290DA0-75E3-5885-898D-1F5B1ED47ED2}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7f290da0-75e3-5885-898d-1f5b1ed47ed2}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7f290da0-75e3-5885-898d-1f5b1ed47ed2}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\Interface\{9ED07B24-36FD-543B-948E-B01FE5814B49}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{9ed07b24-36fd-543b-948e-b01fe5814b49}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{9ed07b24-36fd-543b-948e-b01fe5814b49}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\Interface\{EFE869FC-5841-55F1-AA56-82C7219AAA09}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{efe869fc-5841-55f1-aa56-82c7219aaa09}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{efe869fc-5841-55f1-aa56-82c7219aaa09}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Shell.TaskbarManager
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Shell.TaskbarManager\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Shell.TaskbarManager\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Shell.TaskbarManager\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Shell.TaskbarManager\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Shell.TaskbarManager\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Shell.TaskbarManager\CustomAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Shell.TaskbarManager\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Shell.TaskbarManager\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Shell.TaskbarManager\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Shell.TaskbarManager\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Shell.TaskbarManager\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Shell.TaskbarManager\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.ApplicationModel.TaskbarPinnableSurface
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.ApplicationModel.TaskbarPinnableSurface\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.ApplicationModel.TaskbarPinnableSurface\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.ApplicationModel.TaskbarPinnableSurface\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.ApplicationModel.TaskbarPinnableSurface\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.ApplicationModel.TaskbarPinnableSurface\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.ApplicationModel.TaskbarPinnableSurface\CustomAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.ApplicationModel.TaskbarPinnableSurface\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.ApplicationModel.TaskbarPinnableSurface\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.ApplicationModel.TaskbarPinnableSurface\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.ApplicationModel.TaskbarPinnableSurface\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.ApplicationModel.TaskbarPinnableSurface\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.ApplicationModel.TaskbarPinnableSurface\ActivateOnHostFlags
HKEY_CURRENT_USER\Software\Classes\Interface\{7E470A8A-3ACD-5913-AF64-4AB78355BE5F}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7E470A8A-3ACD-5913-AF64-4AB78355BE5F}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7E470A8A-3ACD-5913-AF64-4AB78355BE5F}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\CLSID\{9F1FA092-87AA-C78A-4073-7E873ED1E3CF}
HKEY_CURRENT_USER\Software\Classes\CLSID\{9F1FA092-87AA-C78A-4073-7E873ED1E3CF}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9F1FA092-87AA-C78A-4073-7E873ED1E3CF}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9F1FA092-87AA-C78A-4073-7E873ED1E3CF}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9F1FA092-87AA-C78A-4073-7E873ED1E3CF}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9F1FA092-87AA-C78A-4073-7E873ED1E3CF}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9F1FA092-87AA-C78A-4073-7E873ED1E3CF}\InProcServer32\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9F1FA092-87AA-C78A-4073-7E873ED1E3CF}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9F1FA092-87AA-C78A-4073-7E873ED1E3CF}\InProcServer32\ThreadingModel
HKEY_CURRENT_USER\Software\Classes\CLSID\{9F1FA092-87AA-C78A-4073-7E873ED1E3CF}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9F1FA092-87AA-C78A-4073-7E873ED1E3CF}\InprocHandler32
HKEY_CURRENT_USER\Software\Classes\CLSID\{9F1FA092-87AA-C78A-4073-7E873ED1E3CF}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9F1FA092-87AA-C78A-4073-7E873ED1E3CF}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9F1FA092-87AA-C78A-4073-7E873ED1E3CF}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9F1FA092-87AA-C78A-4073-7E873ED1E3CF}\AppID
HKEY_CURRENT_USER\Software\Classes\CLSID\{9F1FA092-87AA-C78A-4073-7E873ED1E3CF}\LocalServer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9F1FA092-87AA-C78A-4073-7E873ED1E3CF}\LocalServer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9F1FA092-87AA-C78A-4073-7E873ED1E3CF}\Elevation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.StartScreen.StartScreenManager
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.StartScreen.StartScreenManager\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.StartScreen.StartScreenManager\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.StartScreen.StartScreenManager\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.StartScreen.StartScreenManager\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.StartScreen.StartScreenManager\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.StartScreen.StartScreenManager\CustomAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.StartScreen.StartScreenManager\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.StartScreen.StartScreenManager\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.StartScreen.StartScreenManager\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.StartScreen.StartScreenManager\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.StartScreen.StartScreenManager\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.StartScreen.StartScreenManager\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.User
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.User\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.User\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.User\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.User\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.User\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.User\CustomAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.User\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.User\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.User\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.User\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.User\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.User\ActivateOnHostFlags
HKEY_CURRENT_USER\Software\Classes\Interface\{155EB23B-242A-45E0-A2E9-3171FC6A7FDD}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{155EB23B-242A-45E0-A2E9-3171FC6A7FDD}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{155EB23B-242A-45E0-A2E9-3171FC6A7FDD}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\Interface\{E44EA1DF-BB85-5A8C-BDDC-C8E960C355C9}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{e44ea1df-bb85-5a8c-bddc-c8e960c355c9}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{e44ea1df-bb85-5a8c-bddc-c8e960c355c9}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\Interface\{8CBD762A-1222-5EE5-B745-489E7A42C6EC}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{8cbd762a-1222-5ee5-b745-489e7a42c6ec}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{8cbd762a-1222-5ee5-b745-489e7a42c6ec}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\AppModel\PinnableSurfaces
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\PinnableSurfaces\DefaultStart
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.ApplicationModel.StartPinnableSurface
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.ApplicationModel.StartPinnableSurface\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.ApplicationModel.StartPinnableSurface\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.ApplicationModel.StartPinnableSurface\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.ApplicationModel.StartPinnableSurface\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.ApplicationModel.StartPinnableSurface\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.ApplicationModel.StartPinnableSurface\CustomAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.ApplicationModel.StartPinnableSurface\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.ApplicationModel.StartPinnableSurface\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.ApplicationModel.StartPinnableSurface\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.ApplicationModel.StartPinnableSurface\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.ApplicationModel.StartPinnableSurface\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.ApplicationModel.StartPinnableSurface\ActivateOnHostFlags
HKEY_CURRENT_USER\Software\Classes\AppID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\LocalService
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\DllSurrogate
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\RunAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\ActivateAtStorage
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\ROTFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\AppIDFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\MGOTFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\ProcessMitigationPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\LaunchPermission
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\LegacyAuthenticationLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\LegacyImpersonationLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\AuthenticationLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\RemoteServerName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\SRPTrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\PreferredServerBitness
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\LoadUserSettings
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\ProtectionLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\AccessPermission
HKEY_CURRENT_USER\Software\Classes\CLSID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}
HKEY_CURRENT_USER\Software\Classes\CLSID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\InProcServer32\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\InProcServer32\ThreadingModel
HKEY_CURRENT_USER\Software\Classes\CLSID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\InprocHandler32
HKEY_CURRENT_USER\Software\Classes\CLSID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\AppID
HKEY_CURRENT_USER\Software\Classes\CLSID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\LocalServer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\LocalServer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\Elevation
HKEY_CURRENT_USER\Software\Classes\Interface\{8863F93E-77EA-4C67-A86F-7638E3A568A6}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{8863F93E-77EA-4C67-A86F-7638E3A568A6}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{8863F93E-77EA-4C67-A86F-7638E3A568A6}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}
HKEY_CURRENT_USER\Software\Classes\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\InProcServer32\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\InProcServer32\ThreadingModel
HKEY_CURRENT_USER\Software\Classes\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\InprocHandler32
HKEY_CURRENT_USER\Software\Classes\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\AppID
HKEY_CURRENT_USER\Software\Classes\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\LocalServer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\LocalServer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\Elevation

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\PreferExternalManifest
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\TaskManager\StartUpTab
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\FipsAlgorithmPolicy\STE
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\FipsAlgorithmPolicy\Enabled
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\FipsAlgorithmPolicy
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\FipsAlgorithmPolicy\MDMEnabled
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\en-AU
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\en-AU
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\TaskManager\Preferences
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\TaskManager\UseStatusSetting
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\en-US
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\en-US
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\ResourcePolicies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\DataStore_V1.0\Disable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\DataStore_V1.0\DataFilePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane3
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane4
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane5
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane7
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane8
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane9
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane10
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane11
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane12
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane13
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane14
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane15
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane16
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\OOBE\LaunchUserOOBE
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Sorting\Versions\000603xx
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\EnableAnchorContext
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\IsVailContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Input\ResyncResetTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Input\MaxResyncAttempts
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\WindowsLogon\HideFastUserSwitching\PolicyType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\WindowsLogon\HideFastUserSwitching\Behavior
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\WindowsLogon\HideFastUserSwitching\MergeAlgorithm
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\WindowsLogon\HideFastUserSwitching\RegKeyPathRedirectMapped
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\WindowsLogon\HideFastUserSwitching\RegKeyPathRedirect
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\WindowsLogon\HideFastUserSwitching\RegValueNameRedirect
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\WindowsLogon\HideFastUserSwitching\grouppolicyname
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\WindowsLogon\HideFastUserSwitching\ADMXMetadataUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\WindowsLogon\HideFastUserSwitching\ADMXMetadataDevice
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\WindowsLogon\HideFastUserSwitching\ADMXMetadataBoth
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\WindowsLogon\HideFastUserSwitching\30Value
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\WindowsLogon\HideFastUserSwitching\Value
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\HideFastUserSwitching
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Networking.UX.UXManager\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Networking.UX.UXManager\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Networking.UX.UXManager\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Networking.UX.UXManager\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Networking.UX.UXManager\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Networking.UX.UXManager\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Networking.UX.UXManager\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Networking.UX.UXManager\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Networking.UX.UXManager\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Networking.UX.UXManager\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Networking.UX.UXManager\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\MaxSxSHashCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SecurityManager\AdminCapabilities\shellExperience
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkUxManager\Windows.Networking.UX.Internal.DAMediaManager\Active
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkUxManager\Windows.Networking.UX.Internal.DAMediaManager\MediaType
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkUxManager\Windows.Networking.UX.Internal.EthernetMediaManager\Active
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkUxManager\Windows.Networking.UX.Internal.EthernetMediaManager\MediaType
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkUxManager\Windows.Networking.UX.Internal.MBMediaManager\Active
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkUxManager\Windows.Networking.UX.Internal.MBMediaManager\MediaType
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkUxManager\Windows.Networking.UX.Internal.RasMediaManager\Active
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkUxManager\Windows.Networking.UX.Internal.RasMediaManager\MediaType
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkUxManager\Windows.Networking.UX.Internal.WlanMediaManager\Active
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\NetworkUxManager\Windows.Networking.UX.Internal.WlanMediaManager\MediaType
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Sorting\Ids\en-AU
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Sorting\Ids\en
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Themes\Personalize\AppsUseLightTheme
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\Segoe UI
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\DefinitionFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir (x86)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444b-8957-A3773F02200E}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444b-8957-A3773F02200E}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444b-8957-A3773F02200E}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444b-8957-A3773F02200E}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444b-8957-A3773F02200E}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444b-8957-A3773F02200E}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444b-8957-A3773F02200E}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444b-8957-A3773F02200E}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444b-8957-A3773F02200E}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444b-8957-A3773F02200E}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444b-8957-A3773F02200E}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444b-8957-A3773F02200E}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444b-8957-A3773F02200E}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444b-8957-A3773F02200E}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444b-8957-A3773F02200E}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444b-8957-A3773F02200E}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444b-8957-A3773F02200E}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444b-8957-A3773F02200E}\DefinitionFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444b-8957-A3773F02200E}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444b-8957-A3773F02200E}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{6D809377-6AF0-444b-8957-A3773F02200E}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\EnableBalloonTips
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ListviewAlphaSelect
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ListviewShadow
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\DefinitionFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{26460E96-1D01-43E4-9FB8-B7ED958F362B}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\DefinitionFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\7\Pattern
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\8\Pattern
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\0\Position
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\0\EndOfStream
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\0\Mask
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\1\Position
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\1\Mask
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\10\Position
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\10\EndOfStream
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\10\Pattern
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\10\Mask
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\11\Position
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\12\Position
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\12\EndOfStream
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\12\Pattern
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\12\Mask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\2\Position
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\2\EndOfStream
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\2\Mask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\DefinitionFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\3\Mask
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\4\Position
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Startup
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\4\Mask
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\5\Mask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\6\Position
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\6\EndOfStream
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}\DefinitionFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\7\Mask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Common Startup
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\8\Position
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SecurityHealth
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\9\Pattern
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}\Patterns\9\Mask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Max Cached Icons
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\DefinitionFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\InitFolderHandler
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Local AppData
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\DefinitionFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3968686040-3210279463-847977608-1001\ProfileImagePath
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{618736E0-3C3D-11CF-810C-00AA00389B71}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\AccListViewV6
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\UseDoubleClickTimer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D782CCBA-AFB0-43F1-94DB-FDA3779EACCB}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\UseDefaultTile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\GlobalAssocChangedCounter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\CAPEAgent
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\CAPEAgent
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPropertiesMyComputer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPropertiesRecycleBin
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoControlPanel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetFolders
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoInternetIcon
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\ValidateRegItems
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\MonitorRegistry
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoCommonGroups
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\CallForAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\RestrictedAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\FolderValueFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{20D04FE0-3AEA-1069-A2D8-08002B30309D}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\ValidateRegItems
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\MonitorRegistry
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{528c102f-0000-0000-0000-300300000000}\Data
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{528c102f-0000-0000-0000-300300000000}\Generation
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{528c102f-0000-0000-0000-100000000000}\Data
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{528c102f-0000-0000-0000-100000000000}\Generation
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{528c102f-0000-0000-0000-c0dd0e000000}\Data
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{528c102f-0000-0000-0000-c0dd0e000000}\Generation
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{e32a94c0-5af2-11f1-ae2c-806e6f6e6963}\Data
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{e32a94c0-5af2-11f1-ae2c-806e6f6e6963}\Generation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DontShowSuperHidden
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellState
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoWebView
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ClassicShell
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\SeparateProcess
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoNetCrawling
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Hidden
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowCompColor
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\HideFileExt
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\DontPrettyPath
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowInfoTip
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\HideIcons
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\MapNetDrvBtn
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\WebView
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Filter
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowSuperHidden
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\SeparateProcess
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\NoNetCrawling
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\AutoCheckSelect
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\IconsOnly
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowTypeOverlay
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowStatusBar
HKEY_CURRENT_USER\Software\Classes\Directory\DocObject
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\DocObject
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\DocObject
HKEY_CURRENT_USER\Software\Classes\Directory\BrowseInPlace
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\BrowseInPlace
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\BrowseInPlace
HKEY_CURRENT_USER\Software\Classes\Directory\IsShortcut
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\IsShortcut
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\IsShortcut
HKEY_CURRENT_USER\Software\Classes\Directory\AlwaysShowExt
HKEY_CURRENT_USER\Software\Classes\Directory\NeverShowExt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\NeverShowExt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\NeverShowExt
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\KindMap\.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.exe\Content Type
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\AllowFileCLSIDJunctions
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.exe\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\DocObject
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.exe\DocObject
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\BrowseInPlace
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.exe\BrowseInPlace
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\IsShortcut
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.exe\IsShortcut
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\AlwaysShowExt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.exe\AlwaysShowExt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\NeverShowExt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.exe\NeverShowExt
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\SafeProcessSearchMode
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\DelegateFolders\StorageDelegateSuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\DelegateFolders\StorageDelegate
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OneDrive
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\OneDrive
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Discord
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\Discord
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Steam
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\Steam
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Internal.StartupTaskInternal\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Internal.StartupTaskInternal\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Internal.StartupTaskInternal\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Internal.StartupTaskInternal\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Internal.StartupTaskInternal\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Internal.StartupTaskInternal\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Internal.StartupTaskInternal\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Internal.StartupTaskInternal\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Internal.StartupTaskInternal\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Internal.StartupTaskInternal\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Internal.StartupTaskInternal\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SecurityManager\AdminCapabilities\automatedAppLaunch
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Diagnostics.AsyncCausalityTracer\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Diagnostics.AsyncCausalityTracer\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Diagnostics.AsyncCausalityTracer\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Diagnostics.AsyncCausalityTracer\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Diagnostics.AsyncCausalityTracer\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Diagnostics.AsyncCausalityTracer\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Diagnostics.AsyncCausalityTracer\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Diagnostics.AsyncCausalityTracer\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Diagnostics.AsyncCausalityTracer\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Diagnostics.AsyncCausalityTracer\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Diagnostics.AsyncCausalityTracer\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.ApplicationExtension\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.ApplicationExtension\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.ApplicationExtension\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.ApplicationExtension\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.ApplicationExtension\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.ApplicationExtension\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.ApplicationExtension\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.ApplicationExtension\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.ApplicationExtension\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.ApplicationExtension\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.ApplicationExtension\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\StateRepository\ExePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\StateRepository\CommandLine
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\StateRepository\IdentityType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\StateRepository\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\StateRepository\ActivatableClasses
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\StateRepository\ServerType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\StateRepository\AppId
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\StateRepository\Identity
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\StateRepository\ServiceName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\StateRepository\ExplicitPsmActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{b94b62a2-4012-4b7e-a395-f21cc665fd12}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c53e07ec-25f3-4093-aa39-fc67ea22e99d}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c53e07ec-25f3-4093-aa39-fc67ea22e99d}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c53e07ec-25f3-4093-aa39-fc67ea22e99d}\InProcServer32\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c53e07ec-25f3-4093-aa39-fc67ea22e99d}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c53e07ec-25f3-4093-aa39-fc67ea22e99d}\InProcServer32\ThreadingModel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c53e07ec-25f3-4093-aa39-fc67ea22e99d}\AppID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AF86E2E0-B12D-4c6a-9C5A-D7AA65101E90}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6cb10ed7-4bca-5561-b2e1-40e1197c1b0c}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.Package\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.Package\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.Package\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.Package\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.Package\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.Package\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.Package\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.Package\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.Package\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.Package\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.Package\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0450ce77-af0d-40ac-93fd-1e5d48c89419}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Control Panel\International\User Profile\Languages
HKEY_CURRENT_USER\Control Panel\International\Geo\Nation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1e87508d-89c2-42f0-8a7e-645a0f50ca58}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1e87508d-89c2-42f0-8a7e-645a0f50ca58}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1e87508d-89c2-42f0-8a7e-645a0f50ca58}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1e87508d-89c2-42f0-8a7e-645a0f50ca58}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1e87508d-89c2-42f0-8a7e-645a0f50ca58}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1e87508d-89c2-42f0-8a7e-645a0f50ca58}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1e87508d-89c2-42f0-8a7e-645a0f50ca58}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1e87508d-89c2-42f0-8a7e-645a0f50ca58}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1e87508d-89c2-42f0-8a7e-645a0f50ca58}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1e87508d-89c2-42f0-8a7e-645a0f50ca58}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1e87508d-89c2-42f0-8a7e-645a0f50ca58}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1e87508d-89c2-42f0-8a7e-645a0f50ca58}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1e87508d-89c2-42f0-8a7e-645a0f50ca58}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1e87508d-89c2-42f0-8a7e-645a0f50ca58}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1e87508d-89c2-42f0-8a7e-645a0f50ca58}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1e87508d-89c2-42f0-8a7e-645a0f50ca58}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1e87508d-89c2-42f0-8a7e-645a0f50ca58}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1e87508d-89c2-42f0-8a7e-645a0f50ca58}\DefinitionFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1e87508d-89c2-42f0-8a7e-645a0f50ca58}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1e87508d-89c2-42f0-8a7e-645a0f50ca58}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1e87508d-89c2-42f0-8a7e-645a0f50ca58}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4234d49b-0245-4df3-b780-3893943456e1}\SortOrderIndex
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4234d49b-0245-4df3-b780-3893943456e1}\ShellFolder\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4234d49b-0245-4df3-b780-3893943456e1}\ShellFolder\CallForAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4234d49b-0245-4df3-b780-3893943456e1}\ShellFolder\RestrictedAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4234d49b-0245-4df3-b780-3893943456e1}\ShellFolder\FolderValueFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{4234D49B-0245-4DF3-B780-3893943456E1}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\PreXPSP2ShellProtocolBehavior
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4234d49b-0245-4df3-b780-3893943456e1}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4234d49b-0245-4df3-b780-3893943456e1}\InProcServer32\LoadWithoutCOM
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\LogFlags
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached\{4234D49B-0245-4DF3-B780-3893943456E1} {000214E6-0000-0000-C000-000000000046} 0xFFFF
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.TileStore\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.TileStore\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.TileStore\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.TileStore\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.TileStore\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.TileStore\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.TileStore\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.TileStore\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.TileStore\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.TileStore\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.TileStore\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.User\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.User\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.User\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.User\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.User\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.User\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.User\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.User\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.User\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.User\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.User\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{84103ccb-2fd7-4d6c-962e-5d8582b4c720}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5232f8ea-49c7-4840-bfbb-66e785689e88}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.TileView\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.TileView\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.TileView\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.TileView\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.TileView\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.TileView\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.TileView\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.TileView\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.TileView\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.TileView\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.TileView\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6d3bc882-23a4-4706-b8fa-fc7de2fc325d}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.TileQueryFilter\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.TileQueryFilter\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.TileQueryFilter\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.TileQueryFilter\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.TileQueryFilter\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.TileQueryFilter\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.TileQueryFilter\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.TileQueryFilter\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.TileQueryFilter\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.TileQueryFilter\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.TileQueryFilter\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.TileViewQueryFilter\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.TileViewQueryFilter\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.TileViewQueryFilter\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.TileViewQueryFilter\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.TileViewQueryFilter\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.TileViewQueryFilter\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.TileViewQueryFilter\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.TileViewQueryFilter\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.TileViewQueryFilter\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.TileViewQueryFilter\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.TileViewQueryFilter\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{e3dd5d31-892e-4ad6-9ce9-8fe1f185047b}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6a905a4b-cd66-5c7c-ab57-f5eb16c97257}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2be22368-4c98-5e9f-ac2b-de493c0c3e43}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{f502008f-7a0e-5757-8e65-ebad2e5a0e21}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{19ad9e30-89f3-48f6-9c50-e34a59494544}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{8a43ed9f-f4e6-4421-acf9-1dab2986820c}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11659a23-5884-4d1b-9cf6-67d6f4f90b36}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11659a23-5884-4d1b-9cf6-67d6f4f90b36}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11659a23-5884-4d1b-9cf6-67d6f4f90b36}\InProcServer32\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11659a23-5884-4d1b-9cf6-67d6f4f90b36}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11659a23-5884-4d1b-9cf6-67d6f4f90b36}\InProcServer32\ThreadingModel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11659a23-5884-4d1b-9cf6-67d6f4f90b36}\AppID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3bed20a5-6dee-4297-b976-3b30df69a7aa}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{195f5943-0c04-4eab-b907-735817fdac77}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\1f\InstalledLocation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\1f\MutableLink
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1b0d3570-0877-5ec2-8a2c-3b9539506aca}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Repository\Packages\Microsoft.Windows.StartMenuExperienceHost_10.0.19041.3636_neutral_neutral_cw5n1h2txyewy\PackageStatus
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\1f\PackageOrigin
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\1f\Flags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Core.CoreWindow\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Core.CoreWindow\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Core.CoreWindow\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Core.CoreWindow\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Core.CoreWindow\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Core.CoreWindow\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Core.CoreWindow\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Core.CoreWindow\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Core.CoreWindow\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Core.CoreWindow\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Core.CoreWindow\ActivateOnHostFlags
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\FrameTabWindow
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FrameTabWindow
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\FrameMerging
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FrameMerging
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\SessionMerging
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\SessionMerging
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\AdminTabProcs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\AdminTabProcs
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Security\RunBinaryControlHostProcessInSeparateAppContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Security\RunBinaryControlHostProcessInSeparateAppContainer
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\TabProcGrowth
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\TabProcGrowth
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.Application\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.Application\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.Application\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.Application\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.Application\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.Application\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.Application\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.Application\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.Application\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.Application\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.Application\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{d81e96f1-a89c-417e-9335-59531026309d}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{8da928c9-4266-55d4-947a-48be47300831}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\1a\InstalledLocation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\1a\MutableLink
HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Repository\Packages\Microsoft.Windows.Search_1.14.10.19041_neutral_neutral_cw5n1h2txyewy\PackageStatus
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\1a\PackageOrigin
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\1a\Flags
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentPalette
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\22\InstalledLocation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\22\MutableLink
HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Repository\Packages\MicrosoftWindows.Client.CBS_1000.19053.1000.0_x64__cw5n1h2txyewy\PackageStatus
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\22\PackageOrigin
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\22\Flags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\TurnOffSPIAnimations
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\1\IdType
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\1\Transport
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\1\QueryFile
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\1\NoStateFile
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\10\IdType
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\10\Transport
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\10\UUID
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\11\IdType
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\11\Transport
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\11\QueryFile
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\11\NoStateFile
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\2\IdType
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\2\Transport
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\2\QueryFile
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\2\NoStateFile
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\3\IdType
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\3\Transport
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\3\QueryFile
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\3\NoStateFile
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\4\IdType
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\4\Transport
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\4\QueryFile
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\4\NoStateFile
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\5\IdType
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\5\Transport
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\5\UUID
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\6\IdType
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\6\Transport
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\6\UUID
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\7\IdType
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\7\Transport
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\7\QueryFile
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\7\NoStateFile
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\8\IdType
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\8\Transport
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\8\DllName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\8\DevQueryEntry
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\9\IdType
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\9\Transport
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\9\DllName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DevQuery\9\DevQueryEntry
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\Last Help
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{16fa106f-26c3-42a5-982b-400779ea8970}\ProviderType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{16fa106f-26c3-42a5-982b-400779ea8970}\ProviderName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{16fa106f-26c3-42a5-982b-400779ea8970}\ApplicationIdentity
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{16fa106f-26c3-42a5-982b-400779ea8970}\{a4b0515f-2c2f-4fc4-87f5-b3a3a8747225}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{16fa106f-26c3-42a5-982b-400779ea8970}\{a4b0515f-2c2f-4fc4-87f5-b3a3a8747225}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{16fa106f-26c3-42a5-982b-400779ea8970}\{a4b0515f-2c2f-4fc4-87f5-b3a3a8747225}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{16fa106f-26c3-42a5-982b-400779ea8970}\{a4b0515f-2c2f-4fc4-87f5-b3a3a8747225}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{16fa106f-26c3-42a5-982b-400779ea8970}\{a4b0515f-2c2f-4fc4-87f5-b3a3a8747225}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{16fa106f-26c3-42a5-982b-400779ea8970}\{a4b0515f-2c2f-4fc4-87f5-b3a3a8747225}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{16fa106f-26c3-42a5-982b-400779ea8970}\{a4b0515f-2c2f-4fc4-87f5-b3a3a8747225}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{1ffc4a37-aabd-49e0-8b3d-fce8b099febb}\ProviderType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{1ffc4a37-aabd-49e0-8b3d-fce8b099febb}\ProviderName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{1ffc4a37-aabd-49e0-8b3d-fce8b099febb}\ApplicationIdentity
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{1ffc4a37-aabd-49e0-8b3d-fce8b099febb}\{d049a97f-9f42-4c11-ad73-5d8c68b30258}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{1ffc4a37-aabd-49e0-8b3d-fce8b099febb}\{d049a97f-9f42-4c11-ad73-5d8c68b30258}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{1ffc4a37-aabd-49e0-8b3d-fce8b099febb}\{d049a97f-9f42-4c11-ad73-5d8c68b30258}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{1ffc4a37-aabd-49e0-8b3d-fce8b099febb}\{d049a97f-9f42-4c11-ad73-5d8c68b30258}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{1ffc4a37-aabd-49e0-8b3d-fce8b099febb}\{d049a97f-9f42-4c11-ad73-5d8c68b30258}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{1ffc4a37-aabd-49e0-8b3d-fce8b099febb}\{d049a97f-9f42-4c11-ad73-5d8c68b30258}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{1ffc4a37-aabd-49e0-8b3d-fce8b099febb}\{d049a97f-9f42-4c11-ad73-5d8c68b30258}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{20fe1a3a-af21-413c-8a7b-b7fbf6c9a059}\ProviderType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{20fe1a3a-af21-413c-8a7b-b7fbf6c9a059}\ProviderName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{20fe1a3a-af21-413c-8a7b-b7fbf6c9a059}\ApplicationIdentity
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{20fe1a3a-af21-413c-8a7b-b7fbf6c9a059}\{8a922684-7993-4b38-9929-b7366f01ec4a}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{20fe1a3a-af21-413c-8a7b-b7fbf6c9a059}\{8a922684-7993-4b38-9929-b7366f01ec4a}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{20fe1a3a-af21-413c-8a7b-b7fbf6c9a059}\{8a922684-7993-4b38-9929-b7366f01ec4a}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{20fe1a3a-af21-413c-8a7b-b7fbf6c9a059}\{8a922684-7993-4b38-9929-b7366f01ec4a}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{20fe1a3a-af21-413c-8a7b-b7fbf6c9a059}\{8a922684-7993-4b38-9929-b7366f01ec4a}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{20fe1a3a-af21-413c-8a7b-b7fbf6c9a059}\{8a922684-7993-4b38-9929-b7366f01ec4a}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{20fe1a3a-af21-413c-8a7b-b7fbf6c9a059}\{8a922684-7993-4b38-9929-b7366f01ec4a}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2538387c-08b7-44b8-86d3-47f59cf6d056}\ProviderType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2538387c-08b7-44b8-86d3-47f59cf6d056}\ProviderName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2538387c-08b7-44b8-86d3-47f59cf6d056}\ApplicationIdentity
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2538387c-08b7-44b8-86d3-47f59cf6d056}\{2538387c-08b7-44b8-86d3-47f59cf6d057}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2538387c-08b7-44b8-86d3-47f59cf6d056}\{2538387c-08b7-44b8-86d3-47f59cf6d057}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2538387c-08b7-44b8-86d3-47f59cf6d056}\{2538387c-08b7-44b8-86d3-47f59cf6d057}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2538387c-08b7-44b8-86d3-47f59cf6d056}\{2538387c-08b7-44b8-86d3-47f59cf6d057}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2538387c-08b7-44b8-86d3-47f59cf6d056}\{2538387c-08b7-44b8-86d3-47f59cf6d057}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2538387c-08b7-44b8-86d3-47f59cf6d056}\{2538387c-08b7-44b8-86d3-47f59cf6d057}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2538387c-08b7-44b8-86d3-47f59cf6d056}\{2538387c-08b7-44b8-86d3-47f59cf6d057}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2a32a3f9-ee0c-40ff-8a75-e1e747d15b1f}\ProviderType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2a32a3f9-ee0c-40ff-8a75-e1e747d15b1f}\ProviderName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2a32a3f9-ee0c-40ff-8a75-e1e747d15b1f}\ApplicationIdentity
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2a32a3f9-ee0c-40ff-8a75-e1e747d15b1f}\{d11168c5-9f29-43bc-9269-0548637a62b0}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2a32a3f9-ee0c-40ff-8a75-e1e747d15b1f}\{d11168c5-9f29-43bc-9269-0548637a62b0}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2a32a3f9-ee0c-40ff-8a75-e1e747d15b1f}\{d11168c5-9f29-43bc-9269-0548637a62b0}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2a32a3f9-ee0c-40ff-8a75-e1e747d15b1f}\{d11168c5-9f29-43bc-9269-0548637a62b0}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2a32a3f9-ee0c-40ff-8a75-e1e747d15b1f}\{d11168c5-9f29-43bc-9269-0548637a62b0}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2a32a3f9-ee0c-40ff-8a75-e1e747d15b1f}\{d11168c5-9f29-43bc-9269-0548637a62b0}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2a32a3f9-ee0c-40ff-8a75-e1e747d15b1f}\{d11168c5-9f29-43bc-9269-0548637a62b0}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2ccb0d8d-ea94-4235-986b-c97f61f63969}\ProviderType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2ccb0d8d-ea94-4235-986b-c97f61f63969}\ProviderName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2ccb0d8d-ea94-4235-986b-c97f61f63969}\ApplicationIdentity
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2ccb0d8d-ea94-4235-986b-c97f61f63969}\{ef82017e-50e2-4ca2-b9ec-b9895ab70e08}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2ccb0d8d-ea94-4235-986b-c97f61f63969}\{ef82017e-50e2-4ca2-b9ec-b9895ab70e08}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2ccb0d8d-ea94-4235-986b-c97f61f63969}\{ef82017e-50e2-4ca2-b9ec-b9895ab70e08}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2ccb0d8d-ea94-4235-986b-c97f61f63969}\{ef82017e-50e2-4ca2-b9ec-b9895ab70e08}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2ccb0d8d-ea94-4235-986b-c97f61f63969}\{ef82017e-50e2-4ca2-b9ec-b9895ab70e08}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2ccb0d8d-ea94-4235-986b-c97f61f63969}\{ef82017e-50e2-4ca2-b9ec-b9895ab70e08}\NeutralName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2ccb0d8d-ea94-4235-986b-c97f61f63969}\{ef82017e-50e2-4ca2-b9ec-b9895ab70e08}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2ccb0d8d-ea94-4235-986b-c97f61f63969}\{ef82017e-50e2-4ca2-b9ec-b9895ab70e08}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2ea0b998-e7e8-41c6-8abc-093083ea21d7}\ProviderType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2ea0b998-e7e8-41c6-8abc-093083ea21d7}\ProviderName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2ea0b998-e7e8-41c6-8abc-093083ea21d7}\ApplicationIdentity
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2ea0b998-e7e8-41c6-8abc-093083ea21d7}\{687d8f80-ffea-4de5-a41f-3e1c83378839}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2ea0b998-e7e8-41c6-8abc-093083ea21d7}\{687d8f80-ffea-4de5-a41f-3e1c83378839}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2ea0b998-e7e8-41c6-8abc-093083ea21d7}\{687d8f80-ffea-4de5-a41f-3e1c83378839}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2ea0b998-e7e8-41c6-8abc-093083ea21d7}\{687d8f80-ffea-4de5-a41f-3e1c83378839}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2ea0b998-e7e8-41c6-8abc-093083ea21d7}\{687d8f80-ffea-4de5-a41f-3e1c83378839}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2ea0b998-e7e8-41c6-8abc-093083ea21d7}\{687d8f80-ffea-4de5-a41f-3e1c83378839}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{2ea0b998-e7e8-41c6-8abc-093083ea21d7}\{687d8f80-ffea-4de5-a41f-3e1c83378839}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{31a5ebe2-c765-490a-937c-b0ab2787fe15}\ProviderType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{31a5ebe2-c765-490a-937c-b0ab2787fe15}\ProviderName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{31a5ebe2-c765-490a-937c-b0ab2787fe15}\ApplicationIdentity
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{31a5ebe2-c765-490a-937c-b0ab2787fe15}\{c73dfef0-11b8-4a3f-a1ad-0dcbbc5186ef}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{31a5ebe2-c765-490a-937c-b0ab2787fe15}\{c73dfef0-11b8-4a3f-a1ad-0dcbbc5186ef}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{31a5ebe2-c765-490a-937c-b0ab2787fe15}\{c73dfef0-11b8-4a3f-a1ad-0dcbbc5186ef}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{31a5ebe2-c765-490a-937c-b0ab2787fe15}\{c73dfef0-11b8-4a3f-a1ad-0dcbbc5186ef}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{31a5ebe2-c765-490a-937c-b0ab2787fe15}\{c73dfef0-11b8-4a3f-a1ad-0dcbbc5186ef}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{31a5ebe2-c765-490a-937c-b0ab2787fe15}\{c73dfef0-11b8-4a3f-a1ad-0dcbbc5186ef}\NeutralName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{31a5ebe2-c765-490a-937c-b0ab2787fe15}\{c73dfef0-11b8-4a3f-a1ad-0dcbbc5186ef}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{31a5ebe2-c765-490a-937c-b0ab2787fe15}\{c73dfef0-11b8-4a3f-a1ad-0dcbbc5186ef}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3817cb9c-49a8-436b-bc29-5518877d3c3a}\ProviderType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3817cb9c-49a8-436b-bc29-5518877d3c3a}\ProviderName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3817cb9c-49a8-436b-bc29-5518877d3c3a}\ApplicationIdentity
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3817cb9c-49a8-436b-bc29-5518877d3c3a}\{82fa211f-e7f8-4ab5-a04c-cc523073b971}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3817cb9c-49a8-436b-bc29-5518877d3c3a}\{82fa211f-e7f8-4ab5-a04c-cc523073b971}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3817cb9c-49a8-436b-bc29-5518877d3c3a}\{82fa211f-e7f8-4ab5-a04c-cc523073b971}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3817cb9c-49a8-436b-bc29-5518877d3c3a}\{82fa211f-e7f8-4ab5-a04c-cc523073b971}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3817cb9c-49a8-436b-bc29-5518877d3c3a}\{82fa211f-e7f8-4ab5-a04c-cc523073b971}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3817cb9c-49a8-436b-bc29-5518877d3c3a}\{82fa211f-e7f8-4ab5-a04c-cc523073b971}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3817cb9c-49a8-436b-bc29-5518877d3c3a}\{82fa211f-e7f8-4ab5-a04c-cc523073b971}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\ProviderType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\ProviderName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\ApplicationIdentity
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{2f66fd0a-9f6c-4d91-9f2f-2a1b5e41b7dc}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{2f66fd0a-9f6c-4d91-9f2f-2a1b5e41b7dc}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{2f66fd0a-9f6c-4d91-9f2f-2a1b5e41b7dc}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{2f66fd0a-9f6c-4d91-9f2f-2a1b5e41b7dc}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{2f66fd0a-9f6c-4d91-9f2f-2a1b5e41b7dc}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{2f66fd0a-9f6c-4d91-9f2f-2a1b5e41b7dc}\NeutralName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{2f66fd0a-9f6c-4d91-9f2f-2a1b5e41b7dc}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{2f66fd0a-9f6c-4d91-9f2f-2a1b5e41b7dc}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{370e979a-377a-4f30-b2c4-9a0fd072890b}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{370e979a-377a-4f30-b2c4-9a0fd072890b}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{370e979a-377a-4f30-b2c4-9a0fd072890b}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{370e979a-377a-4f30-b2c4-9a0fd072890b}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{370e979a-377a-4f30-b2c4-9a0fd072890b}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{370e979a-377a-4f30-b2c4-9a0fd072890b}\NeutralName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{370e979a-377a-4f30-b2c4-9a0fd072890b}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{370e979a-377a-4f30-b2c4-9a0fd072890b}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{42cd0051-9dd9-4fe2-8db9-d37885d2d749}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{42cd0051-9dd9-4fe2-8db9-d37885d2d749}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{42cd0051-9dd9-4fe2-8db9-d37885d2d749}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{42cd0051-9dd9-4fe2-8db9-d37885d2d749}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{42cd0051-9dd9-4fe2-8db9-d37885d2d749}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{42cd0051-9dd9-4fe2-8db9-d37885d2d749}\NeutralName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{42cd0051-9dd9-4fe2-8db9-d37885d2d749}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{42cd0051-9dd9-4fe2-8db9-d37885d2d749}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{52bc5412-dac2-449c-8bc2-96443888fe6b}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{52bc5412-dac2-449c-8bc2-96443888fe6b}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{52bc5412-dac2-449c-8bc2-96443888fe6b}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{52bc5412-dac2-449c-8bc2-96443888fe6b}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{52bc5412-dac2-449c-8bc2-96443888fe6b}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{52bc5412-dac2-449c-8bc2-96443888fe6b}\NeutralName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{52bc5412-dac2-449c-8bc2-96443888fe6b}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{52bc5412-dac2-449c-8bc2-96443888fe6b}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{b4fc721a-0378-476f-89ba-a5a79f810b36}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{b4fc721a-0378-476f-89ba-a5a79f810b36}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{b4fc721a-0378-476f-89ba-a5a79f810b36}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{b4fc721a-0378-476f-89ba-a5a79f810b36}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{b4fc721a-0378-476f-89ba-a5a79f810b36}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{b4fc721a-0378-476f-89ba-a5a79f810b36}\NeutralName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{b4fc721a-0378-476f-89ba-a5a79f810b36}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{b4fc721a-0378-476f-89ba-a5a79f810b36}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{ed83b00b-6afd-4063-9420-16fe0fa3b36f}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{ed83b00b-6afd-4063-9420-16fe0fa3b36f}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{ed83b00b-6afd-4063-9420-16fe0fa3b36f}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{ed83b00b-6afd-4063-9420-16fe0fa3b36f}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{ed83b00b-6afd-4063-9420-16fe0fa3b36f}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{ed83b00b-6afd-4063-9420-16fe0fa3b36f}\NeutralName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{ed83b00b-6afd-4063-9420-16fe0fa3b36f}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{ed83b00b-6afd-4063-9420-16fe0fa3b36f}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{f596750d-b109-4247-a62f-dea47a46e505}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{f596750d-b109-4247-a62f-dea47a46e505}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{f596750d-b109-4247-a62f-dea47a46e505}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{f596750d-b109-4247-a62f-dea47a46e505}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{f596750d-b109-4247-a62f-dea47a46e505}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{f596750d-b109-4247-a62f-dea47a46e505}\NeutralName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{f596750d-b109-4247-a62f-dea47a46e505}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{383487a6-3676-4870-a4e7-d45b30c35629}\{f596750d-b109-4247-a62f-dea47a46e505}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\ProviderType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\ProviderName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\ApplicationIdentity
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{2617bf8d-bedc-4231-b92b-1dd2d34ee225}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{2617bf8d-bedc-4231-b92b-1dd2d34ee225}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{2617bf8d-bedc-4231-b92b-1dd2d34ee225}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{2617bf8d-bedc-4231-b92b-1dd2d34ee225}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{2617bf8d-bedc-4231-b92b-1dd2d34ee225}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{2617bf8d-bedc-4231-b92b-1dd2d34ee225}\NeutralName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{2617bf8d-bedc-4231-b92b-1dd2d34ee225}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{2617bf8d-bedc-4231-b92b-1dd2d34ee225}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{4ad2297e-ee20-42b4-9cb7-13f6f1598dbd}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{4ad2297e-ee20-42b4-9cb7-13f6f1598dbd}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{4ad2297e-ee20-42b4-9cb7-13f6f1598dbd}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{4ad2297e-ee20-42b4-9cb7-13f6f1598dbd}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{4ad2297e-ee20-42b4-9cb7-13f6f1598dbd}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{4ad2297e-ee20-42b4-9cb7-13f6f1598dbd}\NeutralName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{4ad2297e-ee20-42b4-9cb7-13f6f1598dbd}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{4ad2297e-ee20-42b4-9cb7-13f6f1598dbd}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{59ceb84f-55ff-48c0-80cc-df0068501814}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{59ceb84f-55ff-48c0-80cc-df0068501814}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{59ceb84f-55ff-48c0-80cc-df0068501814}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{59ceb84f-55ff-48c0-80cc-df0068501814}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{59ceb84f-55ff-48c0-80cc-df0068501814}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{59ceb84f-55ff-48c0-80cc-df0068501814}\NeutralName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{59ceb84f-55ff-48c0-80cc-df0068501814}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{59ceb84f-55ff-48c0-80cc-df0068501814}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{882d9f58-d338-4a83-bc3d-23f5b0a98fa9}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{882d9f58-d338-4a83-bc3d-23f5b0a98fa9}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{882d9f58-d338-4a83-bc3d-23f5b0a98fa9}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{882d9f58-d338-4a83-bc3d-23f5b0a98fa9}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{882d9f58-d338-4a83-bc3d-23f5b0a98fa9}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{882d9f58-d338-4a83-bc3d-23f5b0a98fa9}\NeutralName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{882d9f58-d338-4a83-bc3d-23f5b0a98fa9}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{882d9f58-d338-4a83-bc3d-23f5b0a98fa9}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{987a3601-c362-48e4-a856-e28f070efb07}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{987a3601-c362-48e4-a856-e28f070efb07}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{987a3601-c362-48e4-a856-e28f070efb07}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{987a3601-c362-48e4-a856-e28f070efb07}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{987a3601-c362-48e4-a856-e28f070efb07}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{987a3601-c362-48e4-a856-e28f070efb07}\NeutralName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{987a3601-c362-48e4-a856-e28f070efb07}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{987a3601-c362-48e4-a856-e28f070efb07}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{9acaa205-c3ed-4acd-a911-6554d156b095}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{9acaa205-c3ed-4acd-a911-6554d156b095}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{9acaa205-c3ed-4acd-a911-6554d156b095}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{9acaa205-c3ed-4acd-a911-6554d156b095}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{9acaa205-c3ed-4acd-a911-6554d156b095}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{9acaa205-c3ed-4acd-a911-6554d156b095}\NeutralName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{9acaa205-c3ed-4acd-a911-6554d156b095}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{9acaa205-c3ed-4acd-a911-6554d156b095}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{9acaa206-c3ed-4acd-a911-6554d156b095}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{9acaa206-c3ed-4acd-a911-6554d156b095}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{9acaa206-c3ed-4acd-a911-6554d156b095}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{9acaa206-c3ed-4acd-a911-6554d156b095}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{9acaa206-c3ed-4acd-a911-6554d156b095}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{9acaa206-c3ed-4acd-a911-6554d156b095}\NeutralName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{9acaa206-c3ed-4acd-a911-6554d156b095}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{9acaa206-c3ed-4acd-a911-6554d156b095}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{c0fe4189-5cfa-4659-9eba-10541cc395a0}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{c0fe4189-5cfa-4659-9eba-10541cc395a0}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{c0fe4189-5cfa-4659-9eba-10541cc395a0}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{c0fe4189-5cfa-4659-9eba-10541cc395a0}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{c0fe4189-5cfa-4659-9eba-10541cc395a0}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{c0fe4189-5cfa-4659-9eba-10541cc395a0}\NeutralName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{c0fe4189-5cfa-4659-9eba-10541cc395a0}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{c0fe4189-5cfa-4659-9eba-10541cc395a0}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{c5a19aba-349b-49cc-94c8-f36404082727}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{c5a19aba-349b-49cc-94c8-f36404082727}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{c5a19aba-349b-49cc-94c8-f36404082727}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{c5a19aba-349b-49cc-94c8-f36404082727}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{c5a19aba-349b-49cc-94c8-f36404082727}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{c5a19aba-349b-49cc-94c8-f36404082727}\NeutralName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{c5a19aba-349b-49cc-94c8-f36404082727}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3def464b-f31b-4117-8fb7-bb829a0e1a15}\{c5a19aba-349b-49cc-94c8-f36404082727}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3e785595-30c2-437d-96ed-677d14724610}\ProviderType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3e785595-30c2-437d-96ed-677d14724610}\ProviderName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3e785595-30c2-437d-96ed-677d14724610}\ApplicationIdentity
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3e785595-30c2-437d-96ed-677d14724610}\{6ca1716d-53cd-468a-a1b3-59032c19c166}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3e785595-30c2-437d-96ed-677d14724610}\{6ca1716d-53cd-468a-a1b3-59032c19c166}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3e785595-30c2-437d-96ed-677d14724610}\{6ca1716d-53cd-468a-a1b3-59032c19c166}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3e785595-30c2-437d-96ed-677d14724610}\{6ca1716d-53cd-468a-a1b3-59032c19c166}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3e785595-30c2-437d-96ed-677d14724610}\{6ca1716d-53cd-468a-a1b3-59032c19c166}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3e785595-30c2-437d-96ed-677d14724610}\{6ca1716d-53cd-468a-a1b3-59032c19c166}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{3e785595-30c2-437d-96ed-677d14724610}\{6ca1716d-53cd-468a-a1b3-59032c19c166}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\ProviderType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\ProviderName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\ApplicationIdentity
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{c3cf1c57-275d-4b71-a5a6-e4e90401b821}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{c3cf1c57-275d-4b71-a5a6-e4e90401b821}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{c3cf1c57-275d-4b71-a5a6-e4e90401b821}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{c3cf1c57-275d-4b71-a5a6-e4e90401b821}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{c3cf1c57-275d-4b71-a5a6-e4e90401b821}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{c3cf1c57-275d-4b71-a5a6-e4e90401b821}\NeutralName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{c3cf1c57-275d-4b71-a5a6-e4e90401b821}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{c3cf1c57-275d-4b71-a5a6-e4e90401b821}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{e363bd27-bfbd-4581-a142-ecc006a7b82b}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{e363bd27-bfbd-4581-a142-ecc006a7b82b}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{e363bd27-bfbd-4581-a142-ecc006a7b82b}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{e363bd27-bfbd-4581-a142-ecc006a7b82b}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{e363bd27-bfbd-4581-a142-ecc006a7b82b}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{e363bd27-bfbd-4581-a142-ecc006a7b82b}\NeutralName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{e363bd27-bfbd-4581-a142-ecc006a7b82b}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{e363bd27-bfbd-4581-a142-ecc006a7b82b}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{f961fa1c-6b9b-4d16-b414-499ed1f6d6f2}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{f961fa1c-6b9b-4d16-b414-499ed1f6d6f2}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{f961fa1c-6b9b-4d16-b414-499ed1f6d6f2}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{f961fa1c-6b9b-4d16-b414-499ed1f6d6f2}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{f961fa1c-6b9b-4d16-b414-499ed1f6d6f2}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{f961fa1c-6b9b-4d16-b414-499ed1f6d6f2}\NeutralName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{f961fa1c-6b9b-4d16-b414-499ed1f6d6f2}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{408443b2-2164-418a-ad52-c761f93310f3}\{f961fa1c-6b9b-4d16-b414-499ed1f6d6f2}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{420a6c98-914e-40fc-9a0f-80c7db801780}\ProviderType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{420a6c98-914e-40fc-9a0f-80c7db801780}\ProviderName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{420a6c98-914e-40fc-9a0f-80c7db801780}\ApplicationIdentity
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{420a6c98-914e-40fc-9a0f-80c7db801780}\{a44a45c2-664d-476c-b68c-6b123eccc31f}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{420a6c98-914e-40fc-9a0f-80c7db801780}\{a44a45c2-664d-476c-b68c-6b123eccc31f}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{420a6c98-914e-40fc-9a0f-80c7db801780}\{a44a45c2-664d-476c-b68c-6b123eccc31f}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{420a6c98-914e-40fc-9a0f-80c7db801780}\{a44a45c2-664d-476c-b68c-6b123eccc31f}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{420a6c98-914e-40fc-9a0f-80c7db801780}\{a44a45c2-664d-476c-b68c-6b123eccc31f}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{420a6c98-914e-40fc-9a0f-80c7db801780}\{a44a45c2-664d-476c-b68c-6b123eccc31f}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{420a6c98-914e-40fc-9a0f-80c7db801780}\{a44a45c2-664d-476c-b68c-6b123eccc31f}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\ProviderType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\ProviderName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\ApplicationIdentity
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{d30c5234-f79d-44a9-9803-2f9d5feef791}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{d30c5234-f79d-44a9-9803-2f9d5feef791}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{d30c5234-f79d-44a9-9803-2f9d5feef791}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{d30c5234-f79d-44a9-9803-2f9d5feef791}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{d30c5234-f79d-44a9-9803-2f9d5feef791}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{d30c5234-f79d-44a9-9803-2f9d5feef791}\NeutralName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{d30c5234-f79d-44a9-9803-2f9d5feef791}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{d30c5234-f79d-44a9-9803-2f9d5feef791}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{e6e560b2-062f-41ca-89ab-f6987f2b7a25}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{e6e560b2-062f-41ca-89ab-f6987f2b7a25}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{e6e560b2-062f-41ca-89ab-f6987f2b7a25}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{e6e560b2-062f-41ca-89ab-f6987f2b7a25}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{e6e560b2-062f-41ca-89ab-f6987f2b7a25}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{e6e560b2-062f-41ca-89ab-f6987f2b7a25}\NeutralName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{e6e560b2-062f-41ca-89ab-f6987f2b7a25}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{e6e560b2-062f-41ca-89ab-f6987f2b7a25}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{f4681672-32dc-41db-8669-fdf490345ba5}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{f4681672-32dc-41db-8669-fdf490345ba5}\NameResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{f4681672-32dc-41db-8669-fdf490345ba5}\ExplainResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{f4681672-32dc-41db-8669-fdf490345ba5}\First Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{f4681672-32dc-41db-8669-fdf490345ba5}\Last Counter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{f4681672-32dc-41db-8669-fdf490345ba5}\NeutralName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{f4681672-32dc-41db-8669-fdf490345ba5}\CounterBlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{4d4bac91-2b54-4f84-be36-cf74389f8f49}\{f4681672-32dc-41db-8669-fdf490345ba5}\CounterCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{57683f06-a08b-4708-8825-5c26f410744b}\ProviderType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{57683f06-a08b-4708-8825-5c26f410744b}\ProviderName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{57683f06-a08b-4708-8825-5c26f410744b}\ApplicationIdentity
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{57683f06-a08b-4708-8825-5c26f410744b}\{d9ff82a4-a6a2-4fa5-899e-086ead3bab21}\InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\Version
HKEY_PERFORMANCE_DATA\Counter 0409
HKEY_PERFORMANCE_DATA\Counter 009
HKEY_PERFORMANCE_DATA\Explain 0409
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\MachineGuid
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\90\InstalledLocation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\90\MutableLink
HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Repository\Packages\Microsoft.WindowsStore_11910.1002.5.0_x64__8wekyb3d8bbwe\PackageStatus
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\90\PackageOrigin
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\90\PackageFullName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\90\PackageFamily
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\90\PackageType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\90\Flags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\90\Flags2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\90\Volume
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\90\OSMaxVersionTested
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\90\MutableLocation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\90\TargetDeviceFamilyName
HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windowsstore_8wekyb3d8bbwe\ResourcesConfig\CachedMergedResourcesPriFileName
HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windowsstore_8wekyb3d8bbwe\ResourcesConfig\Language
HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Repository\Families\Microsoft.WindowsStore_8wekyb3d8bbwe\Microsoft.WindowsStore_11910.1002.5.0_neutral_split.scale-100_8wekyb3d8bbwe\Flags
HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Repository\Families\Microsoft.WindowsStore_8wekyb3d8bbwe\Microsoft.WindowsStore_11910.1002.5.0_x64__8wekyb3d8bbwe\Flags
HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windowsstore_8wekyb3d8bbwe\ResourcesConfig\ManifestLanguagesList
HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windowsstore_8wekyb3d8bbwe\ResourcesConfig\OverrideLanguagesList
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\Memory Management\ExistingPageFiles
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\Memory Management\PagingFiles
HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRun
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\SecurityHealth
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MicrosoftEdgeAutoLaunch_29EBC4579851B72EE312C449CF839B1A
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\MicrosoftEdgeAutoLaunch_29EBC4579851B72EE312C449CF839B1A
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\PackageExternalLocation\Data\2\Path
HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Repository\Packages\Microsoft.MicrosoftEdge.Stable_148.0.3967.83_neutral__8wekyb3d8bbwe\PackageStatus
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\b1\PackageOrigin
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\b1\PackageFullName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\b1\PackageFamily
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\b1\PackageType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\b1\Flags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\b1\Flags2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\b1\Volume
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\b1\OSMaxVersionTested
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\b1\InstalledLocation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\b1\MutableLink
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\b1\MutableLocation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\b1\TargetDeviceFamilyName
HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge.stable_8wekyb3d8bbwe\ResourcesConfig\CachedMergedResourcesPriFileName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\DataProtection\EDPShowIcons\PolicyType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\DataProtection\EDPShowIcons\Behavior
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\DataProtection\EDPShowIcons\MergeAlgorithm
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\DataProtection\EDPShowIcons\RegKeyPathRedirectMapped
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\DataProtection\EDPShowIcons\RegKeyPathRedirect
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\DataProtection\EDPShowIcons\grouppolicyname
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\DataProtection\EDPShowIcons\ADMXMetadataUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\DataProtection\EDPShowIcons\ADMXMetadataDevice
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\DataProtection\EDPShowIcons\ADMXMetadataBoth
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\DataProtection\EDPShowIcons\30Value
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\DataProtection\EDPShowIcons\Value
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\DefinitionFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\InitFolderHandler
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Desktop
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\DefinitionFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Common Desktop
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\EdgeUpdate\Clients\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}\channel
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}\ap
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}\cohort\name
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\OEM\DeviceForm
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\UBR
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\DisplayVersion
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\COM3\Com+Enabled
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Notifications.ToastNotificationManager\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Notifications.ToastNotificationManager\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Notifications.ToastNotificationManager\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Notifications.ToastNotificationManager\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Notifications.ToastNotificationManager\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Notifications.ToastNotificationManager\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Notifications.ToastNotificationManager\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Notifications.ToastNotificationManager\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Notifications.ToastNotificationManager\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Notifications.ToastNotificationManager\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Notifications.ToastNotificationManager\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Appx\AllowDevelopmentWithoutDevLicense
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlock\AllowDevelopmentWithoutDevLicense
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\RaiseActivationAuthenticationLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\RaiseDefaultAuthnLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\DefaultAccessPermission
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{00000134-0000-0000-C000-000000000046}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\Extensions\NdrOleExtDLL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E1CDD77A-65D3-4db0-B339-21F6A48CC2FF}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{00000035-0000-0000-C000-000000000046}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{50ac103f-d235-4598-bbef-98fe4d1a3ad4}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6db7cd52-e3b7-4ecc-bb1f-388aeef6bb50}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6db7cd52-e3b7-4ecc-bb1f-388aeef6bb50}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6db7cd52-e3b7-4ecc-bb1f-388aeef6bb50}\InProcServer32\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6db7cd52-e3b7-4ecc-bb1f-388aeef6bb50}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6db7cd52-e3b7-4ecc-bb1f-388aeef6bb50}\InProcServer32\ThreadingModel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6db7cd52-e3b7-4ecc-bb1f-388aeef6bb50}\AppID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7ab93c52-0e48-4750-ba9d-1a4113981847}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5caddc63-01d3-4c97-986f-0533483fee14}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3bc3d253-2f31-4092-9129-8ad5abf067da}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0c9281f9-6da1-4006-8729-de6e6b61581c}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0c9281f9-6da1-4006-8729-de6e6b61581c}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Containers\WaitForRestore
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\MaximumAllowedAllocationSize
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DF8E9480-CA73-448E-B8F0-DA000F581428}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\InProcServer32\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\InProcServer32\ThreadingModel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\AppID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DCAEE35A-508D-4419-9E56-50D658C2C812}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{926516E8-D891-45BC-9DE5-6959FB8ECAC5}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{a819f3de-60aa-5159-8407-f0a7fb1f6832}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D6F5F569-D40D-407C-8989-88CAB42CFD14}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{79ab57f6-43fe-487b-8a7f-99567200ae94}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{679C64B7-81AB-42C2-8819-C958767753F4}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F655B052-348B-4AB0-947B-A7DAFA44D404}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{58058629-16A1-438A-90C8-7E954B3734B1}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{23EB7394-4610-4807-BAEC-9A72F86FFA0B}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2A1821FE-179D-49BC-B79D-A527920D3665}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundExecutionManager\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundExecutionManager\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundExecutionManager\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundExecutionManager\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundExecutionManager\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundExecutionManager\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundExecutionManager\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundExecutionManager\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundExecutionManager\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundExecutionManager\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundExecutionManager\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{C5543B33-5C73-4DC5-9211-24077D3B06C5}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{428D4DDD-3462-43DF-9395-1EFF13AE7A4B}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b03c2205-f02e-4d77-80df-e1747afdd39c}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b03c2205-f02e-4d77-80df-e1747afdd39c}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b03c2205-f02e-4d77-80df-e1747afdd39c}\InprocServer32\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b03c2205-f02e-4d77-80df-e1747afdd39c}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b03c2205-f02e-4d77-80df-e1747afdd39c}\InprocServer32\ThreadingModel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b03c2205-f02e-4d77-80df-e1747afdd39c}\AppID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_UserInControlOfTheseApps\PolicyType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_UserInControlOfTheseApps\Behavior
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_UserInControlOfTheseApps\MergeAlgorithm
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_UserInControlOfTheseApps\RegKeyPathRedirectMapped
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_UserInControlOfTheseApps\RegKeyPathRedirect
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_UserInControlOfTheseApps\grouppolicyname
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_UserInControlOfTheseApps\grouppolicypath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_UserInControlOfTheseApps\grouppolicyismultisz
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_UserInControlOfTheseApps\grouppolicymultiszSeparatorChar
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_UserInControlOfTheseApps\ADMXMetadataUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_UserInControlOfTheseApps\ADMXMetadataDevice
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_UserInControlOfTheseApps\ADMXMetadataBoth
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_UserInControlOfTheseApps\30Value
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_UserInControlOfTheseApps\Value
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceAllowTheseApps\PolicyType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceAllowTheseApps\Behavior
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceAllowTheseApps\MergeAlgorithm
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceAllowTheseApps\RegKeyPathRedirectMapped
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceAllowTheseApps\RegKeyPathRedirect
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceAllowTheseApps\grouppolicyname
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceAllowTheseApps\grouppolicypath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceAllowTheseApps\grouppolicyismultisz
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceAllowTheseApps\grouppolicymultiszSeparatorChar
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceAllowTheseApps\ADMXMetadataUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceAllowTheseApps\ADMXMetadataDevice
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceAllowTheseApps\ADMXMetadataBoth
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceAllowTheseApps\30Value
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceAllowTheseApps\Value
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceDenyTheseApps\PolicyType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceDenyTheseApps\Behavior
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceDenyTheseApps\MergeAlgorithm
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceDenyTheseApps\RegKeyPathRedirectMapped
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceDenyTheseApps\RegKeyPathRedirect
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceDenyTheseApps\grouppolicyname
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceDenyTheseApps\grouppolicypath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceDenyTheseApps\grouppolicyismultisz
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceDenyTheseApps\grouppolicymultiszSeparatorChar
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceDenyTheseApps\ADMXMetadataUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceDenyTheseApps\ADMXMetadataDevice
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceDenyTheseApps\ADMXMetadataBoth
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceDenyTheseApps\30Value
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground_ForceDenyTheseApps\Value
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground\PolicyType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground\Behavior
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground\MergeAlgorithm
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground\RegKeyPathRedirectMapped
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground\RegKeyPathRedirect
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground\grouppolicyname
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground\grouppolicypath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground\grouppolicyismultisz
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground\grouppolicymultiszSeparatorChar
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground\ADMXMetadataUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground\ADMXMetadataDevice
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground\ADMXMetadataBoth
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground\30Value
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsRunInBackground\Value
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SecurityManager\CapAuthz\ApplicationsEx\Microsoft.MicrosoftEdge.Stable_148.0.3967.83_neutral__8wekyb3d8bbwe\AppPackageType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SecurityManager\CapAuthz\ApplicationsEx\Microsoft.MicrosoftEdge.Stable_148.0.3967.83_neutral__8wekyb3d8bbwe\PackageSid
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SecurityManager\CapAuthz\ApplicationsEx\Microsoft.MicrosoftEdge.Stable_148.0.3967.83_neutral__8wekyb3d8bbwe\CapSids
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SecurityManager\CapAuthz\ApplicationsEx\Microsoft.MicrosoftEdge.Stable_148.0.3967.83_neutral__8wekyb3d8bbwe\ApplicationFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\PackageRepositoryRoot
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundTaskRegistration\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundTaskRegistration\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundTaskRegistration\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundTaskRegistration\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundTaskRegistration\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundTaskRegistration\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundTaskRegistration\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundTaskRegistration\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundTaskRegistration\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundTaskRegistration\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundTaskRegistration\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundWorkManager\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundWorkManager\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundWorkManager\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundWorkManager\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundWorkManager\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundWorkManager\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundWorkManager\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundWorkManager\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundWorkManager\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundWorkManager\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Background.BackgroundWorkManager\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{350E1244-4575-45EE-8595-0AA8C6506FC7}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{01CF8BD4-E3D6-413D-8339-36D46E78D12C}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.PropertyValue\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.PropertyValue\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.PropertyValue\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.PropertyValue\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.PropertyValue\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.PropertyValue\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.PropertyValue\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.PropertyValue\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.PropertyValue\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.PropertyValue\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.PropertyValue\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2C08602F-40B1-5E97-AE21-5C04D7FB829C}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{62AE0FDA-B238-554F-A275-1DC16D6CA03A}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{8445D2AE-DD03-5B98-95E4-82B43A3F0D64}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{9BCB843B-221B-5FBE-9B20-7028BC4E8653}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.ApplicationData\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.ApplicationData\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.ApplicationData\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.ApplicationData\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.ApplicationData\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.ApplicationData\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.ApplicationData\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.ApplicationData\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.ApplicationData\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.ApplicationData\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.ApplicationData\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\XAML\OneCoreTransformsEnabledByDefault
HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\Microsoft.MicrosoftEdge.Stable_8wekyb3d8bbwe\PSR\WnfStateName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF50}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF55}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\DefinitionFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\InitFolderHandler
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Start Menu
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\DefinitionFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Common Start Menu
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\DefinitionFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\InitFolderHandler
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Recent
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\DefinitionFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\DefinitionFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\DefinitionFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\InitFolderHandler
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Personal
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\DefinitionFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\FolderExtensions\{fbeb8a05-beee-4442-804e-409d6c4515e9}\DriveMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.LimitedAccessFeatures\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.LimitedAccessFeatures\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.LimitedAccessFeatures\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.LimitedAccessFeatures\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.LimitedAccessFeatures\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.LimitedAccessFeatures\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.LimitedAccessFeatures\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.LimitedAccessFeatures\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.LimitedAccessFeatures\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.LimitedAccessFeatures\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.LimitedAccessFeatures\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\LimitedAccessFeatures\com.microsoft.windows.taskbar.requestPinSecondaryTile\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.CryptographicBuffer\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.CryptographicBuffer\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.CryptographicBuffer\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.CryptographicBuffer\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.CryptographicBuffer\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.CryptographicBuffer\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.CryptographicBuffer\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.CryptographicBuffer\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.CryptographicBuffer\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.CryptographicBuffer\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.CryptographicBuffer\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.Core.HashAlgorithmNames\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.Core.HashAlgorithmNames\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.Core.HashAlgorithmNames\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.Core.HashAlgorithmNames\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.Core.HashAlgorithmNames\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.Core.HashAlgorithmNames\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.Core.HashAlgorithmNames\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.Core.HashAlgorithmNames\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.Core.HashAlgorithmNames\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.Core.HashAlgorithmNames\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.Core.HashAlgorithmNames\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.Core.HashAlgorithmProvider\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.Core.HashAlgorithmProvider\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.Core.HashAlgorithmProvider\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.Core.HashAlgorithmProvider\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.Core.HashAlgorithmProvider\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.Core.HashAlgorithmProvider\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.Core.HashAlgorithmProvider\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.Core.HashAlgorithmProvider\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.Core.HashAlgorithmProvider\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.Core.HashAlgorithmProvider\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Cryptography.Core.HashAlgorithmProvider\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\LimitedAccessFeatures\com.microsoft.windows.taskbar.requestPinSecondaryTile\Expiration
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.StartScreen.SecondaryTile\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.StartScreen.SecondaryTile\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.StartScreen.SecondaryTile\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.StartScreen.SecondaryTile\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.StartScreen.SecondaryTile\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.StartScreen.SecondaryTile\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.StartScreen.SecondaryTile\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.StartScreen.SecondaryTile\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.StartScreen.SecondaryTile\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.StartScreen.SecondaryTile\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.StartScreen.SecondaryTile\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.SecondaryTileStore\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.SecondaryTileStore\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.SecondaryTileStore\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.SecondaryTileStore\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.SecondaryTileStore\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.SecondaryTileStore\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.SecondaryTileStore\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.SecondaryTileStore\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.SecondaryTileStore\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.SecondaryTileStore\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Tiles.SecondaryTileStore\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Internal.UserManager\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Internal.UserManager\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Internal.UserManager\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Internal.UserManager\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Internal.UserManager\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Internal.UserManager\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Internal.UserManager\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Internal.UserManager\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Internal.UserManager\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Internal.UserManager\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Internal.UserManager\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\UserManager\ExePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\UserManager\CommandLine
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\UserManager\IdentityType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\UserManager\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\UserManager\ActivatableClasses
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\UserManager\ServerType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\UserManager\AppId
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\UserManager\Identity
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\UserManager\ServiceName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\UserManager\ExplicitPsmActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{252E7F79-ACFA-4EA2-9A7E-FA27A8A4D3D9}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1BAC8681-2965-4FFC-92D1-170CA4099E01}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1BAC8681-2965-4FFC-92D1-170CA4099E01}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1BAC8681-2965-4FFC-92D1-170CA4099E01}\InProcServer32\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1BAC8681-2965-4FFC-92D1-170CA4099E01}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1BAC8681-2965-4FFC-92D1-170CA4099E01}\InProcServer32\ThreadingModel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1BAC8681-2965-4FFC-92D1-170CA4099E01}\AppID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{100EB64B-B24C-4C38-8964-720D926D05A4}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DF9A26C6-E746-4BCD-B5D4-120103C4209B}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.SecondaryTileView\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.SecondaryTileView\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.SecondaryTileView\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.SecondaryTileView\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.SecondaryTileView\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.SecondaryTileView\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.SecondaryTileView\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.SecondaryTileView\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.SecondaryTileView\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.SecondaryTileView\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.SecondaryTileView\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{b3f72108-5c5c-469b-a5e5-3f64d2a39b01}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7f290da0-75e3-5885-898d-1f5b1ed47ed2}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{9ed07b24-36fd-543b-948e-b01fe5814b49}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{efe869fc-5841-55f1-aa56-82c7219aaa09}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Shell.TaskbarManager\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Shell.TaskbarManager\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Shell.TaskbarManager\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Shell.TaskbarManager\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Shell.TaskbarManager\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Shell.TaskbarManager\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Shell.TaskbarManager\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Shell.TaskbarManager\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Shell.TaskbarManager\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Shell.TaskbarManager\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Shell.TaskbarManager\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.ApplicationModel.TaskbarPinnableSurface\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.ApplicationModel.TaskbarPinnableSurface\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.ApplicationModel.TaskbarPinnableSurface\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.ApplicationModel.TaskbarPinnableSurface\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.ApplicationModel.TaskbarPinnableSurface\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.ApplicationModel.TaskbarPinnableSurface\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.ApplicationModel.TaskbarPinnableSurface\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.ApplicationModel.TaskbarPinnableSurface\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.ApplicationModel.TaskbarPinnableSurface\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.ApplicationModel.TaskbarPinnableSurface\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.ApplicationModel.TaskbarPinnableSurface\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7E470A8A-3ACD-5913-AF64-4AB78355BE5F}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9F1FA092-87AA-C78A-4073-7E873ED1E3CF}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9F1FA092-87AA-C78A-4073-7E873ED1E3CF}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9F1FA092-87AA-C78A-4073-7E873ED1E3CF}\InProcServer32\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9F1FA092-87AA-C78A-4073-7E873ED1E3CF}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9F1FA092-87AA-C78A-4073-7E873ED1E3CF}\InProcServer32\ThreadingModel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9F1FA092-87AA-C78A-4073-7E873ED1E3CF}\AppID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.StartScreen.StartScreenManager\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.StartScreen.StartScreenManager\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.StartScreen.StartScreenManager\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.StartScreen.StartScreenManager\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.StartScreen.StartScreenManager\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.StartScreen.StartScreenManager\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.StartScreen.StartScreenManager\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.StartScreen.StartScreenManager\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.StartScreen.StartScreenManager\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.StartScreen.StartScreenManager\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.StartScreen.StartScreenManager\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.User\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.User\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.User\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.User\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.User\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.User\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.User\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.User\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.User\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.User\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.User\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{155EB23B-242A-45E0-A2E9-3171FC6A7FDD}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{e44ea1df-bb85-5a8c-bddc-c8e960c355c9}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{8cbd762a-1222-5ee5-b745-489e7a42c6ec}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\PinnableSurfaces\DefaultStart
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.ApplicationModel.StartPinnableSurface\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.ApplicationModel.StartPinnableSurface\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.ApplicationModel.StartPinnableSurface\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.ApplicationModel.StartPinnableSurface\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.ApplicationModel.StartPinnableSurface\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.ApplicationModel.StartPinnableSurface\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.ApplicationModel.StartPinnableSurface\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.ApplicationModel.StartPinnableSurface\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.ApplicationModel.StartPinnableSurface\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.ApplicationModel.StartPinnableSurface\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.ApplicationModel.StartPinnableSurface\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\LocalService
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\DllSurrogate
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\RunAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\ActivateAtStorage
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\ROTFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\AppIDFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\MGOTFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\ProcessMitigationPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\LaunchPermission
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\LegacyAuthenticationLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\LegacyImpersonationLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\AuthenticationLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\RemoteServerName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\SRPTrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\PreferredServerBitness
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\LoadUserSettings
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\ProtectionLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\AccessPermission
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\InProcServer32\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\InProcServer32\ThreadingModel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}\AppID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{8863F93E-77EA-4C67-A86F-7638E3A568A6}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\InProcServer32\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\InProcServer32\ThreadingModel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\AppID

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\TaskManager\Preferences

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\TaskManager\Preferences

ntdll.dll.RtlWow64GetCurrentMachine
ntdll.dll.RtlWow64IsWowGuestMachineSupported

"C:\Windows\system32\taskmgr.exe" /4
%SystemRoot%\system32\taskmgr.exe /4
C:\Windows\system32\DllHost.exe /Processid:{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=148.0.7778.180 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=148.0.3967.83 --initial-client-data=0x348,0x34c,0x350,0x344,0x358,0x7ffc32485d58,0x7ffc32485d64,0x7ffc32485d70
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --startup-read-main-dll --metrics-shmem-handle=2252,i,1852722750093770922,12337795973288601513,524288 --field-trial-handle=2464,i,11618049249894349634,12934656804764563957,262144 --variations-seed-version --pseudonymization-salt-handle=2472,i,15884246703223372676,9125995165493510780,4 --trace-process-track-uuid=3190708989122997041 --mojo-platform-channel-handle=2544 /prefetch:3
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --gpu-preferences=SAAAAAAAAADgAAAEAAAAAAAAAAAAAGAAAQAAAAAAAAAAAAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAQAAAAAAAAABAAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --startup-read-main-dll --metrics-shmem-handle=2148,i,10847598894621438095,12789521635842580643,262144 --field-trial-handle=2464,i,11618049249894349634,12934656804764563957,262144 --variations-seed-version --pseudonymization-salt-handle=2472,i,15884246703223372676,9125995165493510780,4 --trace-process-track-uuid=3190708988185955192 --mojo-platform-channel-handle=2460 /prefetch:2
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --startup-read-main-dll --metrics-shmem-handle=2712,i,12124658266742785438,6673008252034019867,524288 --field-trial-handle=2464,i,11618049249894349634,12934656804764563957,262144 --variations-seed-version --pseudonymization-salt-handle=2472,i,15884246703223372676,9125995165493510780,4 --trace-process-track-uuid=3190708990060038890 --mojo-platform-channel-handle=2552 /prefetch:8
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale=en_AU --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=6 --time-ticks-at-unix-epoch=-1780005649456729 --launch-time-ticks=73085097 --ssd-no-pressure-read-main-dll --metrics-shmem-handle=3520,i,12993274521700679940,8746294588575262201,2097152 --field-trial-handle=2464,i,11618049249894349634,12934656804764563957,262144 --variations-seed-version --pseudonymization-salt-handle=2472,i,15884246703223372676,9125995165493510780,4 --trace-process-track-uuid=3190708991934122588 --mojo-platform-channel-handle=3556 /prefetch:1
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale=en_AU --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=5 --time-ticks-at-unix-epoch=-1780005649456729 --launch-time-ticks=73086337 --skip-read-main-dll --metrics-shmem-handle=3364,i,8287753549644527570,15394987965169516576,2097152 --field-trial-handle=2464,i,11618049249894349634,12934656804764563957,262144 --variations-seed-version --pseudonymization-salt-handle=2472,i,15884246703223372676,9125995165493510780,4 --trace-process-track-uuid=3190708990997080739 --mojo-platform-channel-handle=3564 /prefetch:1
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --skip-read-main-dll --metrics-shmem-handle=5272,i,14100473808991986883,1552638804429653106,524288 --field-trial-handle=2464,i,11618049249894349634,12934656804764563957,262144 --variations-seed-version --pseudonymization-salt-handle=2472,i,15884246703223372676,9125995165493510780,4 --trace-process-track-uuid=3190708992871164437 --mojo-platform-channel-handle=5284 /prefetch:8
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --skip-read-main-dll --metrics-shmem-handle=5624,i,11759773399020994037,14274051796553512958,524288 --field-trial-handle=2464,i,11618049249894349634,12934656804764563957,262144 --variations-seed-version --pseudonymization-salt-handle=2472,i,15884246703223372676,9125995165493510780,4 --trace-process-track-uuid=3190708993808206286 --mojo-platform-channel-handle=5652 /prefetch:8
"C:\Program Files (x86)\Microsoft\Edge\Application\148.0.3967.83\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=windows_package_identity --skip-read-main-dll --metrics-shmem-handle=5988,i,16463646965434194640,9756354988950792942,524288 --field-trial-handle=2464,i,11618049249894349634,12934656804764563957,262144 --variations-seed-version --pseudonymization-salt-handle=2472,i,15884246703223372676,9125995165493510780,4 --trace-process-track-uuid=3190708994745248135 --mojo-platform-channel-handle=6004 /prefetch:8
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --skip-read-main-dll --metrics-shmem-handle=5016,i,10489045321286890553,3537000843862549641,524288 --field-trial-handle=2464,i,11618049249894349634,12934656804764563957,262144 --variations-seed-version --pseudonymization-salt-handle=2472,i,15884246703223372676,9125995165493510780,4 --trace-process-track-uuid=3190708995682289984 --mojo-platform-channel-handle=5084 /prefetch:8
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window

Local\SM0:7912:304:WilStaging_02
Local\TM.750ce7b0-e5fd-454f-9fad-2f66513dfa1b
Local\MSCTF.Asm.MutexDefault1
CicLoadWinStaWinSta0
Local\MSCTF.CtfMonitorInstMutexDefault1
Local\SM0:7912:120:WilError_03
Local\SessionImmersiveColorMutex
Global\C::Users:admin:AppData:Local:Microsoft:Windows:Explorer:iconcache_32.db!dfMaintainer
Global\C::Users:admin:AppData:Local:Microsoft:Windows:Explorer:iconcache_48.db!dfMaintainer
Global\C::Users:admin:AppData:Local:Microsoft:Windows:Explorer:iconcache_96.db!dfMaintainer
Global\C::Users:admin:AppData:Local:Microsoft:Windows:Explorer:iconcache_256.db!dfMaintainer
Global\C::Users:admin:AppData:Local:Microsoft:Windows:Explorer:iconcache_768.db!dfMaintainer
Global\C::Users:admin:AppData:Local:Microsoft:Windows:Explorer:iconcache_1920.db!dfMaintainer
Global\C::Users:admin:AppData:Local:Microsoft:Windows:Explorer:iconcache_sr.db!dfMaintainer
Global\C::Users:admin:AppData:Local:Microsoft:Windows:Explorer:iconcache_wide.db!dfMaintainer
Global\C::Users:admin:AppData:Local:Microsoft:Windows:Explorer:iconcache_exif.db!dfMaintainer
Global\C::Users:admin:AppData:Local:Microsoft:Windows:Explorer:iconcache_wide_alternate.db!dfMaintainer
Global\C::Users:admin:AppData:Local:Microsoft:Windows:Explorer:iconcache_custom_stream.db!dfMaintainer
Global\C::Users:admin:AppData:Local:Microsoft:Windows:Explorer:iconcache_idx.db!IconCacheInit
Global\C::Users:admin:AppData:Local:Microsoft:Windows:Explorer:iconcache_idx.db!rwReaderRefs
Global\C::Users:admin:AppData:Local:Microsoft:Windows:Explorer:iconcache_idx.db!045bf8
Global\C::Users:admin:AppData:Local:Microsoft:Windows:Explorer:iconcache_idx.db!0460e8
Global\C::Users:admin:AppData:Local:Microsoft:Windows:Explorer:iconcache_idx.db!0411e8
Global\C::Users:admin:AppData:Local:Microsoft:Windows:Explorer:iconcache_idx.db!0420b8
Global\C::Users:admin:AppData:Local:Microsoft:Windows:Explorer:iconcache_idx.db!0465d8
Global\C::Users:admin:AppData:Local:Microsoft:Windows:Explorer:iconcache_idx.db!048868
Global\C::Users:admin:AppData:Local:Microsoft:Windows:Explorer:iconcache_idx.db!rwWriterMutex
Global\C::Users:admin:AppData:Local:Microsoft:Windows:Explorer:iconcache_16.db!dfMaintainer
Global\C::Users:admin:AppData:Local:Microsoft:Windows:Explorer:iconcache_1280.db!dfMaintainer
Global\C::Users:admin:AppData:Local:Microsoft:Windows:Explorer:iconcache_2560.db!dfMaintainer
Global\C::Users:admin:AppData:Local:Microsoft:Windows:Explorer:iconcache_idx.db!049c28
Global\C::Users:admin:AppData:Local:Microsoft:Windows:Explorer:iconcache_idx.db!046ac8
Global\C::Users:admin:AppData:Local:Microsoft:Windows:Explorer:iconcache_idx.db!04a118
Global\C::Users:admin:AppData:Local:Microsoft:Windows:Explorer:iconcache_idx.db!04b4d8
Global\C::Users:admin:AppData:Local:Microsoft:Windows:Explorer:iconcache_idx.db!048d58
Global\C::Users:admin:AppData:Local:Microsoft:Windows:Explorer:iconcache_idx.db!049248
Installing
Global\C::Users:admin:AppData:Local:Microsoft:Windows:Explorer:iconcache_idx.db!046fb8
Global\C::Users:admin:AppData:Local:Microsoft:Windows:Explorer:iconcache_idx.db!0474a8
Global\C::Users:admin:AppData:Local:Microsoft:Windows:Explorer:iconcache_idx.db!049738
Global\C::Users:admin:AppData:Local:Microsoft:Windows:Explorer:iconcache_idx.db!047998
Global\C::Users:admin:AppData:Local:Microsoft:Windows:Explorer:iconcache_idx.db!04b9c8
Global\C::Users:admin:AppData:Local:Microsoft:Windows:Explorer:iconcache_idx.db!04a608
Global\C::Users:admin:AppData:Local:Microsoft:Windows:Explorer:iconcache_idx.db!047e88
Global\C::Users:admin:AppData:Local:Microsoft:Windows:Explorer:iconcache_idx.db!04afe8
Local\SM0:10720:304:WilStaging_02
Local\SM0:10720:120:WilError_03
Local\SM0:9716:304:WilStaging_02

MicrosoftEdgeElevationService

No results found.

No behavioral analysis data available.

Sorry! No strace.

Sorry! No tracee.

Hosts (0)
DNS (0)

Hosts

No hosts contacted.

TCP Connections

No TCP connections recorded.

UDP Connections

No UDP connections recorded.

DNS Requests

No domains contacted.

HTTP Requests

No HTTP(s) requests performed.

SMTP Traffic

No SMTP traffic performed.

IRC Traffic

No IRC requests performed.

ICMP Traffic

No ICMP traffic performed.

CIF Results

No CIF Results

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Suricata HTTP

No Suricata HTTP

Sorry! No Suricata Extracted files.

No dropped files found.

Sorry! No process dumps.