SecondWrite DeepView - 17e826fa0f6297f80b459948ab12efbdefc06f3cb999184a5cb1eddcf7b7d550

Malicious

This predictive confidence of maliciousness for this sample is 98%.

17e826fa0f6297f80b459948ab12efbdefc06f3cb999184a5cb1eddcf7b7d550

2.2 MB

Size

2020-05-09 09:36:55

First seen 10 days ago

Windows PE32 Executable

Classification

Full Detail

Ransomware

Low

Trojan

Low

Virus

High

Banker

Medium

Bot

Low

Rat

Low

Adware

Low

Infostealer

Low

Worm

Low

Spyware

Low

Indicators

Expand All

SecondWrite Indicators

Forced Code Execution

Automatic Sequence Detection

Program Level Indicators

Anti-Analysis

Attempts to repeatedly call a single API many times in order to delay analysis time

Anti-Av

Stops Windows services

Anti-Sandbox

Checks whether any human activity is being performed by constantly checking whether the foreground window changed

A process attempted to delay the analysis task.

Anti-Vm

Queries for the computername

PID	API	Arguments
2532	GetComputerNameW	computer_name: VIRTUAL-PC

Checks amount of memory in system, this can be used to detect virtual machines that have a low amount of memory available

PID	API	Arguments
2816	GlobalMemoryStatusEx	N/A
2816	GlobalMemoryStatusEx	N/A

Queries the disk size which could be used to detect virtual machine with small fixed size or dynamic allocation

PID	API	Arguments
1048	GetDiskFreeSpaceExW	total_number_of_free_bytes: 0 free_bytes_available: 5228953600 root_path: C:\Users\Virtual\AppData\Local\Microsoft\Windows\Explorer total_number_of_bytes: 0
1048	GetDiskFreeSpaceExW	total_number_of_free_bytes: 0 free_bytes_available: 5227175936 root_path: C:\Users\Virtual\AppData\Local\Microsoft\Windows\Explorer total_number_of_bytes: 0
1048	GetDiskFreeSpaceExW	total_number_of_free_bytes: 0 free_bytes_available: 5226913792 root_path: C:\Users\Virtual\AppData\Local\Microsoft\Windows\Explorer total_number_of_bytes: 0
1048	GetDiskFreeSpaceExW	total_number_of_free_bytes: 0 free_bytes_available: 5226323968 root_path: C:\Users\Virtual\AppData\Local\Microsoft\Windows\Explorer total_number_of_bytes: 0
1048	GetDiskFreeSpaceExW	total_number_of_free_bytes: 0 free_bytes_available: 5226323968 root_path: C:\Users\Virtual\AppData\Local\Microsoft\Windows\Explorer total_number_of_bytes: 0
1048	GetDiskFreeSpaceExW	total_number_of_free_bytes: 0 free_bytes_available: 5226065920 root_path: C:\Users\Virtual\AppData\Local\Microsoft\Windows\Explorer total_number_of_bytes: 0
1048	GetDiskFreeSpaceExW	total_number_of_free_bytes: 0 free_bytes_available: 5225803776 root_path: C:\Users\Virtual\AppData\Local\Microsoft\Windows\Explorer total_number_of_bytes: 0
1048	GetDiskFreeSpaceExW	total_number_of_free_bytes: 0 free_bytes_available: 5225541632 root_path: C:\Users\Virtual\AppData\Local\Microsoft\Windows\Explorer total_number_of_bytes: 0
1048	GetDiskFreeSpaceExW	total_number_of_free_bytes: 0 free_bytes_available: 5225082880 root_path: C:\Users\Virtual\AppData\Local\Microsoft\Windows\Explorer total_number_of_bytes: 0
1048	GetDiskFreeSpaceExW	total_number_of_free_bytes: 0 free_bytes_available: 5225082880 root_path: C:\Users\Virtual\AppData\Local\Microsoft\Windows\Explorer total_number_of_bytes: 0
1048	GetDiskFreeSpaceExW	total_number_of_free_bytes: 0 free_bytes_available: 5224951808 root_path: C:\Users\Virtual\AppData\Local\Microsoft\Windows\Explorer total_number_of_bytes: 0

Checks adapter addresses which can be used to detect virtual network interfaces

PID	API	Arguments
2532	GetAdaptersAddresses	flags: 0 family: 0
2532	GetAdaptersAddresses	flags: 0 family: 0

Detects VMWare through the in instruction feature

PID	API	Arguments
2532	__exception__	stacktrace: [u'crc32+0xb353 FloodFix-0xadb symsrv+0xc9b0 @ 0x31c9b0', u'FloodFix2+0x472c symsrv+0x11e54 @ 0x321e54', u'BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x7dd733ca', u'RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x7dea9ed2', u'RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x7dea9ea5'] exception: {u'instruction_r': u'ed 3b df 0f 94 45 e4 5e 5f 5a 59 5b c7 45 fc ff', u'instruction': u'in eax, dx', u'exception_code': u'0xc0000096', u'symbol': u'crc32+0x1e34 FloodFix-0x9ffa symsrv+0x3491', u'address': u'0x313491'} registers: {u'esp': 39124360, u'edi': 1447909480, u'eax': 1447909480, u'ebp': 39124420, u'edx': 22104, u'ebx': 0, u'esi': 22104, u'ecx': 10}

Av-Tools

One or more AV tool detects this sample as malicious: Virus:Win32/Floxif.H

Banker

Creates known Dyreza Banking Trojan files, registry keys and/or mutexes

Browser

Tries to locate where the browsers are installed

Dropper

Drops a binary and executes it

Generic

This executable is signed

This executable has a PDB path

One or more potentially interesting buffers were extracted, these generally contain injected code, configuration data, etc.

Creates executable files on the filesystem

Reads data out of its own binary image

Sniffs keystrokes

Http

Performs some HTTP requests

HTTP traffic contains suspicious features which may be indicative of malware related traffic

Network

Performs some DNS requests

Sample contacts servers at uncommon ports

Packer

Allocates read-write-execute memory (usually to unpack itself)

PID	API	Arguments
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 base_address: 0x00475000 process_handle: 0xffffffff
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 base_address: 0x00400000 process_handle: 0xffffffff
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 12288 protection: 64 base_address: 0x00481000 process_handle: 0xffffffff
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 base_address: 0x00401000 process_handle: 0xffffffff
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 base_address: 0x00401000 process_handle: 0xffffffff
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 base_address: 0x00401000 process_handle: 0xffffffff
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 base_address: 0x00401000 process_handle: 0xffffffff
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 base_address: 0x00401000 process_handle: 0xffffffff
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 base_address: 0x00401000 process_handle: 0xffffffff
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 base_address: 0x00401000 process_handle: 0xffffffff
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 base_address: 0x00401000 process_handle: 0xffffffff
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 base_address: 0x00401000 process_handle: 0xffffffff
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 base_address: 0x00401000 process_handle: 0xffffffff
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 base_address: 0x00401000 process_handle: 0xffffffff
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 base_address: 0x00401000 process_handle: 0xffffffff
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 base_address: 0x00401000 process_handle: 0xffffffff
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 base_address: 0x00401000 process_handle: 0xffffffff
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 base_address: 0x00401000 process_handle: 0xffffffff
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 base_address: 0x00401000 process_handle: 0xffffffff
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 base_address: 0x00401000 process_handle: 0xffffffff
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 base_address: 0x00401000 process_handle: 0xffffffff
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 base_address: 0x00401000 process_handle: 0xffffffff
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 base_address: 0x00401000 process_handle: 0xffffffff
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 base_address: 0x00401000 process_handle: 0xffffffff
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 base_address: 0x00401000 process_handle: 0xffffffff
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 base_address: 0x00401000 process_handle: 0xffffffff
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 base_address: 0x00401000 process_handle: 0xffffffff
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 base_address: 0x00401000 process_handle: 0xffffffff
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 base_address: 0x00401000 process_handle: 0xffffffff
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 base_address: 0x00401000 process_handle: 0xffffffff
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 base_address: 0x00401000 process_handle: 0xffffffff
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 base_address: 0x00401000 process_handle: 0xffffffff
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 base_address: 0x00401000 process_handle: 0xffffffff
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 base_address: 0x00401000 process_handle: 0xffffffff
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 base_address: 0x00401000 process_handle: 0xffffffff
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 base_address: 0x00401000 process_handle: 0xffffffff
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 base_address: 0x00401000 process_handle: 0xffffffff
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 base_address: 0x00401000 process_handle: 0xffffffff
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 base_address: 0x00401000 process_handle: 0xffffffff
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 base_address: 0x00401000 process_handle: 0xffffffff
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 base_address: 0x00401000 process_handle: 0xffffffff
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 base_address: 0x00401000 process_handle: 0xffffffff
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 base_address: 0x00401000 process_handle: 0xffffffff
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 base_address: 0x00401000 process_handle: 0xffffffff
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 base_address: 0x00401000 process_handle: 0xffffffff
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 base_address: 0x00401000 process_handle: 0xffffffff
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 base_address: 0x00401000 process_handle: 0xffffffff
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 base_address: 0x00401000 process_handle: 0xffffffff
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 base_address: 0x00401000 process_handle: 0xffffffff
2532	NtProtectVirtualMemory	process_identifier: 2404 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 base_address: 0x00401000 process_handle: 0xffffffff

Persistence

Creates an Alternate Data Stream (ADS)

Pos

Creates known Dexter registry keys and/or mutexes

Program-Level-Features

Contains obfuscated control-flow to defeat static analysis.

Static

Anomalous binary characteristics

Strings possibly contain hardcoded URLs

Stealth

Sample has an unverified signature from a known company

Loads a driver

PID	API	Arguments
2816	NtLoadDriver	driver_service_name: \Registry\Machine\System\CurrentControlSet\Services\PROCMON24

Deletes its original binary from disk

Yara

Yara Pattern Name	Description
IsPE32	No Description Available
HasOverlay	Overlay Check
HasDigitalSignature	DigitalSignature Check
HasDebugData	DebugData Check
HasRichSignature	Rich Signature Check
Str_Win32_Winsock2_Library	Match Winsock 2 API library declaration
Base64Encode	Base64 encoding detected
DebuggerCheck__QueryInfo	No Description Available
DebuggerHiding__Thread	No Description Available
DebuggerException__SetConsoleCtrl	No Description Available
anti_dbg	Checks if being debugged
network_tcp_socket	Communications over RAW socket
network_dns	Communications use DNS
escalate_priv	Escalade priviledges
screenshot	Take screenshot
keylogger	Run a keylogger
win_registry	Affect system registries
win_token	Affect system token
win_files_operation	Affect private profile
Big_Numbers0	Looks for big numbers 20:sized

Static Analysis

Version Infos

LegalCopyright:: Copyright \xc2\xa9 1996-2018 Mark Russinovich
InternalName:: Process Monitor
FileVersion:: 3.50
CompanyName:: Sysinternals - www.sysinternals.com
ProductName:: Sysinternals Procmon
ProductVersion:: 3.50
FileDescription:: Process Monitor
OriginalFilename:: Process Monitor
Translation:: 0x0409 0x04b0

Sections

Name	Virtual Address	Virtual Size	Size of Raw Data	Entropy
.text	0x00001000	0x0008ec87	0x0008ee00	6.50814717074
.rdata	0x00090000	0x0002bb18	0x0002bc00	4.4160836666
.data	0x000bc000	0x0000977c	0x00001a00	3.78600950005
.rsrc	0x000c6000	0x00146c08	0x00146e00	6.10668067406
.reloc	0x0020d000	0x0000900c	0x00009200	6.6928738831

Resources

Name	Offset	Size	Language	Sub-language	File type
BINRES	0x000ea368	0x00121a88	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
BINRES	0x000ea368	0x00121a88	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_CURSOR	0x000d8310	0x00000134	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_CURSOR	0x000d8310	0x00000134	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_BITMAP	0x000c78e0	0x00000b68	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_ICON	0x000cf988	0x00000128	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_ICON	0x000cf988	0x00000128	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_ICON	0x000cf988	0x00000128	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_ICON	0x000cf988	0x00000128	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_ICON	0x000cf988	0x00000128	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_ICON	0x000cf988	0x00000128	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_ICON	0x000cf988	0x00000128	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_ICON	0x000cf988	0x00000128	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_ICON	0x000cf988	0x00000128	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_ICON	0x000cf988	0x00000128	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_ICON	0x000cf988	0x00000128	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_ICON	0x000cf988	0x00000128	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_ICON	0x000cf988	0x00000128	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_ICON	0x000cf988	0x00000128	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_ICON	0x000cf988	0x00000128	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_ICON	0x000cf988	0x00000128	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_ICON	0x000cf988	0x00000128	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_ICON	0x000cf988	0x00000128	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_ICON	0x000cf988	0x00000128	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_ICON	0x000cf988	0x00000128	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_ICON	0x000cf988	0x00000128	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_ICON	0x000cf988	0x00000128	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_MENU	0x000d04a8	0x0000007a	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_MENU	0x000d04a8	0x0000007a	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_MENU	0x000d04a8	0x0000007a	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_MENU	0x000d04a8	0x0000007a	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_DIALOG	0x000d5020	0x00000f86	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_DIALOG	0x000d5020	0x00000f86	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_DIALOG	0x000d5020	0x00000f86	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_DIALOG	0x000d5020	0x00000f86	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_DIALOG	0x000d5020	0x00000f86	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_DIALOG	0x000d5020	0x00000f86	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_DIALOG	0x000d5020	0x00000f86	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_DIALOG	0x000d5020	0x00000f86	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_DIALOG	0x000d5020	0x00000f86	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_DIALOG	0x000d5020	0x00000f86	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_DIALOG	0x000d5020	0x00000f86	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_DIALOG	0x000d5020	0x00000f86	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_DIALOG	0x000d5020	0x00000f86	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_DIALOG	0x000d5020	0x00000f86	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_DIALOG	0x000d5020	0x00000f86	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_DIALOG	0x000d5020	0x00000f86	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_DIALOG	0x000d5020	0x00000f86	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_DIALOG	0x000d5020	0x00000f86	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_DIALOG	0x000d5020	0x00000f86	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_DIALOG	0x000d5020	0x00000f86	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_DIALOG	0x000d5020	0x00000f86	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_DIALOG	0x000d5020	0x00000f86	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_DIALOG	0x000d5020	0x00000f86	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_DIALOG	0x000d5020	0x00000f86	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_DIALOG	0x000d5020	0x00000f86	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_DIALOG	0x000d5020	0x00000f86	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_DIALOG	0x000d5020	0x00000f86	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_DIALOG	0x000d5020	0x00000f86	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_DIALOG	0x000d5020	0x00000f86	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_DIALOG	0x000d5020	0x00000f86	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_DIALOG	0x000d5020	0x00000f86	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_DIALOG	0x000d5020	0x00000f86	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_DIALOG	0x000d5020	0x00000f86	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_DIALOG	0x000d5020	0x00000f86	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_DIALOG	0x000d5020	0x00000f86	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_DIALOG	0x000d5020	0x00000f86	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_DIALOG	0x000d5020	0x00000f86	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_DIALOG	0x000d5020	0x00000f86	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_STRING	0x0020c3a0	0x0000003e	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_STRING	0x0020c3a0	0x0000003e	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_STRING	0x0020c3a0	0x0000003e	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_STRING	0x0020c3a0	0x0000003e	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_STRING	0x0020c3a0	0x0000003e	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_STRING	0x0020c3a0	0x0000003e	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_STRING	0x0020c3a0	0x0000003e	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_ACCELERATOR	0x000c7800	0x000000e0	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_GROUP_CURSOR	0x000d82f8	0x00000014	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_GROUP_CURSOR	0x000d82f8	0x00000014	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_GROUP_ICON	0x000cf220	0x00000022	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_GROUP_ICON	0x000cf220	0x00000022	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_GROUP_ICON	0x000cf220	0x00000022	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_GROUP_ICON	0x000cf220	0x00000022	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_GROUP_ICON	0x000cf220	0x00000022	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_GROUP_ICON	0x000cf220	0x00000022	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_GROUP_ICON	0x000cf220	0x00000022	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_GROUP_ICON	0x000cf220	0x00000022	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_GROUP_ICON	0x000cf220	0x00000022	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_GROUP_ICON	0x000cf220	0x00000022	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_GROUP_ICON	0x000cf220	0x00000022	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_GROUP_ICON	0x000cf220	0x00000022	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_GROUP_ICON	0x000cf220	0x00000022	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_GROUP_ICON	0x000cf220	0x00000022	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_GROUP_ICON	0x000cf220	0x00000022	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_VERSION	0x000d0658	0x00000330	LANG_ENGLISH	SUBLANG_ENGLISH_US	None
RT_MANIFEST	0x0020c3e0	0x00000824	LANG_ENGLISH	SUBLANG_ENGLISH_US	None

Imports

Library WS2_32.dll:

accept
bind
closesocket
connect
gethostbyaddr
gethostbyname
getservbyname
getservbyport
getsockname
htonl
htons
inet_addr
inet_ntoa
listen
ntohs
recv
send
socket
WSAGetLastError
WSASetLastError
WSAStartup

Library VERSION.dll:

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Library COMCTL32.dll:

None
CreateStatusWindowW
ImageList_Add
ImageList_Create
ImageList_Destroy
ImageList_DrawEx
ImageList_GetIcon
ImageList_GetIconSize
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_SetOverlayImage
InitCommonControlsEx

Library FLTLIB.DLL:

FilterConnectCommunicationPort
FilterGetMessage
FilterReplyMessage
FilterSendMessage

Library KERNEL32.dll:

CloseHandle
CompareStringW
CreateEventW
CreateFileMappingW
CreateFileW
CreateProcessW
CreateSemaphoreW
CreateThread
DecodePointer
DeleteCriticalSection
DeleteFileW
EncodePointer
EnterCriticalSection
EnumResourceNamesW
ExitProcess
ExitThread
ExpandEnvironmentStringsA
ExpandEnvironmentStringsW
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileW
FindNextFileW
FindResourceW
FlushFileBuffers
FormatMessageW
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCommandLineW
GetComputerNameA
GetComputerNameW
GetConsoleCP
GetConsoleMode
GetCPInfo
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetEnvironmentStringsW
GetEnvironmentVariableW
GetFileAttributesExW
GetFileAttributesW
GetFileSize
GetFileType
GetFullPathNameW
GetLastError
GetLocaleInfoW
GetModuleFileNameW
GetModuleHandleExW
GetModuleHandleW
GetNumberFormatW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemDirectoryA
GetSystemDirectoryW
GetSystemInfo
GetSystemTimeAsFileTime
GetThreadContext
GetTickCount
GetTimeFormatW
GetVersion
GetVersionExW
GlobalAddAtomW
GlobalAlloc
GlobalLock
GlobalMemoryStatusEx
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedDecrement
InterlockedIncrement
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
LoadLibraryW
LoadResource
LocalAlloc
LocalFileTimeToFileTime
LocalFree
LockResource
lstrlenA
MapViewOfFile
MulDiv
MultiByteToWideChar
OpenProcess
OpenThread
OutputDebugStringW
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadConsoleInputA
ReadConsoleW
ReadFile
ReleaseSemaphore
ResetEvent
RtlUnwind
SetConsoleCtrlHandler
SetConsoleMode
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableW
SetEvent
SetFileAttributesW
SetFilePointer
SetFilePointerEx
SetLastError
SetProcessShutdownParameters
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
SystemTimeToFileTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualFree
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteConsoleW
WriteFile

Library USER32.dll:

BeginDeferWindowPos
BeginPaint
CallWindowProcW
CheckDlgButton
CheckMenuItem
CheckRadioButton
ChildWindowFromPoint
ClientToScreen
CloseClipboard
CopyImage
CreateDialogParamW
CreateIconFromResourceEx
CreatePopupMenu
CreateWindowExW
DeferWindowPos
DefWindowProcW
DeleteMenu
DestroyIcon
DestroyMenu
DestroyWindow
DialogBoxIndirectParamW
DialogBoxParamW
DispatchMessageW
DrawFrameControl
DrawIconEx
DrawTextW
EmptyClipboard
EnableMenuItem
EnableWindow
EndDeferWindowPos
EndDialog
EndPaint
EnumChildWindows
EqualRect
FillRect
FindWindowExW
FindWindowW
FlashWindowEx
FrameRect
GetActiveWindow
GetAncestor
GetCapture
GetClassLongW
GetClassNameW
GetClientRect
GetCursor
GetCursorPos
GetDC
GetDesktopWindow
GetDlgItem
GetDlgItemInt
GetDlgItemTextW
GetFocus
GetIconInfo
GetKeyState
GetMenu
GetMenuItemCount
GetMenuItemInfoW
GetMessageW
GetMonitorInfoW
GetParent
GetPropW
GetScrollInfo
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemMetrics
GetUpdateRect
GetUpdateRgn
GetWindow
GetWindowDC
GetWindowLongW
GetWindowPlacement
GetWindowRect
GetWindowTextW
GetWindowThreadProcessId
InflateRect
InsertMenuItemW
InsertMenuW
IntersectRect
InvalidateRect
IsDialogMessageW
IsDlgButtonChecked
IsIconic
IsWindowEnabled
IsWindowVisible
IsZoomed
KillTimer
LoadAcceleratorsW
LoadBitmapW
LoadCursorW
LoadIconW
LoadImageW
LoadMenuW
LoadStringW
MapWindowPoints
MessageBeep
MessageBoxW
MonitorFromPoint
MoveWindow
OffsetRect
OpenClipboard
PostMessageW
PostQuitMessage
PtInRect
RegisterClassExW
RegisterClassW
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
ScreenToClient
ScrollWindowEx
SendMessageW
SetActiveWindow
SetCapture
SetClassLongW
SetClipboardData
SetCursor
SetDlgItemInt
SetDlgItemTextW
SetFocus
SetForegroundWindow
SetMenuDefaultItem
SetMenuInfo
SetPropW
SetScrollInfo
SetTimer
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowTextA
SetWindowTextW
ShowWindow
TrackPopupMenu
TranslateAcceleratorW
TranslateMessage
UnionRect
UpdateWindow
ValidateRect
WaitForInputIdle
WindowFromPoint

Library GDI32.dll:

BitBlt
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontIndirectW
CreateFontW
CreatePen
CreateRectRgn
CreateRectRgnIndirect
CreateSolidBrush
DeleteDC
DeleteObject
EndDoc
EndPage
GdiFlush
GetBitmapBits
GetBkColor
GetBkMode
GetDeviceCaps
GetObjectW
GetPixel
GetStockObject
GetTextMetricsW
LineTo
MoveToEx
Polygon
Polyline
Rectangle
RectInRegion
RestoreDC
SaveDC
SelectClipRgn
SelectObject
SetBkColor
SetBkMode
SetMapMode
SetPixel
SetROP2
SetTextColor
StartDocW
StartPage

Library COMDLG32.dll:

ChooseColorW
ChooseFontW
FindTextW
GetOpenFileNameW
GetSaveFileNameW
PrintDlgW

Library ADVAPI32.dll:

AdjustTokenPrivileges
AllocateAndInitializeSid
ConvertSidToStringSidW
ConvertStringSidToSidW
EqualSid
FreeSid
GetLengthSid
GetTokenInformation
LookupAccountSidW
LookupPrivilegeValueW
MapGenericMask
OpenProcessToken
RegCloseKey
RegCreateKeyExW
RegCreateKeyW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyW
RegEnumValueW
RegOpenKeyExA
RegOpenKeyExW
RegOpenKeyW
RegQueryValueExA
RegQueryValueExW
RegSetValueExW
RegSetValueW

Library SHELL32.dll:

CommandLineToArgvW
DragQueryFileW
SHBrowseForFolderW
SHChangeNotify
ShellExecuteExW
SHGetFileInfoW
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation

Library ole32.dll:

CoCreateInstance
CoInitialize
CoSetProxyBlanket
CreateBindCtx
OleInitialize
RegisterDragDrop
ReleaseStgMedium

Library OLEAUT32.dll:

SafeArrayAccessData
SafeArrayDestroy
SafeArrayGetElement
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayUnaccessData
SysAllocString
SysAllocStringByteLen
SysAllocStringLen
SysFreeString
SysStringLen
VariantChangeType
VariantClear
VariantCopy
VariantInit
VariantTimeToSystemTime

Library SHLWAPI.dll:

SHAutoComplete

Strings

!This program cannot be run in DOS mode.
`.rdata
@.data
@.reloc
VVVVVVWP
tC;KXt>j
tEQWSP
HtFHt5-
u.hHnI
VWhdqI
SVWhxrI
j6h$tI
u{hpuI
j@hLyI
~,4r>j
t@;1u1
_L;OHt
w0;w4ts
uP9z uN;
j@hLyI
;1t9SW
t@;1u1
p ;y\r
p(;ylr
w4;w0t
Ht=Ht%
trNt7N
f;B0s9
C8G+C4
j0hLyI
j0hLyI
j0hLyI
3333333
3333333333
3333333333333333333
3333333
333333
3333333333
3333333
333333 333!333"333333#3333333$%333&333'333333333333333333(333)333*333+333,333-333./333033313332
uGhd)J
u/h,sI
uqht/J
?Dr#j3
j0hLyI
j0hLyI
tB;1u3
VuPWhhAJ
t@;1u1
t@;1u1
tA;9u2
tA;9u2
t@;1u1
t@;1u1
t@;1u1
t@;1u1
F +B ^]
F$+B$^]
F(+B(^]
F@+B@^]
FD+BD^]
FH+BH^]
B\+A\]
B`+A`]
Bd+Ad]
F,+G,_^]
u5j0hLyI
j$hLyI
t h@DJ
u_PPhB
t'@PhP
t'@PhP
j0hLyI
j@hLyI
rgh@rJ
j0hLyI
j0hLyI
j0hLyI
j0hLyI
j0hLyI
4444444
4444444
4444 444!4"4#4$%4444444444&'4444(4)4*4444+444444,4-4444..444444444//44440144404444444423
j$hLyI
j4hLyI
F0;G0w
tXhHaJ
9X,t*S
Ht|Htk-K
G zp+G
u+j@hLyI
j4hLyI
HtZHtG-"
j!hLyI
@Ph(_J
u>hdEJ
VPh<vJ
VPhPvJ
VPhhvJ
VPhxvJ
VPh(wJ
VPh@wJ
VPh\wJ
VPhtwJ
uPhPzJ
t@;1u1
;] swj
t@;1u1
:PML_uY
:PML_t
LLLLLLLLL
LLLLLLLLLLLLL
LLLLLLLLLL
!"#$%LLLLLLLLLL&LLLLLLLLLLL'LLLLLLLLLLLLLLLL()LLLLLLLLLLLLLLLLLLLLLLLL*L+L,-LLLL.LL/LLLLL0123L456789LLLL:;L<=LL>L?@LLLLLLLALLLLLLLBLLLCDLELLLLLLFLLLLLLLLLLLLGHIJLLLLLLLLK
gfff+N
gfff+N
gfff+N
SVWjA_jZ+
uBjAYjZ+
PVhAyG
SVhAyG
QQSVWd
SVjA[jZ^+
jAZjZ^
~pjCXf
htHjlZ;
HHtXHHt
nt'joZ;
YYjgXf9
>0t<NAj0X
htHjlZ;
HHtXHHt
nt'joZ;
YYjgXf9
>0t<NAj0X
HtHu4j
Y;5x;L
Y;5x;L
Y;5x;L
HHtVHHt
tfHtWHtHHt/
,SVWj0X
Wj0XPV
URPQQh
j@j _W
PP9E u
htFjlX;
it0jnX;
jnXf9C
uHjAXf;
uWjAXf;
QQSVWh
j"_f9y
jA[jZZ+
~';_t|%3
HHtVHHt
rocA9F
RVSQSWV
Ht+Ht$Ht
HtHHt
+tHHt
+t"HHt
HAO8t
list<T> too long
IsThemeActive
OpenThemeData
DrawThemeBackground
CloseThemeData
{\rtf1\ansi\ansicpg1252\deff0\nouicompat\deflang1033{\fonttbl{\f0\fswiss\fprq2\fcharset0 Tahoma;}{\f1\fnil\fcharset0 Calibri;}}
{\colortbl ;\red0\green0\blue255;\red0\green0\blue0;}
{\*\generator Riched20 10.0.10240}\viewkind4\uc1
\pard\brdrb\brdrs\brdrw10\brsp20 \sb120\sa120\b\f0\fs24 SYSINTERNALS SOFTWARE LICENSE TERMS\fs28\par
\pard\sb120\sa120\b0\fs19 These license terms are an agreement between Sysinternals (a wholly owned subsidiary of Microsoft Corporation) and you. Please read them. They apply to the software you are downloading from Systinternals.com, which includes the media on which you received it, if any. The terms also apply to any Sysinternals\par
\pard\fi-363\li720\sb120\sa120\tx720\'b7\tab updates,\par
\pard\fi-363\li720\sb120\sa120\'b7\tab supplements,\par
\'b7\tab Internet-based services, and \par
\'b7\tab support services\par
\pard\sb120\sa120 for this software, unless other terms accompany those items. If so, those terms apply.\par
\b BY USING THE SOFTWARE, YOU ACCEPT THESE TERMS. IF YOU DO NOT ACCEPT THEM, DO NOT USE THE SOFTWARE.\par
\pard\brdrt\brdrs\brdrw10\brsp20 \sb120\sa120 If you comply with these license terms, you have the rights below.\par
\pard\fi-357\li357\sb120\sa120\tx360\fs20 1.\tab\fs19 INSTALLATION AND USE RIGHTS. \b0 You may install and use any number of copies of the software on your devices.\b\par
\caps\fs20 2.\tab\fs19 Scope of License\caps0 .\b0 The software is licensed, not sold. This agreement only gives you some rights to use the software. Sysinternals reserves all other rights. Unless applicable law gives you more rights despite this limitation, you may use the software only as expressly permitted in this agreement. In doing so, you must comply with any technical limitations in the software that only allow you to use it in certain ways. You may not\b\par
\pard\fi-363\li720\sb120\sa120\tx720\b0\'b7\tab work around any technical limitations in the binary versions of the software;\par
\pard\fi-363\li720\sb120\sa120\'b7\tab reverse engineer, decompile or disassemble the binary versions of the software, except and only to the extent that applicable law expressly permits, despite this limitation;\par
\'b7\tab make more copies of the software than specified in this agreement or allowed by applicable law, despite this limitation;\par
\'b7\tab publish the software for others to copy;\par
\'b7\tab rent, lease or lend the software;\par
\'b7\tab transfer the software or this agreement to any third party; or\par
\'b7\tab use the software for commercial software hosting services.\par
\pard\fi-357\li357\sb120\sa120\tx360\b\fs20 3.\tab SENSITIVE INFORMATION. \b0 Please be aware that, similar to other debug tools that capture \ldblquote process state\rdblquote information, files saved by Sysinternals tools may include personally identifiable or other sensitive information (such as usernames, passwords, paths to files accessed, and paths to registry accessed). By using this software, you acknowledge that you are aware of this and take sole responsibility for any personally identifiable or other sensitive information provided to Microsoft or any other party through your use of the software.\b\par
5. \tab\fs19 DOCUMENTATION.\b0 Any person that has valid access to your computer or internal network may copy and use the documentation for your internal, reference purposes.\b\par
\caps\fs20 6.\tab\fs19 Export Restrictions\caps0 .\b0 The software is subject to United States export laws and regulations. You must comply with all domestic and international export laws and regulations that apply to the software. These laws include restrictions on destinations, end users and end use. For additional information, see {\cf1\ul{\field{\*\fldinst{HYPERLINK www.microsoft.com/exporting }}{\fldrslt{www.microsoft.com/exporting}}}}\cf1\ul\f0\fs19 <{{\field{\*\fldinst{HYPERLINK "http://www.microsoft.com/exporting"}}{\fldrslt{http://www.microsoft.com/exporting}}}}\f0\fs19 >\cf0\ulnone .\b\par
\caps\fs20 7.\tab\fs19 SUPPORT SERVICES.\caps0 \b0 Because this software is "as is, " we may not provide support services for it.\b\par
\caps\fs20 8.\tab\fs19 Entire Agreement.\b0\caps0 This agreement, and the terms for supplements, updates, Internet-based services and support services that you use, are the entire agreement for the software and support services.\par
\pard\keepn\fi-360\li360\sb120\sa120\tx360\cf2\b\caps\fs20 9.\tab\fs19 Applicable Law\caps0 .\par
\pard\fi-363\li720\sb120\sa120\tx720\cf0\fs20 a.\tab\fs19 United States.\b0 If you acquired the software in the United States, Washington state law governs the interpretation of this agreement and applies to claims for breach of it, regardless of conflict of laws principles. The laws of the state where you live govern all other claims, including claims under state consumer protection laws, unfair competition laws, and in tort.\b\par
\pard\fi-363\li720\sb120\sa120\fs20 b.\tab\fs19 Outside the United States.\b0 If you acquired the software in any other country, the laws of that country apply.\b\par
\pard\fi-357\li357\sb120\sa120\tx360\caps\fs20 10.\tab\fs19 Legal Effect.\b0\caps0 This agreement describes certain legal rights. You may have other rights under the laws of your country. You may also have rights with respect to the party from whom you acquired the software. This agreement does not change your rights under the laws of your country if the laws of your country do not permit it to do so.\b\caps\par
\fs20 11.\tab\fs19 Disclaimer of Warranty.\caps0 \caps The software is licensed "as - is." You bear the risk of using it. SYSINTERNALS gives no express warranties, guarantees or conditions. You may have additional consumer rights under your local laws which this agreement cannot change. To the extent permitted under your local laws, SYSINTERNALS excludes the implied warranties of merchantability, fitness for a particular purpose and non-infringement.\par
\pard\fi-360\li360\sb120\sa120\tx360\fs20 12.\tab\fs19 Limitation on and Exclusion of Remedies and Damages. You can recover from SYSINTERNALS and its suppliers only direct damages up to U.S. $5.00. You cannot recover any other damages, including consequential, lost profits, special, indirect or incidental damages.\par
\pard\li357\sb120\sa120\b0\caps0 This limitation applies to\par
\pard\fi-363\li720\sb120\sa120\tx720\'b7\tab anything related to the software, services, content (including code) on third party Internet sites, or third party programs; and\par
\pard\fi-363\li720\sb120\sa120\'b7\tab claims for breach of contract, breach of warranty, guarantee or condition, strict liability, negligence, or other tort to the extent permitted by applicable law.\par
\pard\li360\sb120\sa120 It also applies even if Sysinternals knew or should have known about the possibility of the damages. The above limitation or exclusion may not apply to you because your country may not allow the exclusion or limitation of incidental, consequential or other damages.\par
\pard\b Please note: As this software is distributed in Quebec, Canada, some of the clauses in this agreement are provided below in French.\par
\pard\sb240\lang1036 Remarque : Ce logiciel \'e9tant distribu\'e9 au Qu\'e9bec, Canada, certaines des clauses dans ce contrat sont fournies ci-dessous en fran\'e7ais.\par
\pard\sb120\sa120 EXON\'c9RATION DE GARANTIE.\b0 Le logiciel vis\'e9 par une licence est offert \'ab tel quel \'bb. Toute utilisation de ce logiciel est \'e0 votre seule risque et p\'e9ril. Sysinternals n'accorde aucune autre garantie expresse. Vous pouvez b\'e9n\'e9ficier de droits additionnels en vertu du droit local sur la protection dues consommateurs, que ce contrat ne peut modifier. La ou elles sont permises par le droit locale, les garanties implicites de qualit\'e9 marchande, d'ad\'e9quation \'e0 un usage particulier et d'absence de contrefa\'e7on sont exclues.\par
\pard\keepn\sb120\sa120\b LIMITATION DES DOMMAGES-INT\'c9R\'caTS ET EXCLUSION DE RESPONSABILIT\'c9 POUR LES DOMMAGES.\b0 Vous pouvez obtenir de Sysinternals et de ses fournisseurs une indemnisation en cas de dommages directs uniquement \'e0 hauteur de 5,00 $ US. Vous ne pouvez pr\'e9tendre \'e0 aucune indemnisation pour les autres dommages, y compris les dommages sp\'e9ciaux, indirects ou accessoires et pertes de b\'e9n\'e9fices.\par
\lang1033 Cette limitation concerne :\par
\pard\keepn\fi-360\li720\sb120\sa120\tx720\lang1036\'b7\tab tout ce qui est reli\'e9 au logiciel, aux services ou au contenu (y compris le code) figurant sur des sites Internet tiers ou dans des programmes tiers ; et\par
\pard\fi-363\li720\sb120\sa120\tx720\'b7\tab les r\'e9clamations au titre de violation de contrat ou de garantie, ou au titre de responsabilit\'e9 stricte, de n\'e9gligence ou d'une autre faute dans la limite autoris\'e9e par la loi en vigueur.\par
\pard\sb120\sa120 Elle s'applique \'e9galement, m\'eame si Sysinternals connaissait ou devrait conna\'eetre l'\'e9ventualit\'e9 d'un tel dommage. Si votre pays n'autorise pas l'exclusion ou la limitation de responsabilit\'e9 pour les dommages indirects, accessoires ou de quelque nature que ce soit, il se peut que la limitation ou l'exclusion ci-dessus ne s'appliquera pas \'e0 votre \'e9gard.\par
\b EFFET JURIDIQUE.\b0 Le pr\'e9sent contrat d\'e9crit certains droits juridiques. Vous pourriez avoir d'autres droits pr\'e9vus par les lois de votre pays. Le pr\'e9sent contrat ne modifie pas les droits que vous conf\'e8rent les lois de votre pays si celles-ci ne le permettent pas.\b\par
\pard\b0\fs20\lang1033\par
\pard\sa200\sl276\slmult1\f1\fs22\lang9\par
CommandLineToArgvW
Accept Eula (Y/N)?
HlinkSimpleNavigateToString
vector<T> too long
map/set<T> too long
RtlNtStatusToDosError
NtLoadDriver
DllGetVersion
GetNativeSystemInfo
P?ZwSetInformationThread
NtQueryVirtualMemory
RtlInitUnicodeString
NtOpenSymbolicLinkObject
NtQuerySymbolicLinkObject
NtClose
StartTraceW
ControlTraceW
OpenTraceW
ProcessTrace
EnableThemeDialogTexture
InitializeSRWLock
AcquireSRWLockExclusive
AcquireSRWLockShared
ReleaseSRWLockExclusive
ReleaseSRWLockShared
SetDllDirectoryW
IsWow64Process
Process32First
Process32Next
Thread32First
Thread32Next
NtSuspendThread
NtResumeThread
NtQuerySystemInformation
getaddrinfo
getnameinfo
freeaddrinfo
\ws2_32
\wship6
SymInitialize
EnumerateLoadedModules64
SymRegisterCallback64
SymGetModuleInfo64
SymCleanup
SymFromAddrW
SymGetSymFromName
SymSetOptions
SymSetHomeDirectoryW
SymLoadModuleExW
SymLoadModule64
SymUnloadModule64
StackWalk64
SymGetLineFromAddrW64
SymGetLinePrevW64
SymGetSourceFileTokenW
SymGetSourceFileW
SymGetModuleBase64
SymFunctionTableAccess64
SymSrvGetFileIndexesW
SymFindFileInPathW
SymSetSearchPathW
Module32FirstW
Module32NextW
CreateToolhelp32Snapshot
HungWindowFromGhostWindow
hhctrl.ocx
CLSID\{ADB880A6-D8FF-11CF-9377-00AA003B7A11}\InprocServer32
bad allocation
generic
unknown error
iostream
iostream stream error
system
string too long
invalid string position
permission denied
file exists
no such device
filename too long
device or resource busy
io error
directory not empty
invalid argument
no space on device
no such file or directory
function not supported
no lock available
not enough memory
resource unavailable try again
cross device link
operation canceled
too many files open
permission_denied
address_in_use
address_not_available
address_family_not_supported
connection_already_in_progress
bad_file_descriptor
connection_aborted
connection_refused
connection_reset
destination_address_required
bad_address
host_unreachable
operation_in_progress
interrupted
invalid_argument
already_connected
too_many_files_open
message_size
filename_too_long
network_down
network_reset
network_unreachable
no_buffer_space
no_protocol_option
not_connected
not_a_socket
operation_not_supported
protocol_not_supported
wrong_protocol_type
timed_out
operation_would_block
address family not supported
address in use
address not available
already connected
argument list too long
argument out of domain
bad address
bad file descriptor
bad message
broken pipe
connection aborted
connection already in progress
connection refused
connection reset
destination address required
executable format error
file too large
host unreachable
identifier removed
illegal byte sequence
inappropriate io control operation
invalid seek
is a directory
message size
network down
network reset
network unreachable
no buffer space
no child process
no link
no message available
no message
no protocol option
no stream resources
no such device or address
no such process
not a directory
not a socket
not a stream
not connected
not supported
operation in progress
operation not permitted
operation not supported
operation would block
owner dead
protocol error
protocol not supported
read only file system
resource deadlock would occur
result out of range
state not recoverable
stream timeout
text file busy
timed out
too many files open in system
too many links
too many symbolic link levels
value too large
wrong protocol type
CorExitProcess
RoInitialize
RoUninitialize
Access violation - no RTTI data!
Bad dynamic_cast!
Unknown exception
Sunday
Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
January
February
August
September
October
November
December
MM/dd/yy
dddd, MMMM dd, yyyy
HH:mm:ss
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
bad exception
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
InitializeCriticalSectionEx
CreateEventExW
CreateSemaphoreExW
SetThreadStackGuarantee
CreateThreadpoolTimer
SetThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer
CreateThreadpoolWait
SetThreadpoolWait
CloseThreadpoolWait
FlushProcessWriteBuffers
FreeLibraryWhenCallbackReturns
GetCurrentProcessorNumber
GetLogicalProcessorInformation
CreateSymbolicLinkW
SetDefaultDllDirectories
EnumSystemLocalesEx
CompareStringEx
GetDateFormatEx
GetLocaleInfoEx
GetTimeFormatEx
GetUserDefaultLocaleName
IsValidLocaleName
LCMapStringEx
GetCurrentPackageId
GetTickCount64
GetFileInformationByHandleExW
SetFileInformationByHandleW
(null)
`h````
xpxxxx
_hypot
_nextafter
!"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~
`h`hhh
xppwpp
__based(
__cdecl
__pascal
__stdcall
__thiscall
__fastcall
__vectorcall
__clrcall
__eabi
__ptr64
__restrict
__unaligned
restrict(
delete
operator
`vftable'
`vbtable'
`vcall'
`typeof'
`local static guard'
`string'
`vbase destructor'
`vector deleting destructor'
`default constructor closure'
`scalar deleting destructor'
`vector constructor iterator'
`vector destructor iterator'
`vector vbase constructor iterator'
`virtual displacement map'
`eh vector constructor iterator'
`eh vector destructor iterator'
`eh vector vbase constructor iterator'
`copy constructor closure'
`udt returning'
`local vftable'
`local vftable constructor closure'
new[]
delete[]
`omni callsig'
`placement delete closure'
`placement delete[] closure'
`managed vector constructor iterator'
`managed vector destructor iterator'
`eh vector copy constructor iterator'
`eh vector vbase copy constructor iterator'
`dynamic initializer for '
`dynamic atexit destructor for '
`vector copy constructor iterator'
`vector vbase copy constructor iterator'
`managed vector copy constructor iterator'
`local static thread guard'
Type Descriptor'
Base Class Descriptor at (
Base Class Array'
Class Hierarchy Descriptor'
Complete Object Locator'
MessageBoxW
GetActiveWindow
GetLastActivePopup
GetUserObjectInformationW
GetProcessWindowStation
CreateFile2
1#SNAN
1#QNAN
C:\Builds\13810\Tools\Procmon_master\bin\Win32\Release\Procmon.pdb
WS2_32.dll
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW
VERSION.dll
InitCommonControlsEx
ImageList_Destroy
ImageList_DrawEx
ImageList_Create
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_Add
ImageList_SetOverlayImage
ImageList_GetIcon
ImageList_GetIconSize
CreateStatusWindowW
COMCTL32.dll
FilterConnectCommunicationPort
FilterSendMessage
FilterGetMessage
FilterReplyMessage
FLTLIB.DLL
InterlockedIncrement
InterlockedDecrement
FreeLibrary
GetProcAddress
MulDiv
GetTickCount
LoadLibraryW
GetModuleHandleW
GlobalAddAtomW
LocalAlloc
LocalFree
GetFileType
GetStdHandle
GetCommandLineW
GetModuleFileNameW
CreateThread
EnterCriticalSection
LeaveCriticalSection
WaitForSingleObject
CloseHandle
GetSystemTimeAsFileTime
InitializeCriticalSection
DeleteCriticalSection
VirtualAlloc
LockResource
GetCurrentProcess
GetLastError
SetLastError
LoadResource
SizeofResource
ExpandEnvironmentStringsW
FindResourceW
GetSystemDirectoryW
GetCurrentDirectoryW
SetFileAttributesW
DeleteFileW
GlobalMemoryStatusEx
VirtualFree
GetSystemInfo
GetFullPathNameW
GetFileAttributesW
GetVersionExW
LoadLibraryExW
EnumResourceNamesW
OpenProcess
CreateProcessW
SetCurrentDirectoryW
GlobalAlloc
GlobalLock
GlobalUnlock
CompareStringW
GetLocaleInfoW
TryEnterCriticalSection
GetFileSize
SetEndOfFile
SetFilePointer
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
CreateFileW
GetVersion
WriteFile
ReadFile
SystemTimeToFileTime
FileTimeToLocalFileTime
LocalFileTimeToFileTime
FileTimeToSystemTime
FormatMessageW
GetTimeFormatW
GetDateFormatW
GetNumberFormatW
HeapCreate
HeapDestroy
HeapAlloc
HeapFree
HeapSize
ExitProcess
GetCurrentThread
SetThreadPriority
SetEvent
ResetEvent
ReleaseSemaphore
WaitForMultipleObjects
CreateEventW
CreateSemaphoreW
GetComputerNameA
QueryPerformanceCounter
QueryPerformanceFrequency
SetProcessShutdownParameters
GetFileAttributesExW
GetComputerNameW
SetConsoleCtrlHandler
GetCurrentProcessId
OpenThread
GetThreadContext
LoadLibraryA
GetSystemDirectoryA
FindClose
FindFirstFileW
FindNextFileW
DecodePointer
HeapReAlloc
GetProcessHeap
RaiseException
InitializeCriticalSectionAndSpinCount
GetEnvironmentVariableW
SetEnvironmentVariableW
ExpandEnvironmentStringsA
KERNEL32.dll
SendMessageW
DefWindowProcW
CallWindowProcW
RegisterClassExW
CreateWindowExW
ShowWindow
SetWindowPos
SetFocus
GetFocus
GetKeyState
GetCapture
SetCapture
ReleaseCapture
SetTimer
GetSystemMetrics
DrawTextW
UpdateWindow
ReleaseDC
BeginPaint
EndPaint
GetUpdateRect
GetUpdateRgn
InvalidateRect
ValidateRect
ScrollWindowEx
SetPropW
GetPropW
GetClientRect
GetWindowRect
SetCursor
GetCursorPos
MapWindowPoints
GetSysColor
GetSysColorBrush
FillRect
InflateRect
IntersectRect
OffsetRect
GetWindowLongW
SetWindowLongW
GetClassLongW
GetParent
LoadCursorW
SetScrollInfo
GetScrollInfo
DialogBoxIndirectParamW
EndDialog
GetDlgItem
SetWindowTextW
MoveWindow
SetDlgItemTextW
GetWindowTextW
ChildWindowFromPoint
DialogBoxParamW
EnableWindow
GetDesktopWindow
GetAncestor
MessageBoxW
LoadStringW
PostMessageW
DestroyWindow
CheckDlgButton
IsDlgButtonChecked
GetCursor
FrameRect
SetClassLongW
LoadIconW
DestroyIcon
DrawIconEx
GetIconInfo
MonitorFromPoint
GetMonitorInfoW
PtInRect
CreateIconFromResourceEx
WaitForInputIdle
IsIconic
SetForegroundWindow
FindWindowW
FindWindowExW
GetWindowThreadProcessId
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
ClientToScreen
LoadImageW
GetActiveWindow
GetWindow
RegisterWindowMessageW
DrawFrameControl
GetMessageW
TranslateMessage
DispatchMessageW
PostQuitMessage
RegisterClassW
FlashWindowEx
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsWindowVisible
IsZoomed
CreateDialogParamW
SetDlgItemInt
GetDlgItemInt
GetDlgItemTextW
CheckRadioButton
KillTimer
IsWindowEnabled
LoadAcceleratorsW
TranslateAcceleratorW
LoadMenuW
GetMenu
CreatePopupMenu
DestroyMenu
CheckMenuItem
EnableMenuItem
GetSubMenu
GetMenuItemCount
InsertMenuW
DeleteMenu
TrackPopupMenu
SetMenuInfo
InsertMenuItemW
GetMenuItemInfoW
SetMenuDefaultItem
SetActiveWindow
SetWindowTextA
MessageBeep
ScreenToClient
UnionRect
EqualRect
EnumChildWindows
GetClassNameW
LoadBitmapW
CopyImage
IsDialogMessageW
GetWindowDC
WindowFromPoint
USER32.dll
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreatePen
CreateRectRgn
CreateRectRgnIndirect
CreateSolidBrush
DeleteDC
DeleteObject
GetBkColor
GetBkMode
GetDeviceCaps
GetStockObject
RectInRegion
SelectClipRgn
SelectObject
SetBkColor
SetBkMode
SetTextColor
GetTextMetricsW
Polyline
SetMapMode
StartDocW
EndDoc
StartPage
EndPage
CreateFontIndirectW
GetObjectW
GetBitmapBits
LineTo
MoveToEx
Polygon
CreateBitmap
CreateFontW
GetPixel
SetPixel
GdiFlush
Rectangle
RestoreDC
SaveDC
SetROP2
GDI32.dll
PrintDlgW
GetSaveFileNameW
GetOpenFileNameW
ChooseColorW
FindTextW
ChooseFontW
COMDLG32.dll
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegCreateKeyW
RegOpenKeyW
RegOpenKeyExW
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
RegDeleteKeyW
RegDeleteValueW
GetTokenInformation
EqualSid
AllocateAndInitializeSid
FreeSid
GetLengthSid
MapGenericMask
LookupAccountSidW
RegCreateKeyExW
RegEnumKeyW
RegSetValueW
ConvertSidToStringSidW
ConvertStringSidToSidW
RegEnumValueW
RegQueryValueExA
RegOpenKeyExA
ADVAPI32.dll
ShellExecuteExW
SHGetFileInfoW
SHGetMalloc
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHChangeNotify
DragQueryFileW
CommandLineToArgvW
SHGetPathFromIDListW
SHELL32.dll
CoInitialize
CoSetProxyBlanket
CoCreateInstance
CreateBindCtx
OleInitialize
RegisterDragDrop
ReleaseStgMedium
ole32.dll
OLEAUT32.dll
SHAutoComplete
SHLWAPI.dll
lstrlenA
MultiByteToWideChar
WideCharToMultiByte
IsDebuggerPresent
OutputDebugStringW
RtlUnwind
EncodePointer
GetModuleHandleExW
GetConsoleMode
ReadConsoleInputA
SetConsoleMode
IsProcessorFeaturePresent
ExitThread
GetCurrentThreadId
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetConsoleCP
GetStringTypeW
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
SetFilePointerEx
WriteConsoleW
SetStdHandle
FlushFileBuffers
ReadConsoleW
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
.?AVCThemedWindow@@
.?AVCTreeList@@
.?AVCTreeListData@@
.?AVCListViewData@@
.?AVCViewRef@@
.?AVCEventRef@@
.?AUIUnknown@@
.?AVCCallTreeData@@
.?AUIDropTarget@@
.?AVCResizer@@
.?AVCDropTarget@@
.?AUPAS_ROW_CACHE@@
.?AVCFileSummary@@
.?AVCProcessTreeData@@
.?AV_com_error@@
.?AVbad_alloc@std@@
.?AVexception@std@@
.?AVlogic_error@std@@
.?AVlength_error@std@@
.?AVout_of_range@std@@
.?AVerror_category@std@@
.?AV_Generic_error_category@std@@
.?AV_Iostream_error_category@std@@
.?AV_System_error_category@std@@
.?AVtype_info@@
.?AV__non_rtti_object@std@@
.?AVbad_typeid@std@@
.?AVbad_cast@std@@
.?AVbad_exception@std@@
""""""
333333
d*po0!
SS%%kk>
LO=L2B:c
:B2L9[Z{,,,,,,}?~
\QQQ\R+
AKabbaFK%
4#';y&
< s&w
6st::9v1/
mn opq2
IK#M#NR
AAAAAAAAA
AAAAAAA
AAAAAAAAA
pppppppp
pppppppp
pppppppp
pppppppp
pppppppp
pppppppp
pppppppp
pppppppp
o
F
VVU6UVVVV
UVV6VVVVVV
VV]66666666V
]V]]]VVVVVVV
]VV]]]]]VV
U]]]]UV
wwwpww
""""""
!This program cannot be run in DOS mode.
h.rdata
H.data
B.reloc
URPQQh
UQPXY]Y[
u]jIj0j
SjAj0j
tRj8hp
u2j8Vj
t`SSSSh
tOHt#Hu
hRegmj
System
C:\Builds\13810\Tools\Procmon_master\bin\Win32\Release\ProcMonDriver.pdb
hSeAlPj
7@_^[]
uBhSeAlj
hSeAlVj
FFf9>t
FFf9>t
FFf9>t
FFf9>t
FFf9>t
tYf9>u
FFf9>t
VWhSeTsRj
WhPpRb
\hPpRb
@hPpUc@Pj
ExAcquireFastMutex
ExReleaseFastMutex
KeGetCurrentIrql
KfAcquireSpinLock
KfReleaseSpinLock
KeQueryPerformanceCounter
HAL.dll
RtlInitUnicodeString
RtlAnsiStringToUnicodeString
RtlCompareUnicodeString
RtlCopyUnicodeString
RtlAppendUnicodeStringToString
RtlFreeUnicodeString
KeInitializeDpc
KeInitializeEvent
KeSetEvent
KeInitializeTimer
KeSetTimer
KeWaitForSingleObject
ExFreePoolWithTag
ExQueueWorkItem
ObfDereferenceObject
ZwCreateFile
ZwSetInformationFile
ZwWriteFile
ZwClose
ZwOpenKey
ZwFlushKey
ZwQueryValueKey
ZwSetValueKey
PsGetCurrentProcessId
IoSetThreadHardErrorMode
ZwQuerySystemInformation
memcpy
KeClearEvent
IofCompleteRequest
IoCreateNotificationEvent
IoCreateSymbolicLink
IoDeleteDevice
IoDeleteSymbolicLink
memmove
KeDelayExecutionThread
MmProbeAndLockProcessPages
MmUnlockPages
MmMapLockedPagesSpecifyCache
IoAllocateMdl
IoFreeMdl
IoGetCurrentProcess
IoGetTopLevelIrp
IoSetTopLevelIrp
RtlLengthSid
IoThreadToProcess
FsRtlIsPagingFile
KeCancelTimer
KeQuerySystemTime
InterlockedPopEntrySList
InterlockedPushEntrySList
ExInitializeNPagedLookasideList
PsCreateSystemThread
RtlWalkFrameChain
PsGetCurrentThreadId
_alldiv
_alldvrm
_allmul
strncmp
strncpy
KeGetCurrentThread
KeInitializeTimerEx
KeSetTimerEx
KeWaitForMultipleObjects
MmGetSystemRoutineAddress
ObReferenceObjectByHandle
PsSetCreateProcessNotifyRoutine
PsSetCreateThreadNotifyRoutine
PsRemoveCreateThreadNotifyRoutine
PsSetLoadImageNotifyRoutine
PsRemoveLoadImageNotifyRoutine
ZwOpenProcess
KeStackAttachProcess
KeUnstackDetachProcess
PsReferencePrimaryToken
PsReferenceImpersonationToken
PsLookupThreadByThreadId
ObOpenObjectByPointer
ZwWaitForSingleObject
ZwQueryInformationToken
ZwOpenThread
ZwQueryInformationProcess
ZwOpenProcessToken
KeInsertQueueApc
KeInitializeApc
memset
ExAllocatePoolWithTag
PsGetVersion
KeInitializeMutex
KeReleaseMutex
ExAllocatePool
ExInitializePagedLookasideList
ProbeForRead
ProbeForWrite
ExGetPreviousMode
MmBuildMdlForNonPagedPool
MmUnmapLockedPages
MmCreateMdl
ZwCreateKey
ZwDeleteKey
ZwDeleteValueKey
ZwEnumerateKey
ZwEnumerateValueKey
ZwQueryKey
ObQueryNameString
ZwLoadKey
ZwUnloadKey
KeServiceDescriptorTable
ntoskrnl.exe
ZwSetSecurityObject
IoDeviceObjectType
IoCreateDevice
RtlUnwind
RtlGetDaclSecurityDescriptor
RtlGetSaclSecurityDescriptor
RtlGetGroupSecurityDescriptor
RtlGetOwnerSecurityDescriptor
_snwprintf
RtlLengthSecurityDescriptor
SeCaptureSecurityDescriptor
SeExports
IoIsWdmVersionAvailable
_wcsnicmp
RtlAddAccessAllowedAce
wcschr
RtlAbsoluteToSelfRelativeSD
RtlSetDaclSecurityDescriptor
RtlCreateSecurityDescriptor
FltGetVolumeName
FltGetDiskDeviceObject
FltEnumerateVolumes
FltObjectDereference
FltRegisterFilter
FltUnregisterFilter
FltStartFiltering
FltGetFileNameInformation
FltReleaseFileNameInformation
FltGetDestinationFileNameInformation
FltAttachVolume
FltDetachVolume
FltCreateFile
FltClose
FltCreateCommunicationPort
FltCloseCommunicationPort
FltCloseClientPort
FltSendMessage
FltBuildDefaultSecurityDescriptor
FltFreeSecurityDescriptor
FltGetFileNameInformationUnsafe
FLTMGR.SYS
KeTickCount
KeBugCheckEx
2!3K3T3
4-5;5E5U5f5r5
6B7L7s7
7$8.8>8D8R8l8w8
9+9=9C9L9f9~9
;2;o;u;
<7<A<W<o<y<
=9=B=K=T=y=
>%>,>4>9>@>F>r>
?"?4?:?L?u?
070K0U0[0a0
1"1*11181>1C1M1R1]1
546C6T6w6
889C9M9S9}9
:H:^:q:
;8;V;`;y;
<`=g=.>D>N>
3(424a4f4k4v4|4
5!5T5Z5*666{6
8(868>8C8I8U8[8a8g8m8z8
:$:,:2:;:A:F:L:Q:V:\:b:h:o:
;Z;.<C<g<
<+=2=I=R=Y=_=f=k=q=
=E>Q>o>x>
? ?$?/?:?A?H?M?S?o?u?|?
0!0(0;0@0F0S0`0r0
2 2(2.2D2L2q2
3D3J3^3|3
3+4m4t4
55$535<5B5[5j5
6T7Z7h7
8M8T8`8h8u8
8S9x9-:
</<B<_<
3&383L3R3Z3`3m3
3`4q4x4
686>6D6N6R6X6\6b6f6l6p6u6{6
7 7&7-72787A7L7T7[7d7m7
70:C:T:[:y:
:Q;W;i;o;
=&=+=:=
0U0d0w0
11+11161<1G1}1
2+363<3D3{3
4#4*41484?4a4
5a5j5q5
7)7/7M7[7`7g7s7y7
;&;+;=;
?.?G?\?
0"0'030=0K0R0
0"1*1S1
1`4d4h4l4p4t4x4|4
5&5/5?5E5P5V5s5
6 6+686F6Q6^6l6w6
7*757B7P7[7h7v7
8)828@8F8L8W8u8{8
9i:n:s:z:
;;%;,;2;6;<;@;F;N;T;X;^;b;h;
<6<?<G<L<Q<_<h<n<
%0-080
0#1+161
132;2F2
5c6k6v6
6e7m7x7
:d;l;w;
=f=k=}=
=&>+>=>\>n>
>1?:?w?
0(030G0W0
0:1B1M1n1
; ;&;,;2;8;>;D;J;P;V;\;b;h;n;t;z;
<"<(<.<4<:<@<F<L<R<X<^<d<j<p<v<|<
=$=*=0=6=<=B=H=N=T=Z=`=f=l=r=x=~=
> >&>,>2>8>>>D>
5$5(585<5L5P5`5d5t5x5
6(6<6@6P6T6d6h6x6|6
7,707@7D7T7X7h7l7|7
P0l0p0x0|0
1$1(1D1H1P1T1\1`1|1
0'01050:0L0R0a0p0
717M7\7w7
8K8S8|8
0B0S0w0
00(0/0
Washington1
Redmond1
Microsoft Corporation1!0
Microsoft Time-Stamp PCA0
160907175849Z
180907175849Z0
Washington1
Redmond1
Microsoft Corporation1
AOC1'0%
nCipher DSE ESN:843D-37F6-F1041%0#
Microsoft Time-Stamp Service0
Chttp://crl.microsoft.com/pki/crl/products/MicrosoftTimeStampPCA.crl0X
<http://www.microsoft.com/pki/certs/MicrosoftTimeStampPCA.crt0
zpbU&%
Washington1
Redmond1
Microsoft Corporation1503
,Microsoft Windows Hardware Compatibility PCA0
170811203623Z
180725203623Z0
Washington1
Redmond1
Microsoft Corporation1;09
2Microsoft Windows Hardware Compatibility Publisher0
/V]+!Xf
MOPR1402
+230001+709c2e22-1483-40a3-8820-f42dbe30c77d0
ehttp://www.microsoft.com/pki/CRL/products/Microsoft%20Windows%20Hardware%20Compatibility%20PCA(1).crl0z
^http://www.microsoft.com/pki/certs/Microsoft%20Windows%20Hardware%20Compatibility%20PCA(1).crt0
0k}[3_s(8Y
microsoft1-0+
$Microsoft Root Certificate Authority0
120604210546Z
200604211546Z0
Washington1
Redmond1
Microsoft Corporation1503
,Microsoft Windows Hardware Compatibility PCA0
=&l@T$
DhnPQn
ylj-E>
?http://crl.microsoft.com/pki/crl/products/microsoftrootcert.crl0T
8http://www.microsoft.com/pki/certs/MicrosoftRootCert.crt0
rPG/VK
microsoft1-0+
$Microsoft Root Certificate Authority0
070403125309Z
210403130309Z0w1
Washington1
Redmond1
Microsoft Corporation1!0
Microsoft Time-Stamp PCA0
microsoft1-0+
$Microsoft Root Certificate Authority
?http://crl.microsoft.com/pki/crl/products/microsoftrootcert.crl0T
8http://www.microsoft.com/pki/certs/MicrosoftRootCert.crt0
1Jv1=+r
L&*H$_Z
Washington1
Redmond1
Microsoft Corporation1503
,Microsoft Windows Hardware Compatibility PCA
http://www.sysinternals.com 0
+\G^2'
Washington1
Redmond1
Microsoft Corporation1!0
Microsoft Time-Stamp PCA
180212232819Z0#
p%2uyU
Washington1
Redmond1
Microsoft Corporation1806
/Microsoft Windows Third Party Component CA 20120
170912185049Z
180912185049Z0
Washington1
Redmond1
Microsoft Corporation1;09
2Microsoft Windows Hardware Compatibility Publisher0
230153+2423520
chttp://www.microsoft.com/pkiops/crl/Microsoft%20Windows%20Third%20Party%20Component%20CA%202012.crl0
ehttp://www.microsoft.com/pkiops/certs/Microsoft%20Windows%20Third%20Party%20Component%20CA%202012.crt0
Washington1
Redmond1
Microsoft Corporation1200
)Microsoft Root Certificate Authority 20100
120418234838Z
270418235838Z0
Washington1
Redmond1
Microsoft Corporation1806
/Microsoft Windows Third Party Component CA 20120
-g<'<V
}PH.=C
Ehttp://crl.microsoft.com/pki/crl/products/MicRooCerAut_2010-06-23.crl0Z
>http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt0
p%|Yi1$
Washington1
Redmond1
Microsoft Corporation1806
/Microsoft Windows Third Party Component CA 2012
http://www.sysinternals.com 0
^9/l<z
20180212232830.648Z0
Washington1
Redmond1
Microsoft Corporation1
AOC1'0%
nCipher DSE ESN:D236-37DA-97611%0#
Microsoft Time-Stamp Service
Washington1
Redmond1
Microsoft Corporation1200
)Microsoft Root Certificate Authority 20100
100701213655Z
250701214655Z0|1
Washington1
Redmond1
Microsoft Corporation1&0$
Microsoft Time-Stamp PCA 20100
$`2X`F
Ehttp://crl.microsoft.com/pki/crl/products/MicRooCerAut_2010-06-23.crl0Z
>http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt0
1http://www.microsoft.com/PKI/docs/CPS/default.htm0@
oK0D$"<
r~akow
Washington1
Redmond1
Microsoft Corporation1&0$
Microsoft Time-Stamp PCA 20100
160907175655Z
180907175655Z0
Washington1
Redmond1
Microsoft Corporation1
AOC1'0%
nCipher DSE ESN:D236-37DA-97611%0#
Microsoft Time-Stamp Service0
Ehttp://crl.microsoft.com/pki/crl/products/MicTimStaPCA_2010-07-01.crl0Z
>http://www.microsoft.com/pki/certs/MicTimStaPCA_2010-07-01.crt0
Washington1
Redmond1
Microsoft Corporation1
AOC1'0%
nCipher DSE ESN:D236-37DA-97611%0#
Microsoft Time-Stamp Service
Washington1
Redmond1
Microsoft Corporation1
AOC1'0%
nCipher NTS ESN:2665-4C3F-C5DE1+0)
"Microsoft Time Source Master Clock0
20180212213837Z
20180213213837Z0t0:
; xJK:]OL
vS,Vco
Pd'y5U
Washington1
Redmond1
Microsoft Corporation1&0$
Microsoft Time-Stamp PCA 2010
Washington1
Redmond1
Microsoft Corporation1&0$
Microsoft Time-Stamp PCA 2010
!This program cannot be run in DOS mode.
~Rich[
`.rdata
@.data
.pdata
@.rsrc
@.reloc
@SUVWH
WAVAWH
0A_A^_
@WATAUAVAWH
0A_A^A]A\_
@USVWATAUAVAWH
A_A^A]A\_^[]
t$ UATAUAVAWH
A_A^A]A\]
WATAUAVAWH
fE9a:u
A_A^A]A\_
@USVWATAUAVAWH
D$4;D$h
t HcD$4;E
D$4;D$h
A_A^A]A\_^[]
WAVAWH
WAVAWH
A_A^_
t5H9J(u
|$ AVH
@USVWATAUH
D$XL;c
|$8H;{
D$0L;c
A]A\_^[]
@USVWAUAWH
EX9EP}
E\9ET}
A_A]_^[]
@SATAVH
@A^A\[
@A^A\[
l$ VWATAVAWH
T$@+T$8E
A_A^A\_^
UVWAVAWH
D+t$$A
pA_A^_^]
\$ UVWATAUAVAWH
l$8+D$`+
\$(+t$L
A_A^A]A\_^]
|$ ATAVAWH
A_A^A\
|$ AVH
D$,+D$$H
@USVATAUAVAWH
A_A^A]A\^[]
@SUVWATAVH
7;\$H}
l$$D;l$L}
D;l$T|
|$D+|$<D;
xA^A\_^][
@USVWATH
H;sHu,H
H;sHu,H
H;sHu[I
A\_^[]
UVWATAVH
A^A\_^]
UVATAVI
A^A\^]
D$D+D$L
@USVWH
t.HcG H
|$ UATAVH
@SUVWATAUAVAWH
xA_A^A]A\_^][
\$xtTH
VWATAVAWH
A_A^A\_^
\$ UVWATAUAVAWH
PA_A^A]A\_^]
@SVWAUAVH
\$H+\$@
+|$DA+
pA^A]_^[
T$H+T$@
L$L+L$DD
tiH;B0tcH
@USVWATAUAVAWH
D9|$hv,
D;|$hr
|$lD+|$hD
|$lD+|$hD
N<@E9~8u
A_A^A]A\_^[]
9t$0tWL
WATAUAVAWH
A_A^A]A\_
F+D$LD+L$HA
@UVWAVAWH
A_A^_^]
\$ UVWH
WAVAWH
@SVWATAUH
@A]A\_^[
@A]A\_^[
F(H+B(H
TUUUUUU
@WATAUAVAWH
@A_A^A]A\_
G0H+G(H
_0H+_(H
W0H+W(H
@VWAVH
O0H+O(H
G0H+G(H
G0H+G(H
G0H+G(H
0A^_^H
@VWATAVAWH
@A_A^A\_^
@UVAVH
@SUAVH
@UVWAVAWH
A_A^_^]
SUVWAVH
0A^_^][
UVWAVAWH
@A_A^_^]
|$ AVH
|$ AVH
WATAUAVAWH
0A_A^A]A\_
UATAUAVAWH
A_A^A]A\]
ATAVAWH
A_A^A\
A_A^A\
WATAUAVAWH
A_A^A]A\_
WATAUAVAWH
A_A^A]A\_
UVWAVAWH
C0H+C(H
C0H+C(H
PA_A^_^]
@VWAVH
@VWAVH
WAVAWH
A_A^_
H UVWATAUAVAWH
F0H+F(H
F0H+F(H
@A_A^A]A\_^]
G0H+G(H
UVWATAUAVAWH
E0H+E(H
M0H+M(H
@A_A^A]A\_^]
UWATAVAWH
A_A^A\_]H
@VWAVH
E0H+E(H
A0H+A(H
F0H+F(H
F0H+F(H
@WAVAWH
@A_A^_H
N0H+N(H
F0H+F(H
F0H+F(H
@VWATAVAWH
@A_A^A\_^
t$ ATAVAWH
A_A^A\
@UVWATAUAVAWH
A_A^A]A\_^]
UVWATAUAVAWH
_PH;_X
0A_A^A]A\_^]
@USVWATAVAWH
~XI+~PH
effffff
pA_A^A\_^[]
_0H+_(H
@USVWATAUAVAWH
A_A^A]A\_^[]
@UVWATAUAVAWH
NXI+NPH
FXI+FPH
A_A^A]A\_^]
WAVAWH
YXH+YPH
GXH+GPH
OXH+OPH
AXH+APH
WAVAWH
PA_A^_
AXH+APH
WATAUAVAWH
D$HD9 u
D$HD9 u
A_A^A]A\_
WAVAWH
SUVWAVH
GXH+GPH
GXH+GPH
GXH+GPH
PA^_^][
@USVWATAUAVAWH
FXH+FPH
FXH+FPH
FXH+FPH
A_A^A]A\_^[]
UATAUAVAWH
OXI+OPH
_XI+_PH
A_A^A]A\]
VWATAVAWH
A_A^A\_^
AXH+APH
AXH+APH
AXH+APH
AXH+APH
AXH+APH
AXH+APH
AXH+APH
@USVWATAUAVAWH
A_A^A]A\_^[]
u89P s(H
AXH+APH
AXH+APH
@VWAVH
@VWAVH
@VWATAVAWH
@A_A^A\_^
@VWATAVAWH
@A_A^A\_^
TUUUUUU
ub'vb'v
2333333
effffff
WATAUAVAWH
L;8u:H
@A_A^A]A\_
@WATAUAVAWH
@A_A^A]A\_
WATAUAVAWH
@A_A^A]A\_
@WATAUAVAWH
@A_A^A]A\_
@WATAUAVAWH
@A_A^A]A\_
@WATAUAVAWH
@A_A^A]A\_
@WATAUAVAWH
@A_A^A]A\_
WATAUAVAWH
A_A^A]A\_
@WATAUAVAWH
@A_A^A]A\_
@WATAUAVAWH
@A_A^A]A\_
@SUVWH
_0H+_(H
t$ AVH
]PH;]Xt(ff
GXH+GPH
@USVWATAUAVAWH
A_A^A]A\_^[]
@UVWAVAWH
A_A^_^]
]PH;]Xt(ff
]PH;]Xt(ff
@USVWATAUAVAWH
A_A^A]A\_^[]
]PH;]Xt(ff
@UVWATAUAVAWH
A_A^A]A\_^]
]PH;]Xt(ff
]PH;]Xt(ff
@UVWATAUAVAWH
A_A^A]A\_^]
]PH;]Xt(ff
]PH;]Xt(ff
]PH;]Xt(ff
UVWATAUAVAWH
GXH+GPH
GXH+GPH
A_A^A]A\_^]
UVWATAUAVAWH
G0H9D$8H
A_A^A]A\_^]
@USVWATAVAWH
A_A^A\_^[]
]PH;]Xt(ff
@UVWATAUAVAWH
A_A^A]A\_^]
]PH;]Xt(ff
]PH;]Xt(ff
@UVWATAUAVAWH
AXH+APH
FXH+FPH
FXH+FPH
FXH+FPH
FXH+FPH
A_A^A]A\_^]
@UWAVAW
\$ fD9t$ t3f
A_A^_]
@UVWATAUAVAWH
uhH+upE
D8l$0t
A_A^A]A\_^]
UVWATAUAVAWH
yPH;yX
EgH;xX
A_A^A]A\_^]
WAVAWH
D$@L;D$Hu
WAVAWH
0A_A^_
UVWAVAWH
0A_A^_^]
D$@L;D$Hu
D$@L;D$Hu
@USVWATAUAVAWH
A_A^A]A\_^[]
@USVWATAUAVAWH
A_A^A]A\_^[]
@UATAUAVAWH
t$\D95
t$xfff
F0+F(D;
A_A^A]A\]
G0H+G(3
@UVWATAUAVAWH
fF9$xu
A_A^A]A\_^]
@USVWATAVAWH
A_A^A\_^[]
@USVWATAUAVAWH
A_A^A]A\_^[]
@USVWATAUAVAWH
A_A^A]A\_^[]
@SUAVH
@SUVATAVAWH
A_A^A\^][
D$@L;D$Hu
UATAUAVAWH
A_A^A]A\]
@UVWATAUAVAWH
A_A^A]A\_^]
fA;HDsHD
UVWATAUAVAWH
t$HI;O
L+T$0D
A_A^A]A\_^]
\$ UVWATAUAVAWH
*H+K@H
A_A^A]A\_^]
USVWATAUAVAWH
EtD+ElH
MHI+M@H
A_A^A]A\_^[]
@VWAVH
@WATAUAVAWH
@A_A^A]A\_
UVWAVAWH
H;E@t/H
u0H+u(H
"H;E8u
`A_A^_^]
^(H;^0t!
@VWAVH
G0H+G(H
@VWAVH
O0H+O(H
G0H+G(H
G0H+G(H
G0H+G(H
0A^_^H
@VWAVH
UWATAVAWH
A_A^A\_]
@USVWAVH
A^_^[]
VWATAVAWH
@A_A^A\_^
t$ ATAVAWH
0A_A^A\
\$ UWAVH
H9|$ u
UATAUAVAWH
L9|$ u\A
A_A^A]A\]
UVWATAUAVAWH
A_A^A]A\_^]
UATAUAVAWH
L9l$ uYA
A_A^A]A\]
@SUVWH
effffff
H9H s*
D;t$xH
@SUVWH
7H;S vDH
@VWAVH
0A^_^H
|$ AVH
TUUUUUU
TUUUUUU
WATAUAVAWH
@A_A^A]A\_
@WATAUAVAWH
@A_A^A]A\_
@WATAUAVAWH
@A_A^A]A\_
VWATAVAWH
0A_A^A\_^
T$DD+T$<D
D$4D+L$8A
USVWAUAVAWH
A_A^A]_^[]
3333333
3333333333
3333333333333333333
3333333
333333
3333333333
3333333
333333 333!333"333333#3333333$%333&333'333333333333333333(333)333*333+333,333-333./333033313332
\$ WAVAWH
@USVWATAVAWH
A_A^A\_^[]
@UAUAVAWH
(A_A^A]]
(A_A^A]]
@UVWATAUAVAWH
`A_A^A]A\_^]
@UVWAVAWH
A_A^_^]
@USVWATAVAWH
A_A^A\_^[]
@SUVWAVAWH
A_A^_^][
|$ AVH
@USVWATH
fD9$Nu
A\_^[]
UATAUAVAWH
>0u&fA
A_A^A]A\]
@USVWATAUAVAWH
<w\tlA
A_A^A]A\_^[]
@UVWATAUAVAWH
`A_A^A]A\_^]
D$p9D$xu
D$@L;D$Hu
D$@L;D$Hu
WAVAWH
0A_A^_
D$@L;D$Hu
WAVAWH
0A_A^_
SVATAUAWH
A_A]A\^[
@WAVAW
UVATAVAWH
pA_A^A\^]
@UVWATAUAVAW
A_A^A]A\_^]
@UVWAVAWH
`A_A^_^]
@UVWATAUAVAWH
A_A^A]A\_^]
TUUUUUU
H9H }*
@SUVWATAVAWH
H+C H=
A_A^A\_^][
@VWATAVAW
CXH+CPH
A_A^A\_^
UVWATAUAVAWH
A_A^A]A\_^]
D$0H+C
@UVWATAUAVAWH
H;_ t<
A_A^A]A\_^]
TUUUUUU
@WATAUAVAWH
@A_A^A]A\_
UATAWH
A_A\]
@UWAVAWH
(A_A^_]
ATAVAWH
A_A^A\
A_A^A\
WAVAWH
A_A^_
WATAUAVAWH
A_A^A]A\_
UATAUH
@A]A\]
@UVWATAUAVAWH
A_A^A]A\_^]
@VWAVH
@SUVWATAVAWH
A_A^A\_^][
WAVAWH
@UWATAVAWH
@A_A^A\_]
@UVWATAUAVAWH
A_A^A]A\_^]
@WATAUAVAWH
0A_A^A]A\_
UATAUAVAWH
A_A^A]A\]
L$0;Y s
PA^_^H
PA^_^H
PA^_^H
PA^_^H
PA^_^H
UVWATAUAVAWH
I;^ht'
@A_A^A]A\_^]
@SUVWATAVAWH
`A_A^A\_^][H
@SUVWATAVAWH
`A_A^A\_^][H
PA^_^H
@UVWATAUAVAWH
A_A^A]A\_^]H
PA^_^H
PA^_^H
@UVWATAUAVAWH
A_A^A]A\_^]
UWATAVAWH
A_A^A\_]
@UWAWH
effffff
TUUUUUU
effffff
effffff
effffff
TUUUUUU
TUUUUUU
A9q }EI
A;q }?I
A9q }EI
A;q }?I
9C }(H
9C }(H
H9H s*
@WATAUAVAWH
@A_A^A]A\_
@WATAUAVAWH
@A_A^A]A\_
@WATAUAVAWH
@A_A^A]A\_
@SUVAVAWH
@A_A^^][
\$ UVWH
D$(+D$
D$,+D$$
G +B(H
O(H+J0H
O0H+J8H
G8+B@H
G<+BDH
G@+BHH
Q@H+P@H+P8H
QPH+PPH
Q`H+P`H
HXI+HXt
@PA+@P
@VWAVH
I;.t,H
@UVWATAUAVAWH
A_A^A]A\_^]
@VWAVH
I;6t,H
UWATAVAWH
A_A^A\_]
UVWATAUAVAWH
@A_A^A]A\_^]H
@USVWATAVAWH
A_A^A\_^[]
L9>t9A
@UVWATAUAVAWH
HcD$|;D$`}BH
A_A^A]A\_^]
@UVWATAUAVAWH
A_A^A]A\_^]
@UVWATAUAVAWH
s0H+s(H
s0H+s(H
A_A^A]A\_^]
@UVWAVAWH
`A_A^_^]
9D$0tP
l$ VWAVH
H0H91t1
EPHcEXH
L$ UWATAUAVH
A^A]A\_]
@VWAVH
@USVWATAUAVAWH
IcA Mc
A_A^A]A\_^[]
4444444
4444444
4444 444!4"4#4$%4444444444&'4444(4)4*4444+444444,4-4444..444444444//44440144404444444423
UWATAVAWH
A_A^A\_]
UWATAVAWH
A_A^A\_]
@UVWAVAWH
0A_A^_^]
UAVAWH
@VWAVH
@UVATAUH
A]A\^]
;K }=H
;K }=H
@UVWATAUAVAWH
t*HcD$0L
A_A^A]A\_^]
@UVWATAUAVAWH
A_A^A]A\_^]
@UVWATAUAVAWH
A_A^A]A\_^]
UVWATAUAVAWH
U(+U H
C0H+C(
M +M0Hc
M8+M0Lc
A_A^A]A\_^]
YH9X s
T$XA9AHs
AXH9CX
UVWATAUAVAWH
A_A^A]A\_^]
9rPt<H
@USVWATAUAVAWH
A_A^A]A\_^[]
UWATAVAWH
A_A^A\_]
@USVATH
D9|$@}
D9|$H}
D9t$D}
D9t$L}
N0H91t
C0+C(D
nG +C
C0+C(D
nG(+C
C4+C,D
nG$+C$
W,+W$A
nG,+C$
T$,D+G4
UVWAVAWH
PA_A^_^]
UATAUAVAWH
A_A^A]A\]
@UVWAVAWH
A_A^_^]
@USVWAVH
A^_^[]
k VWAVH
D$,+D$$f
UAVAWH
UWATAVAWH
A_A^A\_]
@UVWAVAWH
D$xHc[
A_A^_^]
@SUVWAVAWH
T$8+L$4+T$0;V
LV ;N$
hA_A^_^][
WAVAWH
|$ AVH
@SUVWATAVAWH
A_A^A\_^][
WAVAWH
0A_A^_
WAVAWH
A_A^_
UUUUUUU
l$ WAVAWH
A_A^_
UUUUUUU
@VWAVH
UUUUUUU
@VWAVH
D$@L;D$Hu
D$@L;D$Hu
WAVAWH
A_A^_
D$@L;D$Hu
D$@L;D$Hu
D$@L;D$Hu
D$@L;D$Hu
WAVAWH
0A_A^_
D$@L;D$Hu
WAVAWH
0A_A^_
D$@L;D$Hu
WAVAWH
0A_A^_
|$ AVH
D$@L;D$Hu
WAVAWH
0A_A^_
UUUUUUU
@USVWATAWH
D8d$hu%M
D9d$tupH
A_A\_^[]
D8d$et
D8d$gt]M
D8d$ktEA
D8d$rt
D8d$it1H
D8d$mt
D8d$qt
D8d$et
u.D8d$nu'L
t8D8%r
3D8d$pu,D8%R
H9H s*
ATAVAWH
GXH+GPH
A_A^A\
@SVWATAUAVAWH
A_A^A]A\_^[
@UWATAVAWH
A(H;C(
K@D9I,wsH+Q8L
L+A0D+I,H
A_A^A\_]
UAVAWH
VWATAVAWH
A_A^A\_^
TUUUUUU
WATAUAVAWH
@A_A^A]A\_
UWATAVAWH
A_A^A\_]
@SUVWAVH
`A^_^][
t$@@8u
@UVWAVAWH
A_A^_^]
@SUVWATAVAWH
`A_A^A\_^][H
@SUVWATAVAWH
H;]0t*H
PA_A^A\_^][
D$@L;D$Hu
D$@L;D$Hu
WAVAWH
A_A^_
UVWATAUAVAWH
@A_A^A]A\_^]
@VWATAUAWH
`A_A]A\_^
@SUVWATAUAVAWH
A_A^A]A\_^][
|$ AVH
|$ ATAVAWH
\$@uDf
A_A^A\
|$ AVH
WAVAWH
PA_A^_
WAVAWH
\$ VWAVH
l$ VWATAVAWH
A_A^A\_^
WAVAWH
0A_A^_
@UATAUAVAWH
A_A^A]A\]
SVWATAUAVAWH
@A_A^A]A\_^[
@UVWATAUAVAWH
effffff
effffff
A_A^A]A\_^]
|$ AVH
UVWATAUAVAWH
D9x0u<
A_A^A]A\_^]
@UVWATAUAVAWH
A_A^A]A\_^]
|$ AVH
UVWATAUAVAWH
PA_A^A]A\_^]
WAVAWH
PA_A^_
{(PML_u@
UWATAVAWH
A_A^A\_]
@UVWAVAWH
pA_A^_^]
USVWATAVAWH
{(PML_t
A_A^A\_^[]
SUVWATAUAVAWH
A_A^A]A\_^][
USVWATAUAVAWH
4/x&Mc
t$0fff
A_A^A]A\_^[]
effffff
LLLLLLLLL
LLLLLLLLLLLLL
LLLLLLLLLL
!"#$%LLLLLLLLLL&LLLLLLLLLLL'LLLLLLLLLLLLLLLL()LLLLLLLLLLLLLLLLLLLLLLLL*L+L,-LLLL.LL/LLLLL0123L456789LLLL:;L<=LL>L?@LLLLLLLALLLLLLLBLLLCDLELLLLLLFLLLLLLLLLLLLGHIJLLLLLLLLKf
WAVAWH
A_A^_
|$ AVH
2333333
WATAUAVAWH
L;0u:H
@A_A^A]A\_
@WATAUAVAWH
@A_A^A]A\_
@VWAVH
@SUVWATAUAVAWH
A_A^A]A\_^][
@USVWATAUAVAWH
A_A^A]A\_^[]
WAVAWH
A_A^_
WATAUAVAWH
A_A^A]A\_
@UVWATAUAVAWH
A_A^A]A\_^]
@USVWAVAWH
XA_A^_^[]
@VWAVH
@SVWAVH
L$@HcQ<H
@USVWATAUAVAWH
hA_A^A]A\_^[]
effffff
USVWATAUAVAWH
A_A^A]A\_^[]
@VWATAVAWH
@A_A^A\_^
@UWAVH
H;9tjH
t$ ATAVAWH
0A_A^A\
L$8+T$4D+L$0E3
C,9D$0u
e A^_]
SVWAVH
8A^_^[
fA;8utI
fA;0t)fA98t
@8l$8t
L$ USWH
WAVAWH
0A_A^_
UAVAWH
VWATAVAWH
A_A^A\_^
x ATAVAWH
A_A^A\
ATAVAWH
A_A^A\
D8t$8t
fffffff
WATAUAVAWH
@A_A^A]A\_
t5f9t$(u
WAVAWH
fD9>u"
0A_A^_
WATAUAVAWH
A_A^A]A\_
WAVAWH
0A_A^_
SVWAVH
8A^_^[
l$ VWAVH
9\$ ~>L
H SVWH
t$ WAVAWH
0A_A^_
UVWATAUAVAWH
D$`HcK
H;D$xu
A_A^A]A\_^]
WATAUAVAWH
A_A^A]A\_
SUVWATAUAVAWH
H9D$(u^L
L$0D;t$ s
HA_A^A]A\_^][
WATAUAVAWH
A_A^A]A\_
VWATAVAWH
A_A^A\_^
l$ VWATAVAWH
T$&@8t$&t9@8r
A81t@@8r
A_A^A\_^
UVWATAUAVAWH
9D$LupE
A_A^A]A\_^]
UVWATAUAVAWH
9D$XumE
A_A^A]A\_^]
WAVAWH
A_A^_
VWATAVAWH
A_A^A\_^
UVWATAUAVAWH
A_A^A]A\_^]
D8eoupH
UVWATAUAVAWH
pA_A^A]A\_^]
WATAUAVAWH
A_A^A]A\_
AUAVAWH
0A_A^A]
@SVWATAUAVAWH
L!|$@L!
D$HHcH
A_A^A]A\_^[
SVWATAUAVAWH
0A_A^A]A\_^[
WATAVH
@A^A\_
WATAUAVAWH
A_A^A]A\_
WAVAWH
A_A^_
t$ WAVAWH
LcA<E3
t$ WATAUAVAWH
D!l$h3
0A_A^A]A\_
UVWATAUAVAWH
D$DD9T$X
|$h+t$D+
A_A^A]A\_^]
|$ ATAVAWH
A_A^A\
USVWAVH
A^_^[]
WATAUAVAWH
gfffffffH
D8L$Ht
A_A^A]A\_
x AUAVAWH
A_A^A]
@SUVWH
@SUVWH
@SUVWAVH
A^_^][
t$ WATAUAVAWH
0A_A^A]A\_
AUAVAWH
0A_A^A]
VWATAVAWH
A_A^A\_^
\$ UVWATAUAVAWH
D9l$dtXH
HcD$PH;
HcD$PH;
A_A^A]A\_^]
` AUAVAWH
t$8Hc0I
\$0D9=
A_A^A]
@UATAUAVAWH
!t$(H!t$ I
A_A^A]A\]
UVWATAUAVAWH
T$hfE;"
t$HfD;
T$hfA;
T$hfD;
T$Du}E
|$@9L$Xt
D9\$Xt
D8\$4uiM
t$HfD;
\$`9D$Xt
D8\$Lt
D8l$5t
fD9#u1
\$pD9M
A_A^A]A\_^]
UVWATAUAVAWH
A_A^A]A\_^]
UVWATAUAVAWH
@A_A^A]A\_^]
UAVAWH
Hct$PH
seHcD$XH
fD9!u:A
fD93tSH
CfD93u
H3E H3E
@UATAUAVAWH
A_A^A]A\]
VWATAVAWH
A_A^A\_^
D82u&H
D8t$Ht
UVWATAUAVAWH
D$DD9T$X
|$h+t$D+
A_A^A]A\_^]
WAVAWH
A_A^_
@SUVWATAVAWH
tcH95a
PA_A^A\_^][
@USVWH
UVWATAUAVAWH
A_A^A]A\_^]
` AUAVAWH
0A_A^A]
l$ VWAUAVAWH
L$(fA;
u$HcG$H;
t5f9(t
A_A^A]_^
\$ UVWATAUAVAWH
A_A^A]A\_^]
|$ UATAUAVAWH
A_A^A]A\]
|$ UATAUAVAWH
A_A^A]A\]
UVWATAUAVAWH
A_A^A]A\_^]
UVWATAUAVAWH
A_A^A]A\_^]
x AUAVAWH
A_A^A]
WATAUAVAWH
A_A^A]A\_
USVWATAUAVAWH
8UXt$@
XA_A^A]A\_^[]
WATAVH
] H;]`t6H
H(H9J(u
list<T> too long
IsThemeActive
OpenThemeData
DrawThemeBackground
CloseThemeData
{\rtf1\ansi\ansicpg1252\deff0\nouicompat\deflang1033{\fonttbl{\f0\fswiss\fprq2\fcharset0 Tahoma;}{\f1\fnil\fcharset0 Calibri;}}
{\colortbl ;\red0\green0\blue255;\red0\green0\blue0;}
{\*\generator Riched20 10.0.10240}\viewkind4\uc1
\pard\brdrb\brdrs\brdrw10\brsp20 \sb120\sa120\b\f0\fs24 SYSINTERNALS SOFTWARE LICENSE TERMS\fs28\par
\pard\sb120\sa120\b0\fs19 These license terms are an agreement between Sysinternals (a wholly owned subsidiary of Microsoft Corporation) and you. Please read them. They apply to the software you are downloading from Systinternals.com, which includes the media on which you received it, if any. The terms also apply to any Sysinternals\par
\pard\fi-363\li720\sb120\sa120\tx720\'b7\tab updates,\par
\pard\fi-363\li720\sb120\sa120\'b7\tab supplements,\par
\'b7\tab Internet-based services, and \par
\'b7\tab support services\par
\pard\sb120\sa120 for this software, unless other terms accompany those items. If so, those terms apply.\par
\b BY USING THE SOFTWARE, YOU ACCEPT THESE TERMS. IF YOU DO NOT ACCEPT THEM, DO NOT USE THE SOFTWARE.\par
\pard\brdrt\brdrs\brdrw10\brsp20 \sb120\sa120 If you comply with these license terms, you have the rights below.\par
\pard\fi-357\li357\sb120\sa120\tx360\fs20 1.\tab\fs19 INSTALLATION AND USE RIGHTS. \b0 You may install and use any number of copies of the software on your devices.\b\par
\caps\fs20 2.\tab\fs19 Scope of License\caps0 .\b0 The software is licensed, not sold. This agreement only gives you some rights to use the software. Sysinternals reserves all other rights. Unless applicable law gives you more rights despite this limitation, you may use the software only as expressly permitted in this agreement. In doing so, you must comply with any technical limitations in the software that only allow you to use it in certain ways. You may not\b\par
\pard\fi-363\li720\sb120\sa120\tx720\b0\'b7\tab work around any technical limitations in the binary versions of the software;\par
\pard\fi-363\li720\sb120\sa120\'b7\tab reverse engineer, decompile or disassemble the binary versions of the software, except and only to the extent that applicable law expressly permits, despite this limitation;\par
\'b7\tab make more copies of the software than specified in this agreement or allowed by applicable law, despite this limitation;\par
\'b7\tab publish the software for others to copy;\par
\'b7\tab rent, lease or lend the software;\par
\'b7\tab transfer the software or this agreement to any third party; or\par
\'b7\tab use the software for commercial software hosting services.\par
\pard\fi-357\li357\sb120\sa120\tx360\b\fs20 3.\tab SENSITIVE INFORMATION. \b0 Please be aware that, similar to other debug tools that capture \ldblquote process state\rdblquote information, files saved by Sysinternals tools may include personally identifiable or other sensitive information (such as usernames, passwords, paths to files accessed, and paths to registry accessed). By using this software, you acknowledge that you are aware of this and take sole responsibility for any personally identifiable or other sensitive information provided to Microsoft or any other party through your use of the software.\b\par
5. \tab\fs19 DOCUMENTATION.\b0 Any person that has valid access to your computer or internal network may copy and use the documentation for your internal, reference purposes.\b\par
\caps\fs20 6.\tab\fs19 Export Restrictions\caps0 .\b0 The software is subject to United States export laws and regulations. You must comply with all domestic and international export laws and regulations that apply to the software. These laws include restrictions on destinations, end users and end use. For additional information, see {\cf1\ul{\field{\*\fldinst{HYPERLINK www.microsoft.com/exporting }}{\fldrslt{www.microsoft.com/exporting}}}}\cf1\ul\f0\fs19 <{{\field{\*\fldinst{HYPERLINK "http://www.microsoft.com/exporting"}}{\fldrslt{http://www.microsoft.com/exporting}}}}\f0\fs19 >\cf0\ulnone .\b\par
\caps\fs20 7.\tab\fs19 SUPPORT SERVICES.\caps0 \b0 Because this software is "as is, " we may not provide support services for it.\b\par
\caps\fs20 8.\tab\fs19 Entire Agreement.\b0\caps0 This agreement, and the terms for supplements, updates, Internet-based services and support services that you use, are the entire agreement for the software and support services.\par
\pard\keepn\fi-360\li360\sb120\sa120\tx360\cf2\b\caps\fs20 9.\tab\fs19 Applicable Law\caps0 .\par
\pard\fi-363\li720\sb120\sa120\tx720\cf0\fs20 a.\tab\fs19 United States.\b0 If you acquired the software in the United States, Washington state law governs the interpretation of this agreement and applies to claims for breach of it, regardless of conflict of laws principles. The laws of the state where you live govern all other claims, including claims under state consumer protection laws, unfair competition laws, and in tort.\b\par
\pard\fi-363\li720\sb120\sa120\fs20 b.\tab\fs19 Outside the United States.\b0 If you acquired the software in any other country, the laws of that country apply.\b\par
\pard\fi-357\li357\sb120\sa120\tx360\caps\fs20 10.\tab\fs19 Legal Effect.\b0\caps0 This agreement describes certain legal rights. You may have other rights under the laws of your country. You may also have rights with respect to the party from whom you acquired the software. This agreement does not change your rights under the laws of your country if the laws of your country do not permit it to do so.\b\caps\par
\fs20 11.\tab\fs19 Disclaimer of Warranty.\caps0 \caps The software is licensed "as - is." You bear the risk of using it. SYSINTERNALS gives no express warranties, guarantees or conditions. You may have additional consumer rights under your local laws which this agreement cannot change. To the extent permitted under your local laws, SYSINTERNALS excludes the implied warranties of merchantability, fitness for a particular purpose and non-infringement.\par
\pard\fi-360\li360\sb120\sa120\tx360\fs20 12.\tab\fs19 Limitation on and Exclusion of Remedies and Damages. You can recover from SYSINTERNALS and its suppliers only direct damages up to U.S. $5.00. You cannot recover any other damages, including consequential, lost profits, special, indirect or incidental damages.\par
\pard\li357\sb120\sa120\b0\caps0 This limitation applies to\par
\pard\fi-363\li720\sb120\sa120\tx720\'b7\tab anything related to the software, services, content (including code) on third party Internet sites, or third party programs; and\par
\pard\fi-363\li720\sb120\sa120\'b7\tab claims for breach of contract, breach of warranty, guarantee or condition, strict liability, negligence, or other tort to the extent permitted by applicable law.\par
\pard\li360\sb120\sa120 It also applies even if Sysinternals knew or should have known about the possibility of the damages. The above limitation or exclusion may not apply to you because your country may not allow the exclusion or limitation of incidental, consequential or other damages.\par
\pard\b Please note: As this software is distributed in Quebec, Canada, some of the clauses in this agreement are provided below in French.\par
\pard\sb240\lang1036 Remarque : Ce logiciel \'e9tant distribu\'e9 au Qu\'e9bec, Canada, certaines des clauses dans ce contrat sont fournies ci-dessous en fran\'e7ais.\par
\pard\sb120\sa120 EXON\'c9RATION DE GARANTIE.\b0 Le logiciel vis\'e9 par une licence est offert \'ab tel quel \'bb. Toute utilisation de ce logiciel est \'e0 votre seule risque et p\'e9ril. Sysinternals n'accorde aucune autre garantie expresse. Vous pouvez b\'e9n\'e9ficier de droits additionnels en vertu du droit local sur la protection dues consommateurs, que ce contrat ne peut modifier. La ou elles sont permises par le droit locale, les garanties implicites de qualit\'e9 marchande, d'ad\'e9quation \'e0 un usage particulier et d'absence de contrefa\'e7on sont exclues.\par
\pard\keepn\sb120\sa120\b LIMITATION DES DOMMAGES-INT\'c9R\'caTS ET EXCLUSION DE RESPONSABILIT\'c9 POUR LES DOMMAGES.\b0 Vous pouvez obtenir de Sysinternals et de ses fournisseurs une indemnisation en cas de dommages directs uniquement \'e0 hauteur de 5,00 $ US. Vous ne pouvez pr\'e9tendre \'e0 aucune indemnisation pour les autres dommages, y compris les dommages sp\'e9ciaux, indirects ou accessoires et pertes de b\'e9n\'e9fices.\par
\lang1033 Cette limitation concerne :\par
\pard\keepn\fi-360\li720\sb120\sa120\tx720\lang1036\'b7\tab tout ce qui est reli\'e9 au logiciel, aux services ou au contenu (y compris le code) figurant sur des sites Internet tiers ou dans des programmes tiers ; et\par
\pard\fi-363\li720\sb120\sa120\tx720\'b7\tab les r\'e9clamations au titre de violation de contrat ou de garantie, ou au titre de responsabilit\'e9 stricte, de n\'e9gligence ou d'une autre faute dans la limite autoris\'e9e par la loi en vigueur.\par
\pard\sb120\sa120 Elle s'applique \'e9galement, m\'eame si Sysinternals connaissait ou devrait conna\'eetre l'\'e9ventualit\'e9 d'un tel dommage. Si votre pays n'autorise pas l'exclusion ou la limitation de responsabilit\'e9 pour les dommages indirects, accessoires ou de quelque nature que ce soit, il se peut que la limitation ou l'exclusion ci-dessus ne s'appliquera pas \'e0 votre \'e9gard.\par
\b EFFET JURIDIQUE.\b0 Le pr\'e9sent contrat d\'e9crit certains droits juridiques. Vous pourriez avoir d'autres droits pr\'e9vus par les lois de votre pays. Le pr\'e9sent contrat ne modifie pas les droits que vous conf\'e8rent les lois de votre pays si celles-ci ne le permettent pas.\b\par
\pard\b0\fs20\lang1033\par
\pard\sa200\sl276\slmult1\f1\fs22\lang9\par
CommandLineToArgvW
Accept Eula (Y/N)?
HlinkSimpleNavigateToString
vector<T> too long
map/set<T> too long
RtlNtStatusToDosError
NtLoadDriver
DllGetVersion
GetNativeSystemInfo
ZwSetInformationThread
NtQueryVirtualMemory
RtlInitUnicodeString
NtOpenSymbolicLinkObject
NtQuerySymbolicLinkObject
NtClose
StartTraceW
ControlTraceW
OpenTraceW
ProcessTrace
EnableThemeDialogTexture
InitializeSRWLock
AcquireSRWLockExclusive
AcquireSRWLockShared
ReleaseSRWLockExclusive
ReleaseSRWLockShared
SetDllDirectoryW
Process32First
Process32Next
Thread32First
Thread32Next
NtSuspendThread
NtResumeThread
NtQuerySystemInformation
getaddrinfo
getnameinfo
freeaddrinfo
\ws2_32
\wship6
SymInitialize
EnumerateLoadedModules64
SymRegisterCallback64
SymGetModuleInfo64
SymCleanup
SymFromAddrW
SymGetSymFromName
SymSetOptions
SymSetHomeDirectoryW
SymLoadModuleExW
SymLoadModule64
SymUnloadModule64
StackWalk64
SymGetLineFromAddrW64
SymGetLinePrevW64
SymGetSourceFileTokenW
SymGetSourceFileW
SymGetModuleBase64
SymFunctionTableAccess64
SymSrvGetFileIndexesW
SymFindFileInPathW
SymSetSearchPathW
Module32FirstW
Module32NextW
CreateToolhelp32Snapshot
HungWindowFromGhostWindow
hhctrl.ocx
CLSID\{ADB880A6-D8FF-11CF-9377-00AA003B7A11}\InprocServer32
bad allocation
generic
unknown error
iostream
iostream stream error
system
string too long
invalid string position
permission denied
file exists
no such device
filename too long
device or resource busy
io error
directory not empty
invalid argument
no space on device
no such file or directory
function not supported
no lock available
not enough memory
resource unavailable try again
cross device link
operation canceled
too many files open
permission_denied
address_in_use
address_not_available
address_family_not_supported
connection_already_in_progress
bad_file_descriptor
connection_aborted
connection_refused
connection_reset
destination_address_required
bad_address
host_unreachable
operation_in_progress
interrupted
invalid_argument
already_connected
too_many_files_open
message_size
filename_too_long
network_down
network_reset
network_unreachable
no_buffer_space
no_protocol_option
not_connected
not_a_socket
operation_not_supported
protocol_not_supported
wrong_protocol_type
timed_out
operation_would_block
address family not supported
address in use
address not available
already connected
argument list too long
argument out of domain
bad address
bad file descriptor
bad message
broken pipe
connection aborted
connection already in progress
connection refused
connection reset
destination address required
executable format error
file too large
host unreachable
identifier removed
illegal byte sequence
inappropriate io control operation
invalid seek
is a directory
message size
network down
network reset
network unreachable
no buffer space
no child process
no link
no message available
no message
no protocol option
no stream resources
no such device or address
no such process
not a directory
not a socket
not a stream
not connected
not supported
operation in progress
operation not permitted
operation not supported
operation would block
owner dead
protocol error
protocol not supported
read only file system
resource deadlock would occur
result out of range
state not recoverable
stream timeout
text file busy
timed out
too many files open in system
too many links
too many symbolic link levels
value too large
wrong protocol type
CorExitProcess
RoInitialize
RoUninitialize
Access violation - no RTTI data!
Bad dynamic_cast!
_hypot
Unknown exception
Sunday
Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
January
February
August
September
October
November
December
MM/dd/yy
dddd, MMMM dd, yyyy
HH:mm:ss
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
bad exception
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
InitializeCriticalSectionEx
CreateEventExW
CreateSemaphoreExW
SetThreadStackGuarantee
CreateThreadpoolTimer
SetThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer
CreateThreadpoolWait
SetThreadpoolWait
CloseThreadpoolWait
FlushProcessWriteBuffers
FreeLibraryWhenCallbackReturns
GetCurrentProcessorNumber
GetLogicalProcessorInformation
CreateSymbolicLinkW
SetDefaultDllDirectories
EnumSystemLocalesEx
CompareStringEx
GetDateFormatEx
GetLocaleInfoEx
GetTimeFormatEx
GetUserDefaultLocaleName
IsValidLocaleName
LCMapStringEx
GetCurrentPackageId
GetTickCount64
GetFileInformationByHandleExW
SetFileInformationByHandleW
(null)
`h````
xpxxxx
!"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~
`h`hhh
xppwpp
__based(
__cdecl
__pascal
__stdcall
__thiscall
__fastcall
__vectorcall
__clrcall
__eabi
__ptr64
__restrict
__unaligned
restrict(
delete
operator
`vftable'
`vbtable'
`vcall'
`typeof'
`local static guard'
`string'
`vbase destructor'
`vector deleting destructor'
`default constructor closure'
`scalar deleting destructor'
`vector constructor iterator'
`vector destructor iterator'
`vector vbase constructor iterator'
`virtual displacement map'
`eh vector constructor iterator'
`eh vector destructor iterator'
`eh vector vbase constructor iterator'
`copy constructor closure'
`udt returning'
`local vftable'
`local vftable constructor closure'
new[]
delete[]
`omni callsig'
`placement delete closure'
`placement delete[] closure'
`managed vector constructor iterator'
`managed vector destructor iterator'
`eh vector copy constructor iterator'
`eh vector vbase copy constructor iterator'
`dynamic initializer for '
`dynamic atexit destructor for '
`vector copy constructor iterator'
`vector vbase copy constructor iterator'
`managed vector copy constructor iterator'
`local static thread guard'
Type Descriptor'
Base Class Descriptor at (
Base Class Array'
Class Hierarchy Descriptor'
Complete Object Locator'
MessageBoxW
GetActiveWindow
GetLastActivePopup
GetUserObjectInformationW
GetProcessWindowStation
_nextafter
CreateFile2
1#SNAN
1#QNAN
C:\Builds\13810\Tools\Procmon_master\bin\x64\Release\Procmon.pdb
6d@.4
WS2_32.dll
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW
VERSION.dll
InitCommonControlsEx
ImageList_Destroy
ImageList_DrawEx
ImageList_Create
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_Add
ImageList_SetOverlayImage
ImageList_GetIcon
ImageList_GetIconSize
CreateStatusWindowW
COMCTL32.dll
FilterConnectCommunicationPort
FilterSendMessage
FilterGetMessage
FilterReplyMessage
FLTLIB.DLL
FreeLibrary
GetProcAddress
MulDiv
GetTickCount
LoadLibraryW
GetModuleHandleW
GlobalAddAtomW
LocalAlloc
LocalFree
GetFileType
GetStdHandle
GetCommandLineW
GetModuleFileNameW
CreateThread
EnterCriticalSection
LeaveCriticalSection
WaitForSingleObject
CloseHandle
GetSystemTimeAsFileTime
InitializeCriticalSection
DeleteCriticalSection
VirtualAlloc
LockResource
GetCurrentProcess
GetLastError
SetLastError
LoadResource
SizeofResource
ExpandEnvironmentStringsW
FindResourceW
GetSystemDirectoryW
GetCurrentDirectoryW
SetFileAttributesW
DeleteFileW
GlobalMemoryStatusEx
VirtualFree
GetSystemInfo
GetFullPathNameW
GetFileAttributesW
GetVersionExW
LoadLibraryExW
EnumResourceNamesW
OpenProcess
CreateProcessW
SetCurrentDirectoryW
GlobalAlloc
GlobalLock
GlobalUnlock
CompareStringW
GetLocaleInfoW
TryEnterCriticalSection
GetFileSize
SetEndOfFile
SetFilePointer
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
CreateFileW
GetVersion
WriteFile
ReadFile
SystemTimeToFileTime
FileTimeToLocalFileTime
LocalFileTimeToFileTime
FileTimeToSystemTime
FormatMessageW
GetTimeFormatW
GetDateFormatW
GetNumberFormatW
HeapCreate
HeapDestroy
HeapAlloc
HeapFree
HeapSize
ExitProcess
GetCurrentThread
SetThreadPriority
SetEvent
ResetEvent
ReleaseSemaphore
WaitForMultipleObjects
CreateEventW
CreateSemaphoreW
GetComputerNameA
QueryPerformanceCounter
QueryPerformanceFrequency
SetProcessShutdownParameters
GetFileAttributesExW
GetComputerNameW
SetConsoleCtrlHandler
GetCurrentProcessId
OpenThread
GetThreadContext
LoadLibraryA
GetSystemDirectoryA
FindClose
FindFirstFileW
FindNextFileW
DecodePointer
HeapReAlloc
GetProcessHeap
RaiseException
InitializeCriticalSectionAndSpinCount
GetEnvironmentVariableW
SetEnvironmentVariableW
IsWow64Process
ExpandEnvironmentStringsA
KERNEL32.dll
SendMessageW
DefWindowProcW
CallWindowProcW
RegisterClassExW
CreateWindowExW
ShowWindow
SetWindowPos
SetFocus
GetFocus
GetKeyState
GetCapture
SetCapture
ReleaseCapture
SetTimer
GetSystemMetrics
DrawTextW
UpdateWindow
ReleaseDC
BeginPaint
EndPaint
GetUpdateRect
GetUpdateRgn
InvalidateRect
ValidateRect
ScrollWindowEx
SetPropW
GetPropW
GetClientRect
GetWindowRect
SetCursor
GetCursorPos
MapWindowPoints
GetSysColor
GetSysColorBrush
FillRect
InflateRect
IntersectRect
OffsetRect
GetWindowLongPtrW
SetWindowLongPtrW
GetClassLongPtrW
GetParent
LoadCursorW
SetScrollInfo
GetScrollInfo
DialogBoxIndirectParamW
EndDialog
GetDlgItem
SetWindowTextW
MoveWindow
SetDlgItemTextW
GetWindowTextW
ChildWindowFromPoint
GetWindowLongW
DialogBoxParamW
EnableWindow
SetWindowLongW
GetDesktopWindow
GetAncestor
MessageBoxW
LoadStringW
PostMessageW
DestroyWindow
CheckDlgButton
IsDlgButtonChecked
GetCursor
FrameRect
SetClassLongPtrW
LoadIconW
DestroyIcon
DrawIconEx
GetIconInfo
MonitorFromPoint
GetMonitorInfoW
PtInRect
CreateIconFromResourceEx
WaitForInputIdle
IsIconic
SetForegroundWindow
FindWindowW
FindWindowExW
GetWindowThreadProcessId
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
ClientToScreen
LoadImageW
GetActiveWindow
GetWindow
RegisterWindowMessageW
DrawFrameControl
GetMessageW
TranslateMessage
DispatchMessageW
PostQuitMessage
RegisterClassW
FlashWindowEx
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsWindowVisible
IsZoomed
CreateDialogParamW
SetDlgItemInt
GetDlgItemInt
GetDlgItemTextW
CheckRadioButton
KillTimer
IsWindowEnabled
LoadAcceleratorsW
TranslateAcceleratorW
LoadMenuW
GetMenu
CreatePopupMenu
DestroyMenu
CheckMenuItem
EnableMenuItem
GetSubMenu
GetMenuItemCount
InsertMenuW
DeleteMenu
TrackPopupMenu
SetMenuInfo
InsertMenuItemW
GetMenuItemInfoW
SetMenuDefaultItem
SetActiveWindow
SetWindowTextA
MessageBeep
ScreenToClient
UnionRect
EqualRect
EnumChildWindows
GetClassNameW
LoadBitmapW
CopyImage
IsDialogMessageW
GetWindowDC
WindowFromPoint
USER32.dll
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreatePen
CreateRectRgn
CreateRectRgnIndirect
CreateSolidBrush
DeleteDC
DeleteObject
GetBkColor
GetBkMode
GetDeviceCaps
GetStockObject
RectInRegion
SelectClipRgn
SelectObject
SetBkColor
SetBkMode
SetTextColor
GetTextMetricsW
Polyline
SetMapMode
StartDocW
EndDoc
StartPage
EndPage
CreateFontIndirectW
GetObjectW
GetBitmapBits
LineTo
MoveToEx
Polygon
CreateBitmap
CreateFontW
GetPixel
SetPixel
GdiFlush
Rectangle
RestoreDC
SaveDC
SetROP2
GDI32.dll
PrintDlgW
GetSaveFileNameW
GetOpenFileNameW
ChooseColorW
FindTextW
ChooseFontW
COMDLG32.dll
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegCreateKeyW
RegOpenKeyW
RegOpenKeyExW
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
RegDeleteKeyW
RegDeleteValueW
GetTokenInformation
EqualSid
AllocateAndInitializeSid
FreeSid
GetLengthSid
MapGenericMask
LookupAccountSidW
RegCreateKeyExW
RegEnumKeyW
RegSetValueW
ConvertSidToStringSidW
ConvertStringSidToSidW
RegEnumValueW
RegOpenKeyExA
RegQueryValueExA
ADVAPI32.dll
ShellExecuteExW
SHGetFileInfoW
SHGetMalloc
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHChangeNotify
DragQueryFileW
CommandLineToArgvW
SHGetPathFromIDListW
SHELL32.dll
CoInitialize
CoSetProxyBlanket
CoCreateInstance
CreateBindCtx
OleInitialize
RegisterDragDrop
ReleaseStgMedium
ole32.dll
OLEAUT32.dll
SHAutoComplete
SHLWAPI.dll
lstrlenA
MultiByteToWideChar
WideCharToMultiByte
IsDebuggerPresent
OutputDebugStringW
RtlPcToFileHeader
RtlLookupFunctionEntry
RtlUnwindEx
EncodePointer
GetModuleHandleExW
GetConsoleMode
ReadConsoleInputA
SetConsoleMode
IsProcessorFeaturePresent
ExitThread
GetCurrentThreadId
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetConsoleCP
GetStringTypeW
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
SetFilePointerEx
WriteConsoleW
SetStdHandle
FlushFileBuffers
ReadConsoleW
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
.?AVCThemedWindow@@
.?AVCTreeList@@
.?AVCTreeListData@@
.?AVCListViewData@@
.?AVCViewRef@@
.?AVCEventRef@@
.?AUIUnknown@@
.?AVCCallTreeData@@
.?AUIDropTarget@@
.?AVCResizer@@
.?AVCDropTarget@@
.?AUPAS_ROW_CACHE@@
.?AVCFileSummary@@
.?AVCProcessTreeData@@
.?AV_com_error@@
.?AVbad_alloc@std@@
.?AVexception@std@@
.?AVlogic_error@std@@
.?AVlength_error@std@@
.?AVout_of_range@std@@
.?AVerror_category@std@@
.?AV_Generic_error_category@std@@
.?AV_Iostream_error_category@std@@
.?AV_System_error_category@std@@
.?AVtype_info@@
.?AV__non_rtti_object@std@@
.?AVbad_typeid@std@@
.?AVbad_cast@std@@
.?AVbad_exception@std@@
""""""
333333
d*po0!
SS%%kk>
LO=L2B:c
:B2L9[Z{,,,,,,}?~
\QQQ\R+
AKabbaFK%
4#';y&
< s&w
6st::9v1/
mn opq2
IK#M#NR
AAAAAAAAA
AAAAAAA
AAAAAAAAA
pppppppp
pppppppp
pppppppp
pppppppp
pppppppp
pppppppp
pppppppp
pppppppp
o
F
VVU6UVVVV
UVV6VVVVVV
VV]66666666V
]V]]]VVVVVVV
]VV]]]]]VV
U]]]]UV
wwwpww
""""""
!This program cannot be run in DOS mode.
h.rdata
H.data
.pdata
B.reloc
fffffff
fffffff
WAVAWH
A_A^_H
@UVWAVAWH
A_A^_^]
SUVWAVH
@A^_^][
UWATAVAWH
pA_A^A\_]
pA_A^A\_]
t$`t H
L$ WAVAWH
@A_A^_
xF9|$0v@H
WAVAWH
0A_A^_
UVWAVAWH
@A_A^_^]
D$0H+D$8H
D$hH+D$ H=
WAVAWH
VWATAVAWH
A_A^A\_^
WATAUAVAWH
A_A^A]A\_
D$(Pmn
D$(Pmn
@UVATAVAWH
A_A^A\^]
A_A^A\^]
D9t$p|
\$ UWATAUAWH
ttf9|$h
f9|$XL
f9|$hL
H9}`u:A
A_A]A\_]
|$ AVH
D$(Pmn
@SUWAVAWH
0A_A^_][
0A_A^_][
VWATAVAWH
A_A^A\_^
u L9{(t
|$ AVH
H9?t$f
H96t)fff
uH9+t
D+C +S
VWATAVAWH
tJfE9 t
PA_A^A\_^
D$(RegmH
VWATAVAWH
PA_A^A\_^
PA_A^A\_^
WATAUAVAWH
PA_A^A]A\_
WATAUAVAWH
PA_A^A]A\_
UVWATAUAWH
HA_A]A\_^]
HA_A]A\_^]
WAVAWH
WATAUAVAWH
PA_A^A]A\_
WATAUAVAWH
PA_A^A]A\_
@VATAUAVH
XA^A]A\^
|$ ATAVAWH
0A_A^A\
|$ ATAVAWH
0A_A^A\
SVWAVAWH
@A_A^_^[
WAVAWH
0A_A^_
|$ ATAVAWH
@A_A^A\
|$ ATAVAWH
A_A^A\
System
C:\Builds\13810\Tools\Procmon_master\bin\x64\Release\ProcMonDriver.pdb
VATAUAVAWH
A_A^A]A\^
UVWATAUAVAWH
A_A^A]A\_^]
UVWATAUAVAWH
@A_A^A]A\_^]
WATAUAVAWH
A_A^A]A\_
WATAUH
A]A\_
WATAUH
A]A\_
@SUVWATAUAVAWH
XA_A^A]A\_^][
l$ VWATH
fD9 t,
\$x!|$pfD
fF9$Iu
T$ H9\$
WATAUH
0A]A\_
KeQueryPerformanceCounter
HAL.dll
RtlInitUnicodeString
RtlAnsiStringToUnicodeString
RtlCompareUnicodeString
RtlCopyUnicodeString
RtlAppendUnicodeStringToString
RtlFreeUnicodeString
KeInitializeDpc
KeInitializeEvent
KeSetEvent
KeInitializeTimer
KeSetTimer
KeWaitForSingleObject
ExFreePoolWithTag
ExAcquireFastMutex
ExReleaseFastMutex
ExQueueWorkItem
ObfDereferenceObject
ZwCreateFile
ZwSetInformationFile
ZwWriteFile
ZwClose
ZwOpenKey
ZwFlushKey
ZwQueryValueKey
ZwSetValueKey
PsGetCurrentProcessId
IoSetThreadHardErrorMode
ZwQuerySystemInformation
KeClearEvent
IofCompleteRequest
IoCreateNotificationEvent
IoCreateSymbolicLink
IoDeleteDevice
IoDeleteSymbolicLink
KeDelayExecutionThread
KeAcquireSpinLockRaiseToDpc
KeReleaseSpinLock
MmProbeAndLockProcessPages
MmUnlockPages
MmMapLockedPagesSpecifyCache
IoAllocateMdl
IoFreeMdl
IoGetCurrentProcess
IoGetTopLevelIrp
IoSetTopLevelIrp
RtlLengthSid
IoThreadToProcess
FsRtlIsPagingFile
__C_specific_handler
KeCancelTimer
ExQueryDepthSList
ExpInterlockedPopEntrySList
ExpInterlockedPushEntrySList
ExInitializeNPagedLookasideList
PsCreateSystemThread
IoGetStackLimits
RtlWalkFrameChain
PsGetCurrentThreadId
strncmp
strncpy
KeInitializeTimerEx
KeSetTimerEx
KeWaitForMultipleObjects
MmGetSystemRoutineAddress
ObReferenceObjectByHandle
PsSetCreateProcessNotifyRoutine
PsSetCreateThreadNotifyRoutine
PsRemoveCreateThreadNotifyRoutine
PsSetLoadImageNotifyRoutine
PsRemoveLoadImageNotifyRoutine
ZwOpenProcess
KeStackAttachProcess
KeUnstackDetachProcess
PsReferencePrimaryToken
PsReferenceImpersonationToken
PsLookupThreadByThreadId
ObOpenObjectByPointer
ZwWaitForSingleObject
ZwQueryInformationToken
ZwOpenThread
ZwQueryInformationProcess
ZwOpenProcessToken
KeInsertQueueApc
KeInitializeApc
ExAllocatePoolWithTag
PsGetVersion
KeInitializeMutex
KeReleaseMutex
ExInitializePagedLookasideList
ProbeForRead
ProbeForWrite
ExGetPreviousMode
MmUnmapLockedPages
ObQueryNameString
ntoskrnl.exe
IoCreateDevice
ZwSetSecurityObject
IoDeviceObjectType
_snwprintf
RtlLengthSecurityDescriptor
SeCaptureSecurityDescriptor
RtlCreateSecurityDescriptor
RtlSetDaclSecurityDescriptor
RtlAbsoluteToSelfRelativeSD
IoIsWdmVersionAvailable
SeExports
wcschr
_wcsnicmp
RtlAddAccessAllowedAce
RtlGetSaclSecurityDescriptor
RtlGetDaclSecurityDescriptor
RtlGetGroupSecurityDescriptor
RtlGetOwnerSecurityDescriptor
ZwCreateKey
FltGetVolumeName
FltGetDiskDeviceObject
FltEnumerateVolumes
FltObjectDereference
FltRegisterFilter
FltUnregisterFilter
FltStartFiltering
FltGetFileNameInformation
FltReleaseFileNameInformation
FltGetDestinationFileNameInformation
FltAttachVolume
FltDetachVolume
FltCreateFile
FltClose
FltCreateCommunicationPort
FltCloseCommunicationPort
FltCloseClientPort
FltSendMessage
FltBuildDefaultSecurityDescriptor
FltFreeSecurityDescriptor
FltGetFileNameInformationUnsafe
FLTMGR.SYS
KeBugCheckEx
Washington1
Redmond1
Microsoft Corporation1!0
Microsoft Time-Stamp PCA0
160907175851Z
180907175851Z0
Washington1
Redmond1
Microsoft Corporation1
AOC1&0$
Thales TSS ESN:C3B0-0F6A-41111%0#
Microsoft Time-Stamp Service0
Chttp://crl.microsoft.com/pki/crl/products/MicrosoftTimeStampPCA.crl0X
<http://www.microsoft.com/pki/certs/MicrosoftTimeStampPCA.crt0
Washington1
Redmond1
Microsoft Corporation1503
,Microsoft Windows Hardware Compatibility PCA0
170811203623Z
180725203623Z0
Washington1
Redmond1
Microsoft Corporation1;09
2Microsoft Windows Hardware Compatibility Publisher0
/V]+!Xf
MOPR1402
+230001+709c2e22-1483-40a3-8820-f42dbe30c77d0
ehttp://www.microsoft.com/pki/CRL/products/Microsoft%20Windows%20Hardware%20Compatibility%20PCA(1).crl0z
^http://www.microsoft.com/pki/certs/Microsoft%20Windows%20Hardware%20Compatibility%20PCA(1).crt0
0k}[3_s(8Y
microsoft1-0+
$Microsoft Root Certificate Authority0
120604210546Z
200604211546Z0
Washington1
Redmond1
Microsoft Corporation1503
,Microsoft Windows Hardware Compatibility PCA0
=&l@T$
DhnPQn
ylj-E>
?http://crl.microsoft.com/pki/crl/products/microsoftrootcert.crl0T
8http://www.microsoft.com/pki/certs/MicrosoftRootCert.crt0
rPG/VK
microsoft1-0+
$Microsoft Root Certificate Authority0
070403125309Z
210403130309Z0w1
Washington1
Redmond1
Microsoft Corporation1!0
Microsoft Time-Stamp PCA0
microsoft1-0+
$Microsoft Root Certificate Authority
?http://crl.microsoft.com/pki/crl/products/microsoftrootcert.crl0T
8http://www.microsoft.com/pki/certs/MicrosoftRootCert.crt0
1Jv1=+r
L&*H$_Z
Washington1
Redmond1
Microsoft Corporation1503
,Microsoft Windows Hardware Compatibility PCA
http://www.sysinternals.com 0
u+)!]ez
Washington1
Redmond1
Microsoft Corporation1!0
Microsoft Time-Stamp PCA
180212232508Z0#
Washington1
Redmond1
Microsoft Corporation1806
/Microsoft Windows Third Party Component CA 20120
170912185049Z
180912185049Z0
Washington1
Redmond1
Microsoft Corporation1;09
2Microsoft Windows Hardware Compatibility Publisher0
230153+2423520
chttp://www.microsoft.com/pkiops/crl/Microsoft%20Windows%20Third%20Party%20Component%20CA%202012.crl0
ehttp://www.microsoft.com/pkiops/certs/Microsoft%20Windows%20Third%20Party%20Component%20CA%202012.crt0
Washington1
Redmond1
Microsoft Corporation1200
)Microsoft Root Certificate Authority 20100
120418234838Z
270418235838Z0
Washington1
Redmond1
Microsoft Corporation1806
/Microsoft Windows Third Party Component CA 20120
-g<'<V
}PH.=C
Ehttp://crl.microsoft.com/pki/crl/products/MicRooCerAut_2010-06-23.crl0Z
>http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt0
p%|Yi1$
Washington1
Redmond1
Microsoft Corporation1806
/Microsoft Windows Third Party Component CA 2012
http://www.sysinternals.com 0
20180212232512.963Z0
Washington1
Redmond1
Microsoft Corporation1
AOC1'0%
nCipher DSE ESN:D236-37DA-97611%0#
Microsoft Time-Stamp Service
Washington1
Redmond1
Microsoft Corporation1200
)Microsoft Root Certificate Authority 20100
100701213655Z
250701214655Z0|1
Washington1
Redmond1
Microsoft Corporation1&0$
Microsoft Time-Stamp PCA 20100
$`2X`F
Ehttp://crl.microsoft.com/pki/crl/products/MicRooCerAut_2010-06-23.crl0Z
>http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt0
1http://www.microsoft.com/PKI/docs/CPS/default.htm0@
oK0D$"<
r~akow
Washington1
Redmond1
Microsoft Corporation1&0$
Microsoft Time-Stamp PCA 20100
160907175655Z
180907175655Z0
Washington1
Redmond1
Microsoft Corporation1
AOC1'0%
nCipher DSE ESN:D236-37DA-97611%0#
Microsoft Time-Stamp Service0
Ehttp://crl.microsoft.com/pki/crl/products/MicTimStaPCA_2010-07-01.crl0Z
>http://www.microsoft.com/pki/certs/MicTimStaPCA_2010-07-01.crt0
Washington1
Redmond1
Microsoft Corporation1
AOC1'0%
nCipher DSE ESN:D236-37DA-97611%0#
Microsoft Time-Stamp Service
Washington1
Redmond1
Microsoft Corporation1
AOC1'0%
nCipher NTS ESN:2665-4C3F-C5DE1+0)
"Microsoft Time Source Master Clock0
20180212213837Z
20180213213837Z0t0:
; xJK:]OL
vS,Vco
Pd'y5U
Washington1
Redmond1
Microsoft Corporation1&0$
Microsoft Time-Stamp PCA 2010
Washington1
Redmond1
Microsoft Corporation1&0$
Microsoft Time-Stamp PCA 2010
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"><assemblyIdentity name="Procmon" version="2.0.0.0" type="win32"></assemblyIdentity><description>Process Monitor</description><dependency><dependentAssembly><assemblyIdentity type="win32" name="Microsoft.Windows.Common-Controls" version="6.0.0.0" processorArchitecture="*" publicKeyToken="6595b64144ccf1df"></assemblyIdentity></dependentAssembly></dependency><trustInfo xmlns="urn:schemas-microsoft-com:asm.v3"><security><requestedPrivileges><requestedExecutionLevel level="asInvoker" uiAccess="false"></requestedExecutionLevel></requestedPrivileges></security></trustInfo><application xmlns="urn:schemas-microsoft-com:asm.v3"><windowsSettings><dpiAware xmlns="http://schemas.microsoft.com/SMI/2005/WindowsSettings">true</dpiAware></windowsSettings></application><ms_compatibility:compatibility xmlns:ms_compatibility="urn:schemas-microsoft-com:compatibility.v1" xmlns="urn:schemas-microsoft-com:compatibility.v1"><ms_compatibility:application xmlns:ms_compatibility="urn:schemas-microsoft-com:compatibility.v1"><ms_compatibility:supportedOS xmlns:ms_compatibility="urn:schemas-microsoft-com:compatibility.v1" Id="{e2011457-1546-43c5-a5fe-008deee3d3f0}"></ms_compatibility:supportedOS><ms_compatibility:supportedOS xmlns:ms_compatibility="urn:schemas-microsoft-com:compatibility.v1" Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}"></ms_compatibility:supportedOS><ms_compatibility:supportedOS xmlns:ms_compatibility="urn:schemas-microsoft-com:compatibility.v1" Id="{4a2f28e3-53b9-4441-ba9c-d69d4a4a6e38}"></ms_compatibility:supportedOS><ms_compatibility:supportedOS xmlns:ms_compatibility="urn:schemas-microsoft-com:compatibility.v1" Id="{1f676c76-80e1-4239-95bb-83d0f6d0da78}"></ms_compatibility:supportedOS><ms_compatibility:supportedOS xmlns:ms_compatibility="urn:schemas-microsoft-com:compatibility.v1" Id="{8e0f7a12-bfb3-4fe8-b9a5-48fd50a15a9a}"></ms_compatibility:supportedOS></ms_compatibility:application></ms_compatibility:compatibility></assembly>
Washington1
Redmond1
Microsoft Corporation1!0
Microsoft Time-Stamp PCA0
160907175849Z
180907175849Z0
Washington1
Redmond1
Microsoft Corporation1
AOC1'0%
nCipher DSE ESN:57C8-2D15-1C8B1%0#
Microsoft Time-Stamp Service0
7|"R?8{
Chttp://crl.microsoft.com/pki/crl/products/MicrosoftTimeStampPCA.crl0X
<http://www.microsoft.com/pki/certs/MicrosoftTimeStampPCA.crt0
y|.WNR
Washington1
Redmond1
Microsoft Corporation1#0!
Microsoft Code Signing PCA0
170811201115Z
180811201115Z0
Washington1
Redmond1
Microsoft Corporation1
Microsoft Corporation0
b{VpuOg
MOPR1402
+229803+1abf9e5f-ced0-42e6-a65d-d9350959fe0e0
Ehttp://crl.microsoft.com/pki/crl/products/MicCodSigPCA_08-31-2010.crl0Z
>http://www.microsoft.com/pki/certs/MicCodSigPCA_08-31-2010.crt0
?w?^s'W
microsoft1-0+
$Microsoft Root Certificate Authority0
100831221932Z
200831222932Z0y1
Washington1
Redmond1
Microsoft Corporation1#0!
Microsoft Code Signing PCA0
?http://crl.microsoft.com/pki/crl/products/microsoftrootcert.crl0T
8http://www.microsoft.com/pki/certs/MicrosoftRootCert.crt0
`Ge`@N
microsoft1-0+
$Microsoft Root Certificate Authority0
070403125309Z
210403130309Z0w1
Washington1
Redmond1
Microsoft Corporation1!0
Microsoft Time-Stamp PCA0
microsoft1-0+
$Microsoft Root Certificate Authority
?http://crl.microsoft.com/pki/crl/products/microsoftrootcert.crl0T
8http://www.microsoft.com/pki/certs/MicrosoftRootCert.crt0
1Jv1=+r
L&*H$_Z
Washington1
Redmond1
Microsoft Corporation1#0!
Microsoft Code Signing PCA
y|.WNR
http://www.sysinternals.com 0
Washington1
Redmond1
Microsoft Corporation1!0
Microsoft Time-Stamp PCA
180212232653Z0#
Z|{8;m
Washington1
Redmond1
Microsoft Corporation1(0&
Microsoft Code Signing PCA 20110
170811202024Z
180811202024Z0t1
Washington1
Redmond1
Microsoft Corporation1
Microsoft Corporation0
MOPR1402
+230012+c804b5ea-49b4-4238-8362-d851fa2254fc0
Chttp://www.microsoft.com/pkiops/crl/MicCodSigPCA2011_2011-07-08.crl0a
Ehttp://www.microsoft.com/pkiops/certs/MicCodSigPCA2011_2011-07-08.crt0
+Z1[9j
Washington1
Redmond1
Microsoft Corporation1200
)Microsoft Root Certificate Authority 20110
110708205909Z
260708210909Z0~1
Washington1
Redmond1
Microsoft Corporation1(0&
Microsoft Code Signing PCA 20110
Ihttp://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl0^
Bhttp://www.microsoft.com/pki/certs/MicRooCerAut2011_2011_03_22.crt0
3http://www.microsoft.com/pkiops/docs/primarycps.htm0@
*?*kXIc
QEX82q'
WqVNHE
Washington1
Redmond1
Microsoft Corporation1(0&
Microsoft Code Signing PCA 2011
http://www.sysinternals.com 0
20180212232654.669Z0
Washington1
Redmond1
Microsoft Corporation1
AOC1'0%
nCipher DSE ESN:D236-37DA-97611%0#
Microsoft Time-Stamp Service
Washington1
Redmond1
Microsoft Corporation1200
)Microsoft Root Certificate Authority 20100
100701213655Z
250701214655Z0|1
Washington1
Redmond1
Microsoft Corporation1&0$
Microsoft Time-Stamp PCA 20100
$`2X`F
Ehttp://crl.microsoft.com/pki/crl/products/MicRooCerAut_2010-06-23.crl0Z
>http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt0
1http://www.microsoft.com/PKI/docs/CPS/default.htm0@
oK0D$"<
r~akow
Washington1
Redmond1
Microsoft Corporation1&0$
Microsoft Time-Stamp PCA 20100
160907175655Z
180907175655Z0
Washington1
Redmond1
Microsoft Corporation1
AOC1'0%
nCipher DSE ESN:D236-37DA-97611%0#
Microsoft Time-Stamp Service0
Ehttp://crl.microsoft.com/pki/crl/products/MicTimStaPCA_2010-07-01.crl0Z
>http://www.microsoft.com/pki/certs/MicTimStaPCA_2010-07-01.crt0
Washington1
Redmond1
Microsoft Corporation1
AOC1'0%
nCipher DSE ESN:D236-37DA-97611%0#
Microsoft Time-Stamp Service
Washington1
Redmond1
Microsoft Corporation1
AOC1'0%
nCipher NTS ESN:2665-4C3F-C5DE1+0)
"Microsoft Time Source Master Clock0
20180212213837Z
20180213213837Z0t0:
; xJK:]OL
vS,Vco
Pd'y5U
Washington1
Redmond1
Microsoft Corporation1&0$
Microsoft Time-Stamp PCA 2010
Washington1
Redmond1
Microsoft Corporation1&0$
Microsoft Time-Stamp PCA 2010
`F_X]w
.=wt?)
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"><assemblyIdentity name="Procmon" version="2.0.0.0" type="win32"></assemblyIdentity><description>Process Monitor</description><dependency><dependentAssembly><assemblyIdentity type="win32" name="Microsoft.Windows.Common-Controls" version="6.0.0.0" processorArchitecture="*" publicKeyToken="6595b64144ccf1df"></assemblyIdentity></dependentAssembly></dependency><trustInfo xmlns="urn:schemas-microsoft-com:asm.v3"><security><requestedPrivileges><requestedExecutionLevel level="asInvoker" uiAccess="false"></requestedExecutionLevel></requestedPrivileges></security></trustInfo><application xmlns="urn:schemas-microsoft-com:asm.v3"><windowsSettings><dpiAware xmlns="http://schemas.microsoft.com/SMI/2005/WindowsSettings">true</dpiAware></windowsSettings></application><ms_compatibility:compatibility xmlns:ms_compatibility="urn:schemas-microsoft-com:compatibility.v1" xmlns="urn:schemas-microsoft-com:compatibility.v1"><ms_compatibility:application xmlns:ms_compatibility="urn:schemas-microsoft-com:compatibility.v1"><ms_compatibility:supportedOS xmlns:ms_compatibility="urn:schemas-microsoft-com:compatibility.v1" Id="{e2011457-1546-43c5-a5fe-008deee3d3f0}"></ms_compatibility:supportedOS><ms_compatibility:supportedOS xmlns:ms_compatibility="urn:schemas-microsoft-com:compatibility.v1" Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}"></ms_compatibility:supportedOS><ms_compatibility:supportedOS xmlns:ms_compatibility="urn:schemas-microsoft-com:compatibility.v1" Id="{4a2f28e3-53b9-4441-ba9c-d69d4a4a6e38}"></ms_compatibility:supportedOS><ms_compatibility:supportedOS xmlns:ms_compatibility="urn:schemas-microsoft-com:compatibility.v1" Id="{1f676c76-80e1-4239-95bb-83d0f6d0da78}"></ms_compatibility:supportedOS><ms_compatibility:supportedOS xmlns:ms_compatibility="urn:schemas-microsoft-com:compatibility.v1" Id="{8e0f7a12-bfb3-4fe8-b9a5-48fd50a15a9a}"></ms_compatibility:supportedOS></ms_compatibility:application></ms_compatibility:compatibility></assembly>
1/1U1`1s1
2'252@2H2N2T2Z2a2g2l2q2
3!3&3-3I3P3U3i3p3u3
474F4V4d4
5#5)5A5J5O5U5_5s5y5
66$6:6?6Q6[6`6q6w6|6
7"717A7K7P7a7q7w7|7
8"83898>8K8U8_8m8r8
9"939>9K9Q9[9e9i9q9v9
:(:.:8:B:F:N:S:b:o:u:
;;#;+;0;?;L;R;\;f;j;r;w;
<!<*<4<><B<J<O<^<k<p<v<
=$=)=8=E=K=U=_=c=k=p=
>">(>2><>@>H>M>\>f>o>y>
?!?'?,?E?O?T?a?m?y?
132a2v2
5&585]5
576H6P6W6`6m6
617a7`8t8
;(;J;P;_;z;
<E<]<d<q<
=)=K=`=
>4>N>g>
2D4R4X4
707G7[7:8@8M8
9S:z:;;W;d;n;w;
>%?0?F?U?l?
8&808>8N8x8
2(292C2P2]2g2
2)3V3a3
6J7^7e7
8'9A9m9
9L:\:n:
;7;A;`;f;q;v;{;
?*?M?\?l?
031B1s1
1(282R2
3"3N3i3z3
8>9E9a9q9
9:g:~:
;!<*<F<W<_<
70N0`0v0
1"1L1w1
3 3&3>3J3b3p3
3 4%4K4P4v4{4
505<5A5H5_5
7/8_8v8
9*989O9\9w:
:';X;_;
;]<4=Y=
=)>=>n>
4 4$4(4,4044484<4@4D4H4L4P4T4+5F5
8 8$8(8,878
::/:=:W:d:
;,;9;e;
<:<L<j<
080g0w0
1S1*2D2
3"3*3:3_3{3
8"8B8W8
0+0;0F0l0
2)2K2W2m2
2:3a3~3J4
5)575A5L5~5
9F9M9f9m9x9
:Y<r<I=`=
2 2$2(2,2024282<2@2D2
2034383<3@3D3H3L3P3T3X3\3`3d3h3l3p3t3x3|3
3 474E4z4
6:6V6s6
7!777@7^7z7
9/9H9b9k9
:*:V:[:a:h:s:z:
:';2;>;h;u;
=(=-=5=B=y=
>1?Y?j?w?
0X0d0j0t0~0
0(141E1m1
2=2P2g2s2
3 3+3K3h3
4%434N4Y4_4q4z4
5+6G6h6n6
7!7=7H7Q7_7n7u7
7&888b8o8t8z8
:0:9:Y:g:
;1;e;x;
;&<8<W<n<
2&383_3
4&474O4
8H9f9x9
95:V:e:}:
:G;W;g;|;
=i>f?u?
5666D6
8&888T8_8m8r8
:#:):2:=:F:p:
;0;:;O;t;
<A<N<S<Z<x<
<7=L=S=u=
>&>8>N>i>t>
>8?J?b?m?v?
0+040=0Z0l0
1O1j1o1u1|1
22(2-232:2?2I2O2
263D3^3
8C9R97:F:
<"<2<M<k<{<
0 000K0
0 1$1(1,161G1f1
66D6H6L6P6f6t6
7]7h7r7
8)8]8{8
=*=6=U=[=`=d=h=l=p=
4D5H5L5P5T5X5\5`5d5h5l5p5t5x5|5
6f7w7F:T:g:n:t:
9'9<9v9
<c<l<&=
0 0$0(0,0004080<0@0D0
0,2024282<2@2D2H2e2
4,434I4P4
5<5I5f5t5f6x6
:F:X:s:
=(=c=k=
>&?5?M?c?l?r?x?
1,2V2e2}2
3$3<3K3g3
5+7s728
!0&181
4&484c4
6'6?6A8
;6;E;v;
>d>u>s?
3 3=5{5
7(7R7`7k7
:\:j:>;
<J<?=I=V=
0;0f0x0
1F2U2m2
3@3R3]3
::/:<:^:
<8<Z<d<
=7=B=k=
3%4I4Z4
5!6*60656;6D6J6P6U6[6p6
6x7h8g=m=|=
0/02191v1
2U2_2x2
4(4@4F5
4f5x566H6
8F9T9&:5:
<&=7=O=
>P>y>-?2?U?l?p?t?x?|?
20>0C0a0i0v0~0
2'272T2d2r2
2E3R3`3
5 5$5(5,505f5x5
868G8_8
=+>f>{>
1L2P2T2X2\2`2d2h2l2p2
2;3f3w3
464K4l4
8&878O8
;#<E<v<
5&6;6\6
>6?G?_?
8 828T8f8y8
?0?Q?i?o?u?
5$5U6o6
;E;^;w;
>%?f?u?
:":+:1:C:Y:t:z:
;#;+;0;8;>;P;U;[;a;
?6?L?e?u?
1-131U1_1u1
1,2@2}2
23&393@3
4,4D4T4[4l4s4|4
5)5@5G5[5i5w5
5:6V6l6
6/7I7f7
=8>>>v>
0&020B0J0
1+131I1_1
2/2D2U2q2|2
5%5J5U5f5y5
7 7P7`7f7
7 8&8.8C8J8Y8`8k8
919?9T9Z9`9e9k9s9
:x;~;}<
>P>T>X>\>`>6?K?
3J6W6w6
9#9-9I9S9o9y9
%0/0J0
363@3\3f3
>#>6>Y>m>
2H2L2P2T2X2\2`2d2h2l2p2t2x2|2
24383<3@3D3H3L3P3T3X3\3`3d3h3l3p3t3x3|3
4 4$4(4,4044484<4@4D4H4
6+686F6X6
9 9$9(9,90949f9x9
=&>5>T>
0 0O0\0l0q0
1#191B1
8 8$868D8
;7<T<Y<n<
364E4d4u4
5$6H6L6P6T6X6f6u6
70757E7
969E9d9u9
;*;B;R;w;
= =P=`=l=
4<4G4j4z4
465@5W5
677I7X7_7j7
9&989v9
:':B:K:Z:
<9<A<N<
2.2D2X2^2|2
9w:<;f;x;
C061H1y2
4B5T5o5x5
8&8D8Q8v8
9!90979G9#:,:9:E:
:*;9;%<v<
<8=<=@=D=Z=`=~=
>/>9>A>Q>X>^>q>
070A0F0L0S0
0%1,1{1
3%4;4Y4v4
7'7W7\7
::&:]:
>,?5?`?f?o?u?
3T3\3n3
3,4F4Q4
5$5^6o6
:,:W:e:
:?;E;R;W;l;
>4>A>V>p>
0!0'0-0O0o0
3'678V8h86:H:F;X;v=
4c5m5w5
6!6B6L6V6`6
7'7i7s7}7
88)848
9"9m9t9|9
:!:+:5:?:I:S:]:g:q:{:
;%;/;9;C;M;W;a;k;u;
<<)<3<=<G<Q<[<e<o<y<
<5=?=I=S=q={=
>'>.>3>=>G>Q>[>e>o>
?#?(?2?<?F?P?Z?d?n?x?
0"0,0Y0`0e0o0y0
1+151?1e1o1y1
1-24292C2M2W2a2
3'313a3k3u3
4&414z4
5A5H5M5W5a5k5u5
6(626<6F6P6Z6d6
7'7 9D9H9L9P9T9X9\9`9d9h9l9p9t9x9|9`:d:h:l:p:t:x:
< <$<(<,<0<4<8<<<@<D<H<L<P<T<X<\<`<d<h<l<p<t<x<|<
? ?$?(?,?0?4?8?<?
@0D0H0L0P0d0h0l0p0t0x0|0
1H1L1P1T1X1\1`1
757>7~7
8.8C8X8m8
9*9?9T9i9~9
:&:;:P:e:z:
;";7;L;a;v;
<3<\<`<d<h<l<p<t<x<|<
= =$=(=,=0=4=8=<=@=V=h=
>[?b?n?
1<1V1a1
3&464k4r4z4
5"5@5K5U5`5j5u5
64686<6@6D6H6f6v6
8(838K8V8n8y8
929=9U9`9x9
:%:.:b:k:
;+<B<d<
030Z0q0
1)1J2z2
3'303P3[3q3
3&464W4r4}4
9P9U9`9x9
:<:@:D:H:L:P:
4 4A4H4^4e4|4
7!8&8,838O8l8
::;s;x;
>4>A>l>
1.1:1@1v1
2D2O2^2
6$666;6Y6`6
6)757F7M7\7d7k7
838E8Q8l8
9-9f9u9
::1:I:g:
;.;:;?;E;J;W;^;d;i;|;
>$>1>7><>
<1=D=N=X=i=o=
>$>^>t>
>:?T?[?
0(02080@0F0Z0}0
0E1V1_1k1x1~1
2>2l2r2z2
2 383@3J3Z3_3e3
4/4@4F4
66$6)6/666;6D6a6h6
8$8h8t8y8
9*9/989E9K9U9Z9`9e9k9q9
:F;Q;^;m;
=!=D=Y=
=%>,>9>?>E>N>T>Z>c>n>x>
?&?E?k?}?
030=0C0X0i0
1'232E2K2w2
3'3D3P3[3
5h6l6p6t6x6|6
6B7N7y7
748r8x8
9"979D9t9z9
:<:C:t:
<'<8<E<S<`<q<j=
>">+>6>W>`>k>v>
5J7T7Z7_7i7o7
878B8I8
9(9.9u9{9
> ?B?S?
0 040;0
1,212:2h2l2p2t2x2|2
3>4Z4g4
7&7,727:7B7H7N7T7Z7d7
8(8/898f8y8
<C=J=Q=
1&1<1B1d1h1l1p1t1x1|1
667F7^7z7
:5;<;o;
>(?2?8?>?G?Z?m?y?
>"?F?X?s?
2&282S2
4"5F5X5s5
2&383S3
464H4c4
7(7@7I7
;(;9;A;T;Z;q;w;|;
<<.<6<=<D<J<P<a<|<
5?6V6e6
71G3W5g7
3(3&48465H5V6h6
:F;T;|;
>%>N>Z>f>
>O?f?w?
3\3d4q4
595H5Q5a5
7"7f7x7
8"8\8p8
969>9s9
:Y:j:o:v:
;Q;W;];w;};
;,<1<<<
<;=P=`=i=u=
? ?$?(?,?0?4?8?<?@?c?
d0h0l0p0t0x0|0
3'3,3B3P3\3a3r3
4!4&494>4W4l4
5(5?5W5\5b5g5m5w5
596X6_6s6y6
77%7W7
8'9@9X9o9
;&<]<c<
=2=8=N=Z=b=s=
1&1.1S1Y1g1m1y1
212V2a2x2
2,313>3F3M3V3j3
8(8?8D8N8U8c8j8x8~8
8;9U9^9d9j9o9x9
=*=0=_=f=|=
>$>9>v>
0'0M0Y0u0
1\1h1n1
1*202J2V2
3I4O4&50565<5A5Y5g5q5
67K7f7
8q9|9W:
<<[<a<i<}<
=(=.=F=O=a=
0B1H1Y1j1r1
2K3a3+4@4
4%5+5]5d5o5
8;8C8Q8[8h8n8
9*9=9W9\9
:N:U:j:p:
:-;C;l;w;~;
= =)=R=d=|=
>6>a>g>s>
?$?H?N?e?
0090@0W0l0
1*111S1Z1m1
2/2D2U2\2b2u2
363=3S3Z3v3}3
4*4@4P4e4{4
5%5;5`5d5h5l5p5t5x5|5064686<6@6D6H6V6e6|6
70767I7P7V7[7`7q7v7{7
868E8S8X8^8x8
4 4$4(4,40444F4W4
7&7@7D7H7L7P7T7X7\7`7v7
:+;6;`;l<p<t<x<|<
=,=>=C=I=N=T=^=h=r=y=
>$>)>.>3>8>B>O>t>y>
?&?6?W?\?g?
%0+090>0E0w0|0
1-141F1M1R1W1a1
2!2[2b2i2|2
3.3>3n3
4&4.474?4H4P4Y4a4t4
565F5r5
8=8K8Q8W8j8
9#91969;9@9M9d9l9v9|9
:#:0:A:K:Q:W:o:
;*;9;D;S;p;
<%<+<;<@<K<P<\<j<
=!=;=U=[=s=z=
>1>8>_>f>l>y>
>(?6?O?X?^?d?m?
0#0)0B0a0f0
1 1*1:1O1p1v1
2-2[2p2
2'313U3[3a3
5,5A5T5d5k5p5
626;6B6m6y6
6"7(7.747N7U7d7n7t7
7@8G8V8`8f8z8
939T9g9w9~9
:$:*:0:6:;:L:R:Y:f:l:r:~:
:%;3;9;A;\;b;i;o;
;*<q<w<}<
=$=*=0=9=?=E=K=P=U=_=e=
>!>*>0>6><>J>P>V>\>j>p>v>|>
?7?>?Q?x?
0080P0e0
011H1`1k1
12&2:2A2K2U2[2b2t2z2
44&4s4
5$5>5F5N5V5[5`5f5w5
5*6?6D6K6P6x6
6&7,72787A7G7p7
8 8&8,8N8b8
859:9?9F9K9~9
:):/:5:>:D:J:P:U:Z:d:j:
;%;k;u;{;
<+<G<M<Z<
="=,=2=j=
>@>d>v>
?&?2?q?
0C0I0g0l0s0x0~0
2%2D2\2
24383<3@3D3H3L3P3T3X3\3`3d3h3l3p3t3x3|3
526\6b6
8L8X8^8l8r8~8
829E9O9U9[9`9s9|9
:0:6:x:
2.2?2U2[2q2}2
2E3Q3W3e3k3w3
5"575=5e5
6a6f6r6{6
77F7e7z7
929j9p9
:/:5:R:Y:n:t:
<s<y<~<
?'?6?L?T?w?
1(121=1C1L1[1}1
4O4]4y4
4\5b5h5n5
6W6]6e7u7
:';9;v;
<J<T<_<e<o<u<
=?=F=Q=X=>Y>b>
171B1b1p1
44:4?4P4
5!5&5-565D5
91979=9C9m9s9y9
:!:':Q:W:]:c:
;(;;;f;m;u;|;
;.<N<k<
=%=1=9=G=N=U=e=
=H>T>n>
4"4)4<4P4W4v4}4
; ;$;(;,;
;"<)<A<U<e<
0B0W0d0v0
102C2N2a2
4+4H4e4
5,5I5f5k5u5
6B6I6r6z6
9(9@9L9Q9^9h9v9{9
9":(:.:7:C:Y:w:
;.<R<`<n<
= =N=[=
>!>6>K>V>f>
?C?I?Q?
030:0@0d0i0s0
1!1H1Q1j1r1
1)272<2I2U2
3%3,3u3
4'4v4|4
5"575B5[5f5p5
6B6U6\6
708G8R8`8u8
:B:X:q:
;3;Y;_;j;p;
=*=F=O=^=q=
?9?M?S?
0L0X0^0l0r0~0
021E1O1U1[1`1s1|1
20262x2
313e3[4
5&848M8
8*909C9T9j9p9
96:F:^:
<#<9<_<u<A=
?G?p?v?
G0i0z0
0*1G1x1
333:3K3W3^3o3
545I5W5b5
8 8-848I8q8
9(9.9E9T9
<.<a<p<
?4?E?Y?j?
0$0.090O0
041J1g1t1
1&2;2T2Z2a2g2o2v2
33%31373<3A3F3K3R3W3q3w3}3
;6;F;X;q;
>.>B>L>k>y>
>&?8?x?~?
0%0800161Q2X2`2g263H3^3w3
4(464D4I4N4S4X4^4l4
5%5*52595A5G5X5]5e5l5u5{5
5(6-6D6W6
7+828Y8z8
919G9W9\9c9p9v9
:0:::@:L:X:`:p:v:
;$;f;|;
<)<:<x<
=!=Z=q=
>F>W>q>w>
0=0C0[0k0
1.1Q1W1_1f1y1
3303>3D3
4#5/5G5y5
6$636A6G6{6
8(8;8G8L8]8k8
:>:Q:X:
:J;P;\;g;x;~;
<!<_<j<
=&=,=2=P=
=*>5>:>C>O>Y>_>y>
>d?k?t?
0$0Q0f0x0
101:1I1d1
2#2C2Q2W2k2
3(3B3H3T3Y3e3j3}3
5d5i5o5
5S6Z6i6
6e76;F;
8/868O8V8o8v8
9@9L9X9]9b9h9n9z9
::6:Z:p:
;>;X;r;
; <6<S<p<
>2>=>y>
?!?-?S?j?~?
0#0)0L0r0
1?1s1y1
1 2%2;2A2N2T2Z2a2q2
3b3s3}3
5%5D5I5`5f5q5w5}5
61676=6B6^6d6i6o6u6}6
7%7+717R7c7u7
7K8_8u8|8
87;V;h;f<x<
>#>,>3>>>G>{>
?L?c?k?~?
1,1V1b1g1m1t1|1
1!2O2e2
5+51565>5D5K5Q5X5^5e5k5r5x5
<)<3<@<J<W<a<n<x<
656?6[6e6
7>7K7d7h7l7p7t7x7|7
8#858@8h8
9%9D9_9A:
: ;$;(;,;0;4;8;<;
7+7H7v7
8*888L8
<6=E=h=
0&0F0U0
1\2l2O3v3
1J2U2`2j2t2~2
313R3]3
01090I0P0X0g0m0
1_1d1n1
7%7,797W7j7z7
G0f0x0
2(2t2y2
1M1R1Y1
6B6I6O6l6r6
6Q7f7x7
1Q1`1&252
6E7P7|7/8
90:;:c:
=(=8>{>
8%8,838:8A8H8O8V8]8d8k8r8y8
9!9(9/969=9D9K9R9Y9`9g9n9u9|9
:2:9:>:E:L:S:Z:a:h:o:v:}:
;";);0;7;>;E;
<%<,<K<R<Y<u<z<
= =$=(=,=0=4=8=<=@=D=H=L=P=T=X=\=`=d=h=l=p=t=x=|=
> > ?$?(?,?0?4?8?<?@?D?H?L?P?T?X?\?`?d?h?l?
0 0$0(0,0004080<0,1014181<1@1D1
5(6L6F8
>(>F?X?
4 4.434=4P4Y4b4j4p4~4
515<5f5u5
6O7X7^7d7k7s7y7
969H9_9
:.;9;~;
<3<8<D<^<i<
=7===c=v={=
4!4'4/4<4E4K4a4g4u4z4
5(5H5X5^56'6:6@6
70797H7Z7_7
858S8Y8
9"9(9-9:9D9Q9^9i9n9x9
; ;M;T;Y;c;k;
<,<3<>=C=J=R=X=_=d=j=
>&?8?k?
0$0*060L0z0
3!3.3A3U3f3u3
5!5(5.555;5B5H5O5U5\5b5i5o5v5|5
6&6;6d6p6w6}6
=+=1=J=
4G5^5u5
8$8.858U8b8h8
9A9X9v9
: :&:,:2:8:>:D:J:P:j:
0<1J1T1x1
5,5;5D5J5P5
9$9:9D9
10I0N0
3)3r3y3
4z5D7g7
8%8.8P8
:#:B:X:b:h:s:
;";4;S;r;
>">(>d>v>|>
?'?0?s?
2 2$2(2,2024282
3 3'3,30343U3
4$4(4,404
<E>c>|>
? ?$?(?r?x?|?
0 0$0E0o0
31373J3P3[3b3v3|3
11'131<1A1G1Q1[1k1{1
2&2.292>2D2N2X2k2p2L4[4
4c5j5r5~5
5?6G6S6Y6`6k6p6v6
==>J>r>
7<7^7t7
;";9;D;s;
<"<7<A<Z<d<q<{<
0&0-040L0[0e0r0|0
4464P4k4s4
4%5[5n5
898q8y8
9?9Z9r9~9
9E:O:q:
5F8J8N8R8V8Z8^8b8K9s:
2]5a5e5i5m5q5u5y5
6L6R6W6_6
89;Y=g=q=
2,4>4W4
7 8%8@8E8g8
:#:2:<:B:T:f:
;";(;0;5;;;C;H;N;V;[;a;i;n;t;|;
<'<,<2<:<?<E<M<R<X<`<e<k<s<x<~<
=#=)=1=6=<=D=I=N=W=\=b=j=p=~=
>$>c>{>
?'?U?h?
60;0M0k0
0&1,121B1H1T1Y1^1c1l1
22$212
4 4D4K4X4r4
5/5`5m5v5
6&7;7b7
===C=b=h=
-1115191=1A1E1I1Z1k1
2!2&2y2
3Q7F8W8
:L:X:d:z:
;1;:;C;
<R<]<o<
3n4B7d7o7
;!;,<y<
2z2G3v3
<%=1=q=
=%>+>2>
<0>6>B>s?
2&21282>2D2
5 5>5Z5b5g5
7&787J7\7n7
=*=S=a=g=
=5>I>n>
???P?V?b?r?x?
0%0+040:0D0O0
1 1G1T1Y1g1
3K4L5\5m5u5
;,<1<7<><
0&0@0X0c0u0
4G5S5o5
5"626`6
6#797L7n7u7
8&828W8^8
>A>q>$?
=!=-=<=
8-8F8^8
<"=2=@=
0#1p2x2
2$3B3s3
=">B>b>
7+8R8r8
<R=a=i=
$090A0r0
4J4l4t4
5"5B5b5|5
<"<B<b<
="=B=~=
>2?A?\?q?
1"2k2H3
78R8z8
5S6a6i6w6
:2:_:q:y:
>!><>Q>l>
1!1+151P1z1
5/6#7J7z7
7#8S8r8
829I9Q9z9
>!>,>C>Q>f>
>A?G?R?d?l?
0&0R0e0p0y0
041<1O1
243<3O3
6"646J6t6|6
8&828C8T8Z8v8
8F9V9h9x9
:&:8:H:V:^:c:u:
;!;6;b;t;|;
<Q<W<^<b<i<m<t<x<~<
7 7$7(7,7074787<7@7D7H7L7P7T7X7\7`7d7h7l7p7t7x7|7
7`;d;h;l;p;t;x;|;
; ;$;(;,;4;8;<;@;D;H;L;P;T;X;`;d;h;l;p;t;x;|;
< <$<(<
6(686H6X6h6x6
D1H1L1T1X1\1d1h1l1
2$2(2,24282<2D2H2L2T2X2\2d2h2l2t2x2|2
3$3(3,34383<3D3H3L3T3X3\3d3h3l3t3x3|3
4$4(4,44484<4D4H4L4T4X4\4d4h4l4t4x4|4
5$5(5,54585<5D5H5L5T5X5\5d5h5l5t5x5|5
6$6(6,64686<6D6H6L6T6X6\6d6h6l6t6x6|6
7 7(7,74787@7D7L7P7X7\7d7h7p7t7|7
8 8$8(8084888<8@8H8L8T8X8`8d8l8p8t8x8|8
9 9$9,90949<9@9D9\9`9d9|9
;4=<=D=
T2\2d2l2t2|2
2D;H;P;T;\;`;h;l;t;x;
$0,040<0D0L0T0\0d0l0t0|0
1$1,141<1D1L1<9D9L9T9\9d9l9t9|9
:$:,:4:<:D:L:T:d;l;t;|;
X1`1h1p1x1
2$2<2D2L2T2\2d2l2t2|2
8$8,8D:H:
0888@8H8P8X8`8h8p8x8
9 9(90989@9H9P9X9`9h9p9x9
> >(>0>8>@>H>P>X>`>h>p>x>
4 4x4|4
4<7@7D7H7L7P7T7X7
:P;\;h;t;
3(3D3X3t3
6 6,686D6P6
8(848@8L8 9,989D9P9\9h9t9
:(:4:T:X:`:d:l:p:
> >,>8>D>P>\>h>t>
: :$:(:,:0:4:8:<:@:D:`:d:h:l:p:t:x:
;$;,;4;<;D;L;T;\;d;l;t;|;
<$<,<4<<<D<L<T<\<d<l<t<|<
=$=,=4=<=L=T=\=d=l=t=|=
>$>,>4><>D>L>T>\>d>l>t>|>
?$?,?4?<?D?L?T?\?d?l?t?|?
<p=t=x=
5$5,545<5D5L5T5\5d5l5
:$:,:4:<:D:L:T:\:d:l:t:|:
;$;,;4;<;D;L;T;\;d;l;t;|;
<$<,<4<<<D<L<T<\<d<l<t<|<
=$=,=4=<=D=L=T=\=d=l=t=|=
>$>,>4><>D>L>T>\>d>l>t>|>
?$?,?4?<?D?L?T?\?d?l?t?|?
0$0,040<0D0L0T0\0d0l0t0|0
1 1(10181@1H1P1X1`1h1p1x1
2 2(20282@2H2P2X2`2h2p2x2
3 3(30383@3H3P3X3`3h3p3x3
4 4(40484@4H4P4X4`4h4p4x4
5 5(50585@5H5P5X5`5h5p5x5
6 6(60686@6H6P6X6`6h6p6x6
7 7(70787@7H7P7X7`7h7p7x7
; ;$;(;,;0;4;8;<;@;D;H;L;P;T;X;\;`;d;h;l;p;t;x;|;
4 4044484@4X4\4t4
5,50585P5`5d5t5x5|5
6,60646<6T6d6h6x6|6
7$7<7L7P7`7d7h7p7
8,80848<8T8d8h8x8|8
9 9(9@9P9T9d9h9p9
:$:4:8:H:L:P:T:\:t:
;,;0;@;D;H;P;h;x;|;
3(3H3T3t3|3
4,484X4d4
5(5H5P5\5
6 6(606<6\6d6p6
7(707P7X7`7|7
8(848T8\8h8
9$9H9h9p9x9
:$:,:4:<:D:L:T:\:d:l:x:
; ;(;0;8;@;H;P;X;`;h;p;x;
< <H<l<x<
= =(=4=T=\=d=p=
> >@>H>P>\>|>
?<?H?h?t?
0(0P0t0
101T1`1h1
20282@2H2P2X2`2h2t2
3$3,343<3D3L3T3\3d3p3
4 4(40484@4H4P4\4|4
5 5@5H5T5t5|5
686\6h6p6
7 7@7d7p7x7
8$808X8|8
9$9,9H9P9h9t9
:,:@:H:d:l:
; ;(;0;8;@;H;P;\;|;
< <(<0<8<D<d<l<t<|<
=<=D=L=T=\=h=
>$>,>4>@>`>h>p>x>
?8?@?H?P?X?`?h?p?x?
0$0,040<0H0l0
1 1@1L1l1x1
2(202P2t2
3 3(303H3l3x3
4(404P4t4
5$5,5@5H5h5|5
6 6D6P6X6x6
787L7\7d7x7
8$8,8@8H8h8|8
989L9\9p9x9
:(:0:P:d:t:
; ;(;0;8;@;H;P;X;`;l;
<8<D<h<
=$=0=P=X=d=
> >(>0>8>@>H>P>X>`>h>p>x>
? ?(?0?8?@?H?P?X?`?h?p?x?
0@0`0h0p0x0
1 1(141T1\1h1
2@2`2h2p2x2
3(343X3x3
4 4(40484@4H4P4X4`4h4p4x4
50585@5L5l5t5|5
6<6H6P6p6
7(7H7P7X7`7h7p7x7
848@8`8l8
949<9D9L9T9\9d9l9x9
:<:D:L:T:\:d:l:t:|:
;0;P;X;`;h;p;x;
<$<H<h<p<x<
=$=,=4=<=D=P=p=|=
>$>,>4><>H>h>p>x>
?4?X?d?l?
0<0P0`0t0|0
1 1(10181@1H1P1X1`1h1p1x1
2$2D2P2p2|2
3$3,343@3`3l3
484D4L4d4l4t4
5 5,5P5p5x5
6$6,646<6D6P6t6
7$7D7L7T7\7d7l7t7|7
8@8`8h8p8x8
989@9L9l9t9
:$:L:p:|:
: ;,;4;T;h;x;
;$<H<T<\<|<
=,=P=\=d=
>$>,>4><>D>L>X>|>
? ?(?0?8?D?h?
0 0(00080@0L0l0t0|0
10181@1H1P1X1`1l1
2 2(20282@2H2P2X2`2h2p2x2
3$3,343<3D3L3T3\3d3l3t3
4$4,444<4H4h4p4x4
5$5,545<5D5L5T5\5d5l5t5|5
6 6(60686@6H6P6\6
7(747T7\7d7p7
8 8(80888@8H8P8X8`8h8p8x8
9 9(90989@9H9P9X9`9h9p9x9
:$:,:8:X:`:h:p:x:
; ;(;0;8;@;H;P;X;`;h;p;x;
<8<X<`<h<p<x<
=$=,=4=<=D=L=X=|=
>,>4><>D>L>T>\>d>p>
? ?(?4?T?\?d?l?t?|?
0$0,040<0D0L0T0`0
1(1H1P1X1`1h1p1x1
2 2,2L2T2\2d2l2t2|2
3$3,343<3D3L3T3\3d3l3t3|3
3 4,444T4x4
5(545<5\5p5
686D6L6l6
7@7L7T7t7
8,8@8P8X8l8t8
9$9L9p9|9
: :(:0:8:@:H:P:X:`:h:p:x:
; ;(;0;8;@;L;l;t;|;
<0<8<D<d<p<
=$=D=P=p=x=
>0><>d>
?(?8?L?T?t?
0,080X0`0l0
1 1(10181@1H1P1X1`1h1p1x1
2 2(202<2`2
3 3(30383@3L3l3t3|3
4(444T4`4
5(545X5x5
6,6P6\6d6|6
7 7(707<7`7
8$8,848<8H8h8p8x8
9 9(90989@9H9P9X9`9h9p9x9
:,:4:<:D:P:t:
;$;0;8;X;|;
<<<P<`<t<|<
=,=4=T=h=x=
> >(>@>H>P>X>l>|>
?0?8?L?T?h?p?x?
0 0@0`0
1 1<1@1`1
2$282@2H2P2T2\2p2
383D3`3|3
4,404@4d4p4x4
5 5<5@5`5
6(6D6H6h6
0 0$0(0,0004080<0@0D0H0L0P0T0X0\0`0d0h0l0p0t0x0|0
1(1,1\1`1d1h1l1p1t1x1|1
9 9$9(9,9094989<9@9D9H9L9P9T9X9\9`9l9p9t9x9|9
:D:T:d:t:
:$<(<,<0<4<8<<<@<D<H<P<X<
?$?,?4?<?D?L?T?\?d?l?t?|?
h0p0t0x0|0
5(5D5`5x5
6 6<6X6x6
7,7P7|7
Washington1
Redmond1
Microsoft Corporation1!0
Microsoft Time-Stamp PCA0
171002225757Z
190102225757Z0
Washington1
Redmond1
Microsoft Corporation1
AOC1&0$
Thales TSS ESN:96FF-4BC5-A7DC1%0#
Microsoft Time-Stamp Service0
Chttp://crl.microsoft.com/pki/crl/products/MicrosoftTimeStampPCA.crl0X
<http://www.microsoft.com/pki/certs/MicrosoftTimeStampPCA.crt0
y|.WNR
Washington1
Redmond1
Microsoft Corporation1#0!
Microsoft Code Signing PCA0
170811201115Z
180811201115Z0
Washington1
Redmond1
Microsoft Corporation1
Microsoft Corporation0
b{VpuOg
MOPR1402
+229803+1abf9e5f-ced0-42e6-a65d-d9350959fe0e0
Ehttp://crl.microsoft.com/pki/crl/products/MicCodSigPCA_08-31-2010.crl0Z
>http://www.microsoft.com/pki/certs/MicCodSigPCA_08-31-2010.crt0
?w?^s'W
microsoft1-0+
$Microsoft Root Certificate Authority0
100831221932Z
200831222932Z0y1
Washington1
Redmond1
Microsoft Corporation1#0!
Microsoft Code Signing PCA0
?http://crl.microsoft.com/pki/crl/products/microsoftrootcert.crl0T
8http://www.microsoft.com/pki/certs/MicrosoftRootCert.crt0
`Ge`@N
microsoft1-0+
$Microsoft Root Certificate Authority0
070403125309Z
210403130309Z0w1
Washington1
Redmond1
Microsoft Corporation1!0
Microsoft Time-Stamp PCA0
microsoft1-0+
$Microsoft Root Certificate Authority
?http://crl.microsoft.com/pki/crl/products/microsoftrootcert.crl0T
8http://www.microsoft.com/pki/certs/MicrosoftRootCert.crt0
1Jv1=+r
L&*H$_Z
Washington1
Redmond1
Microsoft Corporation1#0!
Microsoft Code Signing PCA
y|.WNR
http://www.sysinternals.com 0
Washington1
Redmond1
Microsoft Corporation1!0
Microsoft Time-Stamp PCA
180212232946Z0#
Washington1
Redmond1
Microsoft Corporation1(0&
Microsoft Code Signing PCA 20110
170811202024Z
180811202024Z0t1
Washington1
Redmond1
Microsoft Corporation1
Microsoft Corporation0
MOPR1402
+230012+c804b5ea-49b4-4238-8362-d851fa2254fc0
Chttp://www.microsoft.com/pkiops/crl/MicCodSigPCA2011_2011-07-08.crl0a
Ehttp://www.microsoft.com/pkiops/certs/MicCodSigPCA2011_2011-07-08.crt0
+Z1[9j
Washington1
Redmond1
Microsoft Corporation1200
)Microsoft Root Certificate Authority 20110
110708205909Z
260708210909Z0~1
Washington1
Redmond1
Microsoft Corporation1(0&
Microsoft Code Signing PCA 20110
Ihttp://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl0^
Bhttp://www.microsoft.com/pki/certs/MicRooCerAut2011_2011_03_22.crt0
3http://www.microsoft.com/pkiops/docs/primarycps.htm0@
*?*kXIc
QEX82q'
WqVNHE
Washington1
Redmond1
Microsoft Corporation1(0&
Microsoft Code Signing PCA 2011
http://www.sysinternals.com 0
20180212232954.495Z0
Washington1
Redmond1
Microsoft Corporation1
AOC1'0%
nCipher DSE ESN:F6FF-2DA7-BB751%0#
Microsoft Time-Stamp Service
Washington1
Redmond1
Microsoft Corporation1200
)Microsoft Root Certificate Authority 20100
100701213655Z
250701214655Z0|1
Washington1
Redmond1
Microsoft Corporation1&0$
Microsoft Time-Stamp PCA 20100
$`2X`F
Ehttp://crl.microsoft.com/pki/crl/products/MicRooCerAut_2010-06-23.crl0Z
>http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt0
1http://www.microsoft.com/PKI/docs/CPS/default.htm0@
oK0D$"<
r~akow
Washington1
Redmond1
Microsoft Corporation1&0$
Microsoft Time-Stamp PCA 20100
160907175650Z
180907175650Z0
Washington1
Redmond1
Microsoft Corporation1
AOC1'0%
nCipher DSE ESN:F6FF-2DA7-BB751%0#
Microsoft Time-Stamp Service0
Ehttp://crl.microsoft.com/pki/crl/products/MicTimStaPCA_2010-07-01.crl0Z
>http://www.microsoft.com/pki/certs/MicTimStaPCA_2010-07-01.crt0
Washington1
Redmond1
Microsoft Corporation1
AOC1'0%
nCipher DSE ESN:F6FF-2DA7-BB751%0#
Microsoft Time-Stamp Service
Washington1
Redmond1
Microsoft Corporation1
AOC1'0%
nCipher NTS ESN:2665-4C3F-C5DE1+0)
"Microsoft Time Source Master Clock0
20180212213207Z
20180213213207Z0t0:
Washington1
Redmond1
Microsoft Corporation1&0$
Microsoft Time-Stamp PCA 2010
Washington1
Redmond1
Microsoft Corporation1&0$
Microsoft Time-Stamp PCA 2010
aXsH[Qh
Quo!|U
/.)11Y
&!% !#>"4)
dAH@CB
\AM}Au
VV`GFA@
vy,x6{X
W/V?QX
:::2D+
D$:]~u
WuVoQe
_ !>>D>
`SKvvc
mrtsSS
ShlbiWu
HQ{Dx
YP @DI
|U UR}
aW&rt
?)18%818H _
~Rd]f\_
'IIIIR
TwA09+
H@nSDL
qpr !w
)*(=+*Y
S^X[|kZjwE_c{S
_MZ[CBQX
MVQW!wE
T+W)V.-E
MVoF_5
SnROH_MMc
_zXC\C
~IIII`g}{IIII|z}
IIIIMEE)
R!::;7
sTTkyz
SQ4@7d6+)
S~2=<?t
TTTTdcibTTTTz~QN
QLeiIIII{lcn
_`kL~O{_`
_N|IQHK
KYJZUm
_`TT]W8
c,-W[<
AlAAc[
uMuKuuD
_c'22,/_c
_*3-3-3G
_c[\[K
EKP;N8<
_D[GSF`
_BLML4
aArX_ZW
WvDyr)
J=L~/M
3S%Z(.
O$G&hpK
_T.aVmd8k*;
tI+~zHR
o>T-BX
ExG}'@
A{Tii9
`}d(:kN
(uazyt
29UT+s
3NaKC9
FpkfLY
:Aq<f8s
yj\cp%
NIUvNwX
2L@S-E
e`Ba|1oV
D&'D.:
MMYyyH
IL&NE3
ugpax"#?u}}
Mfehkf:z<:VYSYUO:K3;92
*"?.;'
;:ZxiMor~xnnUx|m
QMDVUCPG~OKAPM
~UKLFMUQ
TGPQKML
/:zp:+#f
./5f'66*/%'2
;z8/)(f.'
4#73#52#"f2.
353'*f1'?h
fvwrru
[UU$-\/
DC::::
c8:::5d
::::HR
::::cs
::::n!
::::s\
`Gcgp
>(:::-
::::5k
Q53z8:
.'Nka!
;:::F8
:::mli
:::ilm
PzR:*::
z69w*9
_2:::z
=::ilm
(R>;::
R:*::P2
2R>;::
(R>;::
jR>;::
>;::Ga
:::P9P:P;R:::
:::P:P:P8P:P8R:::z
:R:*::P2
H@%8::
:pa8::HH%8::
H@%8::
Fxy8::
1LHI8::
H@e8::
-Rz::F
:pa8::H@%8::
1:pe8::
NHI8::@
:LH%8::.
:pa8::HH%8::
NH%8::@
H@%8::
NH%8::N@m8::@
L@m8::NH%8::N@58::O
MP*8::MPq8::A
ExY8::
NH]8::F
-Y:::F
-J(;:N
u-b<;:
9;:::-
-E|::N
-%!;:N
-~;::F
-4';:N
D$::2:
9;:::-
Y::,6;::
AF;::N
AI8::N
-z2::F
,\>::N
9;:::-
9;:::-
9;:::-
-MW::N5
-,T::N5
,";::N
-UU::N5
-@U::F%
jjjjjj
jjjjjj
jjjjjj
jjjjjjjjjjj
jjjjjj
jjjjjj
jjjjjj
jjjjjj
jjjjjj
jjjjjjj
jjjjjjj
{%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x}
EventTrace
Header
Unknown
root\wmi
format
StringTermination
pointer
extension
NullTerminated
Counted
ReverseCounted
NotCounted
IPAddr
IPAddrV6
IPAddrV4
WmiTime
__CLASS
WmiDataId
EventType
EventTypeName
DisplayName
EventVersion
uxtheme.dll
@not implemented
@treeview
TreeListWindowClass
TreeListProperty
tooltips_class32
SysHeader32
ScrollBar
Static
SPLITTER_CURSOR
SYSINTERNALS SOFTWARE LICENSE TERMS
These license terms are an agreement between Sysinternals(a wholly owned subsidiary of Microsoft Corporation) and you.Please read them.They apply to the software you are downloading from technet.microsoft.com / sysinternals, which includes the media on which you received it, if any.The terms also apply to any Sysinternals
* updates,
*supplements,
*Internet - based services,
*and support services
for this software, unless other terms accompany those items.If so, those terms apply.
BY USING THE SOFTWARE, YOU ACCEPT THESE TERMS.IF YOU DO NOT ACCEPT THEM, DO NOT USE THE SOFTWARE.
If you comply with these license terms, you have the rights below.
INSTALLATION AND USER RIGHTS
You may install and use any number of copies of the software on your devices.
SCOPE OF LICENSE
The software is licensed, not sold.This agreement only gives you some rights to use the software.Sysinternals reserves all other rights.Unless applicable law gives you more rights despite this limitation, you may use the software only as expressly permitted in this agreement.In doing so, you must comply with any technical limitations in the software that only allow you to use it in certain ways.You may not
* work around any technical limitations in the software;
*reverse engineer, decompile or disassemble the software, except and only to the extent that applicable law expressly permits, despite this limitation;
*make more copies of the software than specified in this agreement or allowed by applicable law, despite this limitation;
*publish the software for others to copy;
*rent, lease or lend the software;
*transfer the software or this agreement to any third party; or
* use the software for commercial software hosting services.
SENSITIVE INFORMATION
Please be aware that, similar to other debug tools that capture
process state
information, files saved by Sysinternals tools may include personally identifiable or other sensitive information(such as usernames, passwords, paths to files accessed, and paths to registry accessed).By using this software, you acknowledge that you are aware of this and take sole responsibility for any personally identifiable or other sensitive information provided to Microsoft or any other party through your use of the software.
DOCUMENTATION
Any person that has valid access to your computer or internal network may copy and use the documentation for your internal, reference purposes.
EXPORT RESTRICTIONS
The software is subject to United States export laws and regulations.You must comply with all domestic and international export laws and regulations that apply to the software.These laws include restrictions on destinations, end users and end use.For additional information, see www.microsoft.com / exporting .
SUPPORT SERVICES
Because this software is "as is, " we may not provide support services for it.
ENTIRE AGREEMENT
This agreement, and the terms for supplements, updates, Internet - based services and support services that you use, are the entire agreement for the software and support services.
APPLICABLE LAW
United States.If you acquired the software in the United States, Washington state law governs the interpretation of this agreement and applies to claims for breach of it, regardless of conflict of laws principles.The laws of the state where you live govern all other claims, including claims under state consumer protection laws, unfair competition laws, and in tort.
Outside the United States.If you acquired the software in any other country, the laws of that country apply.
LEGAL EFFECT
This agreement describes certain legal rights.You may have other rights under the laws of your country.You may also have rights with respect to the party from whom you acquired the software.This agreement does not change your rights under the laws of your country if the laws of your country do not permit it to do so.
DISCLAIMER OF WARRANTY
The software is licensed "as - is." You bear the risk of using it.Sysinternals gives no express warranties, guarantees or conditions.You may have additional consumer rights under your local laws which this agreement cannot change.To the extent permitted under your local laws, sysinternals excludes the implied warranties of merchantability, fitness for a particular purpose and non - infringement.
LIMITATION ON AND EXCLUSION OF REMEDIES AND DAMAGES
You can recover from sysinternals and its suppliers only direct damages up to U.S.$5.00.You cannot recover any other damages, including consequential, lost profits, special, indirect or incidental damages.
This limitation applies to
* anything related to the software, services, content(including code) on third party Internet sites, or third party programs; and
* claims for breach of contract, breach of warranty, guarantee or condition, strict liability, negligence, or other tort to the extent permitted by applicable law.
It also applies even if Sysinternals knew or should have known about the possibility of the damages.The above limitation or exclusion may not apply to you because your country may not allow the exclusion or limitation of incidental, consequential or other damages.
Please note : As this software is distributed in Quebec, Canada, some of the clauses in this agreement are provided below in French.
Remarque : Ce logiciel
tant distribu
au Qu
bec, Canada, certaines des clauses dans ce contrat sont fournies ci - dessous en fran
EXON
RATION DE GARANTIE.Le logiciel vis
par une licence est offert
tel quel
.Toute utilisation de ce logiciel est
votre seule risque et p
ril.Sysinternals n'accorde aucune autre garantie expresse. Vous pouvez b
ficier de droits additionnels en vertu du droit local sur la protection dues consommateurs, que ce contrat ne peut modifier. La ou elles sont permises par le droit locale, les garanties implicites de qualit
marchande, d'ad
quation
un usage particulier et d'absence de contrefa
on sont exclues.
LIMITATION DES DOMMAGES - INT
TS ET EXCLUSION DE RESPONSABILIT
POUR LES DOMMAGES.Vous pouvez obtenir de Sysinternals et de ses fournisseurs une indemnisation en cas de dommages directs uniquement
hauteur de 5, 00 $ US.Vous ne pouvez pr
tendre
aucune indemnisation pour les autres dommages, y compris les dommages sp
ciaux, indirects ou accessoires et pertes de b
fices.
Cette limitation concerne :
tout ce qui est reli
au logiciel, aux services ou au contenu(y compris le code) figurant sur des sites Internet tiers ou dans des programmes tiers; et
clamations au titre de violation de contrat ou de garantie, ou au titre de responsabilit
stricte, de n
gligence ou d'une autre faute dans la limite autoris
e par la loi en vigueur.
Elle s'applique
galement, m
me si Sysinternals connaissait ou devrait conna
tre l'
ventualit
d'un tel dommage. Si votre pays n'autorise pas l'exclusion ou la limitation de responsabilit
pour les dommages indirects, accessoires ou de quelque nature que ce soit, il se peut que la limitation ou l'exclusion ci - dessus ne s'appliquera pas
votre
EFFET JURIDIQUE.Le pr
sent contrat d
crit certains droits juridiques.Vous pourriez avoir d'autres droits pr
vus par les lois de votre pays. Le pr
sent contrat ne modifie pas les droits que vous conf
rent les lois de votre pays si celles-ci ne le permettent pas.
Sysinternals License
%s License Agreement
Software\Sysinternals\%s
Riched32.dll
License Agreement
MS Shell Dlg
You can also use the /accepteula command-line switch to accept the EULA.
&Agree
&Decline
&Print
RICHEDIT
EulaAccepted
Shell32.dll
/accepteula
-accepteula
Software\Microsoft\windows nt\currentversion
ProductName
iotuap
Software\Microsoft\Windows NT\CurrentVersion\Server\ServerLevels
NanoServer
This is the first run of this program. You must accept EULA to continue.
Use -accepteula to accept EULA.
Software\Sysinternals
gURLMON.DLL
HyperlinkClass
http://www.sysinternals.com
FileVersion
LegalCopyright
@Display index %d moved from snapshot %d:%d to %d
PROGRESS
%d%% - %d:%02d remaining (%s)
Searching for Bookmarks
%9.5f%%
ntdll.dll
BINRES
%SYSTEMROOT%\Procmon.Pmb
SupportedFeatures
Instances
Process Monitor 24 Instance
DefaultInstance
385200
Altitude
PROCMON24.SYS
%s\Drivers\%s
RCDRIVERNT
%%TEMP%%\%s
\ProcessMonitor24Port
SeLoadDriverPrivilege
System\CurrentControlSet\Services\PROCMON24
ErrorControl
\??\%s
ImagePath
\Registry\Machine\System\CurrentControlSet\Services\PROCMON24
System\CurrentControlSet\Services\PROCMON24\Enum
System\CurrentControlSet\Services\PROCMON24\Security
System\CurrentControlSet\Services\PROCMON24\Parameters
Parameters
Security
\Drivers\PROCMON24.SYS
Unable to write
Make sure that you have permission to
write to the %%SystemRoot%%\System32\Drivers directory.
Process Monitor
BOOTLOG_OPTIONS
Process Monitor is configured to log activity during the next boot.
FSFilter Activity Monitor
DeleteFlag
System32\Drivers\
ThreadProfiling
RuntimeSeconds
Error configuring boot logging
Completion
Process
Registry
File System
Profiling
Network
Process Defined
Process Create
Process Exit
Thread Create
Thread Exit
Load Image
Thread Profile
Process Start
Process Statistics
System Statistics
Thread Profiling
Process Profiling
Debug Output Profiling
RegOpenKey
RegCreateKey
RegCloseKey
RegQueryKey
RegSetValue
RegQueryValue
RegEnumValue
RegEnumKey
RegSetInfoKey
RegDeleteKey
RegDeleteValue
RegFlushKey
RegLoadKey
RegUnloadKey
RegRenameKey
RegQueryMultipleValueKey
RegSetKeySecurity
RegQueryKeySecurity
UDP Unknown
TCP Unknown
UDP Other
TCP Other
UDP Send
TCP Send
UDP Receive
TCP Receive
UDP Accept
TCP Accept
UDP Connect
TCP Connect
UDP Disconnect
TCP Disconnect
UDP Reconnect
TCP Reconnect
UDP Retransmit
TCP Retransmit
UDP TCPCopy
TCP TCPCopy
Read Metadata
Write Metadata
Command line
Parent PID
Current directory
Environment
Image Base
Image Size
Commit Peak
System Calls
Context Switches
Thread ID
Exit Status
%.07f seconds
User Time
Kernel Time
Private Bytes
Peak Private Bytes
Working Set
Peak Working Set
Thread %u
Output
Length
is not
less than
more than
begins with
ends with
contains
excludes
IRP_MJ_
FASTIO_
Procmon.exe
Procexp.exe
Autoruns.exe
System
pagefile.sys
$MftMirr
$LogFile
$Volume
$AttrDef
$Bitmap
$BadClus
$Secure
$UpCase
$Extend
FAST IO
Include
Exclude
Okay to overwrite event log '
An error occurred opening the snapshot
Applying Event Filter
Operation cancelled: The listview data may be incomplete
Process Monitor can open at most
backing files
<pagefile>
ProcessIndex
address
location
process
ProcessId
ParentProcessId
ParentProcessIndex
AuthenticationId
CreateTime
FinishTime
IsVirtualized
Is64bit
Integrity
ProcessName
CommandLine
CompanyName
Version
Description
modulelist
module
Timestamp
BaseAddress
Company
Process Monitor - Exporting event data
wt, ccs=UTF-8
<?xml version="1.0" encoding="UTF-8"?>
procmon
processlist
eventlist
ISUCCESS
Counting occurrences of values
Scanning process information
Scanning file information
Scanning Registry information
Scanning Network information
<unknown>
Scanning event stack information
Scanning events
Searching
SysListView32
QueryControlInformationVolume
QueryFullSizeInformationVolume
QueryObjectIdInformationVolume
IRP_MJ_SET_VOLUME_INFORMATION
FASTIO_SET_VOLUME_INFORMATION
SetControlInformationVolume
SetLabelInformationVolume
SetObjectIdInformationVolume
IRP_MJ_QUERY_INFORMATION
FASTIO_QUERY_INFORMATION
QueryAllInformationFile
QueryAttributeTagFile
QueryBasicInformationFile
QueryCompressionInformationFile
QueryEaInformationFile
QueryFileInternalInformationFile
QueryMoveClusterInformationFile
QueryNetworkOpenInformationFile
QueryPositionInformationFile
QueryStandardInformationFile
QueryStreamInformationFile
QueryNameInformationFile
IRP_MN_QUERY_INFORMATION
QueryShortNameInformationFile
QueryNormalizedNameInformationFile
QueryNetworkPhysicalNameInformationFile
QueryIdBothDirectory
QueryValidDataLength
QueryIoPiorityHint
QueryLinks
QueryId
QueryEndOfFile
QueryAttributeTag
QueryIdGlobalTxDirectoryInformation
QueryIsRemoteDeviceInformation
QueryAttributeCacheInformation,
QueryNumaNodeInformation
QueryStandardLinkInformation
QueryRemoteProtocolInformation
QueryRenameInformationBypassAccessCheck
QueryLinkInformationBypassAccessCheck
QueryVolumeNameInformation
QueryIdInformation
QueryIdExtdDirectoryInformation
QueryHardLinkFullIdInformation
QueryIdExtdBothDirectoryInformation
QueryDesiredStorageClassInformation
QueryStatInformation
QueryMemoryPartitionInformation
IRP_MJ_SET_INFORMATION
FASTIO_SET_INFORMATION
SetAllocationInformationFile
SetBasicInformationFile
SetDispositionInformationFile
SetEndOfFileInformationFile
SetLinkInformationFile
SetPositionInformationFile
SetRenameInformationFile
SetValidDataLengthInformationFile
SetFileStreamInformation
SetPipeInformation
SetShortNameInformation
SetDispositionInformationEx
SetReplaceCompletionInformation
SetRenameInformationEx
SetRenameInformationExBypassAccessCheck
IRP_MJ_DIRECTORY_CONTROL
FASTIO_DIRECTORY_CONTROL
QueryDirectory
NotifyChangeDirectory
IRP_MJ_PNP
StartDevice
QueryRemoveDevice
RemoveDevice
CancelRemoveDevice
StopDevice
QueryStopDevice
CancelStopDevice
QueryDeviceRelations
QueryInterface
QueryCapabilities
QueryResources
QueryResourceRequirements
QueryDeviceText
FilterResourceRequirements
ReadConfig
WriteConfig
SetLock
QueryPnpDeviceState
QueryBusInformation
DeviceUsageNotification
SurpriseRemoval
QueryLegacyBusInformation
IRP_MJ_VOLUME_DISMOUNT
VolumeDismount
IRP_MJ_VOLUME_MOUNT
VolumeMount
FASTIO_MDL_WRITE_COMPLETE
FASTIO_PREPARE_MDL_WRITE
FASTIO_MDL_READ_COMPLETE
FASTIO_MDL_READ
FASTIO_NETWORK_QUERY_OPEN
QueryOpen
FASTIO_CHECK_IF_POSSIBLE
IRP_MJ_12
IRP_MJ_11
IRP_MJ_10
IRP_MJ_9
IRP_MJ_8
FASTIO_NOTIFY_STREAM_FO_CREATION
FASTIO_RELEASE_FOR_CC_FLUSH
FASTIO_ACQUIRE_FOR_CC_FLUSH
FASTIO_RELEASE_FOR_MOD_WRITE
FASTIO_ACQUIRE_FOR_MOD_WRITE
FASTIO_RELEASE_FOR_SECTION_SYNCHRONIZATION
FASTIO_ACQUIRE_FOR_SECTION_SYNCHRONIZATION
CreateFileMapping
IRP_MJ_CREATE
CreateFile
IRP_MJ_CREATE_NAMED_PIPE
CreatePipe
IRP_MJ_CLOSE
QueryInformationFile
SetInformationFile
IRP_MJ_QUERY_EA
QueryEAFile
IRP_MJ_SET_EA
SetEAFile
IRP_MJ_FLUSH_BUFFERS
FlushBuffersFile
QueryVolumeInformation
SetVolumeInformation
DirectoryControl
IRP_MJ_FILE_SYSTEM_CONTROL
FileSystemControl
IRP_MJ_DEVICE_CONTROL
DeviceIoControl
IRP_MJ_INTERNAL_DEVICE_CONTROL
InternalDeviceIoControl
IRP_MJ_SHUTDOWN
Shutdown
LockUnlockFile
IRP_MJ_CLEANUP
CloseFile
IRP_MJ_CREATE_MAILSLOT
CreateMailSlot
IRP_MJ_QUERY_SECURITY
QuerySecurityFile
IRP_MJ_SET_SECURITY
SetSecurityFile
IRP_MJ_POWER
IRP_MJ_SYSTEM_CONTROL
SystemControl
IRP_MJ_DEVICE_CHANGE
DeviceChange
IRP_MJ_QUERY_QUOTA
QueryFileQuota
IRP_MJ_SET_QUOTA
SetFileQuota
IRP_MJ_PNP
PlugAndPlay
IRP_MJ_MAXIMUM_FUNCTION
IRP_MJ_LOCK_CONTROL
FASTIO_LOCK
LockFile
FASTIO_UNLOCK_SINGLE
UnlockFileSingle
FASTIO_UNLOCK_ALL
UnlockFileAll
FASTIO_UNLOCK_ALL_BY_KEY
UnlockFileByKey
IRP_MJ_READ
FASTIO_READ
ReadFile
IRP_MJ_WRITE
FASTIO_WRITE
WriteFile
IRP_MJ_QUERY_VOLUME_INFORMATION
FASTIO_QUERY_VOLUME_INFORMATION
QueryInformationVolume
QueryLabelInformationVolume
QuerySizeInformationVolume
QueryDeviceInformationVolume
QueryAttributeInformationVolume
Delete
<Unknown>
Attributes
ReparseTag
CreationTime
LastAccessTime
LastWriteTime
ChangeTime
FileAttributes
IndexNumber
Position
AllocationSize
ValidDataLength
Access
EndOfFile
NumberOfLinks
DeletePending
Directory
EaSize
IFILE_DISPOSITION_DELETE
FILE_DISPOSITION_POSIX_SEMANTICS
FILE_DISPOSITION_FORCE_IMAGE_SECTION_CHECK
FILE_DISPOSITION_ON_CLOSE
Category
FILE_DISPOSITION_DO_NOT_DELETE
IFILE_RENAME_REPLACE_IF_EXISTS
FILE_RENAME_POSIX_SEMANTICS
FILE_RENAME_SUPPRESS_PIN_STATE_INHERITANCE
FileName
ReplaceIfExists
AlignmentRequirement
VolumeCreationTime
%04X-%04X
VolumeSerialNumber
SupportsObjects
VolumeLabel
TotalAllocationUnits
AvailableAllocationUnits
SectorsPerAllocationUnit
BytesPerSector
DeviceType
Characteristics
FileSystemAttributes
MaximumComponentNameLength
FileSystemName
FreeSpaceStartFiltering
FreeSpaceThreshold
FreeSpaceStopFiltering
DefaultQuotaThreshold
DefaultQuotaLimit
FileSystemControlFlags
CallerAvailableAllocationUnits
ActualAvailableAllocationUnits
ObjectId
Filter
ShortName
IFILE_NOTIFY_CHANGE_FILE_NAME
FILE_NOTIFY_CHANGE_DIR_NAME
FILE_NOTIFY_CHANGE_NAME
FILE_NOTIFY_CHANGE_ATTRIBUTES
FILE_NOTIFY_CHANGE_SIZE
FILE_NOTIFY_CHANGE_LAST_WRITE
FILE_NOTIFY_CHANGE_LAST_ACCESS
FILE_NOTIFY_CHANGE_CREATION
FILE_NOTIFY_CHANGE_EA
FILE_NOTIFY_CHANGE_SECURITY
FILE_NOTIFY_CHANGE_STREAM_NAME
FILE_NOTIFY_CHANGE_STREAM_SIZE
FILE_NOTIFY_CHANGE_STREAM_WRITE
<Unknown :
UnlockSingle
UnlockAll
UnlockAllByKey
Lock Type
Exclusive
Offset
Fail Immediately
I/O Flags
Priority
Desired Access
Disposition
Options
ShareMode
Impersonating
OpenResult
Information
Operation
CD-ROM
Device Type
Control
WriteLength
ReadLength
SyncTypeOther
SyncTypeCreateSection
Unknown:
SyncType
PAGE_READONLY
PAGE_READWRITE
PAGE_WRITECOPY
PAGE_EXECUTE
PAGE_EXECUTE_READ
PAGE_EXECUTE_READWRITE
PAGE_EXECUTE_WRITECOPY
|PAGE_NOCACHE
PageProtection
EndingOffset
Minor ID
IRP Flags
GraphWindowClass
GraphProperty
Time:
The full name of the selected key or value is not available.
\HKEY_LOCAL_MACHINE
\HKEY_CURRENT_USER
\HKEY_CURRENT_CONFIG
\HKEY_CLASSES_ROOT
\HKEY_USERS
RegEdit_RegEdit
regedit.exe
Process Monitor was unable to launch Regedit.
SysTreeView32
The full name of the selected directory or file is not available.
explorer /select,
Explorer could not open
ICON_MYCOMPUTER
ICON_CLOSEDFOLDER
ICON_OPENFOLDER
comctl32.dll
Text File (*.CSV)
Export Listview
Unable to open file for writing
SeShutdownPrivilege
SeChangeNotifyPrivilege
SeUndockPrivilege
SeIncreaseWorkingSetPrivilege
SeTimeZonePrivilege
IAll Access
Read/Write
Execute
Query Value
Set Value
Create Sub Key
Enumerate Sub Keys
Notify
Create Link
WOW64_Res
WOW64_32Key
WOW64_64Key
Generic Read/Write/Execute
Generic Read/Write
Generic Read/Execute
Generic Write/Execute
Generic Read
Generic Write
Generic Execute
Read Data/List Directory
Write Data/Add File
Append Data/Add Subdirectory/Create Pipe Instance
Read EA
Write EA
Execute/Traverse
Delete Child
Read Attributes
Write Attributes
Read Control
Write DAC
Write Owner
Synchronize
Access System Security
Maximum Allowed
kernel32.dll
\fltlib.dll
%s%07d
%02u:%02u:%02u.%07u
%02u:%02u:%02u
0x%I64x
Windows 2000
Windows XP
Windows XP x64
Windows Server 2003
Windows Vista
Windows Server 2008
Windows 7
Windows Server 2008 R2
Windows 8
Windows Server 2012
Windows 8.1
Windows Server 2012 R2
Windows 10
Windows Server 2016
Windows %d.%d
(build %d.%d)
%08x:%08x
64-bit
32-bit
%x:%x:%x:%x:%x:%x:%x:%x
%d.%d.%d.%d
DACL Protected
SACL Protected
DACL Unprotected
SACL Unprotected
Attribute
Process Trust Label
Backup
IWrite Through
Sequential Access
No Buffering
Synchronous IO Alert
Synchronous IO Non-Alert
Non-Directory File
Create Tree Connection
Complete If Oplocked
No EA Knowledge
Open for Recovery
Random Access
Delete On Close
Open By ID
Open For Backup
No Compression
Reserve OpFilter
Open Reparse Point
Open No Recall
Open For Free Space Query
Open Requiring Oplock
Disallow Exclusive
FSCTL_REQUEST_OPLOCK_LEVEL_1
FSCTL_REQUEST_OPLOCK_LEVEL_2
FSCTL_REQUEST_BATCH_OPLOCK
FSCTL_OPLOCK_BREAK_ACKNOWLEDGE
FSCTL_OPBATCH_ACK_CLOSE_PENDING
FSCTL_OPLOCK_BREAK_NOTIFY
FSCTL_LOCK_VOLUME
FSCTL_UNLOCK_VOLUME
FSCTL_DISMOUNT_VOLUME
FSCTL_IS_VOLUME_MOUNTED
FSCTL_IS_PATHNAME_VALID
FSCTL_MARK_VOLUME_DIRTY
FSCTL_QUERY_RETRIEVAL_POINTERS
FSCTL_QUERY_DEPENDENT_VOLUME
FSCTL_GET_COMPRESSION
FSCTL_SET_COMPRESSION
FSCTL_OPLOCK_BREAK_ACK_NO_2
FSCTL_QUERY_FAT_BPB
FSCTL_REQUEST_FILTER_OPLOCK
FSCTL_FILESYSTEM_GET_STATISTICS
FSCTL_GET_NTFS_VOLUME_DATA
FSCTL_GET_NTFS_FILE_RECORD
FSCTL_GET_VOLUME_BITMAP
FSCTL_GET_RETRIEVAL_POINTERS
FSCTL_MOVE_FILE
FSCTL_IS_VOLUME_DIRTY
FSCTL_ALLOW_EXTENDED_DASD_IO
FSCTL_READ_PROPERTY_DATA
FSCTL_WRITE_PROPERTY_DATA
FSCTL_FIND_FILES_BY_SID
FSCTL_DUMP_PROPERTY_DATA
FSCTL_SET_OBJECT_ID
FSCTL_GET_OBJECT_ID
FSCTL_DELETE_OBJECT_ID
FSCTL_SET_REPARSE_POINT
FSCTL_GET_REPARSE_POINT
FSCTL_DELETE_REPARSE_POINT
FSCTL_ENUM_USN_DATA
FSCTL_SECURITY_ID_CHECK
FSCTL_READ_USN_JOURNAL
FSCTL_SET_OBJECT_ID_EXTENDED
FSCTL_CREATE_OR_GET_OBJECT_ID
FSCTL_SET_SPARSE
FSCTL_SET_ZERO_DATA
FSCTL_QUERY_ALLOCATED_RANGES
FSCTL_ENABLE_UPGRADE
FSCTL_SET_ENCRYPTION
FSCTL_ENCRYPTION_FSCTL_IO
FSCTL_WRITE_RAW_ENCRYPTED
FSCTL_READ_RAW_ENCRYPTED
FSCTL_CREATE_USN_JOURNAL
FSCTL_READ_FILE_USN_DATA
FSCTL_WRITE_USN_CLOSE_RECORD
FSCTL_EXTEND_VOLUME
FSCTL_QUERY_USN_JOURNAL
FSCTL_DELETE_USN_JOURNAL
FSCTL_MARK_HANDLE
FSCTL_SIS_COPYFILE
FSCTL_SIS_LINK_FILES
FSCTL_HSM_MSG
IOCTL_SHADOW_END_REINT
IOCTL_GETSHADOW
FSCTL_TXFS_LIST_TRANSACTIONS
FSCTL_FILE_PREFETCH
CSC_FSCTL_OPERATION_QUERY_HANDLE
FSCTL_PIPE_DISCONNECT
FSCTL_PIPE_ASSIGN_EVENT
FSCTL_PIPE_QUERY_EVENT
FSCTL_PIPE_LISTEN
FSCTL_PIPE_IMPERSONATE
FSCTL_PIPE_WAIT
FSCTL_QUERY_CLIENT_PROCESS
FSCTL_PIPE_SET_CLIENT_PROCESS
FSCTL_PIPE_PEEK
FSCTL_PIPE_INTERNAL_READ
FSCTL_PIPE_INTERNAL_WRITE
FSCTL_PIPE_TRANSCEIVE
FSCTL_PIPE_INTERNAL_TRANSCEIVE
FSCTL_MAILSLOT_PEEK
FSCTL_NETWORK_GET_CONNECTION_INFO
FSCTL_NETWORK_ENUMERATE_CONNECTIONS
FSCTL_NETWORK_DELETE_CONNECTION
FSCTL_NETWORK_SET_CONFIGURATION_INFO
FSCTL_NETWORK_GET_CONFIGURATION_INFO
FSCTL_NETWORK_GET_STATISTICS
FSCTL_NETWORK_SET_DOMAIN_NAME
FSCTL_NETWORK_REMOTE_BOOT_INIT_SCRT
IOCTL_MOUNTDEV_QUERY_DEVICE_NAME
IOCTL_MOUNTDEV_QUERY_UNIQUE_ID
IOCTL_MOUNTDEV_UNIQUE_ID_CHANGE_NOTIFY
IOCTL_MOUNTDEV_QUERY_SUGGESTED_LINK_NAME
IOCTL_MOUNTDEV_LINK_CREATED
IOCTL_MOUNTDEV_LINK_DELETED
IOCTL_DISK_GET_DRIVE_GEOMETRY
IOCTL_DISK_GET_PARTITION_INFO
IOCTL_DISK_SET_PARTITION_INFO
IOCTL_DISK_GET_DRIVE_LAYOUT
IOCTL_DISK_SET_DRIVE_LAYOUT
IOCTL_DISK_VERIFY
IOCTL_DISK_FORMAT_TRACKS
IOCTL_DISK_REASSIGN_BLOCKS
IOCTL_DISK_PERFORMANCE
IOCTL_DISK_IS_WRITABLE
IOCTL_DISK_LOGGING
IOCTL_DISK_FORMAT_TRACKS_EX
IOCTL_DISK_HISTOGRAM_STRUCTURE
IOCTL_DISK_HISTOGRAM_DATA
IOCTL_DISK_HISTOGRAM_RESET
IOCTL_DISK_REQUEST_STRUCTURE
IOCTL_DISK_REQUEST_DATA
IOCTL_DISK_PERFORMANCE_OFF
SMART_GET_VERSION
SMART_SEND_DRIVE_COMMAND
SMART_RCV_DRIVE_DATA
IOCTL_DISK_GET_PARTITION_INFO_EX
IOCTL_DISK_SET_PARTITION_INFO_EX
IOCTL_DISK_GET_DRIVE_LAYOUT_EX
IOCTL_DISK_SET_DRIVE_LAYOUT_EX
IOCTL_DISK_CREATE_DISK
IOCTL_DISK_GET_LENGTH_INFO
IOCTL_DISK_GET_DRIVE_GEOMETRY_EX
IOCTL_DISK_REASSIGN_BLOCKS_EX
IOCTL_DISK_UPDATE_DRIVE_SIZE
IOCTL_DISK_GROW_PARTITION
IOCTL_DISK_GET_CACHE_INFORMATION
IOCTL_DISK_SET_CACHE_INFORMATION
IOCTL_DISK_UPDATE_PROPERTIES
IOCTL_DISK_CHECK_VERIFY
IOCTL_DISK_MEDIA_REMOVAL
IOCTL_DISK_EJECT_MEDIA
IOCTL_DISK_LOAD_MEDIA
IOCTL_DISK_RESERVE
IOCTL_DISK_RELEASE
IOCTL_DISK_FIND_NEW_DEVICES
IOCTL_DISK_GET_MEDIA_TYPES
IOCTL_DISK_QUERY_DEVICE_STATE
IOCTL_DISK_QUERY_DISK_SIGNATURE
IOCTL_DISK_GET_CLUSTER_INFO
IOCTL_DISK_SET_CLUSTER_INFO
IOCTL_DISK_GET_DISK_ATTRIBUTES
IOCTL_DISK_SET_DISK_ATTRIBUTES
IOCTL_STORAGE_CHECK_VERIFY
IOCTL_STORAGE_CHECK_VERIFY2
IOCTL_STORAGE_MEDIA_REMOVAL
IOCTL_STORAGE_EJECT_MEDIA
IOCTL_STORAGE_LOAD_MEDIA
IOCTL_STORAGE_LOAD_MEDIA2
IOCTL_STORAGE_RESERVE
IOCTL_STORAGE_RELEASE
IOCTL_STORAGE_FIND_NEW_DEVICES
IOCTL_STORAGE_EJECTION_CONTROL
IOCTL_STORAGE_MCN_CONTROL
IOCTL_STORAGE_GET_MEDIA_TYPES
IOCTL_STORAGE_GET_MEDIA_TYPES_EX
IOCTL_STORAGE_GET_MEDIA_SERIAL_NUMBER
IOCTL_STORAGE_GET_HOTPLUG_INFO
IOCTL_STORAGE_SET_HOTPLUG_INFO
IOCTL_STORAGE_RESET_BUS
IOCTL_STORAGE_RESET_DEVICE
IOCTL_STORAGE_BREAK_RESERVATION
IOCTL_STORAGE_PERSISTENT_RESERVE_IN
IOCTL_STORAGE_PERSISTENT_RESERVE_OUT
IOCTL_STORAGE_GET_DEVICE_NUMBER
IOCTL_STORAGE_PREDICT_FAILURE
IOCTL_STORAGE_READ_CAPACITY
IOCTL_STORAGE_QUERY_PROPERTY
IOCTL_STORAGE_QUERY_DEPENDENT_DISK
IOCTL_VOLUME_GET_GPT_ATTRIBUTES
IOCTL_VOLUME_GET_VOLUME_DISK_EXTENTS
IOCTL_SCSI_PASS_THROUGH
IOCTL_SCSI_PASS_THROUGH_DIRECT
IOCTL_SCSI_GET_ADDRESS
IOCTL_SCSI_GET_DUMP_POINTERS
IOCTL_SCSI_FREE_DUMP_POINTERS
IOCTL_CDROM_GET_CONFIGURATION
IOCTL_CDROM_CHECK_VERIFY
IOCTL_CDROM_MEDIA_REMOVAL
IOCTL_CDROM_EJECT_MEDIA
IOCTL_CDROM_LOAD_MEDIA
FSCTL_LMR_START
FSCTL_LMR_STOP
FSCTL_LMR_BIND_TO_TRANSPORT
FSCTL_LMR_UNBIND_FROM_TRANSPORT
FSCTL_LMR_ENUMERATE_TRANSPORTS
FSCTL_LMR_GET_HINT_SIZE
FSCTL_LMR_FORCE_DISCONNECT
FSCTL_LMR_TRANSACT
FSCTL_LMR_ENUMERATE_PRINT_INFO
FSCTL_LMR_START_SMBTRACE
FSCTL_LMR_END_SMBTRACE
FSCTL_LMR_START_RBR
FSCTL_LMR_SET_SERVER_GUID
FSCTL_LMR_QUERY_TARGET_INFO
FSCTL_LMR_QUERY_DEBUG_INFO
IOCTL_LMR_LWIO_PREIO
IOCTL_LMR_LWIO_POSTIO
IOCTL_LMR_DISABLE_LOCAL_BUFFERING
IOCTL_LMR_QUERY_REMOTE_SERVER_NAME
IOCTL_SMBMRX_START
IOCTL_SMBMRX_STOP
IOCTL_SMBMRX_GETSTATE
IOCTL_SMBMRX_ADDCONN
IOCTL_SMBMRX_DELCONN
IOCTL_UMRX_RELEASE_THREADS
IOCTL_UMRX_GET_REQUEST
IOCTL_UMRX_RESPONSE_AND_REQUEST
IOCTL_UMRX_RESPONSE
IOCTL_UMRX_GET_LOCK_OWNER
IOCTL_UMRX_PREPARE_QUEUE
FSCTL_DFS_TRANSLATE_PATH
FSCTL_DFS_GET_REFERRALS
FSCTL_DFS_REPORT_INCONSISTENCY
FSCTL_DFS_IS_SHARE_IN_DFS
FSCTL_DFS_IS_ROOT
FSCTL_DFS_GET_VERSION
IOCTL_VOLSNAP_FLUSH_AND_HOLD_WRITES
IOCTL_VOLSNAP_RELEASE_WRITES
IOCTL_VOLSNAP_PREPARE_FOR_SNAPSHOT
IOCTL_VOLSNAP_ABORT_PREPARED_SNAPSHOT
IOCTL_VOLSNAP_COMMIT_SNAPSHOT
IOCTL_VOLSNAP_END_COMMIT_SNAPSHOT
IOCTL_VOLSNAP_QUERY_NAMES_OF_SNAPSHOTS
IOCTL_VOLSNAP_CLEAR_DIFF_AREA
IOCTL_VOLSNAP_ADD_VOLUME_TO_DIFF_AREA
IOCTL_VOLSNAP_QUERY_DIFF_AREA
IOCTL_VOLSNAP_SET_MAX_DIFF_AREA_SIZE
IOCTL_VOLSNAP_QUERY_DIFF_AREA_SIZES
IOCTL_VOLSNAP_DELETE_OLDEST_SNAPSHOT
IOCTL_VOLSNAP_AUTO_CLEANUP
IOCTL_VOLSNAP_DELETE_SNAPSHOT
IOCTL_VOLSNAP_QUERY_REVERT
IOCTL_VOLSNAP_REVERT_CLEANUP
IOCTL_VOLSNAP_REVERT
IOCTL_VOLSNAP_QUERY_REVERT_PROGRESS
IOCTL_VOLSNAP_CANCEL_REVERT
IOCTL_VOLSNAP_QUERY_EPIC
IOCTL_VOLSNAP_QUERY_OFFLINE
IOCTL_VOLSNAP_QUERY_DIFF_AREA_MINIMUM_SIZE
IOCTL_VOLSNAP_QUERY_COPY_FREE_BITMAP
IOCTL_VOLSNAP_BLOCK_DELETE_IN_THE_MIDDLE
IOCTL_VOLSNAP_SET_MAX_DIFF_AREA_SIZE_TEMP
IOCTL_VOLSNAP_SET_APPLICATION_FLAGS
IOCTL_VOLSNAP_QUERY_APPLICATION_FLAGS
IOCTL_VOLSNAP_SET_BC_FAILURE_MODE
IOCTL_VOLSNAP_QUERY_PERFORMANCE_COUNTERS
IOCTL_VOLSNAP_SET_PRE_COPY_AMOUNTS
IOCTL_VOLSNAP_QUERY_PRE_COPY_AMOUNTS
IOCTL_VOLSNAP_QUERY_DEFAULT_PRE_COPY_AMOUNTS
IOCTL_VOLSNAP_PRE_EXPOSE_DEVICES
IOCTL_VOLSNAP_QUERY_ORIGINAL_VOLUME_NAME
IOCTL_VOLSNAP_QUERY_CONFIG_INFO
IOCTL_VOLSNAP_SET_APPLICATION_INFO
IOCTL_VOLSNAP_QUERY_APPLICATION_INFO
IOCTL_VOLSNAP_HAS_CHANGED
IOCTL_VOLSNAP_SET_SNAPSHOT_PRIORITY
IOCTL_VOLSNAP_QUERY_SNAPSHOT_PRIORITY
IOCTL_VOLSNAP_QUERY_DELTA_BITMAP
IOCTL_VOLSNAP_QUERY_SNAPSHOT_SUPPLEMENTAL
IOCTL_VOLSNAP_QUERY_COPIED_BITMAP
IOCTL_VOLSNAP_QUERY_MOVE_LIST
IOCTL_VOLSNAP_QUERY_PRE_COPIED_BITMAP
IOCTL_VOLSNAP_QUERY_USED_PRE_COPIED_BITMAP
IOCTL_VOLSNAP_QUERY_DEFRAG_PRE_COPIED_BITMAP
IOCTL_VOLSNAP_QUERY_FREESPACE_PRE_COPIED_BITMAP
IOCTL_VOLSNAP_QUERY_HOTBLOCKS_PRE_COPIED_BITMAP
IOCTL_VOLSNAP_QUERY_DIFF_AREA_FILE_SIZES
FSCTL_REQUEST_OPLOCK
FSCTL_GET_BOOT_AREA_INFO
FSCTL_CSV_TUNNEL_REQUEST
FSCTL_QUERY_FILE_SYSTEM_RECOGNITION
FSCTL_CSV_GET_VOLUME_NAME_FOR_VOLUME_MOUNT_POINT
FSCTL_CSV_GET_VOLUME_PATH_NAMES_FOR_VOLUME_NAME
FSCTL_IS_FILE_ON_CSV_VOLUME
FSCTL_CORRUPTION_HANDLING
FSCTL_OFFLOAD_READ
FSCTL_OFFLOAD_WRITE
FSCTL_FILE_LEVEL_TRIM
FSCTL_SET_PURGE_FAILURE_MODE
FSCTL_QUERY_FILE_LAYOUT
FSCTL_IS_VOLUME_OWNED_BYCSVFS
FSCTL_GET_INTEGRITY_INFORMATION
FSCTL_QUERY_FILE_REGIONS
FSCTL_SCRUB_DATA
FSCTL_REPAIR_COPIES
FSCTL_DISABLE_LOCAL_BUFFERING
FSCTL_SET_EXTERNAL_BACKING
FSCTL_GET_EXTERNAL_BACKING
IOCTL_CHANNEL_GET_SNDCHANNEL
(Device:
Function:
Method:
Created
DoesNotExist
Exists
Opened
Overwritten
Superseded
Supersede
Create
OpenIf
Overwrite
OverwriteIf
Very Low
Normal
Critical
IBuffered
Non-cached
Paging I/O
Synchronous
Synchronous Paging I/O
JCase Preserved
Case Sensitive
Unicode
Compression
Compressed
Named Streams
Read Only
Object IDs
Reparse Points
Sparse Files
Quotas
Transactions
8042 Port
Battery
Bus Extender
Changer
Controller
Datalink
DFS FS
DFS Volume
Disk FS
Fullscreen Video
Inport Port
Keyboard
Mailslot
Mass Storage
MIDI In
MIDI Out
Multi-UNC Provider
Named Pipe
Network Browser
Network FS
Network Redirector
Parallel Port
Physical Netcard
Printer
Scanner
Screen
Serenum
Serial Mouse Port
Serial Port
Smartcard
Streams
Tape FS
TermSrv
Transport
Virtual Disk
Wave In
Wave Out
JAutogenerated Name
Plug and Play
Mounted
Secure Open
Floppy Diskette
Remote
Removable
Virtual
Write Once
32 Byte
64 Byte
128 Byte
256 Byte
512 Byte
\SystemRoot
System32
SysWOW64
\System32\Drivers\
J\Device\Mup
\Device\Harddisk?\DR?
DEVICE_PATH
\Device\LanmanRedirector\
\Device\Mup\
\SystemRoot\
SYSTEM\Select
Current
\REGISTRY\
MACHINE
\SYSTEM\CURRENTCONTROLSET\HARDWARE PROFILES\CURRENT
\SOFTWARE\CLASSES
\SYSTEM\ControlSet
HKLM\System\CurrentControlSet
_CLASSES
HKCU\Software\Classes
Select Remote Computer
Software\Classes\
shell\open\command
"%s" /Run32 /OpenLog "%%1"
"%s" /OpenLog "%%1"
DefaultIcon
"%s",0
Mandatory Level
Unsupported processor type: %d
/originalpath "
64.exe
%TEMP%
http\shell\open\command
Software\Microsoft\Windows\Shell\Associations\UrlAssociations\http\UserChoice
ProgId
\shell\open\command
%s "? %s"
Process Monitor Error
No web browser is configured.
'
"
SeIncreaseBasePriorityPrivilege
PROCMON: Terminating due to unexpected socket error
The remote system has closed the connection
Converting boot-time event data
Ntdll.dll
Unable to create socket
Unable to bind socket
Unable to query the port
Accept failed
Unable to connect to remote system
Capture requires 64-bit mode.
Process Monitor is already monitoring this system.
Capture requires Administrators group membership
Another version of the Process Monitor driver is already loaded. A reboot is required to run this version.
Unable to load Process Monitor device driver
Error enabling capture
PROCMON: Error waiting for console connection:
PROCMON: already running on this system
PROCMON: Unable to load device driver
Unable to resolve address for computer '
Unable to open connection to '
' on port
e\Global??\%c:
\Sessions\%d\DosDevices\%08x-%08x\%c:
\Device\LanmanRedirector\;
startime
endtime
EventTimeStamp
StackProcess
StackThread
Stack1
Stack2
Stack3
Stack4
Stack5
Stack6
Stack7
Stack8
Stack9
Stack10
Stack11
Stack12
Stack13
Stack14
Stack15
Stack16
Stack17
Stack18
Stack19
Stack20
Stack21
Stack22
Stack23
Stack24
Stack25
Stack26
Stack27
Stack28
Stack29
Stack30
Stack31
Stack32
0x%08X
0x%llX
%03d.%03d.%03d.%03d
%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x
"%*hs"
"%*ws"
MSNT_TcpIpInformation
StackWalk
LostEvent
SendIPV4
SendIPV6
RecvIPV4
RecvIPV6
Accept
AcceptIPV4
AcceptIPV6
Connect
ConnectIPV4
ConnectIPV6
Disconnect
DisconnectIPV4
DisconnectIPV6
Reconnect
ReconnectIPV4
ReconnectIPV6
Retransmit
RetransmitIPV4
RetransmitIPV6
TCPCopy
TCPCopyIPV4
TCPCopyIPV6
PROCMON TRACE
NT Kernel Logger
advapi32.dll
Network trace initialization failed: Error %d
SYSTEM
JFilter#
Module
Dstatus
Button
ResizerClass
Unlabeled
ThisProperty
No events
(capture disabled)
The current filter excludes all %s events
Showing all %s events
Showing %s of %s events (%s%%)
virtual memory
Backed by %s
Process Monitor - Sysinternals: www.sysinternals.com
FileViewerDialog
The file '
' could not be opened
Courier New
' could not be read
FILE_VIEWER
SystemDetailsDialog
unknown
ProfilingDialog
commdlg_ColorOK
commdlg_SetRGBColor
SELECTHIGHLIGHTCOLORS
ModulePropertiesDialog
Filter %d
Replace existing filter '
SAVE_FILTER
Procmon Filter (*.PMF)
Error writing filter file
Error reading filter file
A filter by that name already exists. Do you want to overwrite it?
Device Path
User Path
DevicePathDialog
DevicePathColumns
Event Count
Event Bytes
Pending Events
Process Count
Dictionary Count
Icon Count
Commited
BackingFileDialog
BackingFileColumns
ProcMon load: %.2f%% @ p%d (%s bytes pending)
MB available)
Procmon Log (*.PML)
Please provide a path to the backing file.
Your changes will take affect the next time you begin capturing a new log.
Address
(Running)
MODULE_PROPERTIES
Description:
Company:
Modules:
CONTEXT_STACKTRACE
PropertySheetDialog
Event Properties
PROP_EVENT
PROP_PROCESS
PROP_STACKTRACE
PROPERTIES
Column
Relation
Action
FilterControlColumns
FILTER_CONTROL
FilterDialog
You did not add the item you were editing. Add it now?
HighlightDialog
PreviousFilterItem
UniqueDialog
OccurrencesDialog
OccurrencesColumns
%Iu items
Kernel CPU;%
Total CPU;%
File Bytes
File Operations
Registry Operations
Network Bytes
Network Operations
Working Set Bytes
Process Timeline -
ProcessTimelineDialog
/second
Process Name
File Events
File I/O Bytes
Registry Events
Network Events
Working Set Peak
ProcessActivitySummaryDialog
ProcessSummaryColumns2
PROCESS_TIMELINE
File Time
Total Events
Closes
Writes
Read Bytes
Write Bytes
Get ACL
Set ACL
Extension
By Path
By Folder
By Extension
FileSummaryColumns
FileSummaryColumns.ByFolder
FileSummaryColumns.ByExtension
FileSummaryDialog
<none>
<Total>
%Iu file paths
Registry Time
RegistrySummaryDialog
RegistrySummaryColumns
Network Time
Connects
Disconnects
Receives
Send Bytes
Receive Bytes
NetworkSummaryDialog
NetworkSummaryColumns
% Count
% Time
Location
StackSummaryDialog
StackSummaryColumns
Adding items
Unable to locate associated event in the visible items
Writers
Readers
CrossReferenceSummaryDialog
CrossReferenceSummaryColumns
HistoryDepthDialog
History depth must be 1-
@%s (%s)
<graph>
<undefined>
ProcessTreeDialog
Process Tree -
Process Tree
Image Path
Life Time
Command
Start Time
End Time
ProcessTreeColumns
ProcessTree.ShowRunningOnly
ProcessTree.ShowAllHistory
CONTEXT_PROCESSTREE
: The operation was cancelled
: There are no items to be saved
: The selected file is not writable
: The disk is full, or an internal size limit was exceeded
: An error occurred saving the data
: The operation was successful
SaveDialog
Logfile
Procmon Log (*.PML)
Text File (*.CSV)
XML File (*.XML)
You must supply a path
already exists.
Do you want to replace it?
Error Saving File
Log files must be native Process Monitor log files with a .pml extension.
The specified log file does not exist.
There %s %Id additional file%s associated with this log. Do you wish to open all files?
\SystemRoot
<remote boot-log>
Procmon Log (*.PML,*.PMB)
*.PML;*.PMB
The log of boot-time activity created by a previous instance of Process Monitor is incomplete and cannot be read.
A log of boot-time activity was created by a previous instance of Process Monitor. Do you wish to save the collected data now?
Bootlog.pml
Unable to create the requested PML file
An error occurred processing the boot-time data
Include '
Exclude '
Highlight '
Copy '
Edit Filter '
Exclude Events Before
Exclude Events After
MainWindow
ToolbarWindow32
(not found)
commdlg_FindReplace
CONTEXT_HEADER
Highlight
Unable to determine process ID for selected window
A system or application resource limit has been exceeded
that prevents Process Monitor from capturing additional events.
Cannot find string "
Bookmarks are not enabled because the file is read-only.
No more bookmarks
PROFILING_OPTIONS
COLUMNCHOOSER
Jump not implemented for this event class
FILTER
No filter rules are currently defined
ORGANIZE_FILTERS
HIGHLIGHT
HISTORY_DEPTH
SYSTEM_DETAILS
There are no events in the trace
UNIQUE
OCCURRENCES
PROCESS_TREE
PROCESS_SUMMARY
FILE_SUMMARY
REGISTRY_SUMMARY
NETWORK_SUMMARY
STACK_SUMMARY
CROSS_REFERENCE_SUMMARY
SYMBOLCONFIG
No more highlights
\procmon.chm
%s:Zone.Identifier
Unable to open help file
ABOUTBOX
BACKINGFILE
ProcmonConfiguration.pmc
Procmon Configuration (*.PMC)
The selected file cannot be opened
DISCONNECTING
Unable to enable capturing of events.
<remote system root>
<remote computer name>
MAIN_MENU
PROCMON_WINDOW_CLASS
Out of memory: Unable to allocate a memory block of size %Iu
Software\Microsoft\Windows NT\CurrentVersion
Kernel32.dll
OpenLog
Terminate
WaitForIdle
SaveAs
SaveAs1
SaveAs2
SaveApplyFilter
EnableBootLogging
ConvertBootLog
LoadConfig
NoFilter
BackingFile
OriginalPath
PagingFile
NoConnect
Client
Minimized
Runtime
HookRegistry
ExternalCapture
Software\Microsoft\Windows\CurrentVersion\Policies\System
EnableLUA
Process Monitor must be run from an administrator account.
Unable to extract x64 image. Run Process Monitor from a writable directory.
Invalid argument:
The /SaveAs option is valid only when used with /OpenLog
The /SaveApplyFilter option is valid only when used with /SaveAs
Procmon was unable to allocate sufficient memory to run.
Try increasing the size of your page file.
Runtime parameter must be specified in seconds.
Runtime parameter must be between 1 and 3600 seconds.
SeDebugPrivilege
ProcMon Log File
ProcMon.Logfile.1
Software\Sysinternals\Process Monitor32
Software\Sysinternals\Process Monitor
The selected configuration file cannot be opened
DeviceNameMap
Invalid file extension in /SaveAs option
The file was not saved.
ACCELERATORS
FILTER_INIT
NT AUTHORITY\SYSTEM
REG_NONE
REG_SZ
REG_EXPAND_SZ
REG_BINARY
REG_DWORD
REG_DWORD_BIG_ENDIAN
REG_LINK
REG_MULTI_SZ
REG_RESOURCE_LIST
REG_FULL_RESOURCE_DESCRIPTOR
REG_RESOURCE_REQUIREMENTS_LIST
REG_QWORD
REG_CREATED_NEW_KEY
REG_OPENED_EXISTING_KEY
<Unknown:
Granted Access
Hive Path
New Name
Cached
HandleTags
UserFlags
SubKeys
Values
KeyWriteTimeInformation
KeyWow64FlagsInformation
KeySetHandleTagsInformation
KeySetInformationClass
Wow64Flags
dColumns
ColumnCount
ColumnMap
DbgHelpPath
HighlightFG
HighlightBG
LogFont
BoookmarkFont
AdvancedMode
Autoscroll
HistoryDepth
DestructiveFilter
AlwaysOnTop
ResolveAddresses
SourcePath
SymbolPath
FilterRules
HighlightRules
%_NT_SYMBOL_PATH%
srv*https://msdl.microsoft.com/download/symbols
Internal error: Snapshot is already open
Unable to open '
' for reading
' is not a valid backing file (truncated)
An error occurred attempting to memory map '
is not a Process Monitor backing file (signature missing).
is not compatible with this version of Process Monitor.
was not closed cleanly during capture and is corrupt.
must be opened using the 64-bit version of Process Monitor.
' is corrupt and cannot be opened.
PRIVILEGE NOT HELD
INSUFFICIENT SERVER RESOURCES
ACCESS VIOLATION
THREAD NOT IN PROCESS
INSUFFICIENT RESOURCES
KEY DELETED
IO FAILED
REGISTRY CORRUPT
NO MEMORY
FILE DELETED
PATH SYNTAX BAD
BAD IMPERSONATION
FILES OPEN
DEVICE DATA ERROR
CRC ERROR
NOT IMPLEMENTED
EAS NOT SUPPORTED
TOO MANY COMMANDS
DEVICE NOT CONNECTED
NOT SAME DEVICE
EA TOO LARGE
DATATYPE MISALIGNMENT
HIVE UNLOADED
FILE INVALID
NONEXISTENT EA ENTRY
BAD NETWORK NAME
INVALID NETWORK RESPONSE
NOTIFY ENUM DIR
FILE CORRUPT
DISK CORRUPT
RANGE NOT LOCKED
FILE CLOSED
DUPLICATE NAME
DATA OVERRUN
REDIRECTOR NOT STARTED
UNSUCCESSFUL
NOT FOUND
NO MORE MATCHES
OBJECT PATH INVALID
INFO LENGTH MISMATCH
CANNOT IMPERSONATE
LOGON FAILURE
DOWNGRADE DETECTED
INVALID ADDRESS COMPONENT
IN PAGE ERROR
CANCELLED
NO EAS ON FILE
EA CORRUPT ERROR
QUOTA EXCEEDED
NOT SUPPORTED
NO MORE FILES
BUFFER TOO SMALL
NAME INVALID
NAME NOT FOUND
NOT A DIRECTORY
NO SUCH FILE
NAME COLLISION
NONEXISTENT SECTOR
BAD NETWORK PATH
PATH NOT FOUND
NO SUCH DEVICE
END OF FILE
NOTIFY CLEANUP
CSC OBJECT PATH NOT FOUND
BUFFER OVERFLOW
OBJECTID NOT FOUND
OBJECT TYPE MISMATCH
NO MORE ENTRIES
ACCESS DENIED
SHARING VIOLATION
INVALID PARAMETER
OPLOCK BREAK IN PROGRESS
CANNOT BREAK OPLOCK
OPLOCK NOT GRANTED
FILE LOCK CONFLICT
REPARSE
MORE ENTRIES
FS DRIVER REQUIRED
DELETE PENDING
CANNOT DELETE
NOT GRANTED
IS DIRECTORY
ALREADY COMMITTED
INVALID EA FLAG
INVALID INFO CLASS
INVALID HANDLE
INVALID DEVICE REQUEST
WRONG VOLUME
CHILD MUST BE VOLATILE
NETWORK ERROR
DISCONNECTED
DFS UNAVAILABLE
LOG FILE FULL
INVALID DEVICE STATE
NO MEDIA
PREDEFINED HANDLE
DISK FULL
NOT EMPTY
NOT REPARSE POINT
MEDIA WRITE PROTECTED
CANNOT MAKE
INVALID PARAMETER 1
INVALID PARAMETER 2
INVALID PARAMETER 3
INVALID PARAMETER 4
E_WRONG_PRINCIPAL
INVALID LEVEL
OPLOCK SWITCHED TO NEW HANDLE
OPLOCK HANDLE CLOSED
WAIT FOR OPLOCK
DEVICE FEATURE NOT SUPPORTED
INVALID TRANSACTION
CANNOT EXECUTE FILE IN TRANSACTION
SPARSE NOT ALLOWED IN TRANSACTION
TRANSACTED MAPPING UNSUPPORTED REMOTE
TRANSACTIONAL OPEN NOT ALLOWED
EFS NOT ALLOWED IN TRANSACTION
FILE LOCKED WITH ONLY READERS
FILE LOCKED WITH WRITERS
TRANSACTIONAL CONFLICT
TRANSACTION_NOT_ACTIVE
INSTANCE NOT AVAILABLE
PIPE NOT AVAILABLE
INVALID PIPE STATE
PIPE BUSY
PIPE DISCONNECTED
PIPE CLOSING
PIPE CONNECTED
PIPE LISTENING
INVALID READ MODE
FILE SYSTEM LIMITATION
PIPE EMPTY
PIPE BROKEN
IO TIMEOUT
PATH NOT COVERED
FAST IO DISALLOWED
IO DEVICE ERROR
CANT WAIT
USER MAPPED FILE
USER SESSION DELETED
LOGIN WKSTA RESTRICTION
STATUS_OFFLOAD_READ_FLT_NOT_SUPPORTED
STATUS_OFFLOAD_WRITE_FLT_NOT_SUPPORTED
OFFLOAD READ FILE NOT SUPPORTED
_NT_SYMBOL_PATH
ntoskrnl.exe
Ntkrnlmp.exe
ntkrnlpa.exe
Ntkrpamp.exe
Loading symbol module for
Loading symbols for
Retrieving function names for
Retrieving source path for
Configure the symbol engine for symbols
Resolving symbols...
http://www.microsoft.com/whdc/devtools/debugging/default.mspx
Software\Microsoft\DebuggingTools
Windbg
DbgHelp.dll
%ProgramFiles%\Debugging Tools for Windows (x86)\dbghelp.dll
C:\Debuggers\dbghelp.dll
\dbghelp.dll
dbghelp.dll
imagehlp.dll
%PATH%
Specify dbghelp.dll...
Dbghelp DLL (dbghelp.dll)
Browse for Symbols Directory
Browse for Source Directory
The DLL you specified is not a valid Dbghelp DLL.
SYMBOLCONFIGWARNING
\StringFileInfo\%04X%04X\%s
\VarFileInfo\Translation
FileDescription
user32.dll
ERROR : Unable to initialize critical section in CAtlBaseModule
Gmscoree.dll
;T^h<U_i=V`j>Wak?Xbl@YcmAZdnB[eoC\fpD]gq
combase.dll
Jja-JP
Sunday
Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
January
February
August
September
October
November
December
MM/dd/yy
dddd, MMMM dd, yyyy
HH:mm:ss
JR6002
- floating point support not loaded
- not enough space for arguments
- not enough space for environment
- abort() has been called
- not enough space for thread data
- unexpected multithread lock error
- unexpected heap error
- unable to open console device
- not enough space for _onexit/atexit table
- pure virtual function call
- not enough space for stdio initialization
- not enough space for lowio initialization
- unable to initialize heap
- CRT not initialized
- Attempt to initialize the CRT more than once.
This indicates a bug in your application.
- not enough space for locale information
- Attempt to use MSIL code from this assembly during native code initialization
This indicates a bug in your application. It is most likely the result of calling an MSIL-compiled (/clr) function from a native constructor or from DllMain.
- inconsistent onexit begin-end variables
DOMAIN error
SING error
TLOSS error
runtime error
Runtime Error!
Program:
<program name unknown>
Microsoft Visual C++ Runtime Library
(null)
CONIN$
UTF-16LE
UNICODE
((((( H
((((( H
zh-CHS
az-AZ-Latn
uz-UZ-Latn
kok-IN
syr-SY
div-MV
quz-BO
sr-SP-Latn
az-AZ-Cyrl
uz-UZ-Cyrl
quz-EC
sr-SP-Cyrl
quz-PE
smj-NO
bs-BA-Latn
smj-SE
sr-BA-Latn
sma-NO
sr-BA-Cyrl
sma-SE
sms-FI
smn-FI
zh-CHT
az-az-cyrl
az-az-latn
bs-ba-latn
div-mv
kok-in
quz-bo
quz-ec
quz-pe
sma-no
sma-se
smj-no
smj-se
smn-fi
sms-fi
sr-ba-cyrl
sr-ba-latn
sr-sp-cyrl
sr-sp-latn
syr-sy
uz-uz-cyrl
uz-uz-latn
zh-chs
zh-cht
USER32.DLL
2CONOUT$
ACCELERATORS
MAIN_MENU
CONTEXT_HEADER
CONTEXT_PROCESSTREE
ABOUTBOX
COLUMNCHOOSER
FILTER
SYMBOLDBGHELPGWARNING
SYMBOLCONFIGWARNING
SYMBOLCONFIG
PROP_STACKTRACE
BACKINGFILE
PROPERTIES
PROP_PROCESS
HISTORY_DEPTH
UNIQUE
FILTER_CONTROL
HIGHLIGHT
SELECTHIGHLIGHTCOLORS
MODULE_PROPERTIES
SAVE_FILTER
ORGANIZE_FILTERS
PROP_EVENT
PROGRESS
OCCURRENCES
PROCESS_SUMMARY
FILE_SUMMARY
FILTER_INIT
REGISTRY_SUMMARY
STACK_SUMMARY
PROFILING_OPTIONS
DEVICE_PATH
PROCESS_TREE
FILE_VIEWER
CROSS_REFERENCE_SUMMARY
PROCESS_TIMELINE
SYSTEM_DETAILS
NETWORK_SUMMARY
DISCONNECTING
BOOTLOG_OPTIONS
SPLITTER_CURSOR
BINRES
RCDRIVERNT
&Open...
Ctrl+O
&Save...
Ctrl+S
Backing Files...
&Capture Events
Ctrl+E
Export Configuration...
Import Configuration...
Ctrl+C
&Find...
Ctrl+F
Find &Highlight
Find &Bookmark
&Auto Scroll
Ctrl+A
C&lear Display
Ctrl+X
E&vent
Properties...
Ctrl+P
Stac&k...
Ctrl+K
Toggle &Bookmark
Ctrl+B
Jump To...
Ctrl+J
Search Online...
Include
IncludeDummy
Exclude
ExcludeDummy
Highlight
HighlightDummy
Fi&lter
Enable &Advanced Output
Filter...
Ctrl+L
Reset Filter
Ctrl+R
Load Filter
LoadFilterDummy
Save Filter...
Organize Filters...
Drop Filtered Events
Highlight...
Ctrl+H
&Tools
System Details...
Process Tree...
Ctrl+T
Process Activity Summary...
File Summary...
Registry Summary...
Stack Summary...
Network Summary...
Cross Reference Summary...
Count Occurrences...
&Options
Always on &Top
Fo&nt...
Highlight &Colors...
&Configure Symbols...
&Select Columns...
&History Depth...
&Profiling Events...
Enable &Boot Logging
Show &Resolved Network Addresses
Ctrl+N
Hex File &Offsets and Lengths
He&x Process and Thread IDs
&Help...
Command Line Options...
&About...
Properties...
Search Online...
View Source...
Context Menu
&Select Columns...
Context Menu
&Go To Event
&Add process to Include filter
Add process and &children to Include filter
VS_VERSION_INFO
StringFileInfo
040904b0
CompanyName
Sysinternals - www.sysinternals.com
FileDescription
Process Monitor
FileVersion
InternalName
Process Monitor
LegalCopyright
Copyright
1996-2018 Mark Russinovich
OriginalFilename
Process Monitor
ProductName
Sysinternals Procmon
ProductVersion
VarFileInfo
Translation
About Process Monitor
MS Shell Dlg
Process Monitor v
Sysinternals - www.sysinternals.com
Copyright
1996-2013 Mark Russinovich
Process Monitor Column Selection
MS Shell Dlg
Cancel
Select columns to appear in the Process Monitor window:
Application Details
Process Name
Image Path
Command Line
Company Name
Description
Version
Architecture
Event Details
Sequence Number
Event Class
Operation
Date &&Time
Time of Day
Category
Detail
Result
Relative Time
Duration
Process Management
User Name
Session ID
Authentication ID
Integrity
Process ID
Thread ID
Parent PID
Virtualized
Completion Time
Process Monitor Filter
MS Shell Dlg
&Cancel
A&pply
Display entries matching these conditions:
Process Monitor Warning
MS Shell Dlg
Symbols are not currently configured.
You must configure symbols in order to view thread stack information.
Install the
Microsoft Debugging Tools for Windows
and configure a symbol server
address in the Options|Configure Symbols dialog for the best symbol support.
Process Monitor Warning
MS Shell Dlg
The version of Dbghelp.dll configured does not support the Microsoft Symbol Server.
Microsoft Debugging Tools for Windows
version that does.
Please download and install the
to get a
Configure Symbols
MS Shell Dlg
Cancel
DbgHelp.dll path (version 6.0 or later):
Symbol paths:
Process Monitor uses symbols to resolve function names when displaying thread stack locations on the Stack page of an event's properties dialog.
If you do not require that information you do not need to configure symbols.
Source code paths:
When displaying stack traces for modules for which you have both symbols and source code available Process Monitor can let you view the source associated with a stack frame.
MS Shell Dlg
SysListView32
Status...
&Properties...
&Save...
Source...
Search...
Process Monitor Backing Files
MS Shell Dlg
Cancel
SysListView32
Process Monitor can store events in virtual memory (limited by the system commit limit), or in a file you specify (limited by free disk space). Which do you prefer?
Use &virtual memory
Use file &named:
These backing file objects are being used to store event data:
Static
Static
Save To File
MS Shell Dlg
Cancel
All events
Events displayed using current filter
Highlighted events
Events to save:
Format:
Comma-Separated Values (CSV)
Native Process Monitor Format (PML)
Extensible Markup Language (XML)
Include stack traces (will increase file size)
Resolve stack symbols (will be slow)
Also include profiling events
Properties
MS Shell Dlg
SysTabControl32
Next Highlighted
Copy All
MS Shell Dlg
Version:
Command Line:
Parent PID:
Session ID:
Auth ID:
Started:
Architecture:
Virtualized:
Integrity:
Ended:
Modules:
SysListView32
History Depth
MS Shell Dlg
Cancel
msctls_updown32
The history depth limits the total number of events kept during a run.
Number of events (millions):
Show Unique Values
MS Shell Dlg
&Save...
Column:
Double-click an item to filter on that value.
&Filter...
MS Shell Dlg
&Remove
SysListView32
Process Monitor Highlighting
MS Shell Dlg
Highlight entries matching these conditions:
&Cancel
A&pply
&Make Filter
Choose Highlight Colors
MS Shell Dlg
&Select
&Cancel
&Color choices:
|S&olid
&Green:
Bl&ue:
&Add to Custom Colors
Preview
Module Properties
MS Shell Dlg
Version:
Company:
Description:
Module:
Timestamp:
Save Filter
MS Shell Dlg
Cancel
Enter a name for the filter:
Organize Filters
MS Shell Dlg
&Rename
&Delete
Export...
Import...
MS Shell Dlg
Thread:
Class:
Operation:
Result:
Duration:
Dialog
MS Shell Dlg
Cancel
msctls_progress32
Initializing...
Count Values Occurrences
MS Shell Dlg
&Save...
Column:
SysListView32
Double-click an item to filter on that value.
&Filter...
Static
Process Activity Summary
MS Shell Dlg
&Detail...
&Save...
Static
Processes generating events during trace:
Command Line:
Started:
Ended:
Total User CPU:
Total Kernel CPU:
SysTreeView32
File Summary
MS Shell Dlg
&Save...
Static
Files accessed during trace:
SysTabControl32
Filter...
Process Monitor Usage
MS Shell Dlg
Command line arguments:
/OpenLog <PML file>
/BackingFile <PML file>
/NoConnect
/NoFilter
/AcceptEula
/Profiling
Open a previously saved event file
Save events in the specified backing file
Don't automatically begin collecting events at start up
Clear the filter at start up
Accept the EULA automatically (don't show a dialog)
Enable the thread profiling feature
/PagingFile
Save events in the virtual memory
/Minimized
/Terminate
Start the application minimized
Terminate all instances of ProcMon and exit
/Quiet
Don't confirm filter settings during start up
/Run32
Run the 32-bit version to load 32-bit log files (x64 only)
/WaitForIdle
Wait for an instance of ProcMon to become ready
/HookRegistry
Hook Registry for Softgrid troubleshooting (x86 Vista only)
/SaveAs <path>
Export to an XML, CSV or PML file
/SaveAs1 <path>
Export including stack traces (XML only)
/SaveAs2 <path>
Export including stack traces with symbols (XML only)
/LoadConfig <file>
Load a previously saved configuration file
/SaveApplyFilter
Apply current filter before exporting
/EnableBootLogging
Configures logging of next boot
/ConvertBootLog <PML file>
Automatically processes a boot log after reboot
/Runtime
Run for the specified number of seconds and terminate
Process Monitor Filter
MS Shell Dlg
Filters were in effect the last time you exited Process Monitor:
Display entries matching these conditions:
&Cancel
A&pply
Registry Summary
MS Shell Dlg
&Save...
SysListView32
Static
Registry paths accessed during trace:
Filter...
Stack Summary
MS Shell Dlg
Stack traces during trace:
Static
SysTreeView32
Go to Event
Source...
Filter...
Thread Profiling Options
MS Shell Dlg
Cancel
Process Monitor can generate thread profiling events that capture the state of all executing threads at a regular interval.
Generate thread profiling events
Every second
Every 100 milliseconds
Define Device Path
MS Shell Dlg
Provide a translation for this device path to the DOS path:
Device path:
User path:
Remove
Existing translations:
SysListView32
Full path:
Remove All
Process Tree
MS Shell Dlg
&Close
Only show processes still running at end of current trace
SysTreeView32
Description:
Company:
Command:
Process ID
Started:
Started
Exited:
Exited
&Go To Event
Timelines cover displayed events only
&Include Process
Include &Subtree
File Viewer
MS Shell Dlg
Cross Reference Summary
MS Shell Dlg
&Close
&Save...
SysListView32
Static
Paths that are written and read between differing processes:
&Filter on Row
Process Timeline
MS Shell Dlg
CPU Utilization
File I/O Bytes
File I/O Operations
Registry Operations
Private Memory Bytes
Memory Working Set
100 MB/sec
100 Operations/sec
100 Operations/sec
100 MB
100 MB
Click on a graph to go to the closest event in the trace.
Network Bytes
Network Operations
100 MB/sec
100 Operations/sec
System Details
MS Shell Dlg
System on which trace was captured:
Computer Name:
System Root:
Operating System:
Memory (RAM):
System Type:
Logical Processors:
Network Summary
MS Shell Dlg
&Save...
SysListView32
Static
Network paths accessed during trace:
Filter...
Process Monitor
MS Shell Dlg
Disconnecting from Event Tracing for Windows (ETW). This can take up to a minute.
Enable Boot Logging
MS Shell Dlg
Cancel
Process Monitor can generate thread profiling events that capture the state of all running applications at a regular interval.
Generate thread profiling events
Every second
Every 100 milliseconds
\SystemRoot\System32\Drivers\
\SystemRoot\Procmon.pmb
Parameters
ThreadProfiling
RuntimeSeconds
\SystemRoot
D:P(A;;GA;;;AU)
\device\ProcmonDebugLogger
\DosDevices\Global\ProcmonDebugLogger
\device\ProcmonExternalLogger
\??\ProcmonExternalLoggerEnabled
\ProcessMonitor24Port
ZwQueryInformationThread
SeLocateProcessImageName
PsSetCreateProcessNotifyRoutineEx2
PsSetCreateThreadNotifyRoutineEx
ZwOpenProcessTokenEx
500000
(Default)
CmRegisterCallback
CmRegisterCallbackEx
CmUnRegisterCallback
CmCallbackGetKeyObjectID
IoValidateDeviceIoControlAccess
IoCreateDeviceSecure
D:P(A;;GA;;;SY)
D:P(A;;GA;;;SY)(A;;GA;;;BA)
D:P(A;;GA;;;SY)(A;;GRGX;;;BA)
D:P(A;;GA;;;SY)(A;;GRGWGX;;;BA)(A;;GR;;;WD)
D:P(A;;GA;;;SY)(A;;GRGWGX;;;BA)(A;;GR;;;WD)(A;;GR;;;RC)
D:P(A;;GA;;;SY)(A;;GRGWGX;;;BA)(A;;GRGW;;;WD)(A;;GR;;;RC)
D:P(A;;GA;;;SY)(A;;GRGWGX;;;BA)(A;;GRGWGX;;;WD)(A;;GRGWGX;;;RC)
{%08X-%04X-%04X-%02X%02X-%02X%02X%02X%02X%02X%02X}
\Registry\Machine\System\CurrentControlSet\Control\Class
Security
Properties
Exclusive
DeviceCharacteristics
DeviceType
NoUseClass
NoDisplayClass
<INSUFFICIENT RESOURCES>
<INVALID NAME>
\Registry
VS_VERSION_INFO
StringFileInfo
040904b0
CompanyName
Sysinternals - www.sysinternals.com
FileDescription
Process Monitor Driver
FileVersion
InternalName
Procmon.sys
LegalCopyright
Copyright (C) 2006-2014 M. Russinovich
OriginalFilename
procmon.Sys
ProductName
Process Monitor
ProductVersion
VarFileInfo
Translation
ProcMonDrive
ProcMonDrive
Legal_Policy_Statement
{%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x}
EventTrace
Header
Unknown
root\wmi
format
StringTermination
pointer
extension
NullTerminated
Counted
ReverseCounted
NotCounted
IPAddr
IPAddrV6
IPAddrV4
WmiTime
__CLASS
WmiDataId
EventType
EventTypeName
DisplayName
EventVersion
uxtheme.dll
not implemented
treeview
TreeListWindowClass
TreeListProperty
tooltips_class32
SysHeader32
ScrollBar
Static
SPLITTER_CURSOR
SYSINTERNALS SOFTWARE LICENSE TERMS
These license terms are an agreement between Sysinternals(a wholly owned subsidiary of Microsoft Corporation) and you.Please read them.They apply to the software you are downloading from technet.microsoft.com / sysinternals, which includes the media on which you received it, if any.The terms also apply to any Sysinternals
* updates,
*supplements,
*Internet - based services,
*and support services
for this software, unless other terms accompany those items.If so, those terms apply.
BY USING THE SOFTWARE, YOU ACCEPT THESE TERMS.IF YOU DO NOT ACCEPT THEM, DO NOT USE THE SOFTWARE.
If you comply with these license terms, you have the rights below.
INSTALLATION AND USER RIGHTS
You may install and use any number of copies of the software on your devices.
SCOPE OF LICENSE
The software is licensed, not sold.This agreement only gives you some rights to use the software.Sysinternals reserves all other rights.Unless applicable law gives you more rights despite this limitation, you may use the software only as expressly permitted in this agreement.In doing so, you must comply with any technical limitations in the software that only allow you to use it in certain ways.You may not
* work around any technical limitations in the software;
*reverse engineer, decompile or disassemble the software, except and only to the extent that applicable law expressly permits, despite this limitation;
*make more copies of the software than specified in this agreement or allowed by applicable law, despite this limitation;
*publish the software for others to copy;
*rent, lease or lend the software;
*transfer the software or this agreement to any third party; or
* use the software for commercial software hosting services.
SENSITIVE INFORMATION
Please be aware that, similar to other debug tools that capture
process state
information, files saved by Sysinternals tools may include personally identifiable or other sensitive information(such as usernames, passwords, paths to files accessed, and paths to registry accessed).By using this software, you acknowledge that you are aware of this and take sole responsibility for any personally identifiable or other sensitive information provided to Microsoft or any other party through your use of the software.
DOCUMENTATION
Any person that has valid access to your computer or internal network may copy and use the documentation for your internal, reference purposes.
EXPORT RESTRICTIONS
The software is subject to United States export laws and regulations.You must comply with all domestic and international export laws and regulations that apply to the software.These laws include restrictions on destinations, end users and end use.For additional information, see www.microsoft.com / exporting .
SUPPORT SERVICES
Because this software is "as is, " we may not provide support services for it.
ENTIRE AGREEMENT
This agreement, and the terms for supplements, updates, Internet - based services and support services that you use, are the entire agreement for the software and support services.
APPLICABLE LAW
United States.If you acquired the software in the United States, Washington state law governs the interpretation of this agreement and applies to claims for breach of it, regardless of conflict of laws principles.The laws of the state where you live govern all other claims, including claims under state consumer protection laws, unfair competition laws, and in tort.
Outside the United States.If you acquired the software in any other country, the laws of that country apply.
LEGAL EFFECT
This agreement describes certain legal rights.You may have other rights under the laws of your country.You may also have rights with respect to the party from whom you acquired the software.This agreement does not change your rights under the laws of your country if the laws of your country do not permit it to do so.
DISCLAIMER OF WARRANTY
The software is licensed "as - is." You bear the risk of using it.Sysinternals gives no express warranties, guarantees or conditions.You may have additional consumer rights under your local laws which this agreement cannot change.To the extent permitted under your local laws, sysinternals excludes the implied warranties of merchantability, fitness for a particular purpose and non - infringement.
LIMITATION ON AND EXCLUSION OF REMEDIES AND DAMAGES
You can recover from sysinternals and its suppliers only direct damages up to U.S.$5.00.You cannot recover any other damages, including consequential, lost profits, special, indirect or incidental damages.
This limitation applies to
* anything related to the software, services, content(including code) on third party Internet sites, or third party programs; and
* claims for breach of contract, breach of warranty, guarantee or condition, strict liability, negligence, or other tort to the extent permitted by applicable law.
It also applies even if Sysinternals knew or should have known about the possibility of the damages.The above limitation or exclusion may not apply to you because your country may not allow the exclusion or limitation of incidental, consequential or other damages.
Please note : As this software is distributed in Quebec, Canada, some of the clauses in this agreement are provided below in French.
Remarque : Ce logiciel
tant distribu
au Qu
bec, Canada, certaines des clauses dans ce contrat sont fournies ci - dessous en fran
EXON
RATION DE GARANTIE.Le logiciel vis
par une licence est offert
tel quel
.Toute utilisation de ce logiciel est
votre seule risque et p
ril.Sysinternals n'accorde aucune autre garantie expresse. Vous pouvez b
ficier de droits additionnels en vertu du droit local sur la protection dues consommateurs, que ce contrat ne peut modifier. La ou elles sont permises par le droit locale, les garanties implicites de qualit
marchande, d'ad
quation
un usage particulier et d'absence de contrefa
on sont exclues.
LIMITATION DES DOMMAGES - INT
TS ET EXCLUSION DE RESPONSABILIT
POUR LES DOMMAGES.Vous pouvez obtenir de Sysinternals et de ses fournisseurs une indemnisation en cas de dommages directs uniquement
hauteur de 5, 00 $ US.Vous ne pouvez pr
tendre
aucune indemnisation pour les autres dommages, y compris les dommages sp
ciaux, indirects ou accessoires et pertes de b
fices.
Cette limitation concerne :
tout ce qui est reli
au logiciel, aux services ou au contenu(y compris le code) figurant sur des sites Internet tiers ou dans des programmes tiers; et
clamations au titre de violation de contrat ou de garantie, ou au titre de responsabilit
stricte, de n
gligence ou d'une autre faute dans la limite autoris
e par la loi en vigueur.
Elle s'applique
galement, m
me si Sysinternals connaissait ou devrait conna
tre l'
ventualit
d'un tel dommage. Si votre pays n'autorise pas l'exclusion ou la limitation de responsabilit
pour les dommages indirects, accessoires ou de quelque nature que ce soit, il se peut que la limitation ou l'exclusion ci - dessus ne s'appliquera pas
votre
EFFET JURIDIQUE.Le pr
sent contrat d
crit certains droits juridiques.Vous pourriez avoir d'autres droits pr
vus par les lois de votre pays. Le pr
sent contrat ne modifie pas les droits que vous conf
rent les lois de votre pays si celles-ci ne le permettent pas.
Sysinternals License
%s License Agreement
Software\Sysinternals\%s
Riched32.dll
License Agreement
MS Shell Dlg
You can also use the /accepteula command-line switch to accept the EULA.
&Agree
&Decline
&Print
RICHEDIT
EulaAccepted
Shell32.dll
/accepteula
-accepteula
Software\Microsoft\windows nt\currentversion
ProductName
iotuap
Software\Microsoft\Windows NT\CurrentVersion\Server\ServerLevels
NanoServer
This is the first run of this program. You must accept EULA to continue.
Use -accepteula to accept EULA.
Software\Sysinternals
URLMON.DLL
HyperlinkClass
http://www.sysinternals.com
FileVersion
LegalCopyright
Display index %d moved from snapshot %d:%d to %d
PROGRESS
%d%% - %d:%02d remaining (%s)
Searching for Bookmarks
%9.5f%%
ntdll.dll
BINRES
%SYSTEMROOT%\Procmon.Pmb
SupportedFeatures
Instances
Process Monitor 24 Instance
DefaultInstance
385200
Altitude
PROCMON24.SYS
%s\Drivers\%s
RCDRIVERNT
%%TEMP%%\%s
\ProcessMonitor24Port
SeLoadDriverPrivilege
System\CurrentControlSet\Services\PROCMON24
ErrorControl
\??\%s
ImagePath
\Registry\Machine\System\CurrentControlSet\Services\PROCMON24
System\CurrentControlSet\Services\PROCMON24\Enum
System\CurrentControlSet\Services\PROCMON24\Security
System\CurrentControlSet\Services\PROCMON24\Parameters
Parameters
Security
\Drivers\PROCMON24.SYS
Unable to write
Make sure that you have permission to
write to the %%SystemRoot%%\System32\Drivers directory.
Process Monitor
BOOTLOG_OPTIONS
Process Monitor is configured to log activity during the next boot.
FSFilter Activity Monitor
DeleteFlag
System32\Drivers\
ThreadProfiling
RuntimeSeconds
Error configuring boot logging
Completion
Process
Registry
File System
Profiling
Network
Process Defined
Process Create
Process Exit
Thread Create
Thread Exit
Load Image
Thread Profile
Process Start
Process Statistics
System Statistics
Thread Profiling
Process Profiling
Debug Output Profiling
RegOpenKey
RegCreateKey
RegCloseKey
RegQueryKey
RegSetValue
RegQueryValue
RegEnumValue
RegEnumKey
RegSetInfoKey
RegDeleteKey
RegDeleteValue
RegFlushKey
RegLoadKey
RegUnloadKey
RegRenameKey
RegQueryMultipleValueKey
RegSetKeySecurity
RegQueryKeySecurity
UDP Unknown
TCP Unknown
UDP Other
TCP Other
UDP Send
TCP Send
UDP Receive
TCP Receive
UDP Accept
TCP Accept
UDP Connect
TCP Connect
UDP Disconnect
TCP Disconnect
UDP Reconnect
TCP Reconnect
UDP Retransmit
TCP Retransmit
UDP TCPCopy
TCP TCPCopy
Read Metadata
Write Metadata
Command line
Parent PID
Current directory
Environment
Image Base
Image Size
Commit Peak
System Calls
Context Switches
Thread ID
Exit Status
%.07f seconds
User Time
Kernel Time
Private Bytes
Peak Private Bytes
Working Set
Peak Working Set
Thread %u
Output
Length
is not
less than
more than
begins with
ends with
contains
excludes
IRP_MJ_
FASTIO_
Procmon.exe
Procexp.exe
Autoruns.exe
Procmon64.exe
Procexp64.exe
System
pagefile.sys
$MftMirr
$LogFile
$Volume
$AttrDef
$Bitmap
$BadClus
$Secure
$UpCase
$Extend
FAST IO
Include
Exclude
Okay to overwrite event log '
An error occurred opening the snapshot
Applying Event Filter
Operation cancelled: The listview data may be incomplete
Process Monitor can open at most
backing files
<pagefile>
ProcessIndex
address
location
process
ProcessId
ParentProcessId
ParentProcessIndex
AuthenticationId
CreateTime
FinishTime
IsVirtualized
Is64bit
Integrity
ProcessName
CommandLine
CompanyName
Version
Description
modulelist
module
Timestamp
BaseAddress
Company
Process Monitor - Exporting event data
wt, ccs=UTF-8
<?xml version="1.0" encoding="UTF-8"?>
procmon
processlist
eventlist
SUCCESS
Counting occurrences of values
Scanning process information
Scanning file information
Scanning Registry information
Scanning Network information
<unknown>
Scanning event stack information
Scanning events
Searching
SysListView32
IRP_MJ_LOCK_CONTROL
FASTIO_LOCK
LockFile
FASTIO_UNLOCK_SINGLE
UnlockFileSingle
FASTIO_UNLOCK_ALL
UnlockFileAll
FASTIO_UNLOCK_ALL_BY_KEY
UnlockFileByKey
IRP_MJ_READ
FASTIO_READ
ReadFile
IRP_MJ_WRITE
FASTIO_WRITE
WriteFile
IRP_MJ_QUERY_VOLUME_INFORMATION
FASTIO_QUERY_VOLUME_INFORMATION
QueryInformationVolume
QueryLabelInformationVolume
QuerySizeInformationVolume
QueryDeviceInformationVolume
QueryAttributeInformationVolume
QueryControlInformationVolume
QueryFullSizeInformationVolume
QueryObjectIdInformationVolume
IRP_MJ_SET_VOLUME_INFORMATION
FASTIO_SET_VOLUME_INFORMATION
SetControlInformationVolume
SetLabelInformationVolume
SetObjectIdInformationVolume
IRP_MJ_QUERY_INFORMATION
FASTIO_QUERY_INFORMATION
QueryAllInformationFile
QueryAttributeTagFile
QueryBasicInformationFile
QueryCompressionInformationFile
QueryEaInformationFile
QueryFileInternalInformationFile
QueryMoveClusterInformationFile
QueryNetworkOpenInformationFile
QueryPositionInformationFile
QueryStandardInformationFile
QueryStreamInformationFile
QueryNameInformationFile
IRP_MN_QUERY_INFORMATION
QueryShortNameInformationFile
QueryNormalizedNameInformationFile
QueryNetworkPhysicalNameInformationFile
QueryIdBothDirectory
QueryValidDataLength
QueryIoPiorityHint
QueryLinks
QueryId
QueryEndOfFile
QueryAttributeTag
QueryIdGlobalTxDirectoryInformation
QueryIsRemoteDeviceInformation
QueryAttributeCacheInformation,
QueryNumaNodeInformation
QueryStandardLinkInformation
QueryRemoteProtocolInformation
QueryRenameInformationBypassAccessCheck
QueryLinkInformationBypassAccessCheck
QueryVolumeNameInformation
QueryIdInformation
QueryIdExtdDirectoryInformation
QueryHardLinkFullIdInformation
QueryIdExtdBothDirectoryInformation
QueryDesiredStorageClassInformation
QueryStatInformation
QueryMemoryPartitionInformation
IRP_MJ_SET_INFORMATION
FASTIO_SET_INFORMATION
SetAllocationInformationFile
SetBasicInformationFile
SetDispositionInformationFile
SetEndOfFileInformationFile
SetLinkInformationFile
SetPositionInformationFile
SetRenameInformationFile
SetValidDataLengthInformationFile
SetFileStreamInformation
SetPipeInformation
SetShortNameInformation
SetDispositionInformationEx
SetReplaceCompletionInformation
SetRenameInformationEx
SetRenameInformationExBypassAccessCheck
IRP_MJ_DIRECTORY_CONTROL
FASTIO_DIRECTORY_CONTROL
QueryDirectory
NotifyChangeDirectory
IRP_MJ_PNP
StartDevice
QueryRemoveDevice
RemoveDevice
CancelRemoveDevice
StopDevice
QueryStopDevice
CancelStopDevice
QueryDeviceRelations
QueryInterface
QueryCapabilities
QueryResources
QueryResourceRequirements
QueryDeviceText
FilterResourceRequirements
ReadConfig
WriteConfig
SetLock
QueryPnpDeviceState
QueryBusInformation
DeviceUsageNotification
SurpriseRemoval
QueryLegacyBusInformation
IRP_MJ_VOLUME_DISMOUNT
VolumeDismount
IRP_MJ_VOLUME_MOUNT
VolumeMount
FASTIO_MDL_WRITE_COMPLETE
FASTIO_PREPARE_MDL_WRITE
FASTIO_MDL_READ_COMPLETE
FASTIO_MDL_READ
FASTIO_NETWORK_QUERY_OPEN
QueryOpen
FASTIO_CHECK_IF_POSSIBLE
IRP_MJ_12
IRP_MJ_11
IRP_MJ_10
IRP_MJ_9
IRP_MJ_8
FASTIO_NOTIFY_STREAM_FO_CREATION
FASTIO_RELEASE_FOR_CC_FLUSH
FASTIO_ACQUIRE_FOR_CC_FLUSH
FASTIO_RELEASE_FOR_MOD_WRITE
FASTIO_ACQUIRE_FOR_MOD_WRITE
FASTIO_RELEASE_FOR_SECTION_SYNCHRONIZATION
FASTIO_ACQUIRE_FOR_SECTION_SYNCHRONIZATION
CreateFileMapping
IRP_MJ_CREATE
CreateFile
IRP_MJ_CREATE_NAMED_PIPE
CreatePipe
IRP_MJ_CLOSE
QueryInformationFile
SetInformationFile
IRP_MJ_QUERY_EA
QueryEAFile
IRP_MJ_SET_EA
SetEAFile
IRP_MJ_FLUSH_BUFFERS
FlushBuffersFile
QueryVolumeInformation
SetVolumeInformation
DirectoryControl
IRP_MJ_FILE_SYSTEM_CONTROL
FileSystemControl
IRP_MJ_DEVICE_CONTROL
DeviceIoControl
IRP_MJ_INTERNAL_DEVICE_CONTROL
InternalDeviceIoControl
IRP_MJ_SHUTDOWN
Shutdown
LockUnlockFile
IRP_MJ_CLEANUP
CloseFile
IRP_MJ_CREATE_MAILSLOT
CreateMailSlot
IRP_MJ_QUERY_SECURITY
QuerySecurityFile
IRP_MJ_SET_SECURITY
SetSecurityFile
IRP_MJ_POWER
IRP_MJ_SYSTEM_CONTROL
SystemControl
IRP_MJ_DEVICE_CHANGE
DeviceChange
IRP_MJ_QUERY_QUOTA
QueryFileQuota
IRP_MJ_SET_QUOTA
SetFileQuota
IRP_MJ_PNP
PlugAndPlay
IRP_MJ_MAXIMUM_FUNCTION
Delete
<Unknown>
Attributes
ReparseTag
CreationTime
LastAccessTime
LastWriteTime
ChangeTime
FileAttributes
IndexNumber
Position
AllocationSize
ValidDataLength
Access
EndOfFile
NumberOfLinks
DeletePending
Directory
EaSize
FILE_DISPOSITION_DELETE
FILE_DISPOSITION_POSIX_SEMANTICS
FILE_DISPOSITION_FORCE_IMAGE_SECTION_CHECK
FILE_DISPOSITION_ON_CLOSE
Category
FILE_DISPOSITION_DO_NOT_DELETE
FILE_RENAME_REPLACE_IF_EXISTS
FILE_RENAME_POSIX_SEMANTICS
FILE_RENAME_SUPPRESS_PIN_STATE_INHERITANCE
FileName
ReplaceIfExists
AlignmentRequirement
VolumeCreationTime
%04X-%04X
VolumeSerialNumber
SupportsObjects
VolumeLabel
TotalAllocationUnits
AvailableAllocationUnits
SectorsPerAllocationUnit
BytesPerSector
DeviceType
Characteristics
FileSystemAttributes
MaximumComponentNameLength
FileSystemName
FreeSpaceStartFiltering
FreeSpaceThreshold
FreeSpaceStopFiltering
DefaultQuotaThreshold
DefaultQuotaLimit
FileSystemControlFlags
CallerAvailableAllocationUnits
ActualAvailableAllocationUnits
ObjectId
Filter
ShortName
FILE_NOTIFY_CHANGE_FILE_NAME
FILE_NOTIFY_CHANGE_DIR_NAME
FILE_NOTIFY_CHANGE_NAME
FILE_NOTIFY_CHANGE_ATTRIBUTES
FILE_NOTIFY_CHANGE_SIZE
FILE_NOTIFY_CHANGE_LAST_WRITE
FILE_NOTIFY_CHANGE_LAST_ACCESS
FILE_NOTIFY_CHANGE_CREATION
FILE_NOTIFY_CHANGE_EA
FILE_NOTIFY_CHANGE_SECURITY
FILE_NOTIFY_CHANGE_STREAM_NAME
FILE_NOTIFY_CHANGE_STREAM_SIZE
FILE_NOTIFY_CHANGE_STREAM_WRITE
<Unknown :
UnlockSingle
UnlockAll
UnlockAllByKey
Lock Type
Exclusive
Offset
Fail Immediately
I/O Flags
Priority
Desired Access
Disposition
Options
ShareMode
Impersonating
OpenResult
Information
Operation
CD-ROM
Device Type
Control
WriteLength
ReadLength
SyncTypeOther
SyncTypeCreateSection
Unknown:
SyncType
PAGE_READONLY
PAGE_READWRITE
PAGE_WRITECOPY
PAGE_EXECUTE
PAGE_EXECUTE_READ
PAGE_EXECUTE_READWRITE
PAGE_EXECUTE_WRITECOPY
|PAGE_NOCACHE
PageProtection
EndingOffset
Minor ID
IRP Flags
GraphWindowClass
GraphProperty
Time:
The full name of the selected key or value is not available.
\HKEY_LOCAL_MACHINE
\HKEY_CURRENT_USER
\HKEY_CURRENT_CONFIG
\HKEY_CLASSES_ROOT
\HKEY_USERS
RegEdit_RegEdit
regedit.exe
Process Monitor was unable to launch Regedit.
SysTreeView32
The full name of the selected directory or file is not available.
explorer /select,
Explorer could not open
ICON_MYCOMPUTER
ICON_CLOSEDFOLDER
ICON_OPENFOLDER
comctl32.dll
Text File (*.CSV)
Export Listview
Unable to open file for writing
All Access
Read/Write
Execute
Query Value
Set Value
Create Sub Key
Enumerate Sub Keys
Notify
Create Link
WOW64_Res
WOW64_32Key
WOW64_64Key
Generic Read/Write/Execute
Generic Read/Write
Generic Read/Execute
Generic Write/Execute
Generic Read
Generic Write
Generic Execute
Read Data/List Directory
Write Data/Add File
Append Data/Add Subdirectory/Create Pipe Instance
Read EA
Write EA
Execute/Traverse
Delete Child
Read Attributes
Write Attributes
Read Control
Write DAC
Write Owner
Synchronize
Access System Security
Maximum Allowed
SeShutdownPrivilege
SeChangeNotifyPrivilege
SeUndockPrivilege
SeIncreaseWorkingSetPrivilege
SeTimeZonePrivilege
kernel32.dll
\fltlib.dll
%s%07d
%02u:%02u:%02u.%07u
%02u:%02u:%02u
0x%I64x
Windows 2000
Windows XP
Windows XP x64
Windows Server 2003
Windows Vista
Windows Server 2008
Windows 7
Windows Server 2008 R2
Windows 8
Windows Server 2012
Windows 8.1
Windows Server 2012 R2
Windows 10
Windows Server 2016
Windows %d.%d
(build %d.%d)
%08x:%08x
64-bit
32-bit
%x:%x:%x:%x:%x:%x:%x:%x
%d.%d.%d.%d
DACL Protected
SACL Protected
DACL Unprotected
SACL Unprotected
Attribute
Process Trust Label
Backup
Write Through
Sequential Access
No Buffering
Synchronous IO Alert
Synchronous IO Non-Alert
Non-Directory File
Create Tree Connection
Complete If Oplocked
No EA Knowledge
Open for Recovery
Random Access
Delete On Close
Open By ID
Open For Backup
No Compression
Reserve OpFilter
Open Reparse Point
Open No Recall
Open For Free Space Query
Open Requiring Oplock
Disallow Exclusive
FSCTL_REQUEST_OPLOCK_LEVEL_1
FSCTL_REQUEST_OPLOCK_LEVEL_2
FSCTL_REQUEST_BATCH_OPLOCK
FSCTL_OPLOCK_BREAK_ACKNOWLEDGE
FSCTL_OPBATCH_ACK_CLOSE_PENDING
FSCTL_OPLOCK_BREAK_NOTIFY
FSCTL_LOCK_VOLUME
FSCTL_UNLOCK_VOLUME
FSCTL_DISMOUNT_VOLUME
FSCTL_IS_VOLUME_MOUNTED
FSCTL_IS_PATHNAME_VALID
FSCTL_MARK_VOLUME_DIRTY
FSCTL_QUERY_RETRIEVAL_POINTERS
FSCTL_QUERY_DEPENDENT_VOLUME
FSCTL_GET_COMPRESSION
FSCTL_SET_COMPRESSION
FSCTL_OPLOCK_BREAK_ACK_NO_2
FSCTL_QUERY_FAT_BPB
FSCTL_REQUEST_FILTER_OPLOCK
FSCTL_FILESYSTEM_GET_STATISTICS
FSCTL_GET_NTFS_VOLUME_DATA
FSCTL_GET_NTFS_FILE_RECORD
FSCTL_GET_VOLUME_BITMAP
FSCTL_GET_RETRIEVAL_POINTERS
FSCTL_MOVE_FILE
FSCTL_IS_VOLUME_DIRTY
FSCTL_ALLOW_EXTENDED_DASD_IO
FSCTL_READ_PROPERTY_DATA
FSCTL_WRITE_PROPERTY_DATA
FSCTL_FIND_FILES_BY_SID
FSCTL_DUMP_PROPERTY_DATA
FSCTL_SET_OBJECT_ID
FSCTL_GET_OBJECT_ID
FSCTL_DELETE_OBJECT_ID
FSCTL_SET_REPARSE_POINT
FSCTL_GET_REPARSE_POINT
FSCTL_DELETE_REPARSE_POINT
FSCTL_ENUM_USN_DATA
FSCTL_SECURITY_ID_CHECK
FSCTL_READ_USN_JOURNAL
FSCTL_SET_OBJECT_ID_EXTENDED
FSCTL_CREATE_OR_GET_OBJECT_ID
FSCTL_SET_SPARSE
FSCTL_SET_ZERO_DATA
FSCTL_QUERY_ALLOCATED_RANGES
FSCTL_ENABLE_UPGRADE
FSCTL_SET_ENCRYPTION
FSCTL_ENCRYPTION_FSCTL_IO
FSCTL_WRITE_RAW_ENCRYPTED
FSCTL_READ_RAW_ENCRYPTED
FSCTL_CREATE_USN_JOURNAL
FSCTL_READ_FILE_USN_DATA
FSCTL_WRITE_USN_CLOSE_RECORD
FSCTL_EXTEND_VOLUME
FSCTL_QUERY_USN_JOURNAL
FSCTL_DELETE_USN_JOURNAL
FSCTL_MARK_HANDLE
FSCTL_SIS_COPYFILE
FSCTL_SIS_LINK_FILES
FSCTL_HSM_MSG
IOCTL_SHADOW_END_REINT
IOCTL_GETSHADOW
FSCTL_TXFS_LIST_TRANSACTIONS
FSCTL_FILE_PREFETCH
CSC_FSCTL_OPERATION_QUERY_HANDLE
FSCTL_PIPE_DISCONNECT
FSCTL_PIPE_ASSIGN_EVENT
FSCTL_PIPE_QUERY_EVENT
FSCTL_PIPE_LISTEN
FSCTL_PIPE_IMPERSONATE
FSCTL_PIPE_WAIT
FSCTL_QUERY_CLIENT_PROCESS
FSCTL_PIPE_SET_CLIENT_PROCESS
FSCTL_PIPE_PEEK
FSCTL_PIPE_INTERNAL_READ
FSCTL_PIPE_INTERNAL_WRITE
FSCTL_PIPE_TRANSCEIVE
FSCTL_PIPE_INTERNAL_TRANSCEIVE
FSCTL_MAILSLOT_PEEK
FSCTL_NETWORK_GET_CONNECTION_INFO
FSCTL_NETWORK_ENUMERATE_CONNECTIONS
FSCTL_NETWORK_DELETE_CONNECTION
FSCTL_NETWORK_SET_CONFIGURATION_INFO
FSCTL_NETWORK_GET_CONFIGURATION_INFO
FSCTL_NETWORK_GET_STATISTICS
FSCTL_NETWORK_SET_DOMAIN_NAME
FSCTL_NETWORK_REMOTE_BOOT_INIT_SCRT
IOCTL_MOUNTDEV_QUERY_DEVICE_NAME
IOCTL_MOUNTDEV_QUERY_UNIQUE_ID
IOCTL_MOUNTDEV_UNIQUE_ID_CHANGE_NOTIFY
IOCTL_MOUNTDEV_QUERY_SUGGESTED_LINK_NAME
IOCTL_MOUNTDEV_LINK_CREATED
IOCTL_MOUNTDEV_LINK_DELETED
IOCTL_DISK_GET_DRIVE_GEOMETRY
IOCTL_DISK_GET_PARTITION_INFO
IOCTL_DISK_SET_PARTITION_INFO
IOCTL_DISK_GET_DRIVE_LAYOUT
IOCTL_DISK_SET_DRIVE_LAYOUT
IOCTL_DISK_VERIFY
IOCTL_DISK_FORMAT_TRACKS
IOCTL_DISK_REASSIGN_BLOCKS
IOCTL_DISK_PERFORMANCE
IOCTL_DISK_IS_WRITABLE
IOCTL_DISK_LOGGING
IOCTL_DISK_FORMAT_TRACKS_EX
IOCTL_DISK_HISTOGRAM_STRUCTURE
IOCTL_DISK_HISTOGRAM_DATA
IOCTL_DISK_HISTOGRAM_RESET
IOCTL_DISK_REQUEST_STRUCTURE
IOCTL_DISK_REQUEST_DATA
IOCTL_DISK_PERFORMANCE_OFF
SMART_GET_VERSION
SMART_SEND_DRIVE_COMMAND
SMART_RCV_DRIVE_DATA
IOCTL_DISK_GET_PARTITION_INFO_EX
IOCTL_DISK_SET_PARTITION_INFO_EX
IOCTL_DISK_GET_DRIVE_LAYOUT_EX
IOCTL_DISK_SET_DRIVE_LAYOUT_EX
IOCTL_DISK_CREATE_DISK
IOCTL_DISK_GET_LENGTH_INFO
IOCTL_DISK_GET_DRIVE_GEOMETRY_EX
IOCTL_DISK_REASSIGN_BLOCKS_EX
IOCTL_DISK_UPDATE_DRIVE_SIZE
IOCTL_DISK_GROW_PARTITION
IOCTL_DISK_GET_CACHE_INFORMATION
IOCTL_DISK_SET_CACHE_INFORMATION
IOCTL_DISK_UPDATE_PROPERTIES
IOCTL_DISK_CHECK_VERIFY
IOCTL_DISK_MEDIA_REMOVAL
IOCTL_DISK_EJECT_MEDIA
IOCTL_DISK_LOAD_MEDIA
IOCTL_DISK_RESERVE
IOCTL_DISK_RELEASE
IOCTL_DISK_FIND_NEW_DEVICES
IOCTL_DISK_GET_MEDIA_TYPES
IOCTL_DISK_QUERY_DEVICE_STATE
IOCTL_DISK_QUERY_DISK_SIGNATURE
IOCTL_DISK_GET_CLUSTER_INFO
IOCTL_DISK_SET_CLUSTER_INFO
IOCTL_DISK_GET_DISK_ATTRIBUTES
IOCTL_DISK_SET_DISK_ATTRIBUTES
IOCTL_STORAGE_CHECK_VERIFY
IOCTL_STORAGE_CHECK_VERIFY2
IOCTL_STORAGE_MEDIA_REMOVAL
IOCTL_STORAGE_EJECT_MEDIA
IOCTL_STORAGE_LOAD_MEDIA
IOCTL_STORAGE_LOAD_MEDIA2
IOCTL_STORAGE_RESERVE
IOCTL_STORAGE_RELEASE
IOCTL_STORAGE_FIND_NEW_DEVICES
IOCTL_STORAGE_EJECTION_CONTROL
IOCTL_STORAGE_MCN_CONTROL
IOCTL_STORAGE_GET_MEDIA_TYPES
IOCTL_STORAGE_GET_MEDIA_TYPES_EX
IOCTL_STORAGE_GET_MEDIA_SERIAL_NUMBER
IOCTL_STORAGE_GET_HOTPLUG_INFO
IOCTL_STORAGE_SET_HOTPLUG_INFO
IOCTL_STORAGE_RESET_BUS
IOCTL_STORAGE_RESET_DEVICE
IOCTL_STORAGE_BREAK_RESERVATION
IOCTL_STORAGE_PERSISTENT_RESERVE_IN
IOCTL_STORAGE_PERSISTENT_RESERVE_OUT
IOCTL_STORAGE_GET_DEVICE_NUMBER
IOCTL_STORAGE_PREDICT_FAILURE
IOCTL_STORAGE_READ_CAPACITY
IOCTL_STORAGE_QUERY_PROPERTY
IOCTL_STORAGE_QUERY_DEPENDENT_DISK
IOCTL_VOLUME_GET_GPT_ATTRIBUTES
IOCTL_VOLUME_GET_VOLUME_DISK_EXTENTS
IOCTL_SCSI_PASS_THROUGH
IOCTL_SCSI_PASS_THROUGH_DIRECT
IOCTL_SCSI_GET_ADDRESS
IOCTL_SCSI_GET_DUMP_POINTERS
IOCTL_SCSI_FREE_DUMP_POINTERS
IOCTL_CDROM_GET_CONFIGURATION
IOCTL_CDROM_CHECK_VERIFY
IOCTL_CDROM_MEDIA_REMOVAL
IOCTL_CDROM_EJECT_MEDIA
IOCTL_CDROM_LOAD_MEDIA
FSCTL_LMR_START
FSCTL_LMR_STOP
FSCTL_LMR_BIND_TO_TRANSPORT
FSCTL_LMR_UNBIND_FROM_TRANSPORT
FSCTL_LMR_ENUMERATE_TRANSPORTS
FSCTL_LMR_GET_HINT_SIZE
FSCTL_LMR_FORCE_DISCONNECT
FSCTL_LMR_TRANSACT
FSCTL_LMR_ENUMERATE_PRINT_INFO
FSCTL_LMR_START_SMBTRACE
FSCTL_LMR_END_SMBTRACE
FSCTL_LMR_START_RBR
FSCTL_LMR_SET_SERVER_GUID
FSCTL_LMR_QUERY_TARGET_INFO
FSCTL_LMR_QUERY_DEBUG_INFO
IOCTL_LMR_LWIO_PREIO
IOCTL_LMR_LWIO_POSTIO
IOCTL_LMR_DISABLE_LOCAL_BUFFERING
IOCTL_LMR_QUERY_REMOTE_SERVER_NAME
IOCTL_SMBMRX_START
IOCTL_SMBMRX_STOP
IOCTL_SMBMRX_GETSTATE
IOCTL_SMBMRX_ADDCONN
IOCTL_SMBMRX_DELCONN
IOCTL_UMRX_RELEASE_THREADS
IOCTL_UMRX_GET_REQUEST
IOCTL_UMRX_RESPONSE_AND_REQUEST
IOCTL_UMRX_RESPONSE
IOCTL_UMRX_GET_LOCK_OWNER
IOCTL_UMRX_PREPARE_QUEUE
FSCTL_DFS_TRANSLATE_PATH
FSCTL_DFS_GET_REFERRALS
FSCTL_DFS_REPORT_INCONSISTENCY
FSCTL_DFS_IS_SHARE_IN_DFS
FSCTL_DFS_IS_ROOT
FSCTL_DFS_GET_VERSION
IOCTL_VOLSNAP_FLUSH_AND_HOLD_WRITES
IOCTL_VOLSNAP_RELEASE_WRITES
IOCTL_VOLSNAP_PREPARE_FOR_SNAPSHOT
IOCTL_VOLSNAP_ABORT_PREPARED_SNAPSHOT
IOCTL_VOLSNAP_COMMIT_SNAPSHOT
IOCTL_VOLSNAP_END_COMMIT_SNAPSHOT
IOCTL_VOLSNAP_QUERY_NAMES_OF_SNAPSHOTS
IOCTL_VOLSNAP_CLEAR_DIFF_AREA
IOCTL_VOLSNAP_ADD_VOLUME_TO_DIFF_AREA
IOCTL_VOLSNAP_QUERY_DIFF_AREA
IOCTL_VOLSNAP_SET_MAX_DIFF_AREA_SIZE
IOCTL_VOLSNAP_QUERY_DIFF_AREA_SIZES
IOCTL_VOLSNAP_DELETE_OLDEST_SNAPSHOT
IOCTL_VOLSNAP_AUTO_CLEANUP
IOCTL_VOLSNAP_DELETE_SNAPSHOT
IOCTL_VOLSNAP_QUERY_REVERT
IOCTL_VOLSNAP_REVERT_CLEANUP
IOCTL_VOLSNAP_REVERT
IOCTL_VOLSNAP_QUERY_REVERT_PROGRESS
IOCTL_VOLSNAP_CANCEL_REVERT
IOCTL_VOLSNAP_QUERY_EPIC
IOCTL_VOLSNAP_QUERY_OFFLINE
IOCTL_VOLSNAP_QUERY_DIFF_AREA_MINIMUM_SIZE
IOCTL_VOLSNAP_QUERY_COPY_FREE_BITMAP
IOCTL_VOLSNAP_BLOCK_DELETE_IN_THE_MIDDLE
IOCTL_VOLSNAP_SET_MAX_DIFF_AREA_SIZE_TEMP
IOCTL_VOLSNAP_SET_APPLICATION_FLAGS
IOCTL_VOLSNAP_QUERY_APPLICATION_FLAGS
IOCTL_VOLSNAP_SET_BC_FAILURE_MODE
IOCTL_VOLSNAP_QUERY_PERFORMANCE_COUNTERS
IOCTL_VOLSNAP_SET_PRE_COPY_AMOUNTS
IOCTL_VOLSNAP_QUERY_PRE_COPY_AMOUNTS
IOCTL_VOLSNAP_QUERY_DEFAULT_PRE_COPY_AMOUNTS
IOCTL_VOLSNAP_PRE_EXPOSE_DEVICES
IOCTL_VOLSNAP_QUERY_ORIGINAL_VOLUME_NAME
IOCTL_VOLSNAP_QUERY_CONFIG_INFO
IOCTL_VOLSNAP_SET_APPLICATION_INFO
IOCTL_VOLSNAP_QUERY_APPLICATION_INFO
IOCTL_VOLSNAP_HAS_CHANGED
IOCTL_VOLSNAP_SET_SNAPSHOT_PRIORITY
IOCTL_VOLSNAP_QUERY_SNAPSHOT_PRIORITY
IOCTL_VOLSNAP_QUERY_DELTA_BITMAP
IOCTL_VOLSNAP_QUERY_SNAPSHOT_SUPPLEMENTAL
IOCTL_VOLSNAP_QUERY_COPIED_BITMAP
IOCTL_VOLSNAP_QUERY_MOVE_LIST
IOCTL_VOLSNAP_QUERY_PRE_COPIED_BITMAP
IOCTL_VOLSNAP_QUERY_USED_PRE_COPIED_BITMAP
IOCTL_VOLSNAP_QUERY_DEFRAG_PRE_COPIED_BITMAP
IOCTL_VOLSNAP_QUERY_FREESPACE_PRE_COPIED_BITMAP
IOCTL_VOLSNAP_QUERY_HOTBLOCKS_PRE_COPIED_BITMAP
IOCTL_VOLSNAP_QUERY_DIFF_AREA_FILE_SIZES
FSCTL_REQUEST_OPLOCK
FSCTL_GET_BOOT_AREA_INFO
FSCTL_CSV_TUNNEL_REQUEST
FSCTL_QUERY_FILE_SYSTEM_RECOGNITION
FSCTL_CSV_GET_VOLUME_NAME_FOR_VOLUME_MOUNT_POINT
FSCTL_CSV_GET_VOLUME_PATH_NAMES_FOR_VOLUME_NAME
FSCTL_IS_FILE_ON_CSV_VOLUME
FSCTL_CORRUPTION_HANDLING
FSCTL_OFFLOAD_READ
FSCTL_OFFLOAD_WRITE
FSCTL_FILE_LEVEL_TRIM
FSCTL_SET_PURGE_FAILURE_MODE
FSCTL_QUERY_FILE_LAYOUT
FSCTL_IS_VOLUME_OWNED_BYCSVFS
FSCTL_GET_INTEGRITY_INFORMATION
FSCTL_QUERY_FILE_REGIONS
FSCTL_SCRUB_DATA
FSCTL_REPAIR_COPIES
FSCTL_DISABLE_LOCAL_BUFFERING
FSCTL_SET_EXTERNAL_BACKING
FSCTL_GET_EXTERNAL_BACKING
IOCTL_CHANNEL_GET_SNDCHANNEL
(Device:
Function:
Method:
Created
DoesNotExist
Exists
Opened
Overwritten
Superseded
Supersede
Create
OpenIf
Overwrite
OverwriteIf
Very Low
Normal
Critical
Buffered
Non-cached
Paging I/O
Synchronous
Synchronous Paging I/O
Case Preserved
Case Sensitive
Unicode
Compression
Compressed
Named Streams
Read Only
Object IDs
Reparse Points
Sparse Files
Quotas
Transactions
8042 Port
Battery
Bus Extender
Changer
Controller
Datalink
DFS FS
DFS Volume
Disk FS
Fullscreen Video
Inport Port
Keyboard
Mailslot
Mass Storage
MIDI In
MIDI Out
Multi-UNC Provider
Named Pipe
Network Browser
Network FS
Network Redirector
Parallel Port
Physical Netcard
Printer
Scanner
Screen
Serenum
Serial Mouse Port
Serial Port
Smartcard
Streams
Tape FS
TermSrv
Transport
Virtual Disk
Wave In
Wave Out
Autogenerated Name
Plug and Play
Mounted
Secure Open
Floppy Diskette
Remote
Removable
Virtual
Write Once
32 Byte
64 Byte
128 Byte
256 Byte
512 Byte
\SystemRoot
System32
SysWOW64
\System32\Drivers\
\Device\Mup
\Device\Harddisk?\DR?
DEVICE_PATH
\Device\LanmanRedirector\
\Device\Mup\
\SystemRoot\
SYSTEM\Select
Current
\REGISTRY\
MACHINE
\SYSTEM\CURRENTCONTROLSET\HARDWARE PROFILES\CURRENT
\SOFTWARE\CLASSES
\SYSTEM\ControlSet
HKLM\System\CurrentControlSet
_CLASSES
HKCU\Software\Classes
Select Remote Computer
Software\Classes\
shell\open\command
"%s" /Run32 /OpenLog "%%1"
"%s" /OpenLog "%%1"
DefaultIcon
"%s",0
Mandatory Level
Unsupported processor type: %d
/originalpath "
64.exe
%TEMP%
http\shell\open\command
Software\Microsoft\Windows\Shell\Associations\UrlAssociations\http\UserChoice
ProgId
\shell\open\command
%s "? %s"
Process Monitor Error
No web browser is configured.
'
"
SeIncreaseBasePriorityPrivilege
PROCMON: Terminating due to unexpected socket error
The remote system has closed the connection
Converting boot-time event data
Ntdll.dll
Unable to create socket
Unable to bind socket
Unable to query the port
Accept failed
Unable to connect to remote system
Capture requires 64-bit mode.
Process Monitor is already monitoring this system.
Capture requires Administrators group membership
Another version of the Process Monitor driver is already loaded. A reboot is required to run this version.
Unable to load Process Monitor device driver
Error enabling capture
PROCMON: Error waiting for console connection:
PROCMON: already running on this system
PROCMON: Unable to load device driver
Unable to resolve address for computer '
Unable to open connection to '
' on port
e\Global??\%c:
\Sessions\%d\DosDevices\%08x-%08x\%c:
\Device\LanmanRedirector\;
\Device\LanmanRedirector\;Z:0000000000000000
startime
endtime
EventTimeStamp
StackProcess
StackThread
Stack1
Stack2
Stack3
Stack4
Stack5
Stack6
Stack7
Stack8
Stack9
Stack10
Stack11
Stack12
Stack13
Stack14
Stack15
Stack16
Stack17
Stack18
Stack19
Stack20
Stack21
Stack22
Stack23
Stack24
Stack25
Stack26
Stack27
Stack28
Stack29
Stack30
Stack31
Stack32
0x%08X
0x%llX
%03d.%03d.%03d.%03d
%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x
"%*hs"
"%*ws"
MSNT_TcpIpInformation
StackWalk
LostEvent
SendIPV4
SendIPV6
RecvIPV4
RecvIPV6
Accept
AcceptIPV4
AcceptIPV6
Connect
ConnectIPV4
ConnectIPV6
Disconnect
DisconnectIPV4
DisconnectIPV6
Reconnect
ReconnectIPV4
ReconnectIPV6
Retransmit
RetransmitIPV4
RetransmitIPV6
TCPCopy
TCPCopyIPV4
TCPCopyIPV6
PROCMON TRACE
NT Kernel Logger
advapi32.dll
Network trace initialization failed: Error %d
SYSTEM
Filter#
Module
status
Button
ResizerClass
Unlabeled
ThisProperty
No events
(capture disabled)
The current filter excludes all %s events
Showing all %s events
Showing %s of %s events (%s%%)
virtual memory
Backed by %s
Process Monitor - Sysinternals: www.sysinternals.com
FileViewerDialog
The file '
' could not be opened
Courier New
' could not be read
FILE_VIEWER
SystemDetailsDialog
unknown
ProfilingDialog
commdlg_ColorOK
commdlg_SetRGBColor
SELECTHIGHLIGHTCOLORS
ModulePropertiesDialog
Filter %d
Replace existing filter '
SAVE_FILTER
Procmon Filter (*.PMF)
Error writing filter file
Error reading filter file
A filter by that name already exists. Do you want to overwrite it?
Device Path
User Path
DevicePathDialog
DevicePathColumns
Event Count
Event Bytes
Pending Events
Process Count
Dictionary Count
Icon Count
Commited
BackingFileDialog
BackingFileColumns
ProcMon load: %.2f%% @ p%d (%s bytes pending)
MB available)
Procmon Log (*.PML)
Please provide a path to the backing file.
Your changes will take affect the next time you begin capturing a new log.
Address
(Running)
MODULE_PROPERTIES
Description:
Company:
Modules:
CONTEXT_STACKTRACE
PropertySheetDialog
Event Properties
PROP_EVENT
PROP_PROCESS
PROP_STACKTRACE
PROPERTIES
Column
Relation
Action
FilterControlColumns
FILTER_CONTROL
FilterDialog
You did not add the item you were editing. Add it now?
HighlightDialog
PreviousFilterItem
UniqueDialog
OccurrencesDialog
OccurrencesColumns
%Iu items
Kernel CPU;%
Total CPU;%
File Bytes
File Operations
Registry Operations
Network Bytes
Network Operations
Working Set Bytes
Process Timeline -
ProcessTimelineDialog
/second
Process Name
File Events
File I/O Bytes
Registry Events
Network Events
Working Set Peak
ProcessActivitySummaryDialog
ProcessSummaryColumns2
PROCESS_TIMELINE
File Time
Total Events
Closes
Writes
Read Bytes
Write Bytes
Get ACL
Set ACL
Extension
By Path
By Folder
By Extension
FileSummaryColumns
FileSummaryColumns.ByFolder
FileSummaryColumns.ByExtension
FileSummaryDialog
<none>
<Total>
%Iu file paths
Registry Time
RegistrySummaryDialog
RegistrySummaryColumns
Network Time
Connects
Disconnects
Receives
Send Bytes
Receive Bytes
NetworkSummaryDialog
NetworkSummaryColumns
% Count
% Time
Location
StackSummaryDialog
StackSummaryColumns
Adding items
Unable to locate associated event in the visible items
Writers
Readers
CrossReferenceSummaryDialog
CrossReferenceSummaryColumns
HistoryDepthDialog
History depth must be 1-
%s (%s)
<graph>
<undefined>
ProcessTreeDialog
Process Tree -
Process Tree
Image Path
Life Time
Command
Start Time
End Time
ProcessTreeColumns
ProcessTree.ShowRunningOnly
ProcessTree.ShowAllHistory
CONTEXT_PROCESSTREE
: The operation was cancelled
: There are no items to be saved
: The selected file is not writable
: The disk is full, or an internal size limit was exceeded
: An error occurred saving the data
: The operation was successful
SaveDialog
Logfile
Procmon Log (*.PML)
Text File (*.CSV)
XML File (*.XML)
You must supply a path
already exists.
Do you want to replace it?
Error Saving File
Log files must be native Process Monitor log files with a .pml extension.
The specified log file does not exist.
There %s %Id additional file%s associated with this log. Do you wish to open all files?
\SystemRoot
<remote boot-log>
Procmon Log (*.PML,*.PMB)
*.PML;*.PMB
The log of boot-time activity created by a previous instance of Process Monitor is incomplete and cannot be read.
A log of boot-time activity was created by a previous instance of Process Monitor. Do you wish to save the collected data now?
Bootlog.pml
Unable to create the requested PML file
An error occurred processing the boot-time data
Include '
Exclude '
Highlight '
Copy '
Edit Filter '
Exclude Events Before
Exclude Events After
MainWindow
ToolbarWindow32
(not found)
commdlg_FindReplace
CONTEXT_HEADER
Highlight
Unable to determine process ID for selected window
A system or application resource limit has been exceeded
that prevents Process Monitor from capturing additional events.
Cannot find string "
Bookmarks are not enabled because the file is read-only.
No more bookmarks
PROFILING_OPTIONS
COLUMNCHOOSER
Jump not implemented for this event class
FILTER
No filter rules are currently defined
ORGANIZE_FILTERS
HIGHLIGHT
HISTORY_DEPTH
SYSTEM_DETAILS
There are no events in the trace
UNIQUE
OCCURRENCES
PROCESS_TREE
PROCESS_SUMMARY
FILE_SUMMARY
REGISTRY_SUMMARY
NETWORK_SUMMARY
STACK_SUMMARY
CROSS_REFERENCE_SUMMARY
SYMBOLCONFIG
No more highlights
\procmon.chm
%s:Zone.Identifier
Unable to open help file
ABOUTBOX
BACKINGFILE
ProcmonConfiguration.pmc
Procmon Configuration (*.PMC)
The selected file cannot be opened
DISCONNECTING
Unable to enable capturing of events.
<remote system root>
<remote computer name>
MAIN_MENU
PROCMON_WINDOW_CLASS
Out of memory: Unable to allocate a memory block of size %Iu
Software\Microsoft\Windows NT\CurrentVersion
Kernel32.dll
OpenLog
Terminate
WaitForIdle
SaveAs
SaveAs1
SaveAs2
SaveApplyFilter
EnableBootLogging
ConvertBootLog
LoadConfig
NoFilter
BackingFile
OriginalPath
PagingFile
NoConnect
Client
Minimized
Runtime
ExternalCapture
Software\Microsoft\Windows\CurrentVersion\Policies\System
EnableLUA
Process Monitor must be run from an administrator account.
Unable to extract x64 image. Run Process Monitor from a writable directory.
Invalid argument:
The /SaveAs option is valid only when used with /OpenLog
The /SaveApplyFilter option is valid only when used with /SaveAs
Procmon was unable to allocate sufficient memory to run.
Try increasing the size of your page file.
Runtime parameter must be specified in seconds.
Runtime parameter must be between 1 and 3600 seconds.
SeDebugPrivilege
ProcMon Log File
ProcMon.Logfile.1
Software\Sysinternals\Process Monitor32
Software\Sysinternals\Process Monitor
The selected configuration file cannot be opened
DeviceNameMap
Invalid file extension in /SaveAs option
The file was not saved.
ACCELERATORS
FILTER_INIT
NT AUTHORITY\SYSTEM
REG_NONE
REG_SZ
REG_EXPAND_SZ
REG_BINARY
REG_DWORD
REG_DWORD_BIG_ENDIAN
REG_LINK
REG_MULTI_SZ
REG_RESOURCE_LIST
REG_FULL_RESOURCE_DESCRIPTOR
REG_RESOURCE_REQUIREMENTS_LIST
REG_QWORD
REG_CREATED_NEW_KEY
REG_OPENED_EXISTING_KEY
<Unknown:
Granted Access
Hive Path
New Name
Cached
HandleTags
UserFlags
SubKeys
Values
KeyWriteTimeInformation
KeyWow64FlagsInformation
KeySetHandleTagsInformation
KeySetInformationClass
Wow64Flags
Columns
ColumnCount
ColumnMap
DbgHelpPath
HighlightFG
HighlightBG
LogFont
BoookmarkFont
AdvancedMode
Autoscroll
HistoryDepth
DestructiveFilter
AlwaysOnTop
ResolveAddresses
SourcePath
SymbolPath
FilterRules
HighlightRules
%_NT_SYMBOL_PATH%
srv*https://msdl.microsoft.com/download/symbols
Internal error: Snapshot is already open
Unable to open '
' for reading
' is not a valid backing file (truncated)
An error occurred attempting to memory map '
is not a Process Monitor backing file (signature missing).
is not compatible with this version of Process Monitor.
was not closed cleanly during capture and is corrupt.
must be opened using the 32-bit version of Process Monitor.
Run the 32-bit version by specifying the /run32 command-line option.
' is corrupt and cannot be opened.
PRIVILEGE NOT HELD
INSUFFICIENT SERVER RESOURCES
ACCESS VIOLATION
THREAD NOT IN PROCESS
INSUFFICIENT RESOURCES
KEY DELETED
IO FAILED
REGISTRY CORRUPT
NO MEMORY
FILE DELETED
PATH SYNTAX BAD
BAD IMPERSONATION
FILES OPEN
DEVICE DATA ERROR
CRC ERROR
NOT IMPLEMENTED
EAS NOT SUPPORTED
TOO MANY COMMANDS
DEVICE NOT CONNECTED
NOT SAME DEVICE
EA TOO LARGE
DATATYPE MISALIGNMENT
HIVE UNLOADED
FILE INVALID
NONEXISTENT EA ENTRY
BAD NETWORK NAME
INVALID NETWORK RESPONSE
NOTIFY ENUM DIR
FILE CORRUPT
DISK CORRUPT
RANGE NOT LOCKED
FILE CLOSED
DUPLICATE NAME
DATA OVERRUN
REDIRECTOR NOT STARTED
UNSUCCESSFUL
NOT FOUND
NO MORE MATCHES
OBJECT PATH INVALID
INFO LENGTH MISMATCH
CANNOT IMPERSONATE
LOGON FAILURE
DOWNGRADE DETECTED
INVALID ADDRESS COMPONENT
IN PAGE ERROR
CANCELLED
NO EAS ON FILE
EA CORRUPT ERROR
QUOTA EXCEEDED
NOT SUPPORTED
NO MORE FILES
BUFFER TOO SMALL
NAME INVALID
NAME NOT FOUND
NOT A DIRECTORY
NO SUCH FILE
NAME COLLISION
NONEXISTENT SECTOR
BAD NETWORK PATH
PATH NOT FOUND
NO SUCH DEVICE
END OF FILE
NOTIFY CLEANUP
CSC OBJECT PATH NOT FOUND
BUFFER OVERFLOW
OBJECTID NOT FOUND
OBJECT TYPE MISMATCH
NO MORE ENTRIES
ACCESS DENIED
SHARING VIOLATION
INVALID PARAMETER
OPLOCK BREAK IN PROGRESS
CANNOT BREAK OPLOCK
OPLOCK NOT GRANTED
FILE LOCK CONFLICT
REPARSE
MORE ENTRIES
FS DRIVER REQUIRED
DELETE PENDING
CANNOT DELETE
NOT GRANTED
IS DIRECTORY
ALREADY COMMITTED
INVALID EA FLAG
INVALID INFO CLASS
INVALID HANDLE
INVALID DEVICE REQUEST
WRONG VOLUME
CHILD MUST BE VOLATILE
NETWORK ERROR
DISCONNECTED
DFS UNAVAILABLE
LOG FILE FULL
INVALID DEVICE STATE
NO MEDIA
PREDEFINED HANDLE
DISK FULL
NOT EMPTY
NOT REPARSE POINT
MEDIA WRITE PROTECTED
CANNOT MAKE
INVALID PARAMETER 1
INVALID PARAMETER 2
INVALID PARAMETER 3
INVALID PARAMETER 4
E_WRONG_PRINCIPAL
INVALID LEVEL
OPLOCK SWITCHED TO NEW HANDLE
OPLOCK HANDLE CLOSED
WAIT FOR OPLOCK
DEVICE FEATURE NOT SUPPORTED
INVALID TRANSACTION
CANNOT EXECUTE FILE IN TRANSACTION
SPARSE NOT ALLOWED IN TRANSACTION
TRANSACTED MAPPING UNSUPPORTED REMOTE
TRANSACTIONAL OPEN NOT ALLOWED
EFS NOT ALLOWED IN TRANSACTION
FILE LOCKED WITH ONLY READERS
FILE LOCKED WITH WRITERS
TRANSACTIONAL CONFLICT
TRANSACTION_NOT_ACTIVE
INSTANCE NOT AVAILABLE
PIPE NOT AVAILABLE
INVALID PIPE STATE
PIPE BUSY
PIPE DISCONNECTED
PIPE CLOSING
PIPE CONNECTED
PIPE LISTENING
INVALID READ MODE
FILE SYSTEM LIMITATION
PIPE EMPTY
PIPE BROKEN
IO TIMEOUT
PATH NOT COVERED
FAST IO DISALLOWED
IO DEVICE ERROR
CANT WAIT
USER MAPPED FILE
USER SESSION DELETED
LOGIN WKSTA RESTRICTION
STATUS_OFFLOAD_READ_FLT_NOT_SUPPORTED
STATUS_OFFLOAD_WRITE_FLT_NOT_SUPPORTED
OFFLOAD READ FILE NOT SUPPORTED
_NT_SYMBOL_PATH
ntoskrnl.exe
Ntkrnlmp.exe
ntkrnlpa.exe
Ntkrpamp.exe
Loading symbol module for
Loading symbols for
Retrieving function names for
Retrieving source path for
Configure the symbol engine for symbols
Resolving symbols...
http://www.microsoft.com/whdc/devtools/debugging/default.mspx
Software\Microsoft\DebuggingTools
Windbg
DbgHelp.dll
%ProgramFiles%\Debugging Tools for Windows (x64)\dbghelp.dll
C:\Debuggers\dbghelp.dll
\dbghelp.dll
dbghelp.dll
imagehlp.dll
%PATH%
Specify dbghelp.dll...
Dbghelp DLL (dbghelp.dll)
Browse for Symbols Directory
Browse for Source Directory
The DLL you specified is not a valid Dbghelp DLL.
SYMBOLCONFIGWARNING
\StringFileInfo\%04X%04X\%s
\VarFileInfo\Translation
FileDescription
user32.dll
ERROR : Unable to initialize critical section in CAtlBaseModule
mscoree.dll
;T^h<U_i=V`j>Wak?Xbl@YcmAZdnB[eoC\fpD]gq
combase.dll
Sunday
Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
January
February
August
September
October
November
December
MM/dd/yy
dddd, MMMM dd, yyyy
HH:mm:ss
- floating point support not loaded
- not enough space for arguments
- not enough space for environment
- abort() has been called
- not enough space for thread data
- unexpected multithread lock error
- unexpected heap error
- unable to open console device
- not enough space for _onexit/atexit table
- pure virtual function call
- not enough space for stdio initialization
- not enough space for lowio initialization
- unable to initialize heap
- CRT not initialized
- Attempt to initialize the CRT more than once.
This indicates a bug in your application.
- not enough space for locale information
- Attempt to use MSIL code from this assembly during native code initialization
This indicates a bug in your application. It is most likely the result of calling an MSIL-compiled (/clr) function from a native constructor or from DllMain.
- inconsistent onexit begin-end variables
DOMAIN error
SING error
TLOSS error
runtime error
Runtime Error!
Program:
<program name unknown>
Microsoft Visual C++ Runtime Library
(null)
CONIN$
UTF-16LE
UNICODE
((((( H
((((( H
zh-CHS
az-AZ-Latn
uz-UZ-Latn
kok-IN
syr-SY
div-MV
quz-BO
sr-SP-Latn
az-AZ-Cyrl
uz-UZ-Cyrl
quz-EC
sr-SP-Cyrl
quz-PE
smj-NO
bs-BA-Latn
smj-SE
sr-BA-Latn
sma-NO
sr-BA-Cyrl
sma-SE
sms-FI
smn-FI
zh-CHT
az-az-cyrl
az-az-latn
bs-ba-latn
div-mv
kok-in
quz-bo
quz-ec
quz-pe
sma-no
sma-se
smj-no
smj-se
smn-fi
sms-fi
sr-ba-cyrl
sr-ba-latn
sr-sp-cyrl
sr-sp-latn
syr-sy
uz-uz-cyrl
uz-uz-latn
zh-chs
zh-cht
USER32.DLL
CONOUT$
ACCELERATORS
MAIN_MENU
CONTEXT_HEADER
CONTEXT_PROCESSTREE
ABOUTBOX
COLUMNCHOOSER
FILTER
SYMBOLDBGHELPGWARNING
SYMBOLCONFIGWARNING
SYMBOLCONFIG
PROP_STACKTRACE
BACKINGFILE
PROPERTIES
PROP_PROCESS
HISTORY_DEPTH
UNIQUE
FILTER_CONTROL
HIGHLIGHT
SELECTHIGHLIGHTCOLORS
MODULE_PROPERTIES
SAVE_FILTER
ORGANIZE_FILTERS
PROP_EVENT
PROGRESS
OCCURRENCES
PROCESS_SUMMARY
FILE_SUMMARY
FILTER_INIT
REGISTRY_SUMMARY
STACK_SUMMARY
PROFILING_OPTIONS
DEVICE_PATH
PROCESS_TREE
FILE_VIEWER
CROSS_REFERENCE_SUMMARY
PROCESS_TIMELINE
SYSTEM_DETAILS
NETWORK_SUMMARY
DISCONNECTING
BOOTLOG_OPTIONS
SPLITTER_CURSOR
BINRES
RCDRIVERNT
&Open...
Ctrl+O
&Save...
Ctrl+S
Backing Files...
&Capture Events
Ctrl+E
Export Configuration...
Import Configuration...
Ctrl+C
&Find...
Ctrl+F
Find &Highlight
Find &Bookmark
&Auto Scroll
Ctrl+A
C&lear Display
Ctrl+X
E&vent
Properties...
Ctrl+P
Stac&k...
Ctrl+K
Toggle &Bookmark
Ctrl+B
Jump To...
Ctrl+J
Search Online...
Include
IncludeDummy
Exclude
ExcludeDummy
Highlight
HighlightDummy
Fi&lter
Enable &Advanced Output
Filter...
Ctrl+L
Reset Filter
Ctrl+R
Load Filter
LoadFilterDummy
Save Filter...
Organize Filters...
Drop Filtered Events
Highlight...
Ctrl+H
&Tools
System Details...
Process Tree...
Ctrl+T
Process Activity Summary...
File Summary...
Registry Summary...
Stack Summary...
Network Summary...
Cross Reference Summary...
Count Occurrences...
&Options
Always on &Top
Fo&nt...
Highlight &Colors...
&Configure Symbols...
&Select Columns...
&History Depth...
&Profiling Events...
Enable &Boot Logging
Show &Resolved Network Addresses
Ctrl+N
Hex File &Offsets and Lengths
He&x Process and Thread IDs
&Help...
Command Line Options...
&About...
Properties...
Search Online...
View Source...
Context Menu
&Select Columns...
Context Menu
&Go To Event
&Add process to Include filter
Add process and &children to Include filter
VS_VERSION_INFO
StringFileInfo
040904b0
CompanyName
Sysinternals - www.sysinternals.com
FileDescription
Process Monitor
FileVersion
InternalName
Process Monitor
LegalCopyright
Copyright
1996-2018 Mark Russinovich
OriginalFilename
Process Monitor
ProductName
Sysinternals Procmon
ProductVersion
VarFileInfo
Translation
About Process Monitor
MS Shell Dlg
Process Monitor v
Sysinternals - www.sysinternals.com
Copyright
1996-2013 Mark Russinovich
Process Monitor Column Selection
MS Shell Dlg
Cancel
Select columns to appear in the Process Monitor window:
Application Details
Process Name
Image Path
Command Line
Company Name
Description
Version
Architecture
Event Details
Sequence Number
Event Class
Operation
Date &&Time
Time of Day
Category
Detail
Result
Relative Time
Duration
Process Management
User Name
Session ID
Authentication ID
Integrity
Process ID
Thread ID
Parent PID
Virtualized
Completion Time
Process Monitor Filter
MS Shell Dlg
&Cancel
A&pply
Display entries matching these conditions:
Process Monitor Warning
MS Shell Dlg
Symbols are not currently configured.
You must configure symbols in order to view thread stack information.
Install the
Microsoft Debugging Tools for Windows
and configure a symbol server
address in the Options|Configure Symbols dialog for the best symbol support.
Process Monitor Warning
MS Shell Dlg
The version of Dbghelp.dll configured does not support the Microsoft Symbol Server.
Microsoft Debugging Tools for Windows
version that does.
Please download and install the
to get a
Configure Symbols
MS Shell Dlg
Cancel
DbgHelp.dll path (version 6.0 or later):
Symbol paths:
Process Monitor uses symbols to resolve function names when displaying thread stack locations on the Stack page of an event's properties dialog.
If you do not require that information you do not need to configure symbols.
Source code paths:
When displaying stack traces for modules for which you have both symbols and source code available Process Monitor can let you view the source associated with a stack frame.
MS Shell Dlg
SysListView32
Status...
&Properties...
&Save...
Source...
Search...
Process Monitor Backing Files
MS Shell Dlg
Cancel
SysListView32
Process Monitor can store events in virtual memory (limited by the system commit limit), or in a file you specify (limited by free disk space). Which do you prefer?
Use &virtual memory
Use file &named:
These backing file objects are being used to store event data:
Static
Static
Save To File
MS Shell Dlg
Cancel
All events
Events displayed using current filter
Highlighted events
Events to save:
Format:
Comma-Separated Values (CSV)
Native Process Monitor Format (PML)
Extensible Markup Language (XML)
Include stack traces (will increase file size)
Resolve stack symbols (will be slow)
Also include profiling events
Properties
MS Shell Dlg
SysTabControl32
Next Highlighted
Copy All
MS Shell Dlg
Version:
Command Line:
Parent PID:
Session ID:
Auth ID:
Started:
Architecture:
Virtualized:
Integrity:
Ended:
Modules:
SysListView32
History Depth
MS Shell Dlg
Cancel
msctls_updown32
The history depth limits the total number of events kept during a run.
Number of events (millions):
Show Unique Values
MS Shell Dlg
&Save...
Column:
Double-click an item to filter on that value.
&Filter...
MS Shell Dlg
&Remove
SysListView32
Process Monitor Highlighting
MS Shell Dlg
Highlight entries matching these conditions:
&Cancel
A&pply
&Make Filter
Choose Highlight Colors
MS Shell Dlg
&Select
&Cancel
&Color choices:
|S&olid
&Green:
Bl&ue:
&Add to Custom Colors
Preview
Module Properties
MS Shell Dlg
Version:
Company:
Description:
Module:
Timestamp:
Save Filter
MS Shell Dlg
Cancel
Enter a name for the filter:
Organize Filters
MS Shell Dlg
&Rename
&Delete
Export...
Import...
MS Shell Dlg
Thread:
Class:
Operation:
Result:
Duration:
Dialog
MS Shell Dlg
Cancel
msctls_progress32
Initializing...
Count Values Occurrences
MS Shell Dlg
&Save...
Column:
SysListView32
Double-click an item to filter on that value.
&Filter...
Static
Process Activity Summary
MS Shell Dlg
&Detail...
&Save...
Static
Processes generating events during trace:
Command Line:
Started:
Ended:
Total User CPU:
Total Kernel CPU:
SysTreeView32
File Summary
MS Shell Dlg
&Save...
Static
Files accessed during trace:
SysTabControl32
Filter...
Process Monitor Usage
MS Shell Dlg
Command line arguments:
/OpenLog <PML file>
/BackingFile <PML file>
/NoConnect
/NoFilter
/AcceptEula
/Profiling
Open a previously saved event file
Save events in the specified backing file
Don't automatically begin collecting events at start up
Clear the filter at start up
Accept the EULA automatically (don't show a dialog)
Enable the thread profiling feature
/PagingFile
Save events in the virtual memory
/Minimized
/Terminate
Start the application minimized
Terminate all instances of ProcMon and exit
/Quiet
Don't confirm filter settings during start up
/Run32
Run the 32-bit version to load 32-bit log files (x64 only)
/WaitForIdle
Wait for an instance of ProcMon to become ready
/HookRegistry
Hook Registry for Softgrid troubleshooting (x86 Vista only)
/SaveAs <path>
Export to an XML, CSV or PML file
/SaveAs1 <path>
Export including stack traces (XML only)
/SaveAs2 <path>
Export including stack traces with symbols (XML only)
/LoadConfig <file>
Load a previously saved configuration file
/SaveApplyFilter
Apply current filter before exporting
/EnableBootLogging
Configures logging of next boot
/ConvertBootLog <PML file>
Automatically processes a boot log after reboot
/Runtime
Run for the specified number of seconds and terminate
Process Monitor Filter
MS Shell Dlg
Filters were in effect the last time you exited Process Monitor:
Display entries matching these conditions:
&Cancel
A&pply
Registry Summary
MS Shell Dlg
&Save...
SysListView32
Static
Registry paths accessed during trace:
Filter...
Stack Summary
MS Shell Dlg
Stack traces during trace:
Static
SysTreeView32
Go to Event
Source...
Filter...
Thread Profiling Options
MS Shell Dlg
Cancel
Process Monitor can generate thread profiling events that capture the state of all executing threads at a regular interval.
Generate thread profiling events
Every second
Every 100 milliseconds
Define Device Path
MS Shell Dlg
Provide a translation for this device path to the DOS path:
Device path:
User path:
Remove
Existing translations:
SysListView32
Full path:
Remove All
Process Tree
MS Shell Dlg
&Close
Only show processes still running at end of current trace
SysTreeView32
Description:
Company:
Command:
Process ID
Started:
Started
Exited:
Exited
&Go To Event
Timelines cover displayed events only
&Include Process
Include &Subtree
File Viewer
MS Shell Dlg
Cross Reference Summary
MS Shell Dlg
&Close
&Save...
SysListView32
Static
Paths that are written and read between differing processes:
&Filter on Row
Process Timeline
MS Shell Dlg
CPU Utilization
File I/O Bytes
File I/O Operations
Registry Operations
Private Memory Bytes
Memory Working Set
100 MB/sec
100 Operations/sec
100 Operations/sec
100 MB
100 MB
Click on a graph to go to the closest event in the trace.
Network Bytes
Network Operations
100 MB/sec
100 Operations/sec
System Details
MS Shell Dlg
System on which trace was captured:
Computer Name:
System Root:
Operating System:
Memory (RAM):
System Type:
Logical Processors:
Network Summary
MS Shell Dlg
&Save...
SysListView32
Static
Network paths accessed during trace:
Filter...
Process Monitor
MS Shell Dlg
Disconnecting from Event Tracing for Windows (ETW). This can take up to a minute.
Enable Boot Logging
MS Shell Dlg
Cancel
Process Monitor can generate thread profiling events that capture the state of all running applications at a regular interval.
Generate thread profiling events
Every second
Every 100 milliseconds
\SystemRoot\System32\Drivers\
\SystemRoot\Procmon.pmb
Parameters
ThreadProfiling
RuntimeSeconds
\SystemRoot
D:P(A;;GA;;;AU)
\device\ProcmonDebugLogger
\DosDevices\Global\ProcmonDebugLogger
\device\ProcmonExternalLogger
\??\ProcmonExternalLoggerEnabled
\ProcessMonitor24Port
ZwQueryInformationThread
SeLocateProcessImageName
PsSetCreateProcessNotifyRoutineEx2
PsSetCreateThreadNotifyRoutineEx
ZwOpenProcessTokenEx
500000
(Default)
CmRegisterCallback
CmRegisterCallbackEx
CmUnRegisterCallback
CmCallbackGetKeyObjectID
IoCreateDeviceSecure
IoValidateDeviceIoControlAccess
D:P(A;;GA;;;SY)
D:P(A;;GA;;;SY)(A;;GA;;;BA)
D:P(A;;GA;;;SY)(A;;GRGX;;;BA)
D:P(A;;GA;;;SY)(A;;GRGWGX;;;BA)(A;;GR;;;WD)
D:P(A;;GA;;;SY)(A;;GRGWGX;;;BA)(A;;GR;;;WD)(A;;GR;;;RC)
D:P(A;;GA;;;SY)(A;;GRGWGX;;;BA)(A;;GRGW;;;WD)(A;;GR;;;RC)
D:P(A;;GA;;;SY)(A;;GRGWGX;;;BA)(A;;GRGWGX;;;WD)(A;;GRGWGX;;;RC)
Properties
NoDisplayClass
NoUseClass
Security
DeviceType
DeviceCharacteristics
Exclusive
\Registry\Machine\System\CurrentControlSet\Control\Class
{%08X-%04X-%04X-%02X%02X-%02X%02X%02X%02X%02X%02X}
<INSUFFICIENT RESOURCES>
<INVALID NAME>
\Registry
VS_VERSION_INFO
StringFileInfo
040904b0
CompanyName
Sysinternals - www.sysinternals.com
FileDescription
Process Monitor Driver
FileVersion
InternalName
Procmon.sys
LegalCopyright
Copyright (C) 2006-2014 M. Russinovich
OriginalFilename
procmon.Sys
ProductName
Process Monitor
ProductVersion
VarFileInfo
Translation
ProcMonDrive
ProcMonDrive
Legal_Policy_Statement
Capture (Ctrl+E)
Autoscroll (Ctrl+A)
Clear (Ctrl+X)
Show Process Tree
Filter (Ctrl+L)
Find (Ctrl+F)
Save (Ctrl+S)
High Resolution Date & Time
Jump to Object (Ctrl+J)
Date & Time
Process Name
Operation
Result
Detail
Sequence
Object Reference
Show File System Activity
Show Registry Activity
Show Network Activity Show Process and Thread Activity
Highlight (Ctrl+H)
Show Profiling Events
Include Process From Window
Company
Description
Command Line
Image Path
Session
Event Complete
Image Load
Address
Relative Time
Duration
Time of Day
Module
Location
Version
Event Class
Authentication ID
Virtualized
Integrity
Category
Parent PID
Architecture
Completion Time
Procmo
Legal_policy_statement
Procmo
Legal_Policy_Statement
Capture (Ctrl+E)
Autoscroll (Ctrl+A)
Clear (Ctrl+X)
Show Process Tree
Filter (Ctrl+L)
Find (Ctrl+F)
Save (Ctrl+S)
High Resolution Date & Time
Jump to Object (Ctrl+J)
Date & Time
Process Name
Operation
Result
Detail
Sequence
Object Reference
Show File System Activity
Show Registry Activity
Show Network Activity Show Process and Thread Activity
Highlight (Ctrl+H)
Show Profiling Events
Include Process From Window
Company
Description
Command Line
Image Path
Session
Event Complete
Image Load
Address
Relative Time
Duration
Time of Day
Module
Location
Version
Event Class
Authentication ID
Virtualized
Integrity
Category
Parent PID
Architecture
Completion Time
Procmo
Legal_policy_statement
Procmo
Legal_Policy_Statement

Dropped Files

14dc422082f96f5c_reader_sl.exe.dat

Name: 14dc422082f96f5c_reader_sl.exe.dat
Size: 35.7 kB
Type: PE32 executable (GUI) Intel 80386, for MS Windows
MD5: 452fa961163ef4aee4815796a13ab2cf
SHA1: 225f15c62b396c467623527be89ab0de83d891de
SHA256: 14dc422082f96f5c21c41a5e5f6e8445547cc4b02b18f0a86a34669ca2ce18a7
SHA512: 37924b9b6bdadd6e1a5cffc239f7bb9d061d8f9e691989ad29e2ed093f277b8aadae12528d0c79ae406c75396664e1629c8d507e3ae0c0d0406d6e03ccefb3e6
Ssdeep: 768:hzq2Nr3t0ECteEx+/ewdpgJ1qivypDkmOy3iLL4IbuD:hzX7uEWeEseYGMOy3iLly

60aa70dedb7a7be8_dvasion_exp.dll.dat

Name: 60aa70dedb7a7be8_dvasion_exp.dll.dat
Size: 2.9 MB
Type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5: 5cc8b7a61a989cf0d6ea2d7ca13e2111
SHA1: 122d9cd2b632acff207a9c1c4503bb51600a49df
SHA256: 60aa70dedb7a7be816118c91459a3e1393e2371017a37d4db2452e3b8d099815
SHA512: 57417292a96f862d717273579566a3beda3809162e4be141fe890b5eec29d117f357ee855996bf1175cca4514d95cac6d31129a64f057792f861d30b7a428fdb
Ssdeep: 49152:ZjwpWdRbMfxfo006vqod33JYBPlQw0K4Z:upWjQR

881ce21c2380064e_dvasion_exp.exe.dat

Name: 881ce21c2380064e_dvasion_exp.exe.dat
Size: 3.1 MB
Type: PE32 executable (console) Intel 80386, for MS Windows
MD5: d87a0d617fc12cd1ec6c9f7a1554b044
SHA1: c91e6d492cd9bce6800420e4e0e5bfedcd20b43a
SHA256: 881ce21c2380064e8c416a184579ee6dd50e52f3daef066ff4f6aa7c5d8ccebb
SHA512: 5840ca2c1793f3f8898589f3cfad7275577dbec54b3c6131c08f92c3a2a8b5e671853ccb4df73da15fe73a7eb5d619bc8e75c3a718c0a8880ea08735013b55b1
Ssdeep: 49152:vWiEmG/pKD5z/n4llP4uhxLL+juY7tUuyk1+8uTv:jEmAKD5zQN

9bc7b75bb7f8b0af_drconfiglib.dll.dat

Name: 9bc7b75bb7f8b0af_drconfiglib.dll.dat
Size: 554.0 kB
Type: PE32 executable (DLL) (console) Intel 80386, for MS Windows
MD5: c8c7485719a99b8c945a32fcdc3628a1
SHA1: 344b832c35d40948e3f52d37223e520f47d4e39b
SHA256: 9bc7b75bb7f8b0af07420bd390c2d08ea07142d302217c7bf26cbaffc7d15e74
SHA512: fb47a28662991638ac3df4594b8b33e88ed3631b10fdd5d4310008d30f2423501c8175a8ea8c437b991221108583252652676b00738ea91854ead2cc2043f9b7
Ssdeep: 6144:aZhXo3tVpkHvqc2ZJUTjU9wb76GDuAwD+fJbi:Co9VWCc2ZJUT49wb76+uAI+fdi

de055a89de246e62_symsrv.dll

Name: de055a89de246e62_symsrv.dll
Size: 69.3 kB
Type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, UPX compressed
MD5: 7574cf2c64f35161ab1292e2f532aabf
SHA1: 14ba3fa927a06224dfe587014299e834def4644f
SHA256: de055a89de246e629a8694bde18af2b1605e4b9b493c7e4aef669dd67acf5085
SHA512: 4db19f2d8d5bc1c7bbb812d3fa9c43b80fa22140b346d2760f090b73aed8a5177edb4bddc647a6ebd5a2db8565be5a1a36a602b0d759e38540d9a584ba5896ab
Ssdeep: 1536:YjV8y93KQpFQmPLRk7G50zy/riF12jvRyo0hQk7ZL:c8y93KQjy7G55riF1cMo03V

eeb9eee57fc9198c_17e826fa0f6297f80b459948ab12efbdefc06f3cb999184a5cb1eddcf7b7d55064.exe

Name: eeb9eee57fc9198c_17e826fa0f6297f80b459948ab12efbdefc06f3cb999184a5cb1eddcf7b7d55064.exe
Size: 1.2 MB
Type: PE32+ executable (GUI) x86-64, for MS Windows
MD5: 11b0b711d25b7b047f1f7f08de19c102
SHA1: 8b298412ec523b7d261b460682688d903a226a89
SHA256: eeb9eee57fc9198c95b8a8a762ffb7d4959363ef2747d3271d53b32c8f7f0e49
SHA512: 58c562458795fa7b10d61b186b1c974b224c2eeee1b25d1216b0bc64ccfcc52808506bcfb8589ac7c152772d62ccfd8e2958f41691529e81b7eefc3d93ea6382
Ssdeep: 24576:ChXZR0+idPJWRIsBvgBjyTv11f1jPS9ihsljaH7r/+yNl5j:qXvBIsyBjuv11f1jKwsRAVJ

Network

DNS Requests

Domain	IP Address	Destination Location
www.aieov.com	104.200.23.95	US
5isohu.com		Not Available
www.aieov.com	104.200.22.130	US
c.0.f.6.c.9.5.7.7.b.a.3.1.a.c.4.0.0.0.0.0.0.0.0.0.0.0.0.0.8.e.f.ip6.arpa		Not Available
6.b.5.c.2.1.1.c.b.f.8.a.c.6.8.a.0.0.0.0.0.0.0.0.0.0.0.0.0.8.e.f.ip6.arpa		Not Available
b.9.9.d.c.c.4.4.6.3.a.0.b.4.9.f.0.0.0.0.0.0.0.0.0.0.0.0.0.8.e.f.ip6.arpa		Not Available
b.f.8.4.6.b.2.2.6.f.0.a.e.f.1.1.0.0.0.0.0.0.0.0.0.0.0.0.0.8.e.f.ip6.arpa		Not Available
8.3.5.d.7.b.6.3.e.4.d.2.d.5.0.c.0.0.0.0.0.0.0.0.0.0.0.0.0.8.e.f.ip6.arpa		Not Available
3.0.0.0.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.f.f.ip6.arpa		Not Available
dns.msftncsi.com	131.107.255.255	US

HTTP Requests

http://www.aieov.com/logo.gif

GET /logo.gif HTTP/1.1
Accept: */*
Host: www.aieov.com

http://www.aieov.com/so.gif

GET /so.gif HTTP/1.1
Accept: */*
Host: www.aieov.com

Hosts Involved

IP Address	Country of Origin
104.200.22.130	US
216.58.205.238	US
104.200.23.95	US

Geolocation

Destination Country

US:: 100%

File

Type: PE32 executable (GUI) Intel 80386, for MS Windows
CRC32: 264EDFD7
MD5: 4f88e19a353a7f5edc68c257a636a2d2
SHA1: fe6abf2f8e5a81e15b3ce60735450d064d396639
SHA256: 17e826fa0f6297f80b459948ab12efbdefc06f3cb999184a5cb1eddcf7b7d550
SHA512: f68aac7dac0144ba747d99ba7a7ecfcb42ca68e6afcd821dc89b1aa401ca852d564728b43cbddc632cbde4e4245f3eb05c683c0c4eeb5203989f5174504b2840
Ssdeep: 49152:cVlvpIwYo3sEbQfXvBIsyBjuv11f1jKwsRAVnB7B:8hpZ3sE0vJTCjut1qyVnn
PEiD: None matched

Screenshots

Behavior Summary

File-Read

C:\DLLS\dvasion_exp.dll
C:\DLLS\dvasion_exp.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\desktop.ini
C:\Program Files\Common Files\System\symsrv.dll
C:\ProgramData\Microsoft\User Account Pictures\user.bmp
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Word 2007.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7\Python (command line).lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini
C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini
C:\Python27\DLLs\_ctypes.pyd
C:\Python27\DLLs\_hashlib.pyd
C:\Python27\DLLs\_socket.pyd
C:\Python27\DLLs\_ssl.pyd
C:\Python27\DLLs\pyexpat.pyd
C:\Python27\DLLs\select.pyd
C:\Python27\Lib\site-packages\PIL\_imaging.pyd
C:\Python27\Lib\site-packages\psutil\_psutil_windows.pyd
C:\Python27\pythonw.exe
C:\Users\Public\Desktop\Adobe Reader 9.lnk
C:\Users\Public\Desktop\Google Chrome.lnk
C:\Users\Public\Desktop\Mozilla Firefox.lnk
C:\Users\Public\Desktop\desktop.ini
C:\Users\Public\Documents\desktop.ini
C:\Users\Public\Music\desktop.ini
C:\Users\Public\Pictures\desktop.ini
C:\Users\Public\desktop.ini
C:\Users\Virtual\AppData\Local\Temp\17e826fa0f6297f80b459948ab12efbdefc06f3cb999184a5cb1eddcf7b7d550.exe
C:\Users\Virtual\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
C:\Users\Virtual\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
C:\Users\Virtual\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
C:\Users\Virtual\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk
C:\Users\Virtual\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk
C:\Users\Virtual\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
C:\Users\Virtual\AppData\Roaming\Microsoft\Windows\Libraries\Documents.library-ms
C:\Users\Virtual\AppData\Roaming\Microsoft\Windows\Libraries\Music.library-ms
C:\Users\Virtual\AppData\Roaming\Microsoft\Windows\Libraries\Pictures.library-ms
C:\Users\Virtual\AppData\Roaming\Microsoft\Windows\Libraries\desktop.ini
C:\Users\Virtual\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
C:\Users\Virtual\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini
C:\Users\Virtual\Contacts\desktop.ini
C:\Users\Virtual\Desktop\IBhvqhWMwCzEmI.docx
C:\Users\Virtual\Desktop\MPC-HC.lnk
C:\Users\Virtual\Desktop\OXDcoIxAOw.pptx
C:\Users\Virtual\Desktop\SfNiDMKzjDV.docx
C:\Users\Virtual\Desktop\TeXnicCenter.lnk
C:\Users\Virtual\Desktop\UCCrFRzqGHxYncKpe.docx
C:\Users\Virtual\Desktop\VCeYIzadWLoDj.docx
C:\Users\Virtual\Desktop\desktop.ini
C:\Users\Virtual\Documents\desktop.ini
C:\Users\Virtual\Downloads\desktop.ini
C:\Users\Virtual\Favorites\desktop.ini
C:\Users\Virtual\Links\desktop.ini
C:\Users\Virtual\Music\desktop.ini
C:\Users\Virtual\Pictures\desktop.ini
C:\Users\Virtual\Saved Games\desktop.ini
C:\Users\Virtual\Searches\desktop.ini
C:\Users\Virtual\Videos\desktop.ini
C:\Users\desktop.ini
C:\Windows\Fonts\staticcache.dat
C:\Windows\SysWOW64\CRYPTBASE.dll
C:\Windows\SysWOW64\KERNELBASE.dll
C:\Windows\SysWOW64\advapi32.dll
C:\Windows\SysWOW64\cfgmgr32.dll
C:\Windows\SysWOW64\comdlg32.dll
C:\Windows\SysWOW64\crypt32.dll
C:\Windows\SysWOW64\devobj.dll
C:\Windows\SysWOW64\gdi32.dll
C:\Windows\SysWOW64\kernel32.dll
C:\Windows\SysWOW64\lpk.dll
C:\Windows\SysWOW64\msasn1.dll
C:\Windows\SysWOW64\msctf.dll
C:\Windows\SysWOW64\msvcrt.dll
C:\Windows\SysWOW64\nsi.dll
C:\Windows\SysWOW64\ntdll.dll
C:\Windows\SysWOW64\ole32.dll
C:\Windows\SysWOW64\oleaut32.dll
C:\Windows\SysWOW64\rpcrt4.dll
C:\Windows\SysWOW64\sechost.dll
C:\Windows\SysWOW64\setupapi.dll
C:\Windows\SysWOW64\shell32.dll
C:\Windows\SysWOW64\shlwapi.dll
C:\Windows\SysWOW64\sspicli.dll
C:\Windows\SysWOW64\user32.dll
C:\Windows\SysWOW64\usp10.dll
C:\Windows\SysWOW64\wintrust.dll
C:\Windows\SysWOW64\ws2_32.dll
C:\Windows\System32\IPHLPAPI.DLL
C:\Windows\System32\NapiNSP.dll
C:\Windows\System32\WSHTCPIP.DLL
C:\Windows\System32\acppage.dll
C:\Windows\System32\apphelp.dll
C:\Windows\System32\cryptsp.dll
C:\Windows\System32\dnsapi.dll
C:\Windows\System32\drivers\etc\services
C:\Windows\System32\fltLib.dll
C:\Windows\System32\imm32.dll
C:\Windows\System32\mswsock.dll
C:\Windows\System32\nlaapi.dll
C:\Windows\System32\ntshrui.dll
C:\Windows\System32\pnrpnsp.dll
C:\Windows\System32\powrprof.dll
C:\Windows\System32\python27.dll
C:\Windows\System32\riched20.dll
C:\Windows\System32\riched32.dll
C:\Windows\System32\rsaenh.dll
C:\Windows\System32\shdocvw.dll
C:\Windows\System32\syncui.dll
C:\Windows\System32\twext.dll
C:\Windows\System32\uxtheme.dll
C:\Windows\System32\version.dll
C:\Windows\System32\winnsi.dll
C:\Windows\System32\winrnr.dll
C:\Windows\System32\wtsapi32.dll
C:\Windows\win.ini
C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcp80.dll
C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcr80.dll
C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll
C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
\\?\PIPE\samr
c:\Windows\installer\{ac76ba86-7ad7-1033-7b44-a91000000001}\sc_reader.ico

File-Written

C:\DLLS\dvasion_exp.dll.tmp
C:\DLLS\dvasion_exp.exe.tmp
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe.tmp
C:\Users\Virtual\AppData\Local\Temp\17e826fa0f6297f80b459948ab12efbdefc06f3cb999184a5cb1eddcf7b7d55064.exe
C:\Windows\System32\drivers\PROCMON24.SYS
\\?\PIPE\samr
c:\program files\common files\System\symsrv.dll.000

File-Deleted

C:\DLLS\dvasion_exp.dll.dat
C:\DLLS\dvasion_exp.exe.dat
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe.dat
C:\Windows\System32\drivers\PROCMON24.SYS
c:\program files\common files\System\symsrv.dll.000

File-Opened

C:\
C:\DLLS\dvasion_exp.dll
C:\DLLS\dvasion_exp.dll.dat
C:\DLLS\dvasion_exp.dll.tmp
C:\DLLS\dvasion_exp.exe
C:\DLLS\dvasion_exp.exe.dat
C:\DLLS\dvasion_exp.exe.tmp
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe.dat
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe.tmp
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\MPC-HC\mpc-hc.exe
C:\Program Files (x86)\Mozilla Firefox\
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\TeXnicCenter\TeXnicCenter.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\desktop.ini
C:\Program Files (x86)\windows media player\en-US\wmplayer.exe.mui
C:\Program Files (x86)\windows media player\wmplayer.exe
C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL
C:\Program Files\Common Files\Microsoft Shared\OFFICE12\msoshext.dll
C:\Program Files\Common Files\System\symsrv.dll
C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll
C:\Program Files\Internet Explorer\ieproxy.dll
C:\Program Files\windows defender\MpClient.dll
C:\Program Files\windows defender\MpSvc.dll
C:\ProgramData
C:\ProgramData\Microsoft
C:\ProgramData\Microsoft\User Account Pictures\user.bmp
C:\ProgramData\Microsoft\Windows
C:\ProgramData\Microsoft\Windows\Start Menu
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Word 2007.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7\Python (command line).lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini
C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini
C:\ProgramData\Microsoft\Windows\WER\ReportArchive
C:\Python27\DLLs\_ctypes.pyd
C:\Python27\DLLs\_hashlib.pyd
C:\Python27\DLLs\_socket.pyd
C:\Python27\DLLs\_ssl.pyd
C:\Python27\DLLs\pyexpat.pyd
C:\Python27\DLLs\select.pyd
C:\Python27\Lib\site-packages\PIL\_imaging.pyd
C:\Python27\Lib\site-packages\psutil\_psutil_windows.pyd
C:\Python27\pythonw.exe
C:\Users
C:\Users\Public
C:\Users\Public\Desktop
C:\Users\Public\Desktop\Adobe Reader 9.lnk
C:\Users\Public\Desktop\Google Chrome.lnk
C:\Users\Public\Desktop\Mozilla Firefox.lnk
C:\Users\Public\Desktop\desktop.ini
C:\Users\Public\Documents\desktop.ini
C:\Users\Public\Music\desktop.ini
C:\Users\Public\Pictures\desktop.ini
C:\Users\Public\desktop.ini
C:\Users\Virtual
C:\Users\Virtual\
C:\Users\Virtual\AppData
C:\Users\Virtual\AppData\Local
C:\Users\Virtual\AppData\Local\Microsoft\Windows\Caches\cversions.1.db
C:\Users\Virtual\AppData\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000031.db
C:\Users\Virtual\AppData\Local\Microsoft\Windows\Explorer\thumbcache_1024.db
C:\Users\Virtual\AppData\Local\Microsoft\Windows\Explorer\thumbcache_256.db
C:\Users\Virtual\AppData\Local\Microsoft\Windows\Explorer\thumbcache_32.db
C:\Users\Virtual\AppData\Local\Microsoft\Windows\Explorer\thumbcache_96.db
C:\Users\Virtual\AppData\Local\Microsoft\Windows\Explorer\thumbcache_idx.db
C:\Users\Virtual\AppData\Local\Microsoft\Windows\Explorer\thumbcache_sr.db
C:\Users\Virtual\AppData\Local\Microsoft\Windows\WER\ERC
C:\Users\Virtual\AppData\Local\Microsoft\Windows\WER\ReportArchive
C:\Users\Virtual\AppData\Local\Temp
C:\Users\Virtual\AppData\Local\Temp\17e826fa0f6297f80b459948ab12efbdefc06f3cb999184a5cb1eddcf7b7d550.exe
C:\Users\Virtual\AppData\Local\Temp\17e826fa0f6297f80b459948ab12efbdefc06f3cb999184a5cb1eddcf7b7d55064.exe
C:\Users\Virtual\AppData\Roaming
C:\Users\Virtual\AppData\Roaming\Microsoft
C:\Users\Virtual\AppData\Roaming\Microsoft\Internet Explorer
C:\Users\Virtual\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch
C:\Users\Virtual\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
C:\Users\Virtual\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
C:\Users\Virtual\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
C:\Users\Virtual\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk
C:\Users\Virtual\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk
C:\Users\Virtual\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
C:\Users\Virtual\AppData\Roaming\Microsoft\Windows
C:\Users\Virtual\AppData\Roaming\Microsoft\Windows\Libraries
C:\Users\Virtual\AppData\Roaming\Microsoft\Windows\Libraries\Documents.library-ms
C:\Users\Virtual\AppData\Roaming\Microsoft\Windows\Libraries\Music.library-ms
C:\Users\Virtual\AppData\Roaming\Microsoft\Windows\Libraries\Pictures.library-ms
C:\Users\Virtual\AppData\Roaming\Microsoft\Windows\Libraries\desktop.ini
C:\Users\Virtual\AppData\Roaming\Microsoft\Windows\Start Menu
C:\Users\Virtual\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
C:\Users\Virtual\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini
C:\Users\Virtual\Contacts\desktop.ini
C:\Users\Virtual\Desktop
C:\Users\Virtual\Desktop\
C:\Users\Virtual\Desktop\IBhvqhWMwCzEmI.docx
C:\Users\Virtual\Desktop\MPC-HC.lnk
C:\Users\Virtual\Desktop\OXDcoIxAOw.pptx
C:\Users\Virtual\Desktop\SfNiDMKzjDV.docx
C:\Users\Virtual\Desktop\TeXnicCenter.lnk
C:\Users\Virtual\Desktop\UCCrFRzqGHxYncKpe.docx
C:\Users\Virtual\Desktop\VCeYIzadWLoDj.docx
C:\Users\Virtual\Desktop\desktop.ini
C:\Users\Virtual\Documents\desktop.ini
C:\Users\Virtual\Downloads\desktop.ini
C:\Users\Virtual\Favorites\desktop.ini
C:\Users\Virtual\Links\desktop.ini
C:\Users\Virtual\Music\desktop.ini
C:\Users\Virtual\Pictures\desktop.ini
C:\Users\Virtual\Saved Games\desktop.ini
C:\Users\Virtual\Searches\desktop.ini
C:\Users\Virtual\Videos\desktop.ini
C:\Users\desktop.ini
C:\Windows
C:\Windows\AppPatch\sysmain.sdb
C:\Windows\Branding\ShellBrd\shellbrd.dll
C:\Windows\Fonts\staticcache.dat
C:\Windows\Globalization\Sorting\sortdefault.nls
C:\Windows\Installer
C:\Windows\Installer\{4A656C6C-D24A-473F-9747-3A8D00907A03}
C:\Windows\Installer\{4A656C6C-D24A-473F-9747-3A8D00907A03}\python_icon.exe
C:\Windows\Installer\{90120000-0014-0000-0000-0000000FF1CE}
C:\Windows\Installer\{90120000-0014-0000-0000-0000000FF1CE}\pptico.exe
C:\Windows\Installer\{90120000-0014-0000-0000-0000000FF1CE}\wordicon.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\SysWOW64\CRYPTBASE.dll
C:\Windows\SysWOW64\FWPUCLNT.DLL
C:\Windows\SysWOW64\IPHLPAPI.DLL
C:\Windows\SysWOW64\KERNELBASE.dll
C:\Windows\SysWOW64\KernelBase.dll
C:\Windows\SysWOW64\NapiNSP.dll
C:\Windows\SysWOW64\RpcRtRemote.dll
C:\Windows\SysWOW64\SensApi.dll
C:\Windows\SysWOW64\WSHTCPIP.DLL
C:\Windows\SysWOW64\Wldap32.dll
C:\Windows\SysWOW64\advapi32.dll
C:\Windows\SysWOW64\apphelp.dll
C:\Windows\SysWOW64\cfgmgr32.dll
C:\Windows\SysWOW64\clbcatq.dll
C:\Windows\SysWOW64\comdlg32.dll
C:\Windows\SysWOW64\crypt32.dll
C:\Windows\SysWOW64\cryptbase.dll
C:\Windows\SysWOW64\cryptsp.dll
C:\Windows\SysWOW64\cscapi.dll
C:\Windows\SysWOW64\devobj.dll
C:\Windows\SysWOW64\devrtl.dll
C:\Windows\SysWOW64\dhcpcsvc.dll
C:\Windows\SysWOW64\dhcpcsvc6.DLL
C:\Windows\SysWOW64\dnsapi.dll
C:\Windows\SysWOW64\fltLib.dll
C:\Windows\SysWOW64\gameux.dll
C:\Windows\SysWOW64\gdi32.dll
C:\Windows\SysWOW64\iertutil.dll
C:\Windows\SysWOW64\imm32.dll
C:\Windows\SysWOW64\kernel32.dll
C:\Windows\SysWOW64\lpk.dll
C:\Windows\SysWOW64\msasn1.dll
C:\Windows\SysWOW64\mscoree.dll
C:\Windows\SysWOW64\msctf.dll
C:\Windows\SysWOW64\msvcr120_clr0400.dll
C:\Windows\SysWOW64\msvcrt.dll
C:\Windows\SysWOW64\mswsock.dll
C:\Windows\SysWOW64\netprofm.dll
C:\Windows\SysWOW64\netutils.dll
C:\Windows\SysWOW64\nlaapi.dll
C:\Windows\SysWOW64\npmproxy.dll
C:\Windows\SysWOW64\nsi.dll
C:\Windows\SysWOW64\ntdll.dll
C:\Windows\SysWOW64\ntmarta.dll
C:\Windows\SysWOW64\ole32.dll
C:\Windows\SysWOW64\oleaut32.dll
C:\Windows\SysWOW64\pnrpnsp.dll
C:\Windows\SysWOW64\powrprof.dll
C:\Windows\SysWOW64\profapi.dll
C:\Windows\SysWOW64\propsys.dll
C:\Windows\SysWOW64\psapi.dll
C:\Windows\SysWOW64\python27.dll
C:\Windows\SysWOW64\rasadhlp.dll
C:\Windows\SysWOW64\rasapi32.dll
C:\Windows\SysWOW64\rasman.dll
C:\Windows\SysWOW64\riched20.dll
C:\Windows\SysWOW64\riched32.dll
C:\Windows\SysWOW64\rpcrt4.dll
C:\Windows\SysWOW64\rsaenh.dll
C:\Windows\SysWOW64\rtutils.dll
C:\Windows\SysWOW64\sechost.dll
C:\Windows\SysWOW64\setupapi.dll
C:\Windows\SysWOW64\shdocvw.dll
C:\Windows\SysWOW64\shell32.dll
C:\Windows\SysWOW64\shlwapi.dll
C:\Windows\SysWOW64\slc.dll
C:\Windows\SysWOW64\srvcli.dll
C:\Windows\SysWOW64\sspicli.dll
C:\Windows\SysWOW64\urlmon.dll
C:\Windows\SysWOW64\user32.dll
C:\Windows\SysWOW64\userenv.dll
C:\Windows\SysWOW64\usp10.dll
C:\Windows\SysWOW64\uxtheme.dll
C:\Windows\SysWOW64\version.dll
C:\Windows\SysWOW64\wininet.dll
C:\Windows\SysWOW64\winnsi.dll
C:\Windows\SysWOW64\winrnr.dll
C:\Windows\SysWOW64\wintrust.dll
C:\Windows\SysWOW64\ws2_32.dll
C:\Windows\SysWOW64\ws2help.dll
C:\Windows\SysWOW64\wship6.dll
C:\Windows\SysWOW64\wtsapi32.dll
C:\Windows\System32\
C:\Windows\System32\Actioncenter.dll
C:\Windows\System32\AltTab.dll
C:\Windows\System32\Apphlpdm.dll
C:\Windows\System32\CRYPTBASE.dll
C:\Windows\System32\DXP.dll
C:\Windows\System32\DeviceCenter.dll
C:\Windows\System32\ELSCore.dll
C:\Windows\System32\EXPLORERFRAME.dll
C:\Windows\System32\EhStorShell.dll
C:\Windows\System32\FWPUCLNT.DLL
C:\Windows\System32\FXSAPI.dll
C:\Windows\System32\FXSMON.dll
C:\Windows\System32\FXSRESM.dll
C:\Windows\System32\FXSST.dll
C:\Windows\System32\Faultrep.dll
C:\Windows\System32\FirewallAPI.DLL
C:\Windows\System32\FirewallAPI.dll
C:\Windows\System32\FntCache.dll
C:\Windows\System32\HotStartUserAgent.dll
C:\Windows\System32\IPHLPAPI.DLL
C:\Windows\System32\IconCodecService.dll
C:\Windows\System32\KERNELBASE.dll
C:\Windows\System32\KernelBase.dll
C:\Windows\System32\MMDevAPI.dll
C:\Windows\System32\MsCtfMonitor.dll
C:\Windows\System32\NLSData0009.dll
C:\Windows\System32\NLSLexicons0009.dll
C:\Windows\System32\NapiNSP.dll
C:\Windows\System32\NaturalLanguage6.dll
C:\Windows\System32\NetworkExplorer.dll
C:\Windows\System32\PSHED.DLL
C:\Windows\System32\PeerDist.dll
C:\Windows\System32\PlaySndSrv.dll
C:\Windows\System32\PortableDeviceApi.dll
C:\Windows\System32\PortableDeviceTypes.dll
C:\Windows\System32\PrintIsolationProxy.dll
C:\Windows\System32\QAGENT.DLL
C:\Windows\System32\QUTIL.DLL
C:\Windows\System32\RacEngn.dll
C:\Windows\System32\RpcRtRemote.dll
C:\Windows\System32\RstrtMgr.dll
C:\Windows\System32\SPInf.dll
C:\Windows\System32\SearchFilterHost.exe
C:\Windows\System32\SearchIndexer.exe
C:\Windows\System32\SearchProtocolHost.exe
C:\Windows\System32\SensApi.dll
C:\Windows\System32\ShellStyle.dll
C:\Windows\System32\SndVolSSO.DLL
C:\Windows\System32\SnippingTool.exe
C:\Windows\System32\StikyNot.exe
C:\Windows\System32\SyncCenter.dll
C:\Windows\System32\Syncreg.dll
C:\Windows\System32\TSpkg.dll
C:\Windows\System32\UIAnimation.dll
C:\Windows\System32\UXInit.dll
C:\Windows\System32\WSDApi.dll
C:\Windows\System32\WSDMon.dll
C:\Windows\System32\WSHTCPIP.DLL
C:\Windows\System32\WWanAPI.dll
C:\Windows\System32\WerFault.exe
C:\Windows\System32\WinSATAPI.dll
C:\Windows\System32\WindowsCodecs.dll
C:\Windows\System32\WlS0WndH.dll
C:\Windows\System32\Wldap32.dll
C:\Windows\System32\acppage.dll
C:\Windows\System32\actxprxy.dll
C:\Windows\System32\advapi32.dll
C:\Windows\System32\aepic.dll
C:\Windows\System32\apisetschema.dll
C:\Windows\System32\apphelp.dll
C:\Windows\System32\atl.dll
C:\Windows\System32\authui.dll
C:\Windows\System32\authz.dll
C:\Windows\System32\autochk.exe
C:\Windows\System32\avrt.dll
C:\Windows\System32\basesrv.dll
C:\Windows\System32\batmeter.dll
C:\Windows\System32\bcrypt.dll
C:\Windows\System32\bcryptprimitives.dll
C:\Windows\System32\bitsigd.dll
C:\Windows\System32\bitsperf.dll
C:\Windows\System32\bthprops.cpl
C:\Windows\System32\calc.exe
C:\Windows\System32\cfgmgr32.dll
C:\Windows\System32\ci.dll
C:\Windows\System32\clbcatq.dll
C:\Windows\System32\clfs.sys
C:\Windows\System32\clusapi.dll
C:\Windows\System32\cngaudit.dll
C:\Windows\System32\comctl32.dll
C:\Windows\System32\comdlg32.dll
C:\Windows\System32\conhost.exe
C:\Windows\System32\credssp.dll
C:\Windows\System32\crypt32.dll
C:\Windows\System32\cryptbase.dll
C:\Windows\System32\cryptdll.dll
C:\Windows\System32\cryptsp.dll
C:\Windows\System32\cryptui.dll
C:\Windows\System32\cscapi.dll
C:\Windows\System32\cscdll.dll
C:\Windows\System32\cscobj.dll
C:\Windows\System32\cscui.dll
C:\Windows\System32\csrsrv.dll
C:\Windows\System32\csrss.exe
C:\Windows\System32\d3d10_1.dll
C:\Windows\System32\d3d10_1core.dll
C:\Windows\System32\dbghelp.dll
C:\Windows\System32\devobj.dll
C:\Windows\System32\devrtl.dll
C:\Windows\System32\dhcpcore6.dll
C:\Windows\System32\dhcpcsvc.dll
C:\Windows\System32\dhcpcsvc6.DLL
C:\Windows\System32\dhcpcsvc6.dll
C:\Windows\System32\diagperf.dll
C:\Windows\System32\difxapi.dll
C:\Windows\System32\dimsjob.dll
C:\Windows\System32\dllhost.exe
C:\Windows\System32\dnsapi.dll
C:\Windows\System32\dnsext.dll
C:\Windows\System32\drivers\Classpnp.sys
C:\Windows\System32\drivers\CompositeBus.sys
C:\Windows\System32\drivers\FWPKCLNT.SYS
C:\Windows\System32\drivers\PEAuth.sys
C:\Windows\System32\drivers\RDPCDD.sys
C:\Windows\System32\drivers\RDPENCDD.sys
C:\Windows\System32\drivers\RDPREFMP.sys
C:\Windows\System32\drivers\Rtnic64.sys
C:\Windows\System32\drivers\Wdf01000.sys
C:\Windows\System32\drivers\WdfLdr.sys
C:\Windows\System32\drivers\acpi.sys
C:\Windows\System32\drivers\afd.sys
C:\Windows\System32\drivers\agilevpn.sys
C:\Windows\System32\drivers\amdxata.sys
C:\Windows\System32\drivers\atapi.sys
C:\Windows\System32\drivers\ataport.sys
C:\Windows\System32\drivers\beep.sys
C:\Windows\System32\drivers\blbdrive.sys
C:\Windows\System32\drivers\bowser.sys
C:\Windows\System32\drivers\cng.sys
C:\Windows\System32\drivers\crashdmp.sys
C:\Windows\System32\drivers\csc.sys
C:\Windows\System32\drivers\dfsc.sys
C:\Windows\System32\drivers\discache.sys
C:\Windows\System32\drivers\disk.sys
C:\Windows\System32\drivers\dxapi.sys
C:\Windows\System32\drivers\dxg.sys
C:\Windows\System32\drivers\etc\services
C:\Windows\System32\drivers\fdc.sys
C:\Windows\System32\drivers\fileinfo.sys
C:\Windows\System32\drivers\fltMgr.sys
C:\Windows\System32\drivers\fs_rec.sys
C:\Windows\System32\drivers\fvevol.sys
C:\Windows\System32\drivers\hidclass.sys
C:\Windows\System32\drivers\hidparse.sys
C:\Windows\System32\drivers\hidusb.sys
C:\Windows\System32\drivers\http.sys
C:\Windows\System32\drivers\hwpolicy.sys
C:\Windows\System32\drivers\i8042prt.sys
C:\Windows\System32\drivers\intelide.sys
C:\Windows\System32\drivers\intelppm.sys
C:\Windows\System32\drivers\kbdclass.sys
C:\Windows\System32\drivers\ks.sys
C:\Windows\System32\drivers\ksecdd.sys
C:\Windows\System32\drivers\ksecpkg.sys
C:\Windows\System32\drivers\lltdio.sys
C:\Windows\System32\drivers\luafv.sys
C:\Windows\System32\drivers\monitor.sys
C:\Windows\System32\drivers\mouclass.sys
C:\Windows\System32\drivers\mouhid.sys
C:\Windows\System32\drivers\mountmgr.sys
C:\Windows\System32\drivers\mpsdrv.sys
C:\Windows\System32\drivers\mrxsmb.sys
C:\Windows\System32\drivers\mrxsmb10.sys
C:\Windows\System32\drivers\mrxsmb20.sys
C:\Windows\System32\drivers\msfs.sys
C:\Windows\System32\drivers\msisadrv.sys
C:\Windows\System32\drivers\msrpc.sys
C:\Windows\System32\drivers\mssmbios.sys
C:\Windows\System32\drivers\mup.sys
C:\Windows\System32\drivers\ndis.sys
C:\Windows\System32\drivers\ndistapi.sys
C:\Windows\System32\drivers\ndiswan.sys
C:\Windows\System32\drivers\ndproxy.sys
C:\Windows\System32\drivers\netbios.sys
C:\Windows\System32\drivers\netbt.sys
C:\Windows\System32\drivers\netio.sys
C:\Windows\System32\drivers\npfs.sys
C:\Windows\System32\drivers\nsiproxy.sys
C:\Windows\System32\drivers\ntfs.sys
C:\Windows\System32\drivers\null.sys
C:\Windows\System32\drivers\pacer.sys
C:\Windows\System32\drivers\partmgr.sys
C:\Windows\System32\drivers\pci.sys
C:\Windows\System32\drivers\pciidex.sys
C:\Windows\System32\drivers\pcw.sys
C:\Windows\System32\drivers\rasl2tp.sys
C:\Windows\System32\drivers\raspppoe.sys
C:\Windows\System32\drivers\raspptp.sys
C:\Windows\System32\drivers\rassstp.sys
C:\Windows\System32\drivers\rdbss.sys
C:\Windows\System32\drivers\rdpbus.sys
C:\Windows\System32\drivers\rdyboost.sys
C:\Windows\System32\drivers\rspndr.sys
C:\Windows\System32\drivers\secdrv.sys
C:\Windows\System32\drivers\serenum.sys
C:\Windows\System32\drivers\serial.sys
C:\Windows\System32\drivers\spldr.sys
C:\Windows\System32\drivers\spsys.sys
C:\Windows\System32\drivers\srv.sys
C:\Windows\System32\drivers\srv2.sys
C:\Windows\System32\drivers\srvnet.sys
C:\Windows\System32\drivers\swenum.sys
C:\Windows\System32\drivers\tcpip.sys
C:\Windows\System32\drivers\tcpipreg.sys
C:\Windows\System32\drivers\tdi.sys
C:\Windows\System32\drivers\tdx.sys
C:\Windows\System32\drivers\termdd.sys
C:\Windows\System32\drivers\tunnel.sys
C:\Windows\System32\drivers\umbus.sys
C:\Windows\System32\drivers\usbd.sys
C:\Windows\System32\drivers\usbhub.sys
C:\Windows\System32\drivers\usbport.sys
C:\Windows\System32\drivers\usbuhci.sys
C:\Windows\System32\drivers\vdrvroot.sys
C:\Windows\System32\drivers\vga.sys
C:\Windows\System32\drivers\vgapnp.sys
C:\Windows\System32\drivers\videoprt.sys
C:\Windows\System32\drivers\vmstorfl.sys
C:\Windows\System32\drivers\volmgr.sys
C:\Windows\System32\drivers\volmgrx.sys
C:\Windows\System32\drivers\volsnap.sys
C:\Windows\System32\drivers\wanarp.sys
C:\Windows\System32\drivers\watchdog.sys
C:\Windows\System32\drivers\wfplwf.sys
C:\Windows\System32\drivers\wmilib.sys
C:\Windows\System32\dsrole.dll
C:\Windows\System32\dui70.dll
C:\Windows\System32\duser.dll
C:\Windows\System32\dwm.exe
C:\Windows\System32\dwmapi.dll
C:\Windows\System32\dwmcore.dll
C:\Windows\System32\dwmredir.dll
C:\Windows\System32\dxgi.dll
C:\Windows\System32\efslsaext.dll
C:\Windows\System32\elsTrans.dll
C:\Windows\System32\elslad.dll
C:\Windows\System32\en-US\DeviceCenter.dll.mui
C:\Windows\System32\en-US\calc.exe.mui
C:\Windows\System32\en-US\mstsc.exe.mui
C:\Windows\System32\en-US\ntshrui.dll.mui
C:\Windows\System32\en-US\shdocvw.dll.mui
C:\Windows\System32\en-US\syncui.dll.mui
C:\Windows\System32\en-US\tQuery.dll.mui
C:\Windows\System32\es.dll
C:\Windows\System32\esent.dll
C:\Windows\System32\fdPnp.dll
C:\Windows\System32\firewallapi.dll
C:\Windows\System32\fltLib.dll
C:\Windows\System32\framebuf.dll
C:\Windows\System32\framedynos.dll
C:\Windows\System32\fundisc.dll
C:\Windows\System32\fveapi.dll
C:\Windows\System32\fvecerts.dll
C:\Windows\System32\gameux.dll
C:\Windows\System32\gdi32.dll
C:\Windows\System32\gpapi.dll
C:\Windows\System32\hal.dll
C:\Windows\System32\hcproviders.dll
C:\Windows\System32\hgcpl.dll
C:\Windows\System32\hid.dll
C:\Windows\System32\hnetcfg.dll
C:\Windows\System32\ieframe.dll
C:\Windows\System32\iertutil.dll
C:\Windows\System32\imagehlp.dll
C:\Windows\System32\imageres.dll
C:\Windows\System32\imapi2.dll
C:\Windows\System32\imm32.dll
C:\Windows\System32\inetpp.dll
C:\Windows\System32\kdcom.dll
C:\Windows\System32\kerberos.dll
C:\Windows\System32\kernel32.dll
C:\Windows\System32\ksuser.dll
C:\Windows\System32\ktmw32.dll
C:\Windows\System32\linkinfo.dll
C:\Windows\System32\localspl.dll
C:\Windows\System32\logoncli.dll
C:\Windows\System32\lpk.dll
C:\Windows\System32\lsasrv.dll
C:\Windows\System32\lsass.exe
C:\Windows\System32\lsm.exe
C:\Windows\System32\mapi32.dll
C:\Windows\System32\mcupdate_GenuineIntel.dll
C:\Windows\System32\mlang.dll
C:\Windows\System32\mpr.dll
C:\Windows\System32\mprapi.dll
C:\Windows\System32\msasn1.dll
C:\Windows\System32\mscoree.dll
C:\Windows\System32\msctf.dll
C:\Windows\System32\msftedit.dll
C:\Windows\System32\msi.dll
C:\Windows\System32\msidle.dll
C:\Windows\System32\msiltcfg.dll
C:\Windows\System32\msls31.dll
C:\Windows\System32\mspaint.exe
C:\Windows\System32\msprivs.dll
C:\Windows\System32\msshooks.dll
C:\Windows\System32\mssph.dll
C:\Windows\System32\mssprxy.dll
C:\Windows\System32\mssrch.dll
C:\Windows\System32\mstask.dll
C:\Windows\System32\mstsc.exe
C:\Windows\System32\msutb.dll
C:\Windows\System32\msv1_0.dll
C:\Windows\System32\msvcr120_clr0400.dll
C:\Windows\System32\msvcrt.dll
C:\Windows\System32\mswsock.dll
C:\Windows\System32\msxml6.dll
C:\Windows\System32\nci.dll
C:\Windows\System32\ncobjapi.dll
C:\Windows\System32\ncrypt.dll
C:\Windows\System32\negoexts.dll
C:\Windows\System32\netapi32.dll
C:\Windows\System32\netcfgx.dll
C:\Windows\System32\netjoin.dll
C:\Windows\System32\netlogon.dll
C:\Windows\System32\netprofm.dll
C:\Windows\System32\netshell.dll
C:\Windows\System32\netutils.dll
C:\Windows\System32\nlaapi.dll
C:\Windows\System32\npmproxy.dll
C:\Windows\System32\nsi.dll
C:\Windows\System32\ntdll.dll
C:\Windows\System32\ntdsapi.dll
C:\Windows\System32\ntmarta.dll
C:\Windows\System32\ntoskrnl.exe
C:\Windows\System32\ntshrui.dll
C:\Windows\System32\ole32.dll
C:\Windows\System32\oleacc.dll
C:\Windows\System32\oleaut32.dll
C:\Windows\System32\pcwum.dll
C:\Windows\System32\perftrack.dll
C:\Windows\System32\pku2u.dll
C:\Windows\System32\pnidui.dll
C:\Windows\System32\pnpts.dll
C:\Windows\System32\pnrpnsp.dll
C:\Windows\System32\portabledeviceconnectapi.dll
C:\Windows\System32\powrprof.dll
C:\Windows\System32\prnfldr.dll
C:\Windows\System32\profapi.dll
C:\Windows\System32\propsys.dll
C:\Windows\System32\provsvc.dll
C:\Windows\System32\psapi.dll
C:\Windows\System32\python27.dll
C:\Windows\System32\qmgr.dll
C:\Windows\System32\radardt.dll
C:\Windows\System32\radarrs.dll
C:\Windows\System32\rasadhlp.dll
C:\Windows\System32\rasapi32.dll
C:\Windows\System32\rasdlg.dll
C:\Windows\System32\rasman.dll
C:\Windows\System32\resutils.dll
C:\Windows\System32\riched20.dll
C:\Windows\System32\riched32.dll
C:\Windows\System32\rpcrt4.dll
C:\Windows\System32\rsaenh.dll
C:\Windows\System32\rtutils.dll
C:\Windows\System32\rundll32.exe
C:\Windows\System32\samcli.dll
C:\Windows\System32\samlib.dll
C:\Windows\System32\samsrv.dll
C:\Windows\System32\scecli.dll
C:\Windows\System32\scesrv.dll
C:\Windows\System32\scext.dll
C:\Windows\System32\schannel.dll
C:\Windows\System32\sechost.dll
C:\Windows\System32\secur32.dll
C:\Windows\System32\services.exe
C:\Windows\System32\setupapi.dll
C:\Windows\System32\sfc.dll
C:\Windows\System32\sfc_os.dll
C:\Windows\System32\shacct.dll
C:\Windows\System32\shdocvw.dll
C:\Windows\System32\shell32.dll
C:\Windows\System32\shlwapi.dll
C:\Windows\System32\slc.dll
C:\Windows\System32\smss.exe
C:\Windows\System32\snippingtool.exe
C:\Windows\System32\snmpapi.dll
C:\Windows\System32\spool\prtprocs\x64\winprint.dll
C:\Windows\System32\spoolss.dll
C:\Windows\System32\spoolsv.exe
C:\Windows\System32\sppsvc.exe
C:\Windows\System32\sppwinob.dll
C:\Windows\System32\sqlceoledb30.dll
C:\Windows\System32\sqlceqp30.dll
C:\Windows\System32\sqlcese30.dll
C:\Windows\System32\sqmapi.dll
C:\Windows\System32\srchadmin.dll
C:\Windows\System32\srvcli.dll
C:\Windows\System32\sscore.dll
C:\Windows\System32\ssdpapi.dll
C:\Windows\System32\ssdpsrv.dll
C:\Windows\System32\sspicli.dll
C:\Windows\System32\sspisrv.dll
C:\Windows\System32\stobject.dll
C:\Windows\System32\svchost.exe
C:\Windows\System32\sxs.dll
C:\Windows\System32\sxssrv.dll
C:\Windows\System32\syncui.dll
C:\Windows\System32\sysntfy.dll
C:\Windows\System32\taskcomp.dll
C:\Windows\System32\taskhost.exe
C:\Windows\System32\taskschd.dll
C:\Windows\System32\tbs.dll
C:\Windows\System32\tcpmon.dll
C:\Windows\System32\thumbcache.dll
C:\Windows\System32\timedate.cpl
C:\Windows\System32\tquery.dll
C:\Windows\System32\tsddd.dll
C:\Windows\System32\twext.dll
C:\Windows\System32\ubpm.dll
C:\Windows\System32\umb.dll
C:\Windows\System32\upnp.dll
C:\Windows\System32\urlmon.dll
C:\Windows\System32\usbceip.dll
C:\Windows\System32\usbmon.dll
C:\Windows\System32\user32.dll
C:\Windows\System32\userenv.dll
C:\Windows\System32\usp10.dll
C:\Windows\System32\uxtheme.dll
C:\Windows\System32\version.dll
C:\Windows\System32\vmictimeprovider.dll
C:\Windows\System32\vssapi.dll
C:\Windows\System32\vsstrace.dll
C:\Windows\System32\wbem\NCProv.dll
C:\Windows\System32\wbem\WmiDcPrv.dll
C:\Windows\System32\wbem\WmiPrvSD.dll
C:\Windows\System32\wbem\WmiPrvSE.exe
C:\Windows\System32\wbem\esscli.dll
C:\Windows\System32\wbem\fastprox.dll
C:\Windows\System32\wbem\mofd.dll
C:\Windows\System32\wbem\repdrvfs.dll
C:\Windows\System32\wbem\wbemcore.dll
C:\Windows\System32\wbem\wbemess.dll
C:\Windows\System32\wbem\wbemprox.dll
C:\Windows\System32\wbem\wbemsvc.dll
C:\Windows\System32\wbem\wmiprov.dll
C:\Windows\System32\wbem\wmiutils.dll
C:\Windows\System32\wbemcomn.dll
C:\Windows\System32\wdi.dll
C:\Windows\System32\wdiasqmmodule.dll
C:\Windows\System32\wdigest.dll
C:\Windows\System32\wdmaud.drv
C:\Windows\System32\webio.dll
C:\Windows\System32\webservices.dll
C:\Windows\System32\wer.dll
C:\Windows\System32\werconcpl.dll
C:\Windows\System32\wercplsupport.dll
C:\Windows\System32\wevtapi.dll
C:\Windows\System32\wfapigp.dll
C:\Windows\System32\wiarpc.dll
C:\Windows\System32\win32k.sys
C:\Windows\System32\win32spl.dll
C:\Windows\System32\winbrand.dll
C:\Windows\System32\winhttp.dll
C:\Windows\System32\wininet.dll
C:\Windows\System32\wininit.exe
C:\Windows\System32\winlogon.exe
C:\Windows\System32\winmm.dll
C:\Windows\System32\winnsi.dll
C:\Windows\System32\winrnr.dll
C:\Windows\System32\winspool.drv
C:\Windows\System32\winsrv.dll
C:\Windows\System32\winsta.dll
C:\Windows\System32\wintrust.dll
C:\Windows\System32\wkscli.dll
C:\Windows\System32\wlanapi.dll
C:\Windows\System32\wlanutil.dll
C:\Windows\System32\wmsgapi.dll
C:\Windows\System32\wow64.dll
C:\Windows\System32\wow64cpu.dll
C:\Windows\System32\wow64win.dll
C:\Windows\System32\wpdshserviceobj.dll
C:\Windows\System32\ws2_32.dll
C:\Windows\System32\ws2help.dll
C:\Windows\System32\wscapi.dll
C:\Windows\System32\wscinterop.dll
C:\Windows\System32\wscsvc.dll
C:\Windows\System32\wscui.cpl
C:\Windows\System32\wship6.dll
C:\Windows\System32\wsnmp32.dll
C:\Windows\System32\wtsapi32.dll
C:\Windows\System32\wwapi.dll
C:\Windows\System32\xmllite.dll
C:\Windows\ehome\ehSSO.dll
C:\Windows\ehome\ehshell.exe
C:\Windows\explorer.exe
C:\Windows\installer\{90120000-0014-0000-0000-0000000ff1ce}\wordicon.exe
C:\Windows\win.ini
C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll
C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac
C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_2b24536c71ed437a\GdiPlus.dll
C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcp80.dll
C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcr80.dll
C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll
C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
C:\dvgnvmxflg\bin\iehv.exe
C:\dvgnvmxflg\bin\inject-x86.exe
C:\dvgnvmxflg\bin\is32bit.exe
C:\dvgnvmxflg\bin\monitor-x86.dll
\\?\PIPE\samr
c:\DLLS\dvasion_exp.exe
c:\Users\Virtual\AppData\Local\Temp\17e826fa0f6297f80b459948ab12efbdefc06f3cb999184a5cb1eddcf7b7d55064.exe
c:\Windows\System32\BFE.DLL
c:\Windows\System32\FWPUCLNT.DLL
c:\Windows\System32\FirewallAPI.dll
c:\Windows\System32\FwRemoteSvr.DLL
c:\Windows\System32\IKEEXT.DLL
c:\Windows\System32\IPHLPAPI.DLL
c:\Windows\System32\IPSECSVC.DLL
c:\Windows\System32\MMDevAPI.dll
c:\Windows\System32\MPSSVC.dll
c:\Windows\System32\RpcEpMap.dll
c:\Windows\System32\SPInf.dll
c:\Windows\System32\Sens.dll
c:\Windows\System32\aelupsvc.dll
c:\Windows\System32\aepic.dll
c:\Windows\System32\atl.dll
c:\Windows\System32\audiosrv.dll
c:\Windows\System32\authz.dll
c:\Windows\System32\avrt.dll
c:\Windows\System32\bitsperf.dll
c:\Windows\System32\browser.dll
c:\Windows\System32\cryptdll.dll
c:\Windows\System32\cryptsvc.dll
c:\Windows\System32\cscsvc.dll
c:\Windows\System32\devrtl.dll
c:\Windows\System32\dhcpcore.dll
c:\Windows\System32\dnsapi.dll
c:\Windows\System32\dnsrslvr.dll
c:\Windows\System32\dps.dll
c:\Windows\System32\es.dll
c:\Windows\System32\gpapi.dll
c:\Windows\System32\gpsvc.dll
c:\Windows\System32\imageres.dll
c:\Windows\System32\iphlpsvc.dll
c:\Windows\System32\ktmw32.dll
c:\Windows\System32\lmhsvc.dll
c:\Windows\System32\logoncli.dll
c:\Windows\System32\mmcss.dll
c:\Windows\System32\ncsi.dll
c:\Windows\System32\netjoin.dll
c:\Windows\System32\netman.dll
c:\Windows\System32\netprofm.dll
c:\Windows\System32\netutils.dll
c:\Windows\System32\nlaapi.dll
c:\Windows\System32\nlasvc.dll
c:\Windows\System32\nrpsrv.dll
c:\Windows\System32\nsisvc.dll
c:\Windows\System32\pcasvc.dll
c:\Windows\System32\pcwum.dll
c:\Windows\System32\powrprof.dll
c:\Windows\System32\profapi.dll
c:\Windows\System32\profsvc.dll
c:\Windows\System32\propsys.dll
c:\Windows\System32\qmgr.dll
c:\Windows\System32\rpcss.dll
c:\Windows\System32\rtutils.dll
c:\Windows\System32\schedsvc.dll
c:\Windows\System32\secur32.dll
c:\Windows\System32\sfc.dll
c:\Windows\System32\sfc_os.dll
c:\Windows\System32\shsvcs.dll
c:\Windows\System32\slc.dll
c:\Windows\System32\sqmapi.dll
c:\Windows\System32\srvsvc.dll
c:\Windows\System32\sspicli.dll
c:\Windows\System32\sysntfy.dll
c:\Windows\System32\themeservice.dll
c:\Windows\System32\trkwks.dll
c:\Windows\System32\ubpm.dll
c:\Windows\System32\umpnpmgr.dll
c:\Windows\System32\umpo.dll
c:\Windows\System32\userenv.dll
c:\Windows\System32\uxsms.dll
c:\Windows\System32\version.dll
c:\Windows\System32\w32time.dll
c:\Windows\System32\wbem\WMIsvc.dll
c:\Windows\System32\wdi.dll
c:\Windows\System32\wdscore.dll
c:\Windows\System32\webio.dll
c:\Windows\System32\wersvc.dll
c:\Windows\System32\wevtapi.dll
c:\Windows\System32\wevtsvc.dll
c:\Windows\System32\winhttp.dll
c:\Windows\System32\winnsi.dll
c:\Windows\System32\winsta.dll
c:\Windows\System32\wkssvc.dll
c:\Windows\System32\xmllite.dll
c:\Windows\installer\{4a656c6c-d24a-473f-9747-3a8d00907a03}\python_icon.exe
c:\Windows\installer\{90120000-0014-0000-0000-0000000ff1ce}\pptico.exe
c:\Windows\installer\{90120000-0014-0000-0000-0000000ff1ce}\wordicon.exe
c:\Windows\installer\{ac76ba86-7ad7-1033-7b44-a91000000001}\sc_reader.ico
c:\program files (x86)\Google\Chrome\application\chrome.exe
c:\program files (x86)\internet explorer\en-US\iexplore.exe.mui
c:\program files (x86)\internet explorer\iexplore.exe
c:\program files (x86)\mozilla firefox\firefox.exe
c:\program files (x86)\texniccenter\texniccenter.exe

Network-Resolves URL

Virtual-PC
wpad

Network-Fetches URL

http://5isohu.com/logo.gif
http://www.aieov.com/logo.gif

Directory-Created

C:\Users\Virtual\AppData\Local\Microsoft\Windows\Caches
C:\Users\Virtual\AppData\Local\Microsoft\Windows\Explorer
C:\Users\Virtual\AppData\Local\Microsoft\Windows\WER\ERC

Directory-Enumerated

C:\ProgramData\Microsoft\Network\Connections\Pbk\*.pbk
C:\ProgramData\Microsoft\Network\Connections\Pbk\rasphone.pbk
C:\Users
C:\Users\Virtual
C:\Users\Virtual\AppData
C:\Users\Virtual\AppData\Local
C:\Users\Virtual\AppData\Local\Temp
C:\Users\Virtual\AppData\Roaming\Microsoft\Network\Connections\Pbk\*.pbk
C:\Users\Virtual\AppData\Roaming\Microsoft\Network\Connections\Pbk\rasphone.pbk
C:\Windows
C:\Windows\System32
C:\Windows\System32\*.*
C:\Windows\System32\acppage.dll
C:\Windows\System32\ntshrui.dll
C:\Windows\System32\ras\*.pbk
C:\Windows\System32\shdocvw.dll
C:\Windows\System32\syncui.dll
C:\Windows\System32\twext.dll
c:\Users\Virtual\AppData\Local\Temp\*

Registry Key-Opened

HKEY_CLASSES_ROOT\*
HKEY_CLASSES_ROOT\.ade
HKEY_CLASSES_ROOT\.adp
HKEY_CLASSES_ROOT\.app
HKEY_CLASSES_ROOT\.asp
HKEY_CLASSES_ROOT\.bas
HKEY_CLASSES_ROOT\.bat
HKEY_CLASSES_ROOT\.cer
HKEY_CLASSES_ROOT\.chm
HKEY_CLASSES_ROOT\.cmd
HKEY_CLASSES_ROOT\.com
HKEY_CLASSES_ROOT\.cpl
HKEY_CLASSES_ROOT\.crt
HKEY_CLASSES_ROOT\.csh
HKEY_CLASSES_ROOT\.exe
HKEY_CLASSES_ROOT\.exe\OpenWithProgids
HKEY_CLASSES_ROOT\.lnk
HKEY_CLASSES_ROOT\.lnk\OpenWithProgids
HKEY_CLASSES_ROOT\.url
HKEY_CLASSES_ROOT\.url\OpenWithProgids
HKEY_CLASSES_ROOT\AllFilesystemObjects
HKEY_CLASSES_ROOT\Applications\17e826fa0f6297f80b459948ab12efbdefc06f3cb999184a5cb1eddcf7b7d55064.exe
HKEY_CLASSES_ROOT\CLSID\{00021401-0000-0000-C000-000000000046}\Implemented Categories\{00021490-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\CLSID\{09799AFB-AD67-11D1-ABCD-00C04FC30936}
HKEY_CLASSES_ROOT\CLSID\{09799AFB-AD67-11D1-ABCD-00C04FC30936}\shellex\NoAddToRecent
HKEY_CLASSES_ROOT\CLSID\{09799AFB-AD67-11d1-ABCD-00C04FC30936}
HKEY_CLASSES_ROOT\CLSID\{09a28848-0e97-4cef-b950-cea037161155}\SupportedProtocols
HKEY_CLASSES_ROOT\CLSID\{0A88C858-7D0C-4549-9499-7DB05F0CB0BF}\InProcServer32
HKEY_CLASSES_ROOT\CLSID\{1A0391BF-9564-4294-B0A4-06C298929EF9}\InProcServer32
HKEY_CLASSES_ROOT\CLSID\{1D27F844-3A1F-4410-85AC-14651078412D}
HKEY_CLASSES_ROOT\CLSID\{1D27F844-3A1F-4410-85AC-14651078412D}\InProcServer32
HKEY_CLASSES_ROOT\CLSID\{1D27F844-3A1F-4410-85AC-14651078412D}\shellex\NoAddToRecent
HKEY_CLASSES_ROOT\CLSID\{1F3427C8-5C10-4210-AA03-2EE45287D668}\InProcServer32
HKEY_CLASSES_ROOT\CLSID\{1F3427C8-5C10-4210-AA03-2EE45287D668}\ShellFolder
HKEY_CLASSES_ROOT\CLSID\{1d27f844-3a1f-4410-85ac-14651078412d}
HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder
HKEY_CLASSES_ROOT\CLSID\{21B22460-3AEA-1069-A2DC-08002B30309D}
HKEY_CLASSES_ROOT\CLSID\{474C98EE-CF3D-41F5-80E3-4AAB0AB04301}\InProcServer32
HKEY_CLASSES_ROOT\CLSID\{474C98EE-CF3D-41F5-80E3-4AAB0AB04301}\shellex\NoAddToRecent
HKEY_CLASSES_ROOT\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301}
HKEY_CLASSES_ROOT\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder
HKEY_CLASSES_ROOT\CLSID\{596AB062-B4D2-4215-9F74-E9109B0A8153}
HKEY_CLASSES_ROOT\CLSID\{596AB062-B4D2-4215-9F74-E9109B0A8153}\InProcServer32
HKEY_CLASSES_ROOT\CLSID\{596AB062-B4D2-4215-9F74-E9109B0A8153}\shellex\NoAddToRecent
HKEY_CLASSES_ROOT\CLSID\{6311429E-2F1A-4777-880F-C7289FD10169}\InProcServer32
HKEY_CLASSES_ROOT\CLSID\{66742402-F9B9-11D1-A202-0000F81FEDEE}
HKEY_CLASSES_ROOT\CLSID\{66742402-F9B9-11D1-A202-0000F81FEDEE}\OverrideFileSystemProperties
HKEY_CLASSES_ROOT\CLSID\{7B4A83B6-F704-4B77-8E3D-C6087E3A21D2}\InProcServer32
HKEY_CLASSES_ROOT\CLSID\{7BA4C740-9E81-11CF-99D3-00AA004AE837}
HKEY_CLASSES_ROOT\CLSID\{7BA4C740-9E81-11CF-99D3-00AA004AE837}\shellex\NoAddToRecent
HKEY_CLASSES_ROOT\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}
HKEY_CLASSES_ROOT\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}\InProcServer32
HKEY_CLASSES_ROOT\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}\shellex\NoAddToRecent
HKEY_CLASSES_ROOT\CLSID\{90AA3A4E-1CBA-4233-B8BB-535773D48449}
HKEY_CLASSES_ROOT\CLSID\{90AA3A4E-1CBA-4233-B8BB-535773D48449}\shellex\NoAddToRecent
HKEY_CLASSES_ROOT\CLSID\{A2A9545D-A0C2-42B4-9708-A0B2BADD77C8}
HKEY_CLASSES_ROOT\CLSID\{A2A9545D-A0C2-42B4-9708-A0B2BADD77C8}\shellex\NoAddToRecent
HKEY_CLASSES_ROOT\CLSID\{A470F8CF-A1E8-4F65-8335-227475AA5C46}
HKEY_CLASSES_ROOT\CLSID\{A470F8CF-A1E8-4F65-8335-227475AA5C46}\shellex\NoAddToRecent
HKEY_CLASSES_ROOT\CLSID\{A470F8CF-A1E8-4f65-8335-227475AA5C46}
HKEY_CLASSES_ROOT\CLSID\{DD313E04-FEFF-11D1-8ECD-0000F87A470C}\InProcServer32
HKEY_CLASSES_ROOT\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\InProcServer32
HKEY_CLASSES_ROOT\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\ShellFolder
HKEY_CLASSES_ROOT\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}
HKEY_CLASSES_ROOT\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\InProcServer32
HKEY_CLASSES_ROOT\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder
HKEY_CLASSES_ROOT\CLSID\{F3D06E7C-1E45-4A26-847E-F9FCDEE59BE0}
HKEY_CLASSES_ROOT\CLSID\{F3D06E7C-1E45-4A26-847E-F9FCDEE59BE0}\shellex\NoAddToRecent
HKEY_CLASSES_ROOT\CLSID\{F81E9010-6EA4-11CE-A7FF-00AA003CA9F6}
HKEY_CLASSES_ROOT\CLSID\{F81E9010-6EA4-11CE-A7FF-00AA003CA9F6}\InProcServer32
HKEY_CLASSES_ROOT\CLSID\{F81E9010-6EA4-11CE-A7FF-00AA003CA9F6}\shellex\NoAddToRecent
HKEY_CLASSES_ROOT\CLSID\{FAE3D380-FEA4-4623-8C75-C6B61110B681}\Instance
HKEY_CLASSES_ROOT\CLSID\{FAE3D380-FEA4-4623-8C75-C6B61110B681}\Instance\Disabled
HKEY_CLASSES_ROOT\CLSID\{FBF23B40-E3F0-101B-8488-00AA003E56F8}\Implemented Categories\{00021490-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\CLSID\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}
HKEY_CLASSES_ROOT\CLSID\{f3d06e7c-1e45-4a26-847e-f9fcdee59be0}
HKEY_CLASSES_ROOT\CLSID\{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}
HKEY_CLASSES_ROOT\Directory
HKEY_CLASSES_ROOT\Drive\shellex\FolderExtensions
HKEY_CLASSES_ROOT\Drive\shellex\FolderExtensions\{fbeb8a05-beee-4442-804e-409d6c4515e9}
HKEY_CLASSES_ROOT\ExplorerCLSIDFlags\{66742402-F9B9-11D1-A202-0000F81FEDEE}
HKEY_CLASSES_ROOT\Folder
HKEY_CLASSES_ROOT\IE.AssocFile.URL
HKEY_CLASSES_ROOT\Kind.program
HKEY_CLASSES_ROOT\ShareCommands\Shell
HKEY_CLASSES_ROOT\ShareCommands\shell
HKEY_CLASSES_ROOT\SystemFileAssociations\.exe
HKEY_CLASSES_ROOT\SystemFileAssociations\.lnk
HKEY_CLASSES_ROOT\SystemFileAssociations\.url
HKEY_CLASSES_ROOT\exefile
HKEY_CLASSES_ROOT\lnkfile
HKEY_CURRENT_USER\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}
HKEY_CURRENT_USER\Interface\{26656EAA-54EB-4E6F-8F85-4F0EF901A406}
HKEY_CURRENT_USER\Interface\{2A1C9EB2-DF62-4154-B800-63278FCB8037}
HKEY_CURRENT_USER\Interface\{55272A00-42CB-11CE-8135-00AA004BB851}
HKEY_CURRENT_USER\Interface\{8A40A45D-055C-4B62-ABD7-6D613E2CEAEC}
HKEY_CURRENT_USER\Interface\{BCD1DE7E-2DB1-418B-B047-4A74E101F8C1}
HKEY_CURRENT_USER\ProcMon.Logfile.1\DefaultIcon
HKEY_CURRENT_USER\ProcMon.Logfile.1\shell\open\command
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\ThumbnailCache
HKEY_CURRENT_USER\Software\Classes\.PML
HKEY_CURRENT_USER\Software\Classes\ProcMon.Logfile.1
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Security
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{01979c6a-42fa-414c-b8aa-eee2c8202018}.check.100
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{01979c6a-42fa-414c-b8aa-eee2c8202018}.check.101
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{11CD958A-C507-4EF3-B3F2-5FD9DFBD2C78}.check.101
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{852FB1F8-5CC6-4567-9C0E-7C330F8807C2}.check.100
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{852FB1F8-5CC6-4567-9C0E-7C330F8807C2}.check.101
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{945a8954-c147-4acd-923f-40c45405a658}.check.42
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{A5268B8E-7DB5-465b-BAB7-BDCDA39A394A}.check.100
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{C8E6F269-B90A-4053-A3BE-499AFCEC98C4}.check.0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{DAB69A6A-4D2A-4D44-94BF-E0091898C881}.check.100
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.100
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.101
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.102
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.103
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.104
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.106
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{01979c6a-42fa-414c-b8aa-eee2c8202018}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{11CD958A-C507-4EF3-B3F2-5FD9DFBD2C78}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{945a8954-c147-4acd-923f-40c45405a658}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{A5268B8E-7DB5-465b-BAB7-BDCDA39A394A}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{DAB69A6A-4D2A-4D44-94BF-E0091898C881}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\App Paths\17e826fa0f6297f80b459948ab12efbdefc06f3cb999184a5cb1eddcf7b7d55064.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\(Default)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{1F3427C8-5C10-4210-AA03-2EE45287D668}\ShellFolder
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\ShellFolder
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\(Default)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\OpenWithProgids
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\UserChoice
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lnk
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lnk\(Default)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lnk\OpenWithProgids
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lnk\UserChoice
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.url
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.url\(Default)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.url\OpenWithProgids
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.url\UserChoice
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{94956483-9236-11e5-a874-806e6f6e6963}\
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{94956484-9236-11e5-a874-806e6f6e6963}\
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\KnownFolders
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\UsersFiles\NameSpace
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\UsersFiles\NameSpace\DelegateFolders
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage2
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Taskband
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UsersFiles\NameSpace
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UsersFiles\NameSpace\DelegateFolders
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-ae-97-44
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-f4-9a-ee
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{74306E05-02D8-40D6-B925-AFF78A888B42}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{74306E05-02D8-40D6-B925-AFF78A888B42}\52-54-00-f4-9a-ee
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\CredUI
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\NonEnum
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\Directory
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\ERC
HKEY_CURRENT_USER\Software\Microsoft\windows\CurrentVersion\Internet Settings\Connections
HKEY_CURRENT_USER\Software\Microsoft\windows\CurrentVersion\Internet Settings\Wpad
HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
HKEY_CURRENT_USER\Software\Policies\Microsoft\PreviousVersions
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\AppCompat
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Explorer
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Windows Error Reporting
HKEY_CURRENT_USER\Software\Sysinternals
HKEY_CURRENT_USER\Software\Sysinternals\Process Monitor
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\Shell
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\ShellEx\DataHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\ShellEx\{000214F9-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\Shell\removeproperties
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shell\open
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shell\removeproperties
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shell\removeproperties\DropTarget
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shell\removeproperties\command
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\BriefcaseMenu
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Open With
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Open With EncryptionMenu
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Sharing
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\{90AA3A4E-1CBA-4233-B8BB-535773D48449}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.exe\ShellEx\DataHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.exe\ShellEx\{000214F9-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\BrowseInPlace
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\Clsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\DocObject
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\Shell
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\ShellEx\DataHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\ShellEx\IconHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\ShellEx\{000214F9-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\CopyAsPathMenu
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\SendTo
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\{596AB062-B4D2-4215-9F74-E9109B0A8153}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\Progid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\BrowseInPlace
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\Clsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\CurVer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\DocObject
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\ShellEx\IconHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\BrowseInPlace
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\Clsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\DocObject
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\ShellEx\IconHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.URL\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.URL\BrowseInPlace
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.URL\Clsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.URL\CurVer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.URL\DocObject
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.URL\ShellEx\IconHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.exe\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.exe\BrowseInPlace
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.exe\Clsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.exe\DocObject
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.exe\Shell
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.exe\ShellEx\DataHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.exe\ShellEx\IconHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.exe\ShellEx\{000214F9-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.exe\shellex\ContextMenuHandlers
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.lnk\BrowseInPlace
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.lnk\DocObject
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\Progid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{26656EAA-54EB-4E6F-8F85-4F0EF901A406}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2A1C9EB2-DF62-4154-B800-63278FCB8037}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{55272A00-42CB-11CE-8135-00AA004BB851}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{8A40A45D-055C-4B62-ABD7-6D613E2CEAEC}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{BCD1DE7E-2DB1-418B-B047-4A74E101F8C1}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\BrowseInPlace
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\Clsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\CurVer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\DocObject
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\Progid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\Shell
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\ShellEx\DataHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\ShellEx\IconHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\ShellEx\{000214F9-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\Shell\open
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\Shell\runas
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\Shell\runasuser
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\DropTarget
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command\SupportedProtocols
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\ddeexec
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runas
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runas\DropTarget
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runas\command
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runas\command\SupportedProtocols
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runasuser
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runasuser\command
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shellex\ContextMenuHandlers
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shellex\ContextMenuHandlers\Compatibility
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\BrowseInPlace
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\Clsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\CurVer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\DocObject
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\ShellEx\IconHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\Compatibility\17e826fa0f6297f80b459948ab12efbdefc06f3cb999184a5cb1eddcf7b7d550.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\KnownClasses
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontLink\SystemLink
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\DataStore_V1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\MS Shell Dlg
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\msasn1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartPage
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Applications\17e826fa0f6297f80b459948ab12efbdefc06f3cb999184a5cb1eddcf7b7d550.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{09799AFB-AD67-11D1-ABCD-00C04FC30936}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{0A88C858-7D0C-4549-9499-7DB05F0CB0BF}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{1A0391BF-9564-4294-B0A4-06C298929EF9}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{1D27F844-3A1F-4410-85AC-14651078412D}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{1F3427C8-5C10-4210-AA03-2EE45287D668}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{596AB062-B4D2-4215-9F74-E9109B0A8153}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{6311429E-2F1A-4777-880F-C7289FD10169}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{7B4A83B6-F704-4B77-8E3D-C6087E3A21D2}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{7BA4C740-9E81-11CF-99D3-00AA004AE837}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{85BBD920-42A0-1069-A2E4-08002B30309D}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{90AA3A4E-1CBA-4233-B8BB-535773D48449}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{A2A9545D-A0C2-42B4-9708-A0B2BADD77C8}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{A470F8CF-A1E8-4F65-8335-227475AA5C46}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{F3D06E7C-1E45-4A26-847E-F9FCDEE59BE0}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{F81E9010-6EA4-11CE-A7FF-00AA003CA9F6}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ALLOW_REVERSE_SOLIDUS_IN_USERINFO_KB932562
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_INITIALIZE_URLACTION_SHELLEXECUTE_TO_ALLOW_KB936610
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ZONES_DEFAULT_DRIVE_INTRANET_KB941000
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\CommandStore\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\CommandStore\Shell\Windows.Share
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\CommandStore\Shell\Windows.ShareHomegroupFullAccess
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\CommandStore\Shell\Windows.ShareHomegroupReadAccess
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\CommandStore\Shell\Windows.SharePrivate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\CommandStore\Shell\Windows.ShareSpecificUsers
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\CommandStore\shell\Windows.ShareHomegroupFullAccess\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\CommandStore\shell\Windows.ShareHomegroupFullAccess\DropTarget
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\CommandStore\shell\Windows.ShareHomegroupFullAccess\command
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\CommandStore\shell\Windows.ShareHomegroupFullAccess\command\SupportedProtocols
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\CommandStore\shell\Windows.ShareHomegroupReadAccess\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\CommandStore\shell\Windows.ShareHomegroupReadAccess\DropTarget
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\CommandStore\shell\Windows.ShareHomegroupReadAccess\command
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\CommandStore\shell\Windows.ShareHomegroupReadAccess\command\SupportedProtocols
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\CommandStore\shell\Windows.SharePrivate\command
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\CommandStore\shell\Windows.ShareSpecificUsers\DropTarget
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\CommandStore\shell\Windows.ShareSpecificUsers\command
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\CommandStore\shell\Windows.ShareSpecificUsers\command\SupportedProtocols
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\CommandStore\shell\Windows.Share\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\CommandStore\shell\Windows.Share\DropTarget
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\CommandStore\shell\Windows.Share\command
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\CommandStore\shell\Windows.Share\command\SupportedProtocols
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0139D44E-6AFE-49F2-8690-3DAFCAE6FFB8}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0139D44E-6AFE-49F2-8690-3DAFCAE6FFB8}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{054FAE61-4DD8-4787-80B6-090220C4B700}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{054FAE61-4DD8-4787-80B6-090220C4B700}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0762D272-C50A-4BB0-A382-697DCD729B80}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0762D272-C50A-4BB0-A382-697DCD729B80}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0AC0837C-BBF8-452A-850D-79D08E667CA7}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0AC0837C-BBF8-452A-850D-79D08E667CA7}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0F214138-B1D3-4A90-BBA9-27CBC0C5389A}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0F214138-B1D3-4A90-BBA9-27CBC0C5389A}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{10C07CD0-EF91-4567-B850-448B77CB37F9}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{10C07CD0-EF91-4567-B850-448B77CB37F9}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{15CA69B3-30EE-49C1-ACE1-6B5EC372AFB5}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{15CA69B3-30EE-49C1-ACE1-6B5EC372AFB5}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{18989B1D-99B5-455B-841C-AB7C74E4DDFC}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{18989B1D-99B5-455B-841C-AB7C74E4DDFC}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{190337D1-B8CA-4121-A639-6D472D16972A}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{190337D1-B8CA-4121-A639-6D472D16972A}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1A6FDBA2-F42D-4358-A798-B74D745926C5}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1A6FDBA2-F42D-4358-A798-B74D745926C5}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2112AB0A-C86A-4FFE-A368-0DE96E47012E}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2112AB0A-C86A-4FFE-A368-0DE96E47012E}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2400183A-6185-49FB-A2D8-4A392A602BA3}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2400183A-6185-49FB-A2D8-4A392A602BA3}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{289A9A43-BE44-4057-A41B-587A76D7E7F9}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{289A9A43-BE44-4057-A41B-587A76D7E7F9}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2A00375E-224C-49DE-B8D1-440DF7EF3DDC}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2A00375E-224C-49DE-B8D1-440DF7EF3DDC}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2C36C0AA-5812-4B87-BFD0-4CD0DFB19B39}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2C36C0AA-5812-4B87-BFD0-4CD0DFB19B39}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3214FAB5-9757-4298-BB61-92A9DEAA44FF}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3214FAB5-9757-4298-BB61-92A9DEAA44FF}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{33E28130-4E1E-4676-835A-98395C3BC3BB}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{33E28130-4E1E-4676-835A-98395C3BC3BB}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{374DE290-123F-4565-9164-39C4925E467B}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{374DE290-123F-4565-9164-39C4925E467B}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3D644C9B-1FB8-4F30-9B45-F670235F79C0}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3D644C9B-1FB8-4F30-9B45-F670235F79C0}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{43668BF8-C14E-49B2-97C9-747784D784B7}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{43668BF8-C14E-49B2-97C9-747784D784B7}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{48DAF80B-E6CF-4F4E-B800-0E69D84EE384}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{48DAF80B-E6CF-4F4E-B800-0E69D84EE384}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{491E922F-5643-4AF4-A7EB-4E7A138D8174}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{491E922F-5643-4AF4-A7EB-4E7A138D8174}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4BD8D571-6D19-48D3-BE97-422220080E43}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4BD8D571-6D19-48D3-BE97-422220080E43}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4BFEFB45-347D-4006-A5BE-AC0CB0567192}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4BFEFB45-347D-4006-A5BE-AC0CB0567192}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4D9F7874-4E0C-4904-967B-40B0D20C3E4B}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4D9F7874-4E0C-4904-967B-40B0D20C3E4B}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{52528A6B-B9E3-4ADD-B60D-588C2DBA842D}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{52528A6B-B9E3-4ADD-B60D-588C2DBA842D}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{52A4F021-7B75-48A9-9F6B-4B87A210BC8F}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{52A4F021-7B75-48A9-9F6B-4B87A210BC8F}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{54EED2E0-E7CA-4FDB-9148-0F4247291CFA}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{54EED2E0-E7CA-4FDB-9148-0F4247291CFA}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{56784854-C6CB-462B-8169-88E350ACB882}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{56784854-C6CB-462B-8169-88E350ACB882}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5CD7AEE2-2219-4A67-B85D-6C9CE15660CB}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5CD7AEE2-2219-4A67-B85D-6C9CE15660CB}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5CE4A5E9-E4EB-479D-B89F-130C02886155}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5CE4A5E9-E4EB-479D-B89F-130C02886155}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{69D2CF90-FC33-4FB7-9A0C-EBB0F0FCB43C}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{69D2CF90-FC33-4FB7-9A0C-EBB0F0FCB43C}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{6F0CD92B-2E97-45D1-88FF-B0D186B8DEDD}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{6F0CD92B-2E97-45D1-88FF-B0D186B8DEDD}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{724EF170-A42D-4FEF-9F26-B60E846FBA4F}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{724EF170-A42D-4FEF-9F26-B60E846FBA4F}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{76FC4E2D-D6AD-4519-A663-37BD56068185}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{76FC4E2D-D6AD-4519-A663-37BD56068185}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7B0DB17D-9CD2-4A93-9733-46CC89022E7C}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7B0DB17D-9CD2-4A93-9733-46CC89022E7C}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7B396E54-9EC5-4300-BE0A-2482EBAE1A26}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7B396E54-9EC5-4300-BE0A-2482EBAE1A26}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7D1D3A04-DEBB-4115-95CF-2F29DA2920DA}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7D1D3A04-DEBB-4115-95CF-2F29DA2920DA}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{82A74AEB-AEB4-465C-A014-D097EE346D63}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{82A74AEB-AEB4-465C-A014-D097EE346D63}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{859EAD94-2E85-48AD-A71A-0969CB56A6CD}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{859EAD94-2E85-48AD-A71A-0969CB56A6CD}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{8983036C-27C0-404B-8F08-102D10DCFD74}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{8983036C-27C0-404B-8F08-102D10DCFD74}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{8AD10C31-2ADB-4296-A8F7-E4701232C972}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{8AD10C31-2ADB-4296-A8F7-E4701232C972}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{905E63B6-C1BF-494E-B29C-65B732D3D21A}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{905E63B6-C1BF-494E-B29C-65B732D3D21A}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{915221FB-9EFE-4BDA-8FD7-F78DCA774F87}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{915221FB-9EFE-4BDA-8FD7-F78DCA774F87}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9274BD8D-CFD1-41C3-B35E-B13F55A758F4}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9274BD8D-CFD1-41C3-B35E-B13F55A758F4}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{98EC0E18-2098-4D44-8644-66979315A281}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{98EC0E18-2098-4D44-8644-66979315A281}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9E3995AB-1F9C-4F13-B827-48B24B6C7174}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9E3995AB-1F9C-4F13-B827-48B24B6C7174}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9E52AB10-F80D-49DF-ACB8-4330F5687855}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9E52AB10-F80D-49DF-ACB8-4330F5687855}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A302545D-DEFF-464B-ABE8-61C8648D939B}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A302545D-DEFF-464B-ABE8-61C8648D939B}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A305CE99-F527-492B-8B1A-7E76FA98D6E4}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A305CE99-F527-492B-8B1A-7E76FA98D6E4}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A520A1A4-1780-4FF6-BD18-167343C5AF16}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A520A1A4-1780-4FF6-BD18-167343C5AF16}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A63293E8-664E-48DB-A079-DF759E0509F7}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A63293E8-664E-48DB-A079-DF759E0509F7}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A75D362E-50FC-4FB7-AC2C-A8BEAA314493}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A75D362E-50FC-4FB7-AC2C-A8BEAA314493}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A77F5D77-2E2B-44C3-A6A2-ABA601054A51}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A77F5D77-2E2B-44C3-A6A2-ABA601054A51}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A990AE9F-A03B-4E80-94BC-9912D7504104}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A990AE9F-A03B-4E80-94BC-9912D7504104}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B250C668-F57D-4EE1-A63C-290EE7D1AA1F}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B250C668-F57D-4EE1-A63C-290EE7D1AA1F}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B6EBFB86-6907-413C-9AF7-4FC2ABF07CC5}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B6EBFB86-6907-413C-9AF7-4FC2ABF07CC5}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B7534046-3ECB-4C18-BE4E-64CD4CB7D6AC}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B7534046-3ECB-4C18-BE4E-64CD4CB7D6AC}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B88F4DAA-E7BD-49A9-B74D-02885A5DC765}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B88F4DAA-E7BD-49A9-B74D-02885A5DC765}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B94237E7-57AC-4347-9151-B08C6C32D1F7}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B94237E7-57AC-4347-9151-B08C6C32D1F7}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BCB5256F-79F6-4CEE-B725-DC34E402FD46}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BCB5256F-79F6-4CEE-B725-DC34E402FD46}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BCBD3057-CA5C-4622-B42D-BC56DB0AE516}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BCBD3057-CA5C-4622-B42D-BC56DB0AE516}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BFB9D5E0-C6A9-404C-B2B2-AE6DB6AF4968}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BFB9D5E0-C6A9-404C-B2B2-AE6DB6AF4968}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C1BAE2D0-10DF-4334-BEDD-7AA20B227A9D}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C1BAE2D0-10DF-4334-BEDD-7AA20B227A9D}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C4900540-2379-4C75-844B-64E6FAF8716B}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C4900540-2379-4C75-844B-64E6FAF8716B}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C5ABBF53-E17F-4121-8900-86626FC2C973}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C5ABBF53-E17F-4121-8900-86626FC2C973}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C870044B-F49E-4126-A9C3-B52A1FF411E8}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C870044B-F49E-4126-A9C3-B52A1FF411E8}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{CAC52C1A-B53D-4EDC-92D7-6B2E8AC19434}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{CAC52C1A-B53D-4EDC-92D7-6B2E8AC19434}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D0384E7D-BAC3-4797-8F14-CBA229B392B5}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D0384E7D-BAC3-4797-8F14-CBA229B392B5}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D20BEEC4-5CA8-4905-AE3B-BF251EA09B53}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D20BEEC4-5CA8-4905-AE3B-BF251EA09B53}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE61D971-5EBC-4F02-A3A9-6C82895E5C04}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE61D971-5EBC-4F02-A3A9-6C82895E5C04}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE92C1C7-837F-4F69-A3BB-86E631204A23}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE92C1C7-837F-4F69-A3BB-86E631204A23}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE974D24-D9C6-4D3E-BF91-F4455120B917}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE974D24-D9C6-4D3E-BF91-F4455120B917}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DEBF2536-E1A8-4C59-B6A2-414586476AEA}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DEBF2536-E1A8-4C59-B6A2-414586476AEA}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DF7266AC-9274-4867-8D55-3BD661DE872D}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DF7266AC-9274-4867-8D55-3BD661DE872D}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DFDF76A2-C82A-4D63-906A-5644AC457385}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DFDF76A2-C82A-4D63-906A-5644AC457385}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{E555AB60-153B-4D17-9F04-A5FE99FC15EC}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{E555AB60-153B-4D17-9F04-A5FE99FC15EC}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{ED4824AF-DCE4-45A8-81E2-FC7965083634}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{ED4824AF-DCE4-45A8-81E2-FC7965083634}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{EE32E446-31CA-4ABA-814F-A5EBD2FD6D5E}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{EE32E446-31CA-4ABA-814F-A5EBD2FD6D5E}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F7F1ED05-9F6D-47A2-AAAE-29D317C6F066}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F7F1ED05-9F6D-47A2-AAAE-29D317C6F066}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\UsersFiles\NameSpace\DelegateFolders
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\UsersFiles\NameSpace\DelegateFolders\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\crypt32
HKEY_LOCAL_MACHINE\SYSTEM\Select
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{0000897b-83df-4b96-be07-0fb58b01c4a4}\LanguageProfile\0x00000000\{0001bea3-ed56-483d-a2e2-aeae25577436}
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN
HKEY_LOCAL_MACHINE\Software\Microsoft\OleAut
HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing
HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\RASAPI32
HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\RASMANCS
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3131157199-1995805048-2727015567-1000
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Server\ServerLevels
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\17e826fa0f6297f80b459948ab12efbdefc06f3cb999184a5cb1eddcf7b7d55064.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{1F3427C8-5C10-4210-AA03-2EE45287D668}\ShellFolder
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\ShellFolder
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\CommandStore
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\KindMap
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Sharing
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\UsersFiles\NameSpace
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\UsersFiles\NameSpace\DelegateFolders
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\GameUX\Games\{00D8862B-6453-4957-A821-3D98D74C76BE}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\GameUX\Games\{1FE520E6-95FE-48A6-9956-D7FBC347A472}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\GameUX\Games\{205286E5-F5F2-4306-BDB1-864245E33227}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\GameUX\Games\{3022722E-3A23-4839-AA85-348FC79C7686}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\GameUX\Games\{5FA410C1-1DD5-4238-833E-4DF9974FBC9C}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\GameUX\Games\{6C815596-821F-40B3-8A84-643B73A8EB16}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\GameUX\Games\{91CA4D38-EA2B-4F3C-94DE-36C1386182FC}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\GameUX\Games\{AF698A5B-24D6-4F78-AE95-204B09EDC7B6}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\GameUX\Games\{AFA7FF39-1DDF-4F70-A2D5-23FCFFF02E5F}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\GameUX\Games\{D1A7F7E0-D4E9-49E8-BF2C-CEAA01D2E670}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\GameUX\Games\{E91579C0-4EA9-4A2A-A9B2-04BEF1D6DC29}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\GameUX\Games\{FC96B68C-09EF-4251-A598-19E4BE1B76A9}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Associations
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\CredUI
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\NonEnum
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\PropertySystem\PropertyHandlers\.docx
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\PropertySystem\PropertyHandlers\.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\PropertySystem\PropertyHandlers\.library-ms
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\PropertySystem\PropertyHandlers\.lnk
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\PropertySystem\PropertyHandlers\.pptx
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Setup
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellCompatibility\ProgIDs\exefile
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Shell\RegisteredApplications\UrlAssociations\Directory\OpenWithProgids
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Windows Error Reporting
HKEY_LOCAL_MACHINE\Software\Microsoft\windows nt\currentversion
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\PreviousVersions
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\System\DNSClient
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\AppCompat
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Explorer
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Windows Error Reporting
HKEY_LOCAL_MACHINE\Software\Sysinternals
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\DnsCache\Parameters
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters
HKEY_LOCAL_MACHINE\System\Setup
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\PnpLockdownFiles

Registry Key-Deleted

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PROCMON24\ErrorControl
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PROCMON24\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PROCMON24\Start
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PROCMON24\Type
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\PROCMON24\Enum
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\PROCMON24\Parameters
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\PROCMON24\Security

Registry Key-Read

HKEY_CURRENT_USER\Control Panel\Desktop\SmoothScroll
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@"%windir%\System32\ie4uinit.exe",-732
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Program Files\Common Files\Microsoft Shared\Ink\ShapeCollector.exe,-298
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Program Files\Common Files\Microsoft Shared\Ink\TipTsf.dll,-80
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Program Files\Common Files\Microsoft Shared\Ink\mip.exe,-291
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Program Files\DVD Maker\DVDMaker.exe,-61403
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Program Files\Windows Journal\Journal.exe,-3074
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Program Files\Windows Sidebar\sidebar.exe,-1005
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\System32\AuthFWGP.dll,-20
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\System32\SyncCenter.dll,-3000
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\System32\ie4uinit.exe,-734
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\System32\ie4uinit.exe,-735
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\System32\ie4uinit.exe,-737
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\ehome\ehres.dll,-100
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\explorer.exe,-7021
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\AccessibilityCpl.dll,-10
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\DeviceCenter.dll,-1000
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\FXSRESM.dll,-114
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\MdSched.exe,-4001
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\NetProjW.dll,-501
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\OobeFldr.dll,-33056
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\SNTSearch.dll,-505
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\SnippingTool.exe,-15051
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\SoundRecorder.exe,-100
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\Speech\SpeechUX\sapi.cpl,-5555
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe,-101
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe,-102
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\XpsRchVw.exe,-102
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\comres.dll,-3410
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\dfrgui.exe,-103
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\displayswitch.exe,-320
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\filemgmt.dll,-2204
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\gameux.dll,-10054
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\gameux.dll,-10055
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\gameux.dll,-10056
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\gameux.dll,-10057
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\gameux.dll,-10058
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\gameux.dll,-10059
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\gameux.dll,-10060
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\gameux.dll,-10061
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\gameux.dll,-10082
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\gameux.dll,-10101
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\gameux.dll,-10102
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\gameux.dll,-10103
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\gameux.dll,-10209
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\iscsicpl.dll,-5001
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\mblctr.exe,-1008
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\miguiresource.dll,-101
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\miguiresource.dll,-201
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\migwiz\wet.dll,-588
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\migwiz\wet.dll,-591
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\msconfig.exe,-126
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\msinfo32.exe,-100
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\msra.exe,-100
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\mstsc.exe,-4000
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\mycomput.dll,-300
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\ntshrui.dll,-103
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\odbcint.dll,-1310
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\pmcsnap.dll,-700
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\recdisc.exe,-2000
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\rstrui.exe,-100
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\sdcpl.dll,-101
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\sud.dll,-1
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\unregmp2.exe,-4
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\wdc.dll,-10021
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\wdc.dll,-10030
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\wsecedit.dll,-718
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\@C:\Windows\system32\wucltux.dll,-1
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Security\DisableSecuritySettingsCheck
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\DragDelay
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\DragMinDist
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\ScrollDelay
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\ScrollInset
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\ScrollInterval
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{01979c6a-42fa-414c-b8aa-eee2c8202018}.check.100\CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{01979c6a-42fa-414c-b8aa-eee2c8202018}.check.101\CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{11CD958A-C507-4EF3-B3F2-5FD9DFBD2C78}.check.101\CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{852FB1F8-5CC6-4567-9C0E-7C330F8807C2}.check.100\CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{852FB1F8-5CC6-4567-9C0E-7C330F8807C2}.check.101\CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{945a8954-c147-4acd-923f-40c45405a658}.check.42\CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{A5268B8E-7DB5-465b-BAB7-BDCDA39A394A}.check.100\CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{C8E6F269-B90A-4053-A3BE-499AFCEC98C4}.check.0\CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{DAB69A6A-4D2A-4D44-94BF-E0091898C881}.check.100\CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.100\CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.101\CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.102\CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.103\CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.104\CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.106\CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{01979c6a-42fa-414c-b8aa-eee2c8202018}\LastKnownState
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{11CD958A-C507-4EF3-B3F2-5FD9DFBD2C78}\LastKnownState
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{945a8954-c147-4acd-923f-40c45405a658}\LastKnownState
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{A5268B8E-7DB5-465b-BAB7-BDCDA39A394A}\LastKnownState
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{DAB69A6A-4D2A-4D44-94BF-E0091898C881}\LastKnownState
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\AccListViewV6
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\AutoCheckSelect
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\DontPrettyPath
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\EnableBalloonTips
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\EncryptionContextMenu
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Filter
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Hidden
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\HideFileExt
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\HideIcons
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\IconsOnly
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ListviewAlphaSelect
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ListviewShadow
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\MapNetDrvBtn
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\NoNetCrawling
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\SeparateProcess
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\SharingWizardOn
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowCompColor
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowInfoTip
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowSuperHidden
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowTypeOverlay
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\StartMenuFavorites
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\StartMenuFavorites_ShouldShow
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_AdminToolsRoot
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_AdminToolsRoot_ShouldShow
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_AutoCascade
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_EnableDragDrop
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_LargeMFUIcons
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_MinMFU
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_NotifyNewApps
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_PowerButtonAction
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_SearchFiles
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowControlPanel
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowControlPanel_ShouldShow
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowDownloads
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowDownloads_ShouldShow
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowHelp
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowHelp_ShouldShow
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowHomegroup
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowHomegroup_ShouldShow
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer_ShouldShow
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyDocs
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyDocs_ShouldShow
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyGames
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyGames_ShouldShow
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyMusic
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyMusic_ShouldShow
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyPics
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyPics_ShouldShow
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowNetConn
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowNetConn_ShouldShow
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowNetPlaces
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowNetPlaces_ShouldShow
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowPrinters
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowPrinters_ShouldShow
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowRecentDocs
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowRecentDocs_ShouldShow
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowRecordedTV
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowRecordedTV_ShouldShow
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowRun
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowRun_ShouldShow
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSetProgramAccessAndDefaults
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSetProgramAccessAndDefaults_ShouldShow
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowUser
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowUser_ShouldShow
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowVideos
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowVideos_ShouldShow
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_SortByName
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_TrackProgs
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\UseDoubleClickTimer
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\WebView
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\(Default)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\DefaultIcon\(Default)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\DefaultIcon\OpenIcon
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\(Default)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\DefaultIcon\(Default)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\DefaultIcon\OpenIcon
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\(Default)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon\(Default)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\DefaultIcon\OpenIcon
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.url\UserChoice\Progid
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{94956483-9236-11e5-a874-806e6f6e6963}\Data
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{94956483-9236-11e5-a874-806e6f6e6963}\Generation
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{94956484-9236-11e5-a874-806e6f6e6963}\Data
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{94956484-9236-11e5-a874-806e6f6e6963}\Generation
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MultipleInvokePromptMinimum
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\NoPreviousVersionsPage
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Cache
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage2\Favorites
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage2\FavoritesChanges
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage2\FavoritesRemovedChanges
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage2\FavoritesResolve
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage2\ProgramsCache
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage2\ProgramsCacheSMP
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage2\ProgramsCacheTBP
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage\StartPanel_FadeDelay
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage\StartPanel_FadeIn
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage\StartPanel_FadeOut
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage\StartPanel_TopMatch
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Taskband\Favorites
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Taskband\FavoritesChanges
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Taskband\FavoritesRemovedChanges
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Taskband\FavoritesResolve
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Taskband\FavoritesVersion
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\AppData
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Desktop
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Favorites
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\My Music
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\My Pictures
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\My Video
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Personal
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Programs
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Start Menu
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\{374DE290-123F-4565-9164-39C4925E467B}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\{4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\{52A4F021-7B75-48A9-9F6B-4B87A210BC8F}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\{56784854-C6CB-462B-8169-88E350ACB882}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\{7D1D3A04-DEBB-4115-95CF-2F29DA2920DA}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\{9E3995AB-1F9C-4F13-B827-48B24B6C7174}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\{BFB9D5E0-C6A9-404C-B2B2-AE6DB6AF4968}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\iHcNI8!!!!!!!!!ZXXFxBssvprQvtvgnyFSvyrf<
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\iHcNI8!!!!!!!!!ZXXFxFrgYnathntrSvyrf<
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\HRZR_PGYPHNPbhag:pgbe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\P:\7q486nrqn5885rrppp58o3s1191p\hcqngr\vrfrghc.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\P:\Clguba27\ErzbirCVY.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\P:\Clguba27\Erzbirqvfgbez3.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\P:\Clguba27\clguba.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\P:\Hfref\Iveghny\NccQngn\Ybpny\Grzc\17r826sn0s6297s80o459948no12rsoqrsp06s3po999184n5po1rqqps7o7q55064.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\P:\Hfref\Iveghny\Qbjaybnqf\zcynlre2-2.0-jvaqbjf-k86\zcynlre.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\P:\Hfref\Iveghny\Qrfxgbc\AQC461-XO3102436-k86-k64-NyyBF-RAH.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\P:\Hfref\Iveghny\Qrfxgbc\CVY-1.1.7.jva32-cl2.7.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\P:\Hfref\Iveghny\Qrfxgbc\Fubpxjnir_Vafgnyyre_Shyy.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\P:\Hfref\Iveghny\Qrfxgbc\GKPFrghc_2.02Fgnoyr_Jva32.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\P:\Hfref\Iveghny\Qrfxgbc\NqorEqe910_ra_HF.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\P:\Hfref\Iveghny\Qrfxgbc\Sversbk Frghc 6.0.2.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\P:\Hfref\Iveghny\Qrfxgbc\ZCP-UP.1.7.10.k86.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\P:\Hfref\Iveghny\Qrfxgbc\onfvp-zvxgrk-2.9.6069.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\P:\Hfref\Iveghny\Qrfxgbc\ra_.arg_senzrjbex_3.5_k86.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\P:\Hfref\Iveghny\Qrfxgbc\ra_vr7_sbe_jva_kc_fc2_k86.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\P:\Hfref\Iveghny\Qrfxgbc\wer-6h45-jvaqbjf-v586.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\P:\QYYF\qinfvba_rkc.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\Puebzr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\Q:\pbcl.ong
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\Q:\qvfgbez3-3.3.4.jva32.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\Q:\ra_bhgybbx_2010_k86_516729.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\Zbmvyyn.Sversbk.6.0.2
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\ZvXGrKbet.ZvXGrK.Frghc.2.9.6050
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\Zvpebfbsg.Jvaqbjf.ErzbgrQrfxgbc
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\Zvpebfbsg.Jvaqbjf.FgvpxlAbgrf
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\Zvpebfbsg.Jvaqbjf.JvaqbjfVafgnyyre
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\Zvpebfbsg.Jvaqbjf.PbagebyCnary
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\Zvpebfbsg.Jvaqbjf.PbagebyCnary.SbyqreBcgvbaf
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\Zvpebfbsg.Jvaqbjf.TrggvatFgnegrq
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\Zvpebfbsg.Jvaqbjf.ZrqvnCynlre32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\Zvpebfbsg.Jvaqbjf.ZrqvnPragre
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\Zvpebfbsg.NhgbTrarengrq.{15067OP1-P5N8-425R-37P6-SN0O891674S9}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\Zvpebfbsg.NhgbTrarengrq.{16Q1N742-8R12-59S8-9RNR-S2SRO28O2489}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\Zvpebfbsg.NhgbTrarengrq.{2O435603-6756-6323-0747-5Q306O15QO97}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\Zvpebfbsg.NhgbTrarengrq.{53123611-QN37-S8QN-SNP9-03R76QO9Q64Q}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\Zvpebfbsg.NhgbTrarengrq.{6P0504P5-3O0Q-4109-PR0N-5QR24P7PS9PS}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\Zvpebfbsg.NhgbTrarengrq.{7N485S64-913P-R5SN-PR0Q-304Q8Q0S34R2}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\Zvpebfbsg.NhgbTrarengrq.{7SR8Q22N-SO1Q-N8OR-01R3-6P8693961R6R}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\Zvpebfbsg.NhgbTrarengrq.{8NN47365-O2O3-1961-69RO-S866R376O12S}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\Zvpebfbsg.NhgbTrarengrq.{8NOQ94SO-R7Q6-84N6-N997-P918RQQR0NR5}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\Zvpebfbsg.NhgbTrarengrq.{NN198O3P-PQ8P-7QR1-98Q1-O460S637193O}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\Zvpebfbsg.NhgbTrarengrq.{OO044OSQ-25O7-2SNN-22N8-6371N93R0456}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\Zvpebfbsg.NhgbTrarengrq.{OQ3S924R-55SO-N1ON-9QR6-O50S9S2460NP}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\Zvpebfbsg.NhgbTrarengrq.{P1P6S8NP-40N3-0S5P-146S-65N9QP70OOO4}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\Zvpebfbsg.NhgbTrarengrq.{P804OON7-SN5S-POS7-8O55-2096R5S972PO}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\Zvpebfbsg.NhgbTrarengrq.{Q4N262QQ-PR44-Q105-S36O-9Q77N8PO65N4}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\Zvpebfbsg.NhgbTrarengrq.{QNN168QR-4306-P8OP-8P11-O596240OQQRQ}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\Zvpebfbsg.NhgbTrarengrq.{R295O4N3-R895-4253-O169-79S577R97584}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\Zvpebfbsg.VagreargRkcybere.64Ovg
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\Zvpebfbsg.VagreargRkcybere.Qrsnhyg
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\ArgCebw.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\FavccvatGbby.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\FbhaqErpbeqre.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\HfreNppbhagPbagebyFrggvatf.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\JS.zfp
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\JSF.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\JvaqbjfCbjreFuryy\i1.0\CbjreFuryy_VFR.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\JvaqbjfCbjreFuryy\i1.0\cbjrefuryy.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\ZqFpurq.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\abgrcnq.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\aneengbe.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\bfx.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\bqopnq32.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\cevagznantrzrag.zfp
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\efgehv.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\ehaqyy32.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\erpqvfp.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\freivprf.zfp
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\fyhv.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\gnfxubfg.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\gnfxzte.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\kcfepuij.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\pbzrkc.zfp
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\pnyp.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\puneznc.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\pyrnazte.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\pzq.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\qsethv.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\qvfcynlfjvgpu.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\rhqprqvg.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\vfpfvpcy.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\zboflap.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\zfcnvag.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\zfen.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\zfpbasvt.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\zfvasb32.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\zfvrkrp.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\zntavsl.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\zvtjvm\cbfgzvt.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\zvtjvm\zvtjvm.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{6Q809377-6NS0-444O-8957-N3773S02200R}\Jvaqbjf AG\Npprffbevrf\jbeqcnq.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{6Q809377-6NS0-444O-8957-N3773S02200R}\Jvaqbjf Wbheany\Wbheany.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{6Q809377-6NS0-444O-8957-N3773S02200R}\Pbzzba Svyrf\Zvpebfbsg Funerq\Vax\FuncrPbyyrpgbe.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{6Q809377-6NS0-444O-8957-N3773S02200R}\Pbzzba Svyrf\Zvpebfbsg Funerq\Vax\GnoGvc.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{6Q809377-6NS0-444O-8957-N3773S02200R}\Pbzzba Svyrf\Zvpebfbsg Funerq\Vax\zvc.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{6Q809377-6NS0-444O-8957-N3773S02200R}\QIQ Znxre\QIQZnxre.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{6Q809377-6NS0-444O-8957-N3773S02200R}\Zvpebfbsg Tnzrf\Cheoyr Cynpr\CheoyrCynpr.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{6Q809377-6NS0-444O-8957-N3773S02200R}\Zvpebfbsg Tnzrf\Fbyvgnver\fbyvgnver.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{6Q809377-6NS0-444O-8957-N3773S02200R}\Zvpebfbsg Tnzrf\FcvqreFbyvgnver\fcvqrefbyvgnver.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{6Q809377-6NS0-444O-8957-N3773S02200R}\Zvpebfbsg Tnzrf\Purff\purff.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{6Q809377-6NS0-444O-8957-N3773S02200R}\Zvpebfbsg Tnzrf\SerrPryy\SerrPryy.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{6Q809377-6NS0-444O-8957-N3773S02200R}\Zvpebfbsg Tnzrf\Urnegf\urnegf.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{6Q809377-6NS0-444O-8957-N3773S02200R}\Zvpebfbsg Tnzrf\Zhygvcynlre\Fcnqrf\fuiymz.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{6Q809377-6NS0-444O-8957-N3773S02200R}\Zvpebfbsg Tnzrf\Zhygvcynlre\Onpxtnzzba\opxtmz.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{6Q809377-6NS0-444O-8957-N3773S02200R}\Zvpebfbsg Tnzrf\Zhygvcynlre\Purpxref\puxemz.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{6Q809377-6NS0-444O-8957-N3773S02200R}\Zvpebfbsg Tnzrf\Znuwbat\Znuwbat.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{6Q809377-6NS0-444O-8957-N3773S02200R}\Zvpebfbsg Tnzrf\Zvarfjrrcre\zvarfjrrcre.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{7P5N40RS-N0SO-4OSP-874N-P0S2R0O9SN8R}\GrKavpPragre\GrKavpPragre.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{7P5N40RS-N0SO-4OSP-874N-P0S2R0O9SN8R}\Nqbor\Ernqre 9.0\Ernqre\NpebEq32.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{7P5N40RS-N0SO-4OSP-874N-P0S2R0O9SN8R}\Pbzzba Svyrf\Wnin\Wnin Hcqngr\whfpurq.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{7P5N40RS-N0SO-4OSP-874N-P0S2R0O9SN8R}\Pbzzba Svyrf\Zvpebfbsg Funerq\BSSVPR12\BSSQVNT.RKR
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{7P5N40RS-N0SO-4OSP-874N-P0S2R0O9SN8R}\THZPR75.gzc\TbbtyrHcqngr.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{7P5N40RS-N0SO-4OSP-874N-P0S2R0O9SN8R}\Tbbtyr\Hcqngr\TbbtyrHcqngr.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{7P5N40RS-N0SO-4OSP-874N-P0S2R0O9SN8R}\ZCP-UP\zcp-up.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{7P5N40RS-N0SO-4OSP-874N-P0S2R0O9SN8R}\ZvXGrK 2.9\zvxgrk\ova\lnc.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{7P5N40RS-N0SO-4OSP-874N-P0S2R0O9SN8R}\ZvXGrK 2.9\zvxgrk\ova\zb.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{7P5N40RS-N0SO-4OSP-874N-P0S2R0O9SN8R}\ZvXGrK 2.9\zvxgrk\ova\zb_nqzva.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{7P5N40RS-N0SO-4OSP-874N-P0S2R0O9SN8R}\ZvXGrK 2.9\zvxgrk\ova\zcz_zsp.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{7P5N40RS-N0SO-4OSP-874N-P0S2R0O9SN8R}\ZvXGrK 2.9\zvxgrk\ova\zcz_zsp_nqzva.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{7P5N40RS-N0SO-4OSP-874N-P0S2R0O9SN8R}\ZvXGrK 2.9\zvxgrk\ova\zvxgrk-grkjbexf.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{7P5N40RS-N0SO-4OSP-874N-P0S2R0O9SN8R}\Zvpebfbsg Bssvpr\Bssvpr12\BARABGR.RKR
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{7P5N40RS-N0SO-4OSP-874N-P0S2R0O9SN8R}\Zvpebfbsg Bssvpr\Bssvpr12\BHGYBBX.RKR
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{7P5N40RS-N0SO-4OSP-874N-P0S2R0O9SN8R}\Zvpebfbsg Bssvpr\Bssvpr12\BVF.RKR
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{7P5N40RS-N0SO-4OSP-874N-P0S2R0O9SN8R}\Zvpebfbsg Bssvpr\Bssvpr12\CBJRECAG.RKR
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{7P5N40RS-N0SO-4OSP-874N-P0S2R0O9SN8R}\Zvpebfbsg Bssvpr\Bssvpr12\JVAJBEQ.RKR
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{7P5N40RS-N0SO-4OSP-874N-P0S2R0O9SN8R}\Zvpebfbsg Bssvpr\Bssvpr12\RKPRY.RKR
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{7P5N40RS-N0SO-4OSP-874N-P0S2R0O9SN8R}\Zvpebfbsg Bssvpr\Bssvpr12\TEBBIR.RKR
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{7P5N40RS-N0SO-4OSP-874N-P0S2R0O9SN8R}\Zvpebfbsg Bssvpr\Bssvpr12\VASBCNGU.RKR
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{7P5N40RS-N0SO-4OSP-874N-P0S2R0O9SN8R}\Zvpebfbsg Bssvpr\Bssvpr12\ZFCHO.RKR
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{7P5N40RS-N0SO-4OSP-874N-P0S2R0O9SN8R}\Zvpebfbsg Bssvpr\Bssvpr12\ZFGBER.RKR
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{7P5N40RS-N0SO-4OSP-874N-P0S2R0O9SN8R}\Zvpebfbsg Bssvpr\Bssvpr12\ZFNPPRFF.RKR
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{Q65231O0-O2S1-4857-N4PR-N8R7P6RN7Q27}\JvaqbjfCbjreFuryy\i1.0\CbjreFuryy_VFR.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{Q65231O0-O2S1-4857-N4PR-N8R7P6RN7Q27}\JvaqbjfCbjreFuryy\i1.0\cbjrefuryy.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{S38OS404-1Q43-42S2-9305-67QR0O28SP23}\ertrqvg.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{S38OS404-1Q43-42S2-9305-67QR0O28SP23}\rkcybere.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\::{RQ228SQS-9RN8-4870-83O1-96O02PSR0Q52}\{00Q8862O-6453-4957-N821-3Q98Q74P76OR}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\::{RQ228SQS-9RN8-4870-83O1-96O02PSR0Q52}\{1SR520R6-95SR-48N6-9956-Q7SOP347N472}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\::{RQ228SQS-9RN8-4870-83O1-96O02PSR0Q52}\{205286R5-S5S2-4306-OQO1-864245R33227}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\::{RQ228SQS-9RN8-4870-83O1-96O02PSR0Q52}\{3022722R-3N23-4839-NN85-348SP79P7686}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\::{RQ228SQS-9RN8-4870-83O1-96O02PSR0Q52}\{5SN410P1-1QQ5-4238-833R-4QS9974SOP9P}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\::{RQ228SQS-9RN8-4870-83O1-96O02PSR0Q52}\{6P815596-821S-40O3-8N84-643O73N8RO16}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\::{RQ228SQS-9RN8-4870-83O1-96O02PSR0Q52}\{91PN4Q38-RN2O-4S3P-94QR-36P1386182SP}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\::{RQ228SQS-9RN8-4870-83O1-96O02PSR0Q52}\{NS698N5O-24Q6-4S78-NR95-204O09RQP7O6}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\::{RQ228SQS-9RN8-4870-83O1-96O02PSR0Q52}\{NSN7SS39-1QQS-4S70-N2Q5-23SPSSS02R5S}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\::{RQ228SQS-9RN8-4870-83O1-96O02PSR0Q52}\{Q1N7S7R0-Q4R9-49R8-OS2P-PRNN01Q2R670}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\::{RQ228SQS-9RN8-4870-83O1-96O02PSR0Q52}\{R91579P0-4RN9-4N2N-N9O2-04ORS1Q6QP29}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\HRZR_PGYPHNPbhag:pgbe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\P:\Hfref\Choyvp\Qrfxgbc\Nqbor Ernqre 9.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\P:\Hfref\Choyvp\Qrfxgbc\Tbbtyr Puebzr.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\P:\Hfref\Choyvp\Qrfxgbc\Zbmvyyn Sversbk.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\P:\Hfref\Iveghny\Qrfxgbc\GrKavpPragre.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\P:\Hfref\Iveghny\Qrfxgbc\ZCP-UP.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Clguba 2.7\Clguba (pbzznaq yvar).yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Clguba 2.7\VQYR (Clguba THV).yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Clguba 2.7\Zbqhyr Qbpf.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Fvqrone.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\GrKavpPragre\GrKavpPragre.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Jvaqbjf QIQ Znxre.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Jvaqbjf Snk naq Fpna.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Jvaqbjf Zrqvn Cynlre.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\KCF Ivrjre.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Npprffbevrf\ArgjbexCebwrpgvba.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Npprffbevrf\Cnvag.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Npprffbevrf\Erzbgr Qrfxgbc Pbaarpgvba.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Npprffbevrf\Favccvat Gbby.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Npprffbevrf\Fbhaq Erpbeqre.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Npprffbevrf\Fgvpxl Abgrf.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Npprffbevrf\Flap Pragre.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Npprffbevrf\Flfgrz Gbbyf\Erfbhepr Zbavgbe.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Npprffbevrf\Flfgrz Gbbyf\Flfgrz Erfgber.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Npprffbevrf\Flfgrz Gbbyf\Flfgrz Vasbezngvba.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Npprffbevrf\Flfgrz Gbbyf\Gnfx Fpurqhyre.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Npprffbevrf\Flfgrz Gbbyf\Jvaqbjf Rnfl Genafsre Ercbegf.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Npprffbevrf\Flfgrz Gbbyf\Jvaqbjf Rnfl Genafsre.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Npprffbevrf\Flfgrz Gbbyf\Punenpgre Znc.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Npprffbevrf\Flfgrz Gbbyf\Qvfx Pyrnahc.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Npprffbevrf\Flfgrz Gbbyf\qsethv.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Npprffbevrf\Gnoyrg CP\FuncrPbyyrpgbe.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Npprffbevrf\Gnoyrg CP\GnoGvc.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Npprffbevrf\Gnoyrg CP\Jvaqbjf Wbheany.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Npprffbevrf\Jbeqcnq.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Npprffbevrf\Jrypbzr Pragre.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Npprffbevrf\Jvaqbjf CbjreFuryy\Jvaqbjf CbjreFuryy (k86).yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Npprffbevrf\Jvaqbjf CbjreFuryy\Jvaqbjf CbjreFuryy VFR (k86).yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Npprffbevrf\Jvaqbjf CbjreFuryy\Jvaqbjf CbjreFuryy VFR.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Npprffbevrf\Jvaqbjf CbjreFuryy\Jvaqbjf CbjreFuryy.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Npprffbevrf\Npprffvovyvgl\Fcrrpu Erpbtavgvba.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Npprffbevrf\Pnyphyngbe.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Npprffbevrf\Zbovyvgl Pragre.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Npprffbevrf\Zngu Vachg Cnary.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Npprffbevrf\qvfcynlfjvgpu.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Nqbor Ernqre 9.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Nqzvavfgengvir Gbbyf\Cevag Znantrzrag.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Nqzvavfgengvir Gbbyf\Cresbeznapr Zbavgbe.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Nqzvavfgengvir Gbbyf\Flfgrz Pbasvthengvba.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Nqzvavfgengvir Gbbyf\Frphevgl Pbasvthengvba Znantrzrag.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Nqzvavfgengvir Gbbyf\Gnfx Fpurqhyre.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Nqzvavfgengvir Gbbyf\Jvaqbjf CbjreFuryy Zbqhyrf.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Nqzvavfgengvir Gbbyf\Jvaqbjf Sverjnyy jvgu Nqinaprq Frphevgl.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Nqzvavfgengvir Gbbyf\Pbzcbarag Freivprf.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Nqzvavfgengvir Gbbyf\Pbzchgre Znantrzrag.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Nqzvavfgengvir Gbbyf\Qngn Fbheprf (BQOP).yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Nqzvavfgengvir Gbbyf\Rirag Ivrjre.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Nqzvavfgengvir Gbbyf\Zrzbel Qvntabfgvpf Gbby.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Nqzvavfgengvir Gbbyf\freivprf.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Nqzvavfgengvir Gbbyf\vFPFV Vavgvngbe.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Tbbtyr Puebzr.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\ZCP-UP\ZCP-UP.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Zbmvyyn Sversbk.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Znvagranapr\Erzbgr Nffvfgnapr.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Znvagranapr\Perngr Erpbirel Qvfp.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Zrqvn Pragre.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\ZvXGrK 2.9\GrKjbexf.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\ZvXGrK 2.9\QIV Cerivrjre (Lnc).yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\ZvXGrK 2.9\Znvagranapr (Nqzva)\ZvXGrK Cnpxntr Znantre (Nqzva).yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\ZvXGrK 2.9\Znvagranapr (Nqzva)\ZvXGrK Frggvatf (Nqzva).yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\ZvXGrK 2.9\Znvagranapr (Nqzva)\ZvXGrK Hcqngr (Nqzva).yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\ZvXGrK 2.9\Znvagranapr\ZvXGrK Cnpxntr Znantre.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\ZvXGrK 2.9\Znvagranapr\ZvXGrK Frggvatf.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\ZvXGrK 2.9\Znvagranapr\ZvXGrK Hcqngr.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Zvpebfbsg Bssvpr\Zvpebfbsg Bssvpr BarAbgr 2007.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Zvpebfbsg Bssvpr\Zvpebfbsg Bssvpr Bhgybbx 2007.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Zvpebfbsg Bssvpr\Zvpebfbsg Bssvpr CbjreCbvag 2007.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Zvpebfbsg Bssvpr\Zvpebfbsg Bssvpr Choyvfure 2007.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Zvpebfbsg Bssvpr\Zvpebfbsg Bssvpr Gbbyf\Qvtvgny Pregvsvpngr sbe ION Cebwrpgf.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Zvpebfbsg Bssvpr\Zvpebfbsg Bssvpr Gbbyf\Zvpebfbsg Bssvpr 2007 Ynathntr Frggvatf.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Zvpebfbsg Bssvpr\Zvpebfbsg Bssvpr Gbbyf\Zvpebfbsg Bssvpr Cvpgher Znantre.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Zvpebfbsg Bssvpr\Zvpebfbsg Bssvpr Gbbyf\Zvpebfbsg Bssvpr Qvntabfgvpf.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Zvpebfbsg Bssvpr\Zvpebfbsg Bssvpr Gbbyf\Zvpebfbsg Pyvc Betnavmre.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Zvpebfbsg Bssvpr\Zvpebfbsg Bssvpr Jbeq 2007.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Zvpebfbsg Bssvpr\Zvpebfbsg Bssvpr Npprff 2007.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Zvpebfbsg Bssvpr\Zvpebfbsg Bssvpr Rkpry 2007.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Zvpebfbsg Bssvpr\Zvpebfbsg Bssvpr Tebbir 2007.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Zvpebfbsg Bssvpr\Zvpebfbsg Bssvpr VasbCngu 2007.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{9R3995NO-1S9P-4S13-O827-48O24O6P7174}\GnfxOne\Jvaqbjf Rkcybere.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{9R3995NO-1S9P-4S13-O827-48O24O6P7174}\GnfxOne\Jvaqbjf Zrqvn Cynlre.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{9R3995NO-1S9P-4S13-O827-48O24O6P7174}\GnfxOne\Tbbtyr Puebzr.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{9R3995NO-1S9P-4S13-O827-48O24O6P7174}\GnfxOne\Vagrearg Rkcybere.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{9R3995NO-1S9P-4S13-O827-48O24O6P7174}\GnfxOne\Zbmvyyn Sversbk.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{N77S5Q77-2R2O-44P3-N6N2-NON601054N51}\Npprffbevrf\Abgrcnq.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{N77S5Q77-2R2O-44P3-N6N2-NON601054N51}\Npprffbevrf\Flfgrz Gbbyf\Cevingr Punenpgre Rqvgbe.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{N77S5Q77-2R2O-44P3-N6N2-NON601054N51}\Npprffbevrf\Jvaqbjf Rkcybere.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{N77S5Q77-2R2O-44P3-N6N2-NON601054N51}\Npprffbevrf\Npprffvovyvgl\Aneengbe.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{N77S5Q77-2R2O-44P3-N6N2-NON601054N51}\Npprffbevrf\Npprffvovyvgl\Ba-Fperra Xrlobneq.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{N77S5Q77-2R2O-44P3-N6N2-NON601054N51}\Npprffbevrf\Npprffvovyvgl\Zntavsl.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{N77S5Q77-2R2O-44P3-N6N2-NON601054N51}\Npprffbevrf\Pbzznaq Cebzcg.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{N77S5Q77-2R2O-44P3-N6N2-NON601054N51}\Vagrearg Rkcybere (64-ovg).yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{N77S5Q77-2R2O-44P3-N6N2-NON601054N51}\Vagrearg Rkcybere.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{N77S5Q77-2R2O-44P3-N6N2-NON601054N51}\Zvpebfbsg Ivfhny P++ Pbzcvyre Cnpxntr sbe Clguba 2.7\Ivfhny P++ 2008 32-ovg Pbzznaq Cebzcg.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{N77S5Q77-2R2O-44P3-N6N2-NON601054N51}\Zvpebfbsg Ivfhny P++ Pbzcvyre Cnpxntr sbe Clguba 2.7\Ivfhny P++ 2008 64-ovg Pbzznaq Cebzcg.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count\{N77S5Q77-2R2O-44P3-N6N2-NON601054N51}\Zvpebfbsg Ivfhny P++ Pbzcvyre Cnpxntr sbe Clguba 2.7\Ivfhny P++ 2008 64-ovg Pebff Gbbyf Pbzznaq Cebzcg.yax
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\HomeGroup\UIStatusCache\OnlyMember
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\HomeGroup\UIStatusCache\UIStatus
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\AutoProxyDetectType
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\SpecialFoldersCacheSize
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\WpadExpirationDays
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\WpadLastNetwork
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{74306E05-02D8-40D6-B925-AFF78A888B42}\WpadDecision
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{74306E05-02D8-40D6-B925-AFF78A888B42}\WpadDecisionTime
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1806
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\Flags
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\Flags
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\Flags
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\Flags
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\Flags
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached\{08244EE6-92F0-47F2-9FC9-929BAA2E7235} {0C6C4200-C589-11D0-999A-00C04FD655E1} 0xFFFF
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached\{0A88C858-7D0C-4549-9499-7DB05F0CB0BF} {A08CE4D0-FA25-44AB-B57C-C7B1C323E0B9} 0xFFFF
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached\{14074E0B-7216-4862-96E6-53CADA442A56} {000214FA-0000-0000-C000-000000000046} 0xFFFF
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached\{1A0391BF-9564-4294-B0A4-06C298929EF9} {A08CE4D0-FA25-44AB-B57C-C7B1C323E0B9} 0xFFFF
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached\{1D27F844-3A1F-4410-85AC-14651078412D} {000214E4-0000-0000-C000-000000000046} 0xFFFF
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached\{1F3427C8-5C10-4210-AA03-2EE45287D668} {000214E6-0000-0000-C000-000000000046} 0xFFFF
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached\{4E77131D-3629-431C-9818-C5679DC83E81} {0C6C4200-C589-11D0-999A-00C04FD655E1} 0xFFFF
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached\{596AB062-B4D2-4215-9F74-E9109B0A8153} {000214E4-0000-0000-C000-000000000046} 0xFFFF
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached\{7B4A83B6-F704-4B77-8E3D-C6087E3A21D2} {BDDACB60-7657-47AE-8445-D23E1ACF82AE} 0xFFFF
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached\{85BBD920-42A0-1069-A2E4-08002B30309D} {000214E4-0000-0000-C000-000000000046} 0xFFFF
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached\{9C73F5E5-7AE7-4E32-A8E8-8D23B85255BF} {000214E6-0000-0000-C000-000000000046} 0xFFFF
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} {0C6C4200-C589-11D0-999A-00C04FD655E1} 0xFFFF
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached\{DFFACDC5-679F-4156-8947-C5C76BC0B67F} {ADD8BA80-002B-11D0-8F0F-00C04FD7D062} 0xFFFF
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52} {000214E6-0000-0000-C000-000000000046} 0xFFFF
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached\{F81E9010-6EA4-11CE-A7FF-00AA003CA9F6} {000214E4-0000-0000-C000-000000000046} 0xFFFF
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\Disabled
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\LastQueuePesterTime
HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\QueuePesterInterval
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\SpecialFoldersCacheSize
HKEY_CURRENT_USER\Software\Sysinternals\EulaAccepted
HKEY_CURRENT_USER\Software\Sysinternals\Process Monitor\AdvancedMode
HKEY_CURRENT_USER\Software\Sysinternals\Process Monitor\AlwaysOnTop
HKEY_CURRENT_USER\Software\Sysinternals\Process Monitor\Autoscroll
HKEY_CURRENT_USER\Software\Sysinternals\Process Monitor\BoookmarkFont
HKEY_CURRENT_USER\Software\Sysinternals\Process Monitor\ColumnCount
HKEY_CURRENT_USER\Software\Sysinternals\Process Monitor\ColumnMap
HKEY_CURRENT_USER\Software\Sysinternals\Process Monitor\Columns
HKEY_CURRENT_USER\Software\Sysinternals\Process Monitor\DbgHelpPath
HKEY_CURRENT_USER\Software\Sysinternals\Process Monitor\DestructiveFilter
HKEY_CURRENT_USER\Software\Sysinternals\Process Monitor\DeviceNameMap
HKEY_CURRENT_USER\Software\Sysinternals\Process Monitor\EulaAccepted
HKEY_CURRENT_USER\Software\Sysinternals\Process Monitor\FilterRules
HKEY_CURRENT_USER\Software\Sysinternals\Process Monitor\HighlightBG
HKEY_CURRENT_USER\Software\Sysinternals\Process Monitor\HighlightFG
HKEY_CURRENT_USER\Software\Sysinternals\Process Monitor\HighlightRules
HKEY_CURRENT_USER\Software\Sysinternals\Process Monitor\HistoryDepth
HKEY_CURRENT_USER\Software\Sysinternals\Process Monitor\LogFont
HKEY_CURRENT_USER\Software\Sysinternals\Process Monitor\Logfile
HKEY_CURRENT_USER\Software\Sysinternals\Process Monitor\MainWindow
HKEY_CURRENT_USER\Software\Sysinternals\Process Monitor\Profiling
HKEY_CURRENT_USER\Software\Sysinternals\Process Monitor\ResolveAddresses
HKEY_CURRENT_USER\Software\Sysinternals\Process Monitor\SourcePath
HKEY_CURRENT_USER\Software\Sysinternals\Process Monitor\SymbolPath
HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\NoPreviousVersions
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\NoRecentDocs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\NoSendTo
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\NoStaticDefaultVerb
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shell\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shell\removeproperties\CheckSupportedTypes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shell\removeproperties\CommandFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shell\removeproperties\CommandStateHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shell\removeproperties\DefaultAppliesTo
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shell\removeproperties\DropTarget\CLSID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shell\removeproperties\ExplorerCommandHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shell\removeproperties\Extended
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shell\removeproperties\ExtendedSubCommandsKey
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shell\removeproperties\HasLUAShield
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shell\removeproperties\LegacyDisable
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shell\removeproperties\OnlyInBrowserWindow
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shell\removeproperties\ProgrammaticAccessOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shell\removeproperties\SubCommands
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shell\removeproperties\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shell\removeproperties\SuppressionPolicyEx
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shell\removeproperties\SuppressionSlapiPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\BriefcaseMenu\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\BriefcaseMenu\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Open With EncryptionMenu\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Open With EncryptionMenu\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Open With\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Open With\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Sharing\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Sharing\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\{90AA3A4E-1CBA-4233-B8BB-535773D48449}\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.URL\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.URL\Content Type
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.URL\PerceivedType
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.ade\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.adp\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.asp\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.bas\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.bat\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.cer\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.chm\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.cmd\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.com\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.cpl\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.crt\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.docx\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.docx\PerceivedType
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.docx\ShellEx\{BB2E617C-0920-11D1-9A0B-00C04FC2D6C1}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.exe\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.exe\Content Type
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.library-ms\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.library-ms\Content Type
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.library-ms\PerceivedType
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.lnk\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.lnk\Content Type
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.lnk\ShellEx\{000214F9-0000-0000-C000-000000000046}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.lnk\ShellEx\{BB2E617C-0920-11D1-9A0B-00C04FC2D6C1}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.pptx\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.pptx\PerceivedType
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.pptx\ShellEx\{BB2E617C-0920-11D1-9A0B-00C04FC2D6C1}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\BrowseInPlace
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\DocObject
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\IsShortcut
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\NeverShowExt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\NoPreviousVersions
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\NoRecentDocs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\NoSendTo
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\NoStaticDefaultVerb
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\CopyAsPathMenu\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\CopyAsPathMenu\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\SendTo\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\SendTo\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301}\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\{596AB062-B4D2-4215-9F74-E9109B0A8153}\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00021401-0000-0000-C000-000000000046}\DisableProcessIsolation
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00021401-0000-0000-C000-000000000046}\EnableShareDenyNone
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00021401-0000-0000-C000-000000000046}\NoOplock
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00021401-0000-0000-C000-000000000046}\OverrideFileSystemProperties\System.FileName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00021401-0000-0000-C000-000000000046}\OverrideFileSystemProperties\System.IconPath
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00021401-0000-0000-C000-000000000046}\OverrideFileSystemProperties\System.IsPinnedToNameSpaceTree
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00021401-0000-0000-C000-000000000046}\OverrideFileSystemProperties\System.ItemFolderNameDisplay
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00021401-0000-0000-C000-000000000046}\OverrideFileSystemProperties\System.ItemFolderPathDisplay
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00021401-0000-0000-C000-000000000046}\OverrideFileSystemProperties\System.ItemFolderPathDisplayNarrow
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00021401-0000-0000-C000-000000000046}\OverrideFileSystemProperties\System.ItemNameDisplay
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00021401-0000-0000-C000-000000000046}\OverrideFileSystemProperties\System.ItemPathDisplay
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00021401-0000-0000-C000-000000000046}\OverrideFileSystemProperties\System.ItemPathDisplayNarrow
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00021401-0000-0000-C000-000000000046}\OverrideFileSystemProperties\System.Kind
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00021401-0000-0000-C000-000000000046}\OverrideFileSystemProperties\System.SFGAOFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00021401-0000-0000-C000-000000000046}\UseInProcHandlerCache
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00021401-0000-0000-C000-000000000046}\UseOutOfProcHandlerCache
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{031E4825-7B94-4DC3-B131-E946B44C8DD5}\SortOrderIndex
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{031E4825-7B94-4DC3-B131-E946B44C8DD5}\System.HideOnDesktop
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{031E4825-7B94-4DC3-B131-E946B44C8DD5}\{28636AA6-953D-11D2-B5D6-00C04FD918D0} 34
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{04731B67-D933-450A-90E6-4ACD2E9408FE}\SortOrderIndex
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InProcServer32\LoadWithoutCOM
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11016101-E366-4D22-BC06-4ADA335C892B}\SortOrderIndex
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{14074E0B-7216-4862-96E6-53CADA442A56}\DisableProcessIsolation
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{14074E0B-7216-4862-96E6-53CADA442A56}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{14074E0B-7216-4862-96E6-53CADA442A56}\InProcServer32\LoadWithoutCOM
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{14074E0B-7216-4862-96E6-53CADA442A56}\NoOplock
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{14074E0B-7216-4862-96E6-53CADA442A56}\UseInProcHandlerCache
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{14074E0B-7216-4862-96E6-53CADA442A56}\UseOutOfProcHandlerCache
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocServer32\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocServer32\ThreadingModel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1F3427C8-5C10-4210-AA03-2EE45287D668}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1F3427C8-5C10-4210-AA03-2EE45287D668}\InProcServer32\LoadWithoutCOM
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\LocalizedString
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\CallForAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\HasNavigationEnum
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\HideFolderVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\HideInWebView
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\HideOnDesktopPerUser
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\MapNetDriveVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\NoFileFolderJunction
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\PinToNameSpaceTree
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\QueryForInfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\QueryForOverlay
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\RestrictedAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\UseDropHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsAliasedNotifications
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsFORDISPLAY
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsFORPARSING
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsParseDisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsUniversalDelegate
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\System.HideOnDesktop
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\System.NamespaceCLSID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\{28636AA6-953D-11D2-B5D6-00C04FD918D0} 34
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\{28636AA6-953D-11D2-B5D6-00C04FD918D0} 6
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21EC2020-3AEA-1069-A2DD-08002B30309D}\SortOrderIndex
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2559A1F1-21D7-11D4-BDAF-00C04F60B9F0}\DefaultIcon\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2559A1F1-21D7-11D4-BDAF-00C04F60B9F0}\DefaultIcon\OpenIcon
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2559A1F1-21D7-11D4-BDAF-00C04F60B9F0}\LocalizedString
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2559A1F1-21D7-11D4-BDAF-00C04F60B9F0}\SortOrderIndex
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2559A1F2-21D7-11D4-BDAF-00C04F60B9F0}\SortOrderIndex
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26EE0668-A00A-44D7-9371-BEB064C98683}\System.HideOnDesktop
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26EE0668-A00A-44D7-9371-BEB064C98683}\{28636AA6-953D-11D2-B5D6-00C04FD918D0} 34
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{35786D3C-B075-49B9-88DD-029876E11C01}\SortOrderIndex
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\SortOrderIndex
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}\SortOrderIndex
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E77131D-3629-431C-9818-C5679DC83E81}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E77131D-3629-431C-9818-C5679DC83E81}\InProcServer32\LoadWithoutCOM
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\DefaultIcon\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\DefaultIcon\OpenIcon
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\SortOrderIndex
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\System.HideOnDesktop
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\{28636AA6-953D-11D2-B5D6-00C04FD918D0} 34
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\System.HideOnDesktop
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\System.NamespaceCLSID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\{28636AA6-953D-11D2-B5D6-00C04FD918D0} 34
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\{28636AA6-953D-11D2-B5D6-00C04FD918D0} 6
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\LocalizedString
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\System.DateModified
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\System.FileAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\System.HideOnDesktop
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\{28636AA6-953D-11D2-B5D6-00C04FD918D0} 34
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\{B725F130-47EF-101A-A5F1-02608C9EEBAC} 13
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\{B725F130-47EF-101A-A5F1-02608C9EEBAC} 14
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{89D83576-6BD1-4C86-9454-BEB04E94C819}\SortOrderIndex
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FD8B88D-30E1-4F25-AC2B-553D3D65F0EA}\SortOrderIndex
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9343812E-1C37-4A49-A12E-4B2D810D956B}\SortOrderIndex
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98D99750-0B8A-4C59-9151-589053683D73}\SortOrderIndex
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{993BE281-6695-4BA5-8A2A-7AACBFAAB69E}\DisableProcessIsolation
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{993BE281-6695-4BA5-8A2A-7AACBFAAB69E}\NoOplock
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{993BE281-6695-4BA5-8A2A-7AACBFAAB69E}\UseInProcHandlerCache
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{993BE281-6695-4BA5-8A2A-7AACBFAAB69E}\UseOutOfProcHandlerCache
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9C73F5E5-7AE7-4E32-A8E8-8D23B85255BF}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9C73F5E5-7AE7-4E32-A8E8-8D23B85255BF}\InProcServer32\LoadWithoutCOM
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9C73F5E5-7AE7-4E32-A8E8-8D23B85255BF}\ShellFolder\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9C73F5E5-7AE7-4E32-A8E8-8D23B85255BF}\ShellFolder\CallForAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9C73F5E5-7AE7-4E32-A8E8-8D23B85255BF}\ShellFolder\HasNavigationEnum
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9C73F5E5-7AE7-4E32-A8E8-8D23B85255BF}\ShellFolder\HideFolderVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9C73F5E5-7AE7-4E32-A8E8-8D23B85255BF}\ShellFolder\HideInWebView
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9C73F5E5-7AE7-4E32-A8E8-8D23B85255BF}\ShellFolder\HideOnDesktopPerUser
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9C73F5E5-7AE7-4E32-A8E8-8D23B85255BF}\ShellFolder\MapNetDriveVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9C73F5E5-7AE7-4E32-A8E8-8D23B85255BF}\ShellFolder\NoFileFolderJunction
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9C73F5E5-7AE7-4E32-A8E8-8D23B85255BF}\ShellFolder\PinToNameSpaceTree
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9C73F5E5-7AE7-4E32-A8E8-8D23B85255BF}\ShellFolder\QueryForInfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9C73F5E5-7AE7-4E32-A8E8-8D23B85255BF}\ShellFolder\QueryForOverlay
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9C73F5E5-7AE7-4E32-A8E8-8D23B85255BF}\ShellFolder\RestrictedAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9C73F5E5-7AE7-4E32-A8E8-8D23B85255BF}\ShellFolder\UseDropHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9C73F5E5-7AE7-4E32-A8E8-8D23B85255BF}\ShellFolder\WantsAliasedNotifications
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9C73F5E5-7AE7-4E32-A8E8-8D23B85255BF}\ShellFolder\WantsFORDISPLAY
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9C73F5E5-7AE7-4E32-A8E8-8D23B85255BF}\ShellFolder\WantsFORPARSING
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9C73F5E5-7AE7-4E32-A8E8-8D23B85255BF}\ShellFolder\WantsParseDisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9C73F5E5-7AE7-4E32-A8E8-8D23B85255BF}\ShellFolder\WantsUniversalDelegate
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9C73F5E5-7AE7-4E32-A8E8-8D23B85255BF}\SortOrderIndex
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InProcServer32\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InProcServer32\ThreadingModel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A8A91A66-3A7D-4424-8D24-04E180695C7A}\DefaultIcon\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A8A91A66-3A7D-4424-8D24-04E180695C7A}\DefaultIcon\OpenIcon
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A8A91A66-3A7D-4424-8D24-04E180695C7A}\LocalizedString
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A8A91A66-3A7D-4424-8D24-04E180695C7A}\SortOrderIndex
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4FB3F98-C1EA-428D-A78A-D1F5659CBA93}\SortOrderIndex
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BD7A2E7B-21CB-41B2-A086-B309680C6B7E}\SortOrderIndex
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97}\DisableProcessIsolation
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97}\InprocServer32\LoadWithoutCOM
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97}\NoOplock
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97}\UseInProcHandlerCache
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97}\UseOutOfProcHandlerCache
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32\LoadWithoutCOM
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DAF95313-E44D-46AF-BE1B-CBACEA2C3065}\SortOrderIndex
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E345F35F-9397-435C-8F95-4E922C26259E}\SortOrderIndex
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E44E5D18-0652-4508-A4E2-8A090067BCB0}\DefaultIcon\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E44E5D18-0652-4508-A4E2-8A090067BCB0}\DefaultIcon\OpenIcon
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E44E5D18-0652-4508-A4E2-8A090067BCB0}\LocalizedString
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E44E5D18-0652-4508-A4E2-8A090067BCB0}\SortOrderIndex
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\DefaultIcon\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\DefaultIcon\OpenIcon
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\InprocServer32\LoadWithoutCOM
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\LocalizedString
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\SortOrderIndex
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEA0C191-DDA8-4656-8FC4-72BDEDBA8A78}\DisableProcessIsolation
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEA0C191-DDA8-4656-8FC4-72BDEDBA8A78}\NoOplock
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEA0C191-DDA8-4656-8FC4-72BDEDBA8A78}\OverrideFileSystemProperties\System.FileName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEA0C191-DDA8-4656-8FC4-72BDEDBA8A78}\OverrideFileSystemProperties\System.IconPath
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEA0C191-DDA8-4656-8FC4-72BDEDBA8A78}\OverrideFileSystemProperties\System.IsPinnedToNameSpaceTree
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEA0C191-DDA8-4656-8FC4-72BDEDBA8A78}\OverrideFileSystemProperties\System.ItemFolderNameDisplay
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEA0C191-DDA8-4656-8FC4-72BDEDBA8A78}\OverrideFileSystemProperties\System.ItemFolderPathDisplay
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEA0C191-DDA8-4656-8FC4-72BDEDBA8A78}\OverrideFileSystemProperties\System.ItemFolderPathDisplayNarrow
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEA0C191-DDA8-4656-8FC4-72BDEDBA8A78}\OverrideFileSystemProperties\System.ItemNameDisplay
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEA0C191-DDA8-4656-8FC4-72BDEDBA8A78}\OverrideFileSystemProperties\System.ItemPathDisplay
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEA0C191-DDA8-4656-8FC4-72BDEDBA8A78}\OverrideFileSystemProperties\System.ItemPathDisplayNarrow
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEA0C191-DDA8-4656-8FC4-72BDEDBA8A78}\OverrideFileSystemProperties\System.Kind
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEA0C191-DDA8-4656-8FC4-72BDEDBA8A78}\OverrideFileSystemProperties\System.SFGAOFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEA0C191-DDA8-4656-8FC4-72BDEDBA8A78}\UseInProcHandlerCache
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEA0C191-DDA8-4656-8FC4-72BDEDBA8A78}\UseOutOfProcHandlerCache
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\SortOrderIndex
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\System.HideOnDesktop
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\{28636AA6-953D-11D2-B5D6-00C04FD918D0} 34
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3F5824C-AD58-4728-AF59-A1EBE3392799}\SortOrderIndex
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FE5AFCF2-E681-4ADA-9703-EF39B8ECB9BF}\DisableProcessIsolation
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FE5AFCF2-E681-4ADA-9703-EF39B8ECB9BF}\EnableShareDenyNone
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FE5AFCF2-E681-4ADA-9703-EF39B8ECB9BF}\NoOplock
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FE5AFCF2-E681-4ADA-9703-EF39B8ECB9BF}\UseInProcHandlerCache
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FE5AFCF2-E681-4ADA-9703-EF39B8ECB9BF}\UseOutOfProcHandlerCache
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\AlwaysShowExt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\BrowseInPlace
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\DocObject
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\IsShortcut
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\NeverShowExt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\FolderExtensions\{fbeb8a05-beee-4442-804e-409d6c4515e9}\DriveMask
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\BrowseInPlace
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\DocObject
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\IsShortcut
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\NeverShowExt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.URL\AlwaysShowExt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.URL\BrowseInPlace
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.URL\CLSID\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.URL\DocObject
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.URL\IsShortcut
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.URL\NeverShowExt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE.AssocFile.URL\ShellEx\IconHandler\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{027947E1-D731-11CE-A357-000000000001}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1C1C45EE-4395-11D2-B60B-00104B703EFD}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{423EC01E-2E35-11D2-B604-00104B703EFD}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B722BCCB-4E68-101B-A2BC-00AA00404770}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LibraryFolder\AlwaysShowExt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LibraryFolder\BrowseInPlace
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LibraryFolder\CLSID\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LibraryFolder\DocObject
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LibraryFolder\IsShortcut
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LibraryFolder\NeverShowExt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LibraryFolder\shellex\IconHandler\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LibraryFolder\shellex\LibraryDescriptionHandler\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PowerPoint.Show.12\AlwaysShowExt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PowerPoint.Show.12\CLSID\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PowerPoint.Show.12\DefaultIcon\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PowerPoint.Show.12\DocObject
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PowerPoint.Show.12\DocObject\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PowerPoint.Show.12\IsShortcut
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PowerPoint.Show.12\NeverShowExt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.docx\AlwaysShowExt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.docx\IsShortcut
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.docx\NeverShowExt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.exe\AlwaysShowExt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.exe\BrowseInPlace
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.exe\DocObject
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.exe\IsShortcut
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.exe\NeverShowExt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.exe\NoPreviousVersions
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.exe\NoRecentDocs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.exe\NoSendTo
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.exe\NoStaticDefaultVerb
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.lnk\AlwaysShowExt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.lnk\BrowseInPlace
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.lnk\DocObject
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.pptx\AlwaysShowExt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.pptx\IsShortcut
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.pptx\NeverShowExt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Word.Document.12\AlwaysShowExt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Word.Document.12\CLSID\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Word.Document.12\DefaultIcon\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Word.Document.12\DocObject
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Word.Document.12\DocObject\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Word.Document.12\IsShortcut
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Word.Document.12\NeverShowExt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{09799AFB-AD67-11D1-ABCD-00C04FC30936}\flags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{09799AFB-AD67-11d1-ABCD-00C04FC30936}\ImplementsVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0A88C858-7D0C-4549-9499-7DB05F0CB0BF}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0A88C858-7D0C-4549-9499-7DB05F0CB0BF}\InProcServer32\LoadWithoutCOM
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1A0391BF-9564-4294-B0A4-06C298929EF9}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1A0391BF-9564-4294-B0A4-06C298929EF9}\InProcServer32\LoadWithoutCOM
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1D27F844-3A1F-4410-85AC-14651078412D}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1D27F844-3A1F-4410-85AC-14651078412D}\InprocServer32\LoadWithoutCOM
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1D27F844-3A1F-4410-85AC-14651078412D}\flags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1F3427C8-5C10-4210-AA03-2EE45287D668}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1F3427C8-5C10-4210-AA03-2EE45287D668}\InProcServer32\LoadWithoutCOM
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1F3427C8-5C10-4210-AA03-2EE45287D668}\ShellFolder\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1F3427C8-5C10-4210-AA03-2EE45287D668}\ShellFolder\CallForAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1F3427C8-5C10-4210-AA03-2EE45287D668}\ShellFolder\HasNavigationEnum
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1F3427C8-5C10-4210-AA03-2EE45287D668}\ShellFolder\HideFolderVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1F3427C8-5C10-4210-AA03-2EE45287D668}\ShellFolder\HideInWebView
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1F3427C8-5C10-4210-AA03-2EE45287D668}\ShellFolder\HideOnDesktopPerUser
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1F3427C8-5C10-4210-AA03-2EE45287D668}\ShellFolder\MapNetDriveVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1F3427C8-5C10-4210-AA03-2EE45287D668}\ShellFolder\NoFileFolderJunction
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1F3427C8-5C10-4210-AA03-2EE45287D668}\ShellFolder\PinToNameSpaceTree
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1F3427C8-5C10-4210-AA03-2EE45287D668}\ShellFolder\QueryForInfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1F3427C8-5C10-4210-AA03-2EE45287D668}\ShellFolder\QueryForOverlay
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1F3427C8-5C10-4210-AA03-2EE45287D668}\ShellFolder\RestrictedAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1F3427C8-5C10-4210-AA03-2EE45287D668}\ShellFolder\UseDropHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1F3427C8-5C10-4210-AA03-2EE45287D668}\ShellFolder\WantsAliasedNotifications
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1F3427C8-5C10-4210-AA03-2EE45287D668}\ShellFolder\WantsFORDISPLAY
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1F3427C8-5C10-4210-AA03-2EE45287D668}\ShellFolder\WantsFORPARSING
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1F3427C8-5C10-4210-AA03-2EE45287D668}\ShellFolder\WantsParseDisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1F3427C8-5C10-4210-AA03-2EE45287D668}\ShellFolder\WantsUniversalDelegate
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1d27f844-3a1f-4410-85ac-14651078412d}\ImplementsVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\CallForAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\HasNavigationEnum
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\HideFolderVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\HideInWebView
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\HideOnDesktopPerUser
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\MapNetDriveVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\NoFileFolderJunction
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\PinToNameSpaceTree
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\QueryForInfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\QueryForOverlay
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\RestrictedAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\UseDropHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsAliasedNotifications
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsFORDISPLAY
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsFORPARSING
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsParseDisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\WantsUniversalDelegate
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{21B22460-3AEA-1069-A2DC-08002B30309D}\flags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\CallForAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\HasNavigationEnum
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\HideFolderVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\HideInWebView
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\HideOnDesktopPerUser
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\MapNetDriveVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\NoFileFolderJunction
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\PinToNameSpaceTree
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\QueryForInfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\QueryForOverlay
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\RestrictedAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\UseDropHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\WantsAliasedNotifications
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\WantsFORDISPLAY
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\WantsFORPARSING
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\WantsParseDisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\ShellFolder\WantsUniversalDelegate
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{596AB062-B4D2-4215-9F74-E9109B0A8153}\ImplementsVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{596AB062-B4D2-4215-9F74-E9109B0A8153}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{596AB062-B4D2-4215-9F74-E9109B0A8153}\InProcServer32\LoadWithoutCOM
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{596AB062-B4D2-4215-9F74-E9109B0A8153}\flags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{6311429E-2F1A-4777-880F-C7289FD10169}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{6311429E-2F1A-4777-880F-C7289FD10169}\InProcServer32\LoadWithoutCOM
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{66742402-F9B9-11D1-A202-0000F81FEDEE}\DisableProcessIsolation
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{66742402-F9B9-11D1-A202-0000F81FEDEE}\NoOplock
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{66742402-F9B9-11D1-A202-0000F81FEDEE}\UseInProcHandlerCache
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{66742402-F9B9-11D1-A202-0000F81FEDEE}\UseOutOfProcHandlerCache
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{7B4A83B6-F704-4B77-8E3D-C6087E3A21D2}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{7B4A83B6-F704-4B77-8E3D-C6087E3A21D2}\InProcServer32\LoadWithoutCOM
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{7BA4C740-9E81-11CF-99D3-00AA004AE837}\ImplementsVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{7BA4C740-9E81-11CF-99D3-00AA004AE837}\flags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}\ImplementsVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}\InProcServer32\LoadWithoutCOM
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}\flags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{90AA3A4E-1CBA-4233-B8BB-535773D48449}\ImplementsVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{90AA3A4E-1CBA-4233-B8BB-535773D48449}\flags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A2A9545D-A0C2-42B4-9708-A0B2BADD77C8}\flags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A470F8CF-A1E8-4F65-8335-227475AA5C46}\flags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A470F8CF-A1E8-4f65-8335-227475AA5C46}\ImplementsVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32\ThreadingModel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DD313E04-FEFF-11D1-8ECD-0000F87A470C}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\InProcServer32\LoadWithoutCOM
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\ShellFolder\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\ShellFolder\CallForAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\ShellFolder\HasNavigationEnum
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\ShellFolder\HideFolderVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\ShellFolder\HideInWebView
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\ShellFolder\HideOnDesktopPerUser
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\ShellFolder\MapNetDriveVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\ShellFolder\NoFileFolderJunction
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\ShellFolder\PinToNameSpaceTree
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\ShellFolder\QueryForInfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\ShellFolder\QueryForOverlay
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\ShellFolder\RestrictedAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\ShellFolder\UseDropHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\ShellFolder\WantsAliasedNotifications
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\ShellFolder\WantsFORDISPLAY
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\ShellFolder\WantsFORPARSING
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\ShellFolder\WantsParseDisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\ShellFolder\WantsUniversalDelegate
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\InprocServer32\LoadWithoutCOM
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\CallForAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\HasNavigationEnum
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\HideFolderVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\HideInWebView
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\HideOnDesktopPerUser
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\MapNetDriveVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\NoFileFolderJunction
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\PinToNameSpaceTree
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\QueryForInfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\QueryForOverlay
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\RestrictedAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\UseDropHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\WantsAliasedNotifications
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\WantsFORDISPLAY
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\WantsFORPARSING
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\WantsParseDisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\ShellFolder\WantsUniversalDelegate
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}\SortOrderIndex
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{F3D06E7C-1E45-4A26-847E-F9FCDEE59BE0}\flags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{F81E9010-6EA4-11CE-A7FF-00AA003CA9F6}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{F81E9010-6EA4-11CE-A7FF-00AA003CA9F6}\InProcServer32\LoadWithoutCOM
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{F81E9010-6EA4-11CE-A7FF-00AA003CA9F6}\flags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}\ImplementsVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{f3d06e7c-1e45-4a26-847e-f9fcdee59be0}\ImplementsVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}\ImplementsVerbs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{26656EAA-54EB-4E6F-8F85-4F0EF901A406}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2A1C9EB2-DF62-4154-B800-63278FCB8037}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{55272A00-42CB-11CE-8135-00AA004BB851}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{8A40A45D-055C-4B62-ABD7-6D613E2CEAEC}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{BCD1DE7E-2DB1-418B-B047-4A74E101F8C1}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\AlwaysShowExt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\BrowseInPlace
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\DefaultIcon\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\DocObject
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\IsShortcut
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\NeverShowExt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\NoPreviousVersions
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\NoRecentDocs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\NoSendTo
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\NoStaticDefaultVerb
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\AppliesTo
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\CheckSupportedTypes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\ClientOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\CommandFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\CommandStateHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\DefaultAppliesTo
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\DownloadInvokeDisabled
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\ExplorerCommandHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\Extended
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\ExtendedSubCommandsKey
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\HasLUAShield
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\ImpliedSelectionModel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\IsInContextMenu
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\LegacyDisable
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\MUIVerb
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\MaxDownloadFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\MultiSelectModel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\NeverDefault
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\NoWorkingDirectory
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\OnlyInBrowserWindow
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\PaneVisibleProperty
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\Position
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\ProgrammaticAccessOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\ReadWriteRequired
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\SeparatorAfter
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\SeparatorBefore
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\SetWorkingDirectoryFromTarget
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\StaticVerbOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\SubCommands
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\SuppressionPolicyEx
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\SuppressionSlapiPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command\DelegateExecute
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command\command
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runas\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runas\AppliesTo
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runas\CheckSupportedTypes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runas\ClientOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runas\CommandFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runas\CommandStateHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runas\DefaultAppliesTo
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runas\DownloadInvokeDisabled
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runas\ExplorerCommandHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runas\Extended
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runas\ExtendedSubCommandsKey
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runas\HasLUAShield
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runas\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runas\ImpliedSelectionModel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runas\IsInContextMenu
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runas\LegacyDisable
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runas\MUIVerb
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runas\MaxDownloadFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runas\MultiSelectModel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runas\OnlyInBrowserWindow
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runas\PaneVisibleProperty
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runas\Position
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runas\ProgrammaticAccessOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runas\ReadWriteRequired
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runas\SeparatorAfter
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runas\SeparatorBefore
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runas\StaticVerbOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runas\SubCommands
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runas\SuppressionPolicyEx
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runas\SuppressionSlapiPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runas\command\DelegateExecute
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runasuser\CheckSupportedTypes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runasuser\CommandFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runasuser\CommandStateHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runasuser\DefaultAppliesTo
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runasuser\ExplorerCommandHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runasuser\Extended
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runasuser\ExtendedSubCommandsKey
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runasuser\HasLUAShield
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runasuser\LegacyDisable
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runasuser\SubCommands
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runasuser\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runasuser\SuppressionPolicyEx
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runasuser\SuppressionSlapiPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runasuser\command\DelegateExecute
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shellex\ContextMenuHandlers\Compatibility\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shellex\ContextMenuHandlers\Compatibility\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\AlwaysShowExt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\BrowseInPlace
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\CLSID\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\DocObject
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\IsShortcut
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\NeverShowExt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\IconHandler\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\search\NoStaticDefaultVerb
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\search\shell\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\search\shell\open\NeverDefault
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\search\shell\open\command\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\COM3\GipActivityBypass
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\EnableAnchorContext
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\TIP\{0000897b-83df-4b96-be07-0fb58b01c4a4}\LanguageProfile\0x00000000\{0001bea3-ed56-483d-a2e2-aeae25577436}\Enable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\Windows\CEIPEnable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\LogIgnoreMonitorReason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\Arabic Transparent
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\Arabic Transparent Bold
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\Arabic Transparent Bold,0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\Arabic Transparent,0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\Arial Baltic,186
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\Arial CE,238
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\Arial CYR,204
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\Arial Greek,161
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\Arial TUR,162
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\Courier New Baltic,186
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\Courier New CE,238
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\Courier New CYR,204
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\Courier New Greek,161
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\Courier New TUR,162
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\David Transparent
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\FangSong_GB2312
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\Fixed Miriam Transparent
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\Helv
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\Helvetica
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\KaiTi_GB2312
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\MS Shell Dlg
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\MS Shell Dlg 2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\Miriam Transparent
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\Rod Transparent
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\Tahoma
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\Tahoma Armenian
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\Times
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\Times New Roman Baltic,186
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\Times New Roman CE,238
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\Times New Roman CYR,204
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\Times New Roman Greek,161
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\Times New Roman TUR,162
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\Tms Rmn
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\DataStore_V1.0\DataFilePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\DataStore_V1.0\Disable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane10
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane11
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane12
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane13
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane14
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane15
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane16
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane3
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane4
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane5
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane7
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane8
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane9
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\ProgramData
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-18\ProfileImagePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-19\ProfileImagePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-20\ProfileImagePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3131157199-1995805048-2727015567-1000\ProfileImagePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\UBS
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\StartMenuFavorites
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_AdminToolsRoot
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_AutoCascade
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_LargeMFUIcons
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_MinMFU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_NotifyNewApps
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_PowerButtonAction
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowControlPanel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowDownloads
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowHelp
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowHomegroup
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyDocs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyGames
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyMusic
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyPics
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowNetConn
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowNetPlaces
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowPrinters
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowRecentDocs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowRecordedTV
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowRun
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSetProgramAccessAndDefaults
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowVideos
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_SortByName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_TrackProgs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoComplete\Client\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{031E4825-7B94-4dc3-B131-E946B44C8DD5}\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{04731B67-D933-450a-90E6-4ACD2E9408FE}\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{11016101-E366-4D22-BC06-4ADA335C892B}\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{26EE0668-A00A-44D7-9371-BEB064C98683}\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{450D8FBA-AD25-11D0-98A8-0800361B1103}\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{59031a47-3f72-44a7-89c5-5595fe6b30ee}\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{645FF040-5081-101B-9F08-00AA002F954E}\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{89D83576-6BD1-4c86-9454-BEB04E94C819}\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{8FD8B88D-30E1-4F25-AC2B-553D3D65F0EA}\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{9343812e-1c37-4a49-a12e-4b2d810d956b}\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{98D99750-0B8A-4c59-9151-589053683D73}\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{BD7A2E7B-21CB-41b2-A086-B309680C6B7E}\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{ED228FDF-9EA8-4870-83b1-96b02CFE0D52}\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{F3F5824C-AD58-4728-AF59-A1EBE3392799}\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{daf95313-e44d-46af-be1b-cbacea2c3065}\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{e345f35f-9397-435c-8f95-4e922c26259e}\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\DontLoadAuthUIInExplorer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\GlobalAssocChangedCounter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel\{031E4825-7B94-4DC3-B131-E946B44C8DD5}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel\{20D04FE0-3AEA-1069-A2D8-08002B30309D}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel\{59031A47-3F72-44A7-89C5-5595FE6B30EE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel\{645FF040-5081-101B-9F08-00AA002F954E}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\KindMap\.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Max Cached Icons
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\DelegateFolders\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\DelegateFolders\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\DelegateFolders\{35786D3C-B075-49b9-88DD-029876E11C01}\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\DelegateFolders\{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7}\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\DelegateFolders\{b155bdf8-02f0-451e-9a26-ae317cfd7779}\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Offline Files\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Offline Files\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SharingPrivate\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SharingPrivate\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartPage\FavoritesRemovedChanges
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartPage\StartPanel_FadeDelay
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartPage\StartPanel_FadeIn
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartPage\StartPanel_FadeOut
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartPage\StartPanel_TopMatch
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{00D8862B-6453-4957-A821-3D98D74C76BE}\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{00D8862B-6453-4957-A821-3D98D74C76BE}\Title
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{1FE520E6-95FE-48A6-9956-D7FBC347A472}\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{1FE520E6-95FE-48A6-9956-D7FBC347A472}\Title
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{205286E5-F5F2-4306-BDB1-864245E33227}\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{205286E5-F5F2-4306-BDB1-864245E33227}\Title
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{3022722E-3A23-4839-AA85-348FC79C7686}\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{3022722E-3A23-4839-AA85-348FC79C7686}\Title
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{5FA410C1-1DD5-4238-833E-4DF9974FBC9C}\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{5FA410C1-1DD5-4238-833E-4DF9974FBC9C}\Title
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{6C815596-821F-40B3-8A84-643B73A8EB16}\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{6C815596-821F-40B3-8A84-643B73A8EB16}\Title
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{91CA4D38-EA2B-4F3C-94DE-36C1386182FC}\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{91CA4D38-EA2B-4F3C-94DE-36C1386182FC}\Title
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{AF698A5B-24D6-4F78-AE95-204B09EDC7B6}\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{AF698A5B-24D6-4F78-AE95-204B09EDC7B6}\Title
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{AFA7FF39-1DDF-4F70-A2D5-23FCFFF02E5F}\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{AFA7FF39-1DDF-4F70-A2D5-23FCFFF02E5F}\Title
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{D1A7F7E0-D4E9-49E8-BF2C-CEAA01D2E670}\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{D1A7F7E0-D4E9-49E8-BF2C-CEAA01D2E670}\Title
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{E91579C0-4EA9-4A2A-A9B2-04BEF1D6DC29}\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{E91579C0-4EA9-4A2A-A9B2-04BEF1D6DC29}\Title
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{FC96B68C-09EF-4251-A598-19E4BE1B76A9}\DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{FC96B68C-09EF-4251-A598-19E4BE1B76A9}\Title
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\AllowFileCLSIDJunctions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ClassicShell
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DontShowSuperHidden
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\HideRunAsVerb
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\InheritConsoleHandles
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoCommonGroups
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoControlPanel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoInplaceSharing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoInstrumentation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoInternetIcon
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoNetCrawling
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPropertiesMyComputer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPropertiesRecycleBin
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetFolders
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSimpleStartMenu
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoStartMenuMFUprogramsList
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoStartMenuPinnedList
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoStartMenuSubFolders
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoWebView
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\SeparateProcess
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\TurnOffSPIAnimations
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\UseDefaultTile
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{1F3427C8-5C10-4210-AA03-2EE45287D668}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{20D04FE0-3AEA-1069-A2D8-08002B30309D}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{59031A47-3F72-44A7-89C5-5595FE6B30EE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{9C73F5E5-7AE7-4E32-A8E8-8D23B85255BF}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\PropertySystem\PropertyHandlers\.docx\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\PropertySystem\PropertyHandlers\.library-ms\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\PropertySystem\PropertyHandlers\.lnk\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\PropertySystem\PropertyHandlers\.pptx\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\PnpLockdownFiles\%SystemDrive%\Users\Virtual\AppData\Local\Temp\17e826fa0f6297f80b459948ab12efbdefc06f3cb999184a5cb1eddcf7b7d55064.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\SourcePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\Disabled
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\QueuePesterInterval
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Security_HKLM_only
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\SpecialFoldersCacheSize
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers\TransparentEnabled
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\CTF\EnableAnchorContext
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE\*
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE\17e826fa0f6297f80b459948ab12efbdefc06f3cb999184a5cb1eddcf7b7d550.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\*
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\17e826fa0f6297f80b459948ab12efbdefc06f3cb999184a5cb1eddcf7b7d550.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN\*
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN\17e826fa0f6297f80b459948ab12efbdefc06f3cb999184a5cb1eddcf7b7d550.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Security\DisableSecuritySettingsCheck
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RASAPI32\ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RASAPI32\EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RASAPI32\EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RASAPI32\FileDirectory
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RASAPI32\FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RASAPI32\MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RASMANCS\ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RASMANCS\EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RASMANCS\EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RASMANCS\FileDirectory
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RASMANCS\FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RASMANCS\MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\ProductName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\UBS
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\DevicePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DisableImprovedZoneCheck
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\SpecialFoldersCacheSize
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1806
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\ProgramFilesDir
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\PropertySystem\PropertyHandlers\.exe\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Advanced\EncryptionContextMenu
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Advanced\SharingWizardOn
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Advanced\Start_TrackProgs
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\CommandStore\shell\Windows.ShareHomegroupFullAccess\ExplorerCommandHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\CommandStore\shell\Windows.ShareHomegroupFullAccess\ImpliedSelectionModel
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\CommandStore\shell\Windows.ShareHomegroupReadAccess\ExplorerCommandHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\CommandStore\shell\Windows.ShareHomegroupReadAccess\ImpliedSelectionModel
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\CommandStore\shell\Windows.SharePrivate\ExplorerCommandHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\CommandStore\shell\Windows.SharePrivate\command\DelegateExecute
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\CommandStore\shell\Windows.ShareSpecificUsers\ExplorerCommandHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\CommandStore\shell\Windows.ShareSpecificUsers\ImpliedSelectionModel
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\CommandStore\shell\Windows.Share\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\CommandStore\shell\Windows.Share\AppliesTo
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\CommandStore\shell\Windows.Share\ClientOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\CommandStore\shell\Windows.Share\CommandStateHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\CommandStore\shell\Windows.Share\CommandStateSync
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\CommandStore\shell\Windows.Share\DownloadInvokeDisabled
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\CommandStore\shell\Windows.Share\ExplorerCommandHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\CommandStore\shell\Windows.Share\ExtendedSubCommandsKey
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\CommandStore\shell\Windows.Share\ImpliedSelectionModel
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\CommandStore\shell\Windows.Share\IsInContextMenu
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\CommandStore\shell\Windows.Share\MUIVerb
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\CommandStore\shell\Windows.Share\MaxDownloadFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\CommandStore\shell\Windows.Share\PaneVisibleProperty
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\CommandStore\shell\Windows.Share\ReadWriteRequired
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\CommandStore\shell\Windows.Share\StaticVerbOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\CommandStore\shell\Windows.Share\SubCommands
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0139D44E-6AFE-49F2-8690-3DAFCAE6FFB8}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0139D44E-6AFE-49F2-8690-3DAFCAE6FFB8}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0139D44E-6AFE-49F2-8690-3DAFCAE6FFB8}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0139D44E-6AFE-49F2-8690-3DAFCAE6FFB8}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0139D44E-6AFE-49F2-8690-3DAFCAE6FFB8}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0139D44E-6AFE-49F2-8690-3DAFCAE6FFB8}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0139D44E-6AFE-49F2-8690-3DAFCAE6FFB8}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0139D44E-6AFE-49F2-8690-3DAFCAE6FFB8}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0139D44E-6AFE-49F2-8690-3DAFCAE6FFB8}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0139D44E-6AFE-49F2-8690-3DAFCAE6FFB8}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0139D44E-6AFE-49F2-8690-3DAFCAE6FFB8}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0139D44E-6AFE-49F2-8690-3DAFCAE6FFB8}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0139D44E-6AFE-49F2-8690-3DAFCAE6FFB8}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0139D44E-6AFE-49F2-8690-3DAFCAE6FFB8}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0139D44E-6AFE-49F2-8690-3DAFCAE6FFB8}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0139D44E-6AFE-49F2-8690-3DAFCAE6FFB8}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0139D44E-6AFE-49F2-8690-3DAFCAE6FFB8}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0139D44E-6AFE-49F2-8690-3DAFCAE6FFB8}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0139D44E-6AFE-49F2-8690-3DAFCAE6FFB8}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0139D44E-6AFE-49F2-8690-3DAFCAE6FFB8}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{054FAE61-4DD8-4787-80B6-090220C4B700}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{054FAE61-4DD8-4787-80B6-090220C4B700}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{054FAE61-4DD8-4787-80B6-090220C4B700}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{054FAE61-4DD8-4787-80B6-090220C4B700}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{054FAE61-4DD8-4787-80B6-090220C4B700}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{054FAE61-4DD8-4787-80B6-090220C4B700}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{054FAE61-4DD8-4787-80B6-090220C4B700}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{054FAE61-4DD8-4787-80B6-090220C4B700}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{054FAE61-4DD8-4787-80B6-090220C4B700}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{054FAE61-4DD8-4787-80B6-090220C4B700}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{054FAE61-4DD8-4787-80B6-090220C4B700}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{054FAE61-4DD8-4787-80B6-090220C4B700}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{054FAE61-4DD8-4787-80B6-090220C4B700}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{054FAE61-4DD8-4787-80B6-090220C4B700}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{054FAE61-4DD8-4787-80B6-090220C4B700}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{054FAE61-4DD8-4787-80B6-090220C4B700}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{054FAE61-4DD8-4787-80B6-090220C4B700}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{054FAE61-4DD8-4787-80B6-090220C4B700}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{054FAE61-4DD8-4787-80B6-090220C4B700}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{054FAE61-4DD8-4787-80B6-090220C4B700}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0762D272-C50A-4BB0-A382-697DCD729B80}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0762D272-C50A-4BB0-A382-697DCD729B80}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0762D272-C50A-4BB0-A382-697DCD729B80}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0762D272-C50A-4BB0-A382-697DCD729B80}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0762D272-C50A-4BB0-A382-697DCD729B80}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0762D272-C50A-4BB0-A382-697DCD729B80}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0762D272-C50A-4BB0-A382-697DCD729B80}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0762D272-C50A-4BB0-A382-697DCD729B80}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0762D272-C50A-4BB0-A382-697DCD729B80}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0762D272-C50A-4BB0-A382-697DCD729B80}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0762D272-C50A-4BB0-A382-697DCD729B80}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0762D272-C50A-4BB0-A382-697DCD729B80}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0762D272-C50A-4BB0-A382-697DCD729B80}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0762D272-C50A-4BB0-A382-697DCD729B80}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0762D272-C50A-4BB0-A382-697DCD729B80}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0762D272-C50A-4BB0-A382-697DCD729B80}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0762D272-C50A-4BB0-A382-697DCD729B80}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0762D272-C50A-4BB0-A382-697DCD729B80}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0762D272-C50A-4BB0-A382-697DCD729B80}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0762D272-C50A-4BB0-A382-697DCD729B80}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0AC0837C-BBF8-452A-850D-79D08E667CA7}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0AC0837C-BBF8-452A-850D-79D08E667CA7}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0AC0837C-BBF8-452A-850D-79D08E667CA7}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0AC0837C-BBF8-452A-850D-79D08E667CA7}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0AC0837C-BBF8-452A-850D-79D08E667CA7}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0AC0837C-BBF8-452A-850D-79D08E667CA7}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0AC0837C-BBF8-452A-850D-79D08E667CA7}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0AC0837C-BBF8-452A-850D-79D08E667CA7}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0AC0837C-BBF8-452A-850D-79D08E667CA7}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0AC0837C-BBF8-452A-850D-79D08E667CA7}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0AC0837C-BBF8-452A-850D-79D08E667CA7}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0AC0837C-BBF8-452A-850D-79D08E667CA7}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0AC0837C-BBF8-452A-850D-79D08E667CA7}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0AC0837C-BBF8-452A-850D-79D08E667CA7}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0AC0837C-BBF8-452A-850D-79D08E667CA7}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0AC0837C-BBF8-452A-850D-79D08E667CA7}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0AC0837C-BBF8-452A-850D-79D08E667CA7}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0AC0837C-BBF8-452A-850D-79D08E667CA7}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0AC0837C-BBF8-452A-850D-79D08E667CA7}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0AC0837C-BBF8-452A-850D-79D08E667CA7}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0F214138-B1D3-4A90-BBA9-27CBC0C5389A}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0F214138-B1D3-4A90-BBA9-27CBC0C5389A}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0F214138-B1D3-4A90-BBA9-27CBC0C5389A}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0F214138-B1D3-4A90-BBA9-27CBC0C5389A}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0F214138-B1D3-4A90-BBA9-27CBC0C5389A}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0F214138-B1D3-4A90-BBA9-27CBC0C5389A}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0F214138-B1D3-4A90-BBA9-27CBC0C5389A}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0F214138-B1D3-4A90-BBA9-27CBC0C5389A}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0F214138-B1D3-4A90-BBA9-27CBC0C5389A}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0F214138-B1D3-4A90-BBA9-27CBC0C5389A}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0F214138-B1D3-4A90-BBA9-27CBC0C5389A}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0F214138-B1D3-4A90-BBA9-27CBC0C5389A}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0F214138-B1D3-4A90-BBA9-27CBC0C5389A}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0F214138-B1D3-4A90-BBA9-27CBC0C5389A}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0F214138-B1D3-4A90-BBA9-27CBC0C5389A}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0F214138-B1D3-4A90-BBA9-27CBC0C5389A}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0F214138-B1D3-4A90-BBA9-27CBC0C5389A}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0F214138-B1D3-4A90-BBA9-27CBC0C5389A}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0F214138-B1D3-4A90-BBA9-27CBC0C5389A}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{0F214138-B1D3-4A90-BBA9-27CBC0C5389A}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{10C07CD0-EF91-4567-B850-448B77CB37F9}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{10C07CD0-EF91-4567-B850-448B77CB37F9}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{10C07CD0-EF91-4567-B850-448B77CB37F9}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{10C07CD0-EF91-4567-B850-448B77CB37F9}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{10C07CD0-EF91-4567-B850-448B77CB37F9}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{10C07CD0-EF91-4567-B850-448B77CB37F9}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{10C07CD0-EF91-4567-B850-448B77CB37F9}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{10C07CD0-EF91-4567-B850-448B77CB37F9}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{10C07CD0-EF91-4567-B850-448B77CB37F9}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{10C07CD0-EF91-4567-B850-448B77CB37F9}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{10C07CD0-EF91-4567-B850-448B77CB37F9}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{10C07CD0-EF91-4567-B850-448B77CB37F9}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{10C07CD0-EF91-4567-B850-448B77CB37F9}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{10C07CD0-EF91-4567-B850-448B77CB37F9}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{10C07CD0-EF91-4567-B850-448B77CB37F9}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{10C07CD0-EF91-4567-B850-448B77CB37F9}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{10C07CD0-EF91-4567-B850-448B77CB37F9}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{10C07CD0-EF91-4567-B850-448B77CB37F9}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{10C07CD0-EF91-4567-B850-448B77CB37F9}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{10C07CD0-EF91-4567-B850-448B77CB37F9}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{15CA69B3-30EE-49C1-ACE1-6B5EC372AFB5}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{15CA69B3-30EE-49C1-ACE1-6B5EC372AFB5}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{15CA69B3-30EE-49C1-ACE1-6B5EC372AFB5}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{15CA69B3-30EE-49C1-ACE1-6B5EC372AFB5}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{15CA69B3-30EE-49C1-ACE1-6B5EC372AFB5}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{15CA69B3-30EE-49C1-ACE1-6B5EC372AFB5}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{15CA69B3-30EE-49C1-ACE1-6B5EC372AFB5}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{15CA69B3-30EE-49C1-ACE1-6B5EC372AFB5}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{15CA69B3-30EE-49C1-ACE1-6B5EC372AFB5}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{15CA69B3-30EE-49C1-ACE1-6B5EC372AFB5}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{15CA69B3-30EE-49C1-ACE1-6B5EC372AFB5}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{15CA69B3-30EE-49C1-ACE1-6B5EC372AFB5}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{15CA69B3-30EE-49C1-ACE1-6B5EC372AFB5}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{15CA69B3-30EE-49C1-ACE1-6B5EC372AFB5}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{15CA69B3-30EE-49C1-ACE1-6B5EC372AFB5}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{15CA69B3-30EE-49C1-ACE1-6B5EC372AFB5}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{15CA69B3-30EE-49C1-ACE1-6B5EC372AFB5}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{15CA69B3-30EE-49C1-ACE1-6B5EC372AFB5}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{15CA69B3-30EE-49C1-ACE1-6B5EC372AFB5}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{15CA69B3-30EE-49C1-ACE1-6B5EC372AFB5}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1777F761-68AD-4D8A-87BD-30B759FA33DD}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{18989B1D-99B5-455B-841C-AB7C74E4DDFC}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{18989B1D-99B5-455B-841C-AB7C74E4DDFC}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{18989B1D-99B5-455B-841C-AB7C74E4DDFC}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{18989B1D-99B5-455B-841C-AB7C74E4DDFC}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{18989B1D-99B5-455B-841C-AB7C74E4DDFC}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{18989B1D-99B5-455B-841C-AB7C74E4DDFC}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{18989B1D-99B5-455B-841C-AB7C74E4DDFC}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{18989B1D-99B5-455B-841C-AB7C74E4DDFC}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{18989B1D-99B5-455B-841C-AB7C74E4DDFC}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{18989B1D-99B5-455B-841C-AB7C74E4DDFC}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{18989B1D-99B5-455B-841C-AB7C74E4DDFC}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{18989B1D-99B5-455B-841C-AB7C74E4DDFC}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{18989B1D-99B5-455B-841C-AB7C74E4DDFC}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{18989B1D-99B5-455B-841C-AB7C74E4DDFC}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{18989B1D-99B5-455B-841C-AB7C74E4DDFC}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{18989B1D-99B5-455B-841C-AB7C74E4DDFC}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{18989B1D-99B5-455B-841C-AB7C74E4DDFC}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{18989B1D-99B5-455B-841C-AB7C74E4DDFC}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{18989B1D-99B5-455B-841C-AB7C74E4DDFC}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{18989B1D-99B5-455B-841C-AB7C74E4DDFC}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{190337D1-B8CA-4121-A639-6D472D16972A}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{190337D1-B8CA-4121-A639-6D472D16972A}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{190337D1-B8CA-4121-A639-6D472D16972A}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{190337D1-B8CA-4121-A639-6D472D16972A}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{190337D1-B8CA-4121-A639-6D472D16972A}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{190337D1-B8CA-4121-A639-6D472D16972A}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{190337D1-B8CA-4121-A639-6D472D16972A}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{190337D1-B8CA-4121-A639-6D472D16972A}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{190337D1-B8CA-4121-A639-6D472D16972A}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{190337D1-B8CA-4121-A639-6D472D16972A}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{190337D1-B8CA-4121-A639-6D472D16972A}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{190337D1-B8CA-4121-A639-6D472D16972A}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{190337D1-B8CA-4121-A639-6D472D16972A}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{190337D1-B8CA-4121-A639-6D472D16972A}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{190337D1-B8CA-4121-A639-6D472D16972A}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{190337D1-B8CA-4121-A639-6D472D16972A}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{190337D1-B8CA-4121-A639-6D472D16972A}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{190337D1-B8CA-4121-A639-6D472D16972A}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{190337D1-B8CA-4121-A639-6D472D16972A}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{190337D1-B8CA-4121-A639-6D472D16972A}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1A6FDBA2-F42D-4358-A798-B74D745926C5}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1A6FDBA2-F42D-4358-A798-B74D745926C5}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1A6FDBA2-F42D-4358-A798-B74D745926C5}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1A6FDBA2-F42D-4358-A798-B74D745926C5}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1A6FDBA2-F42D-4358-A798-B74D745926C5}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1A6FDBA2-F42D-4358-A798-B74D745926C5}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1A6FDBA2-F42D-4358-A798-B74D745926C5}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1A6FDBA2-F42D-4358-A798-B74D745926C5}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1A6FDBA2-F42D-4358-A798-B74D745926C5}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1A6FDBA2-F42D-4358-A798-B74D745926C5}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1A6FDBA2-F42D-4358-A798-B74D745926C5}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1A6FDBA2-F42D-4358-A798-B74D745926C5}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1A6FDBA2-F42D-4358-A798-B74D745926C5}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1A6FDBA2-F42D-4358-A798-B74D745926C5}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1A6FDBA2-F42D-4358-A798-B74D745926C5}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1A6FDBA2-F42D-4358-A798-B74D745926C5}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1A6FDBA2-F42D-4358-A798-B74D745926C5}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1A6FDBA2-F42D-4358-A798-B74D745926C5}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1A6FDBA2-F42D-4358-A798-B74D745926C5}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1A6FDBA2-F42D-4358-A798-B74D745926C5}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2112AB0A-C86A-4FFE-A368-0DE96E47012E}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2112AB0A-C86A-4FFE-A368-0DE96E47012E}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2112AB0A-C86A-4FFE-A368-0DE96E47012E}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2112AB0A-C86A-4FFE-A368-0DE96E47012E}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2112AB0A-C86A-4FFE-A368-0DE96E47012E}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2112AB0A-C86A-4FFE-A368-0DE96E47012E}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2112AB0A-C86A-4FFE-A368-0DE96E47012E}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2112AB0A-C86A-4FFE-A368-0DE96E47012E}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2112AB0A-C86A-4FFE-A368-0DE96E47012E}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2112AB0A-C86A-4FFE-A368-0DE96E47012E}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2112AB0A-C86A-4FFE-A368-0DE96E47012E}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2112AB0A-C86A-4FFE-A368-0DE96E47012E}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2112AB0A-C86A-4FFE-A368-0DE96E47012E}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2112AB0A-C86A-4FFE-A368-0DE96E47012E}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2112AB0A-C86A-4FFE-A368-0DE96E47012E}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2112AB0A-C86A-4FFE-A368-0DE96E47012E}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2112AB0A-C86A-4FFE-A368-0DE96E47012E}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2112AB0A-C86A-4FFE-A368-0DE96E47012E}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2112AB0A-C86A-4FFE-A368-0DE96E47012E}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2112AB0A-C86A-4FFE-A368-0DE96E47012E}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2400183A-6185-49FB-A2D8-4A392A602BA3}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2400183A-6185-49FB-A2D8-4A392A602BA3}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2400183A-6185-49FB-A2D8-4A392A602BA3}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2400183A-6185-49FB-A2D8-4A392A602BA3}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2400183A-6185-49FB-A2D8-4A392A602BA3}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2400183A-6185-49FB-A2D8-4A392A602BA3}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2400183A-6185-49FB-A2D8-4A392A602BA3}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2400183A-6185-49FB-A2D8-4A392A602BA3}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2400183A-6185-49FB-A2D8-4A392A602BA3}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2400183A-6185-49FB-A2D8-4A392A602BA3}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2400183A-6185-49FB-A2D8-4A392A602BA3}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2400183A-6185-49FB-A2D8-4A392A602BA3}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2400183A-6185-49FB-A2D8-4A392A602BA3}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2400183A-6185-49FB-A2D8-4A392A602BA3}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2400183A-6185-49FB-A2D8-4A392A602BA3}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2400183A-6185-49FB-A2D8-4A392A602BA3}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2400183A-6185-49FB-A2D8-4A392A602BA3}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2400183A-6185-49FB-A2D8-4A392A602BA3}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2400183A-6185-49FB-A2D8-4A392A602BA3}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2400183A-6185-49FB-A2D8-4A392A602BA3}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{289A9A43-BE44-4057-A41B-587A76D7E7F9}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{289A9A43-BE44-4057-A41B-587A76D7E7F9}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{289A9A43-BE44-4057-A41B-587A76D7E7F9}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{289A9A43-BE44-4057-A41B-587A76D7E7F9}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{289A9A43-BE44-4057-A41B-587A76D7E7F9}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{289A9A43-BE44-4057-A41B-587A76D7E7F9}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{289A9A43-BE44-4057-A41B-587A76D7E7F9}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{289A9A43-BE44-4057-A41B-587A76D7E7F9}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{289A9A43-BE44-4057-A41B-587A76D7E7F9}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{289A9A43-BE44-4057-A41B-587A76D7E7F9}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{289A9A43-BE44-4057-A41B-587A76D7E7F9}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{289A9A43-BE44-4057-A41B-587A76D7E7F9}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{289A9A43-BE44-4057-A41B-587A76D7E7F9}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{289A9A43-BE44-4057-A41B-587A76D7E7F9}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{289A9A43-BE44-4057-A41B-587A76D7E7F9}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{289A9A43-BE44-4057-A41B-587A76D7E7F9}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{289A9A43-BE44-4057-A41B-587A76D7E7F9}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{289A9A43-BE44-4057-A41B-587A76D7E7F9}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{289A9A43-BE44-4057-A41B-587A76D7E7F9}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{289A9A43-BE44-4057-A41B-587A76D7E7F9}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2A00375E-224C-49DE-B8D1-440DF7EF3DDC}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2A00375E-224C-49DE-B8D1-440DF7EF3DDC}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2A00375E-224C-49DE-B8D1-440DF7EF3DDC}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2A00375E-224C-49DE-B8D1-440DF7EF3DDC}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2A00375E-224C-49DE-B8D1-440DF7EF3DDC}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2A00375E-224C-49DE-B8D1-440DF7EF3DDC}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2A00375E-224C-49DE-B8D1-440DF7EF3DDC}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2A00375E-224C-49DE-B8D1-440DF7EF3DDC}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2A00375E-224C-49DE-B8D1-440DF7EF3DDC}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2A00375E-224C-49DE-B8D1-440DF7EF3DDC}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2A00375E-224C-49DE-B8D1-440DF7EF3DDC}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2A00375E-224C-49DE-B8D1-440DF7EF3DDC}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2A00375E-224C-49DE-B8D1-440DF7EF3DDC}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2A00375E-224C-49DE-B8D1-440DF7EF3DDC}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2A00375E-224C-49DE-B8D1-440DF7EF3DDC}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2A00375E-224C-49DE-B8D1-440DF7EF3DDC}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2A00375E-224C-49DE-B8D1-440DF7EF3DDC}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2A00375E-224C-49DE-B8D1-440DF7EF3DDC}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2A00375E-224C-49DE-B8D1-440DF7EF3DDC}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2A00375E-224C-49DE-B8D1-440DF7EF3DDC}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2C36C0AA-5812-4B87-BFD0-4CD0DFB19B39}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2C36C0AA-5812-4B87-BFD0-4CD0DFB19B39}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2C36C0AA-5812-4B87-BFD0-4CD0DFB19B39}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2C36C0AA-5812-4B87-BFD0-4CD0DFB19B39}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2C36C0AA-5812-4B87-BFD0-4CD0DFB19B39}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2C36C0AA-5812-4B87-BFD0-4CD0DFB19B39}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2C36C0AA-5812-4B87-BFD0-4CD0DFB19B39}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2C36C0AA-5812-4B87-BFD0-4CD0DFB19B39}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2C36C0AA-5812-4B87-BFD0-4CD0DFB19B39}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2C36C0AA-5812-4B87-BFD0-4CD0DFB19B39}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2C36C0AA-5812-4B87-BFD0-4CD0DFB19B39}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2C36C0AA-5812-4B87-BFD0-4CD0DFB19B39}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2C36C0AA-5812-4B87-BFD0-4CD0DFB19B39}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2C36C0AA-5812-4B87-BFD0-4CD0DFB19B39}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2C36C0AA-5812-4B87-BFD0-4CD0DFB19B39}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2C36C0AA-5812-4B87-BFD0-4CD0DFB19B39}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2C36C0AA-5812-4B87-BFD0-4CD0DFB19B39}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2C36C0AA-5812-4B87-BFD0-4CD0DFB19B39}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2C36C0AA-5812-4B87-BFD0-4CD0DFB19B39}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{2C36C0AA-5812-4B87-BFD0-4CD0DFB19B39}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3214FAB5-9757-4298-BB61-92A9DEAA44FF}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3214FAB5-9757-4298-BB61-92A9DEAA44FF}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3214FAB5-9757-4298-BB61-92A9DEAA44FF}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3214FAB5-9757-4298-BB61-92A9DEAA44FF}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3214FAB5-9757-4298-BB61-92A9DEAA44FF}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3214FAB5-9757-4298-BB61-92A9DEAA44FF}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3214FAB5-9757-4298-BB61-92A9DEAA44FF}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3214FAB5-9757-4298-BB61-92A9DEAA44FF}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3214FAB5-9757-4298-BB61-92A9DEAA44FF}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3214FAB5-9757-4298-BB61-92A9DEAA44FF}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3214FAB5-9757-4298-BB61-92A9DEAA44FF}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3214FAB5-9757-4298-BB61-92A9DEAA44FF}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3214FAB5-9757-4298-BB61-92A9DEAA44FF}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3214FAB5-9757-4298-BB61-92A9DEAA44FF}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3214FAB5-9757-4298-BB61-92A9DEAA44FF}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3214FAB5-9757-4298-BB61-92A9DEAA44FF}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3214FAB5-9757-4298-BB61-92A9DEAA44FF}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3214FAB5-9757-4298-BB61-92A9DEAA44FF}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3214FAB5-9757-4298-BB61-92A9DEAA44FF}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3214FAB5-9757-4298-BB61-92A9DEAA44FF}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{33E28130-4E1E-4676-835A-98395C3BC3BB}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{33E28130-4E1E-4676-835A-98395C3BC3BB}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{33E28130-4E1E-4676-835A-98395C3BC3BB}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{33E28130-4E1E-4676-835A-98395C3BC3BB}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{33E28130-4E1E-4676-835A-98395C3BC3BB}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{33E28130-4E1E-4676-835A-98395C3BC3BB}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{33E28130-4E1E-4676-835A-98395C3BC3BB}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{33E28130-4E1E-4676-835A-98395C3BC3BB}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{33E28130-4E1E-4676-835A-98395C3BC3BB}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{33E28130-4E1E-4676-835A-98395C3BC3BB}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{33E28130-4E1E-4676-835A-98395C3BC3BB}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{33E28130-4E1E-4676-835A-98395C3BC3BB}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{33E28130-4E1E-4676-835A-98395C3BC3BB}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{33E28130-4E1E-4676-835A-98395C3BC3BB}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{33E28130-4E1E-4676-835A-98395C3BC3BB}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{33E28130-4E1E-4676-835A-98395C3BC3BB}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{33E28130-4E1E-4676-835A-98395C3BC3BB}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{33E28130-4E1E-4676-835A-98395C3BC3BB}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{33E28130-4E1E-4676-835A-98395C3BC3BB}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{33E28130-4E1E-4676-835A-98395C3BC3BB}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{374DE290-123F-4565-9164-39C4925E467B}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{374DE290-123F-4565-9164-39C4925E467B}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{374DE290-123F-4565-9164-39C4925E467B}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{374DE290-123F-4565-9164-39C4925E467B}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{374DE290-123F-4565-9164-39C4925E467B}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{374DE290-123F-4565-9164-39C4925E467B}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{374DE290-123F-4565-9164-39C4925E467B}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{374DE290-123F-4565-9164-39C4925E467B}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{374DE290-123F-4565-9164-39C4925E467B}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{374DE290-123F-4565-9164-39C4925E467B}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{374DE290-123F-4565-9164-39C4925E467B}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{374DE290-123F-4565-9164-39C4925E467B}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{374DE290-123F-4565-9164-39C4925E467B}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{374DE290-123F-4565-9164-39C4925E467B}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{374DE290-123F-4565-9164-39C4925E467B}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{374DE290-123F-4565-9164-39C4925E467B}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{374DE290-123F-4565-9164-39C4925E467B}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{374DE290-123F-4565-9164-39C4925E467B}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{374DE290-123F-4565-9164-39C4925E467B}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{374DE290-123F-4565-9164-39C4925E467B}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3D644C9B-1FB8-4F30-9B45-F670235F79C0}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3D644C9B-1FB8-4F30-9B45-F670235F79C0}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3D644C9B-1FB8-4F30-9B45-F670235F79C0}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3D644C9B-1FB8-4F30-9B45-F670235F79C0}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3D644C9B-1FB8-4F30-9B45-F670235F79C0}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3D644C9B-1FB8-4F30-9B45-F670235F79C0}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3D644C9B-1FB8-4F30-9B45-F670235F79C0}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3D644C9B-1FB8-4F30-9B45-F670235F79C0}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3D644C9B-1FB8-4F30-9B45-F670235F79C0}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3D644C9B-1FB8-4F30-9B45-F670235F79C0}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3D644C9B-1FB8-4F30-9B45-F670235F79C0}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3D644C9B-1FB8-4F30-9B45-F670235F79C0}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3D644C9B-1FB8-4F30-9B45-F670235F79C0}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3D644C9B-1FB8-4F30-9B45-F670235F79C0}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3D644C9B-1FB8-4F30-9B45-F670235F79C0}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3D644C9B-1FB8-4F30-9B45-F670235F79C0}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3D644C9B-1FB8-4F30-9B45-F670235F79C0}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3D644C9B-1FB8-4F30-9B45-F670235F79C0}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3D644C9B-1FB8-4F30-9B45-F670235F79C0}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{3D644C9B-1FB8-4F30-9B45-F670235F79C0}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{43668BF8-C14E-49B2-97C9-747784D784B7}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{43668BF8-C14E-49B2-97C9-747784D784B7}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{43668BF8-C14E-49B2-97C9-747784D784B7}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{43668BF8-C14E-49B2-97C9-747784D784B7}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{43668BF8-C14E-49B2-97C9-747784D784B7}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{43668BF8-C14E-49B2-97C9-747784D784B7}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{43668BF8-C14E-49B2-97C9-747784D784B7}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{43668BF8-C14E-49B2-97C9-747784D784B7}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{43668BF8-C14E-49B2-97C9-747784D784B7}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{43668BF8-C14E-49B2-97C9-747784D784B7}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{43668BF8-C14E-49B2-97C9-747784D784B7}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{43668BF8-C14E-49B2-97C9-747784D784B7}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{43668BF8-C14E-49B2-97C9-747784D784B7}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{43668BF8-C14E-49B2-97C9-747784D784B7}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{43668BF8-C14E-49B2-97C9-747784D784B7}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{43668BF8-C14E-49B2-97C9-747784D784B7}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{43668BF8-C14E-49B2-97C9-747784D784B7}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{43668BF8-C14E-49B2-97C9-747784D784B7}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{43668BF8-C14E-49B2-97C9-747784D784B7}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{43668BF8-C14E-49B2-97C9-747784D784B7}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{48DAF80B-E6CF-4F4E-B800-0E69D84EE384}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{48DAF80B-E6CF-4F4E-B800-0E69D84EE384}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{48DAF80B-E6CF-4F4E-B800-0E69D84EE384}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{48DAF80B-E6CF-4F4E-B800-0E69D84EE384}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{48DAF80B-E6CF-4F4E-B800-0E69D84EE384}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{48DAF80B-E6CF-4F4E-B800-0E69D84EE384}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{48DAF80B-E6CF-4F4E-B800-0E69D84EE384}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{48DAF80B-E6CF-4F4E-B800-0E69D84EE384}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{48DAF80B-E6CF-4F4E-B800-0E69D84EE384}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{48DAF80B-E6CF-4F4E-B800-0E69D84EE384}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{48DAF80B-E6CF-4F4E-B800-0E69D84EE384}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{48DAF80B-E6CF-4F4E-B800-0E69D84EE384}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{48DAF80B-E6CF-4F4E-B800-0E69D84EE384}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{48DAF80B-E6CF-4F4E-B800-0E69D84EE384}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{48DAF80B-E6CF-4F4E-B800-0E69D84EE384}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{48DAF80B-E6CF-4F4E-B800-0E69D84EE384}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{48DAF80B-E6CF-4F4E-B800-0E69D84EE384}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{48DAF80B-E6CF-4F4E-B800-0E69D84EE384}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{48DAF80B-E6CF-4F4E-B800-0E69D84EE384}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{48DAF80B-E6CF-4F4E-B800-0E69D84EE384}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{491E922F-5643-4AF4-A7EB-4E7A138D8174}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{491E922F-5643-4AF4-A7EB-4E7A138D8174}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{491E922F-5643-4AF4-A7EB-4E7A138D8174}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{491E922F-5643-4AF4-A7EB-4E7A138D8174}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{491E922F-5643-4AF4-A7EB-4E7A138D8174}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{491E922F-5643-4AF4-A7EB-4E7A138D8174}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{491E922F-5643-4AF4-A7EB-4E7A138D8174}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{491E922F-5643-4AF4-A7EB-4E7A138D8174}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{491E922F-5643-4AF4-A7EB-4E7A138D8174}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{491E922F-5643-4AF4-A7EB-4E7A138D8174}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{491E922F-5643-4AF4-A7EB-4E7A138D8174}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{491E922F-5643-4AF4-A7EB-4E7A138D8174}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{491E922F-5643-4AF4-A7EB-4E7A138D8174}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{491E922F-5643-4AF4-A7EB-4E7A138D8174}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{491E922F-5643-4AF4-A7EB-4E7A138D8174}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{491E922F-5643-4AF4-A7EB-4E7A138D8174}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{491E922F-5643-4AF4-A7EB-4E7A138D8174}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{491E922F-5643-4AF4-A7EB-4E7A138D8174}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{491E922F-5643-4AF4-A7EB-4E7A138D8174}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{491E922F-5643-4AF4-A7EB-4E7A138D8174}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4BD8D571-6D19-48D3-BE97-422220080E43}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4BD8D571-6D19-48D3-BE97-422220080E43}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4BD8D571-6D19-48D3-BE97-422220080E43}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4BD8D571-6D19-48D3-BE97-422220080E43}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4BD8D571-6D19-48D3-BE97-422220080E43}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4BD8D571-6D19-48D3-BE97-422220080E43}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4BD8D571-6D19-48D3-BE97-422220080E43}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4BD8D571-6D19-48D3-BE97-422220080E43}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4BD8D571-6D19-48D3-BE97-422220080E43}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4BD8D571-6D19-48D3-BE97-422220080E43}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4BD8D571-6D19-48D3-BE97-422220080E43}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4BD8D571-6D19-48D3-BE97-422220080E43}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4BD8D571-6D19-48D3-BE97-422220080E43}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4BD8D571-6D19-48D3-BE97-422220080E43}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4BD8D571-6D19-48D3-BE97-422220080E43}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4BD8D571-6D19-48D3-BE97-422220080E43}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4BD8D571-6D19-48D3-BE97-422220080E43}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4BD8D571-6D19-48D3-BE97-422220080E43}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4BD8D571-6D19-48D3-BE97-422220080E43}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4BD8D571-6D19-48D3-BE97-422220080E43}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4BFEFB45-347D-4006-A5BE-AC0CB0567192}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4BFEFB45-347D-4006-A5BE-AC0CB0567192}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4BFEFB45-347D-4006-A5BE-AC0CB0567192}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4BFEFB45-347D-4006-A5BE-AC0CB0567192}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4BFEFB45-347D-4006-A5BE-AC0CB0567192}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4BFEFB45-347D-4006-A5BE-AC0CB0567192}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4BFEFB45-347D-4006-A5BE-AC0CB0567192}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4BFEFB45-347D-4006-A5BE-AC0CB0567192}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4BFEFB45-347D-4006-A5BE-AC0CB0567192}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4BFEFB45-347D-4006-A5BE-AC0CB0567192}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4BFEFB45-347D-4006-A5BE-AC0CB0567192}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4BFEFB45-347D-4006-A5BE-AC0CB0567192}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4BFEFB45-347D-4006-A5BE-AC0CB0567192}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4BFEFB45-347D-4006-A5BE-AC0CB0567192}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4BFEFB45-347D-4006-A5BE-AC0CB0567192}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4BFEFB45-347D-4006-A5BE-AC0CB0567192}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4BFEFB45-347D-4006-A5BE-AC0CB0567192}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4BFEFB45-347D-4006-A5BE-AC0CB0567192}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4BFEFB45-347D-4006-A5BE-AC0CB0567192}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4BFEFB45-347D-4006-A5BE-AC0CB0567192}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4D9F7874-4E0C-4904-967B-40B0D20C3E4B}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4D9F7874-4E0C-4904-967B-40B0D20C3E4B}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4D9F7874-4E0C-4904-967B-40B0D20C3E4B}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4D9F7874-4E0C-4904-967B-40B0D20C3E4B}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4D9F7874-4E0C-4904-967B-40B0D20C3E4B}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4D9F7874-4E0C-4904-967B-40B0D20C3E4B}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4D9F7874-4E0C-4904-967B-40B0D20C3E4B}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4D9F7874-4E0C-4904-967B-40B0D20C3E4B}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4D9F7874-4E0C-4904-967B-40B0D20C3E4B}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4D9F7874-4E0C-4904-967B-40B0D20C3E4B}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4D9F7874-4E0C-4904-967B-40B0D20C3E4B}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4D9F7874-4E0C-4904-967B-40B0D20C3E4B}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4D9F7874-4E0C-4904-967B-40B0D20C3E4B}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4D9F7874-4E0C-4904-967B-40B0D20C3E4B}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4D9F7874-4E0C-4904-967B-40B0D20C3E4B}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4D9F7874-4E0C-4904-967B-40B0D20C3E4B}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4D9F7874-4E0C-4904-967B-40B0D20C3E4B}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4D9F7874-4E0C-4904-967B-40B0D20C3E4B}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4D9F7874-4E0C-4904-967B-40B0D20C3E4B}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{4D9F7874-4E0C-4904-967B-40B0D20C3E4B}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{52528A6B-B9E3-4ADD-B60D-588C2DBA842D}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{52528A6B-B9E3-4ADD-B60D-588C2DBA842D}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{52528A6B-B9E3-4ADD-B60D-588C2DBA842D}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{52528A6B-B9E3-4ADD-B60D-588C2DBA842D}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{52528A6B-B9E3-4ADD-B60D-588C2DBA842D}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{52528A6B-B9E3-4ADD-B60D-588C2DBA842D}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{52528A6B-B9E3-4ADD-B60D-588C2DBA842D}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{52528A6B-B9E3-4ADD-B60D-588C2DBA842D}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{52528A6B-B9E3-4ADD-B60D-588C2DBA842D}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{52528A6B-B9E3-4ADD-B60D-588C2DBA842D}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{52528A6B-B9E3-4ADD-B60D-588C2DBA842D}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{52528A6B-B9E3-4ADD-B60D-588C2DBA842D}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{52528A6B-B9E3-4ADD-B60D-588C2DBA842D}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{52528A6B-B9E3-4ADD-B60D-588C2DBA842D}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{52528A6B-B9E3-4ADD-B60D-588C2DBA842D}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{52528A6B-B9E3-4ADD-B60D-588C2DBA842D}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{52528A6B-B9E3-4ADD-B60D-588C2DBA842D}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{52528A6B-B9E3-4ADD-B60D-588C2DBA842D}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{52528A6B-B9E3-4ADD-B60D-588C2DBA842D}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{52528A6B-B9E3-4ADD-B60D-588C2DBA842D}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{52A4F021-7B75-48A9-9F6B-4B87A210BC8F}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{52A4F021-7B75-48A9-9F6B-4B87A210BC8F}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{52A4F021-7B75-48A9-9F6B-4B87A210BC8F}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{52A4F021-7B75-48A9-9F6B-4B87A210BC8F}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{52A4F021-7B75-48A9-9F6B-4B87A210BC8F}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{52A4F021-7B75-48A9-9F6B-4B87A210BC8F}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{52A4F021-7B75-48A9-9F6B-4B87A210BC8F}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{52A4F021-7B75-48A9-9F6B-4B87A210BC8F}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{52A4F021-7B75-48A9-9F6B-4B87A210BC8F}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{52A4F021-7B75-48A9-9F6B-4B87A210BC8F}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{52A4F021-7B75-48A9-9F6B-4B87A210BC8F}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{52A4F021-7B75-48A9-9F6B-4B87A210BC8F}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{52A4F021-7B75-48A9-9F6B-4B87A210BC8F}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{52A4F021-7B75-48A9-9F6B-4B87A210BC8F}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{52A4F021-7B75-48A9-9F6B-4B87A210BC8F}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{52A4F021-7B75-48A9-9F6B-4B87A210BC8F}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{52A4F021-7B75-48A9-9F6B-4B87A210BC8F}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{52A4F021-7B75-48A9-9F6B-4B87A210BC8F}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{52A4F021-7B75-48A9-9F6B-4B87A210BC8F}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{52A4F021-7B75-48A9-9F6B-4B87A210BC8F}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{54EED2E0-E7CA-4FDB-9148-0F4247291CFA}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{54EED2E0-E7CA-4FDB-9148-0F4247291CFA}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{54EED2E0-E7CA-4FDB-9148-0F4247291CFA}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{54EED2E0-E7CA-4FDB-9148-0F4247291CFA}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{54EED2E0-E7CA-4FDB-9148-0F4247291CFA}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{54EED2E0-E7CA-4FDB-9148-0F4247291CFA}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{54EED2E0-E7CA-4FDB-9148-0F4247291CFA}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{54EED2E0-E7CA-4FDB-9148-0F4247291CFA}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{54EED2E0-E7CA-4FDB-9148-0F4247291CFA}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{54EED2E0-E7CA-4FDB-9148-0F4247291CFA}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{54EED2E0-E7CA-4FDB-9148-0F4247291CFA}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{54EED2E0-E7CA-4FDB-9148-0F4247291CFA}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{54EED2E0-E7CA-4FDB-9148-0F4247291CFA}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{54EED2E0-E7CA-4FDB-9148-0F4247291CFA}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{54EED2E0-E7CA-4FDB-9148-0F4247291CFA}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{54EED2E0-E7CA-4FDB-9148-0F4247291CFA}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{54EED2E0-E7CA-4FDB-9148-0F4247291CFA}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{54EED2E0-E7CA-4FDB-9148-0F4247291CFA}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{54EED2E0-E7CA-4FDB-9148-0F4247291CFA}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{54EED2E0-E7CA-4FDB-9148-0F4247291CFA}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{56784854-C6CB-462B-8169-88E350ACB882}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{56784854-C6CB-462B-8169-88E350ACB882}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{56784854-C6CB-462B-8169-88E350ACB882}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{56784854-C6CB-462B-8169-88E350ACB882}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{56784854-C6CB-462B-8169-88E350ACB882}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{56784854-C6CB-462B-8169-88E350ACB882}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{56784854-C6CB-462B-8169-88E350ACB882}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{56784854-C6CB-462B-8169-88E350ACB882}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{56784854-C6CB-462B-8169-88E350ACB882}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{56784854-C6CB-462B-8169-88E350ACB882}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{56784854-C6CB-462B-8169-88E350ACB882}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{56784854-C6CB-462B-8169-88E350ACB882}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{56784854-C6CB-462B-8169-88E350ACB882}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{56784854-C6CB-462B-8169-88E350ACB882}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{56784854-C6CB-462B-8169-88E350ACB882}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{56784854-C6CB-462B-8169-88E350ACB882}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{56784854-C6CB-462B-8169-88E350ACB882}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{56784854-C6CB-462B-8169-88E350ACB882}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{56784854-C6CB-462B-8169-88E350ACB882}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{56784854-C6CB-462B-8169-88E350ACB882}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5CD7AEE2-2219-4A67-B85D-6C9CE15660CB}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5CD7AEE2-2219-4A67-B85D-6C9CE15660CB}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5CD7AEE2-2219-4A67-B85D-6C9CE15660CB}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5CD7AEE2-2219-4A67-B85D-6C9CE15660CB}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5CD7AEE2-2219-4A67-B85D-6C9CE15660CB}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5CD7AEE2-2219-4A67-B85D-6C9CE15660CB}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5CD7AEE2-2219-4A67-B85D-6C9CE15660CB}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5CD7AEE2-2219-4A67-B85D-6C9CE15660CB}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5CD7AEE2-2219-4A67-B85D-6C9CE15660CB}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5CD7AEE2-2219-4A67-B85D-6C9CE15660CB}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5CD7AEE2-2219-4A67-B85D-6C9CE15660CB}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5CD7AEE2-2219-4A67-B85D-6C9CE15660CB}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5CD7AEE2-2219-4A67-B85D-6C9CE15660CB}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5CD7AEE2-2219-4A67-B85D-6C9CE15660CB}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5CD7AEE2-2219-4A67-B85D-6C9CE15660CB}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5CD7AEE2-2219-4A67-B85D-6C9CE15660CB}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5CD7AEE2-2219-4A67-B85D-6C9CE15660CB}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5CD7AEE2-2219-4A67-B85D-6C9CE15660CB}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5CD7AEE2-2219-4A67-B85D-6C9CE15660CB}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5CD7AEE2-2219-4A67-B85D-6C9CE15660CB}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5CE4A5E9-E4EB-479D-B89F-130C02886155}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5CE4A5E9-E4EB-479D-B89F-130C02886155}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5CE4A5E9-E4EB-479D-B89F-130C02886155}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5CE4A5E9-E4EB-479D-B89F-130C02886155}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5CE4A5E9-E4EB-479D-B89F-130C02886155}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5CE4A5E9-E4EB-479D-B89F-130C02886155}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5CE4A5E9-E4EB-479D-B89F-130C02886155}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5CE4A5E9-E4EB-479D-B89F-130C02886155}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5CE4A5E9-E4EB-479D-B89F-130C02886155}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5CE4A5E9-E4EB-479D-B89F-130C02886155}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5CE4A5E9-E4EB-479D-B89F-130C02886155}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5CE4A5E9-E4EB-479D-B89F-130C02886155}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5CE4A5E9-E4EB-479D-B89F-130C02886155}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5CE4A5E9-E4EB-479D-B89F-130C02886155}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5CE4A5E9-E4EB-479D-B89F-130C02886155}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5CE4A5E9-E4EB-479D-B89F-130C02886155}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5CE4A5E9-E4EB-479D-B89F-130C02886155}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5CE4A5E9-E4EB-479D-B89F-130C02886155}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5CE4A5E9-E4EB-479D-B89F-130C02886155}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{5CE4A5E9-E4EB-479D-B89F-130C02886155}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{62AB5D82-FDC1-4DC3-A9DD-070D1D495D97}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{69D2CF90-FC33-4FB7-9A0C-EBB0F0FCB43C}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{69D2CF90-FC33-4FB7-9A0C-EBB0F0FCB43C}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{69D2CF90-FC33-4FB7-9A0C-EBB0F0FCB43C}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{69D2CF90-FC33-4FB7-9A0C-EBB0F0FCB43C}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{69D2CF90-FC33-4FB7-9A0C-EBB0F0FCB43C}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{69D2CF90-FC33-4FB7-9A0C-EBB0F0FCB43C}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{69D2CF90-FC33-4FB7-9A0C-EBB0F0FCB43C}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{69D2CF90-FC33-4FB7-9A0C-EBB0F0FCB43C}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{69D2CF90-FC33-4FB7-9A0C-EBB0F0FCB43C}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{69D2CF90-FC33-4FB7-9A0C-EBB0F0FCB43C}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{69D2CF90-FC33-4FB7-9A0C-EBB0F0FCB43C}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{69D2CF90-FC33-4FB7-9A0C-EBB0F0FCB43C}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{69D2CF90-FC33-4FB7-9A0C-EBB0F0FCB43C}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{69D2CF90-FC33-4FB7-9A0C-EBB0F0FCB43C}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{69D2CF90-FC33-4FB7-9A0C-EBB0F0FCB43C}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{69D2CF90-FC33-4FB7-9A0C-EBB0F0FCB43C}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{69D2CF90-FC33-4FB7-9A0C-EBB0F0FCB43C}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{69D2CF90-FC33-4FB7-9A0C-EBB0F0FCB43C}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{69D2CF90-FC33-4FB7-9A0C-EBB0F0FCB43C}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{69D2CF90-FC33-4FB7-9A0C-EBB0F0FCB43C}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{6F0CD92B-2E97-45D1-88FF-B0D186B8DEDD}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{6F0CD92B-2E97-45D1-88FF-B0D186B8DEDD}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{6F0CD92B-2E97-45D1-88FF-B0D186B8DEDD}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{6F0CD92B-2E97-45D1-88FF-B0D186B8DEDD}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{6F0CD92B-2E97-45D1-88FF-B0D186B8DEDD}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{6F0CD92B-2E97-45D1-88FF-B0D186B8DEDD}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{6F0CD92B-2E97-45D1-88FF-B0D186B8DEDD}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{6F0CD92B-2E97-45D1-88FF-B0D186B8DEDD}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{6F0CD92B-2E97-45D1-88FF-B0D186B8DEDD}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{6F0CD92B-2E97-45D1-88FF-B0D186B8DEDD}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{6F0CD92B-2E97-45D1-88FF-B0D186B8DEDD}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{6F0CD92B-2E97-45D1-88FF-B0D186B8DEDD}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{6F0CD92B-2E97-45D1-88FF-B0D186B8DEDD}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{6F0CD92B-2E97-45D1-88FF-B0D186B8DEDD}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{6F0CD92B-2E97-45D1-88FF-B0D186B8DEDD}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{6F0CD92B-2E97-45D1-88FF-B0D186B8DEDD}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{6F0CD92B-2E97-45D1-88FF-B0D186B8DEDD}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{6F0CD92B-2E97-45D1-88FF-B0D186B8DEDD}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{6F0CD92B-2E97-45D1-88FF-B0D186B8DEDD}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{6F0CD92B-2E97-45D1-88FF-B0D186B8DEDD}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{724EF170-A42D-4FEF-9F26-B60E846FBA4F}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{724EF170-A42D-4FEF-9F26-B60E846FBA4F}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{724EF170-A42D-4FEF-9F26-B60E846FBA4F}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{724EF170-A42D-4FEF-9F26-B60E846FBA4F}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{724EF170-A42D-4FEF-9F26-B60E846FBA4F}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{724EF170-A42D-4FEF-9F26-B60E846FBA4F}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{724EF170-A42D-4FEF-9F26-B60E846FBA4F}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{724EF170-A42D-4FEF-9F26-B60E846FBA4F}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{724EF170-A42D-4FEF-9F26-B60E846FBA4F}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{724EF170-A42D-4FEF-9F26-B60E846FBA4F}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{724EF170-A42D-4FEF-9F26-B60E846FBA4F}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{724EF170-A42D-4FEF-9F26-B60E846FBA4F}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{724EF170-A42D-4FEF-9F26-B60E846FBA4F}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{724EF170-A42D-4FEF-9F26-B60E846FBA4F}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{724EF170-A42D-4FEF-9F26-B60E846FBA4F}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{724EF170-A42D-4FEF-9F26-B60E846FBA4F}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{724EF170-A42D-4FEF-9F26-B60E846FBA4F}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{724EF170-A42D-4FEF-9F26-B60E846FBA4F}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{724EF170-A42D-4FEF-9F26-B60E846FBA4F}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{724EF170-A42D-4FEF-9F26-B60E846FBA4F}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{76FC4E2D-D6AD-4519-A663-37BD56068185}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{76FC4E2D-D6AD-4519-A663-37BD56068185}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{76FC4E2D-D6AD-4519-A663-37BD56068185}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{76FC4E2D-D6AD-4519-A663-37BD56068185}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{76FC4E2D-D6AD-4519-A663-37BD56068185}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{76FC4E2D-D6AD-4519-A663-37BD56068185}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{76FC4E2D-D6AD-4519-A663-37BD56068185}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{76FC4E2D-D6AD-4519-A663-37BD56068185}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{76FC4E2D-D6AD-4519-A663-37BD56068185}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{76FC4E2D-D6AD-4519-A663-37BD56068185}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{76FC4E2D-D6AD-4519-A663-37BD56068185}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{76FC4E2D-D6AD-4519-A663-37BD56068185}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{76FC4E2D-D6AD-4519-A663-37BD56068185}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{76FC4E2D-D6AD-4519-A663-37BD56068185}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{76FC4E2D-D6AD-4519-A663-37BD56068185}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{76FC4E2D-D6AD-4519-A663-37BD56068185}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{76FC4E2D-D6AD-4519-A663-37BD56068185}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{76FC4E2D-D6AD-4519-A663-37BD56068185}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{76FC4E2D-D6AD-4519-A663-37BD56068185}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{76FC4E2D-D6AD-4519-A663-37BD56068185}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7B0DB17D-9CD2-4A93-9733-46CC89022E7C}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7B0DB17D-9CD2-4A93-9733-46CC89022E7C}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7B0DB17D-9CD2-4A93-9733-46CC89022E7C}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7B0DB17D-9CD2-4A93-9733-46CC89022E7C}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7B0DB17D-9CD2-4A93-9733-46CC89022E7C}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7B0DB17D-9CD2-4A93-9733-46CC89022E7C}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7B0DB17D-9CD2-4A93-9733-46CC89022E7C}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7B0DB17D-9CD2-4A93-9733-46CC89022E7C}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7B0DB17D-9CD2-4A93-9733-46CC89022E7C}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7B0DB17D-9CD2-4A93-9733-46CC89022E7C}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7B0DB17D-9CD2-4A93-9733-46CC89022E7C}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7B0DB17D-9CD2-4A93-9733-46CC89022E7C}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7B0DB17D-9CD2-4A93-9733-46CC89022E7C}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7B0DB17D-9CD2-4A93-9733-46CC89022E7C}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7B0DB17D-9CD2-4A93-9733-46CC89022E7C}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7B0DB17D-9CD2-4A93-9733-46CC89022E7C}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7B0DB17D-9CD2-4A93-9733-46CC89022E7C}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7B0DB17D-9CD2-4A93-9733-46CC89022E7C}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7B0DB17D-9CD2-4A93-9733-46CC89022E7C}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7B0DB17D-9CD2-4A93-9733-46CC89022E7C}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7B396E54-9EC5-4300-BE0A-2482EBAE1A26}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7B396E54-9EC5-4300-BE0A-2482EBAE1A26}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7B396E54-9EC5-4300-BE0A-2482EBAE1A26}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7B396E54-9EC5-4300-BE0A-2482EBAE1A26}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7B396E54-9EC5-4300-BE0A-2482EBAE1A26}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7B396E54-9EC5-4300-BE0A-2482EBAE1A26}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7B396E54-9EC5-4300-BE0A-2482EBAE1A26}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7B396E54-9EC5-4300-BE0A-2482EBAE1A26}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7B396E54-9EC5-4300-BE0A-2482EBAE1A26}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7B396E54-9EC5-4300-BE0A-2482EBAE1A26}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7B396E54-9EC5-4300-BE0A-2482EBAE1A26}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7B396E54-9EC5-4300-BE0A-2482EBAE1A26}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7B396E54-9EC5-4300-BE0A-2482EBAE1A26}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7B396E54-9EC5-4300-BE0A-2482EBAE1A26}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7B396E54-9EC5-4300-BE0A-2482EBAE1A26}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7B396E54-9EC5-4300-BE0A-2482EBAE1A26}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7B396E54-9EC5-4300-BE0A-2482EBAE1A26}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7B396E54-9EC5-4300-BE0A-2482EBAE1A26}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7B396E54-9EC5-4300-BE0A-2482EBAE1A26}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7B396E54-9EC5-4300-BE0A-2482EBAE1A26}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7D1D3A04-DEBB-4115-95CF-2F29DA2920DA}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7D1D3A04-DEBB-4115-95CF-2F29DA2920DA}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7D1D3A04-DEBB-4115-95CF-2F29DA2920DA}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7D1D3A04-DEBB-4115-95CF-2F29DA2920DA}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7D1D3A04-DEBB-4115-95CF-2F29DA2920DA}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7D1D3A04-DEBB-4115-95CF-2F29DA2920DA}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7D1D3A04-DEBB-4115-95CF-2F29DA2920DA}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7D1D3A04-DEBB-4115-95CF-2F29DA2920DA}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7D1D3A04-DEBB-4115-95CF-2F29DA2920DA}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7D1D3A04-DEBB-4115-95CF-2F29DA2920DA}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7D1D3A04-DEBB-4115-95CF-2F29DA2920DA}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7D1D3A04-DEBB-4115-95CF-2F29DA2920DA}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7D1D3A04-DEBB-4115-95CF-2F29DA2920DA}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7D1D3A04-DEBB-4115-95CF-2F29DA2920DA}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7D1D3A04-DEBB-4115-95CF-2F29DA2920DA}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7D1D3A04-DEBB-4115-95CF-2F29DA2920DA}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7D1D3A04-DEBB-4115-95CF-2F29DA2920DA}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7D1D3A04-DEBB-4115-95CF-2F29DA2920DA}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7D1D3A04-DEBB-4115-95CF-2F29DA2920DA}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{7D1D3A04-DEBB-4115-95CF-2F29DA2920DA}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{82A5EA35-D9CD-47C5-9629-E15D2F714E6E}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{82A74AEB-AEB4-465C-A014-D097EE346D63}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{82A74AEB-AEB4-465C-A014-D097EE346D63}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{82A74AEB-AEB4-465C-A014-D097EE346D63}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{82A74AEB-AEB4-465C-A014-D097EE346D63}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{82A74AEB-AEB4-465C-A014-D097EE346D63}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{82A74AEB-AEB4-465C-A014-D097EE346D63}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{82A74AEB-AEB4-465C-A014-D097EE346D63}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{82A74AEB-AEB4-465C-A014-D097EE346D63}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{82A74AEB-AEB4-465C-A014-D097EE346D63}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{82A74AEB-AEB4-465C-A014-D097EE346D63}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{82A74AEB-AEB4-465C-A014-D097EE346D63}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{82A74AEB-AEB4-465C-A014-D097EE346D63}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{82A74AEB-AEB4-465C-A014-D097EE346D63}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{82A74AEB-AEB4-465C-A014-D097EE346D63}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{82A74AEB-AEB4-465C-A014-D097EE346D63}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{82A74AEB-AEB4-465C-A014-D097EE346D63}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{82A74AEB-AEB4-465C-A014-D097EE346D63}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{82A74AEB-AEB4-465C-A014-D097EE346D63}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{82A74AEB-AEB4-465C-A014-D097EE346D63}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{82A74AEB-AEB4-465C-A014-D097EE346D63}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{859EAD94-2E85-48AD-A71A-0969CB56A6CD}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{859EAD94-2E85-48AD-A71A-0969CB56A6CD}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{859EAD94-2E85-48AD-A71A-0969CB56A6CD}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{859EAD94-2E85-48AD-A71A-0969CB56A6CD}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{859EAD94-2E85-48AD-A71A-0969CB56A6CD}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{859EAD94-2E85-48AD-A71A-0969CB56A6CD}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{859EAD94-2E85-48AD-A71A-0969CB56A6CD}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{859EAD94-2E85-48AD-A71A-0969CB56A6CD}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{859EAD94-2E85-48AD-A71A-0969CB56A6CD}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{859EAD94-2E85-48AD-A71A-0969CB56A6CD}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{859EAD94-2E85-48AD-A71A-0969CB56A6CD}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{859EAD94-2E85-48AD-A71A-0969CB56A6CD}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{859EAD94-2E85-48AD-A71A-0969CB56A6CD}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{859EAD94-2E85-48AD-A71A-0969CB56A6CD}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{859EAD94-2E85-48AD-A71A-0969CB56A6CD}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{859EAD94-2E85-48AD-A71A-0969CB56A6CD}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{859EAD94-2E85-48AD-A71A-0969CB56A6CD}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{859EAD94-2E85-48AD-A71A-0969CB56A6CD}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{859EAD94-2E85-48AD-A71A-0969CB56A6CD}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{859EAD94-2E85-48AD-A71A-0969CB56A6CD}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{8983036C-27C0-404B-8F08-102D10DCFD74}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{8983036C-27C0-404B-8F08-102D10DCFD74}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{8983036C-27C0-404B-8F08-102D10DCFD74}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{8983036C-27C0-404B-8F08-102D10DCFD74}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{8983036C-27C0-404B-8F08-102D10DCFD74}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{8983036C-27C0-404B-8F08-102D10DCFD74}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{8983036C-27C0-404B-8F08-102D10DCFD74}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{8983036C-27C0-404B-8F08-102D10DCFD74}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{8983036C-27C0-404B-8F08-102D10DCFD74}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{8983036C-27C0-404B-8F08-102D10DCFD74}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{8983036C-27C0-404B-8F08-102D10DCFD74}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{8983036C-27C0-404B-8F08-102D10DCFD74}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{8983036C-27C0-404B-8F08-102D10DCFD74}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{8983036C-27C0-404B-8F08-102D10DCFD74}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{8983036C-27C0-404B-8F08-102D10DCFD74}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{8983036C-27C0-404B-8F08-102D10DCFD74}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{8983036C-27C0-404B-8F08-102D10DCFD74}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{8983036C-27C0-404B-8F08-102D10DCFD74}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{8983036C-27C0-404B-8F08-102D10DCFD74}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{8983036C-27C0-404B-8F08-102D10DCFD74}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{8AD10C31-2ADB-4296-A8F7-E4701232C972}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{8AD10C31-2ADB-4296-A8F7-E4701232C972}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{8AD10C31-2ADB-4296-A8F7-E4701232C972}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{8AD10C31-2ADB-4296-A8F7-E4701232C972}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{8AD10C31-2ADB-4296-A8F7-E4701232C972}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{8AD10C31-2ADB-4296-A8F7-E4701232C972}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{8AD10C31-2ADB-4296-A8F7-E4701232C972}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{8AD10C31-2ADB-4296-A8F7-E4701232C972}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{8AD10C31-2ADB-4296-A8F7-E4701232C972}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{8AD10C31-2ADB-4296-A8F7-E4701232C972}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{8AD10C31-2ADB-4296-A8F7-E4701232C972}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{8AD10C31-2ADB-4296-A8F7-E4701232C972}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{8AD10C31-2ADB-4296-A8F7-E4701232C972}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{8AD10C31-2ADB-4296-A8F7-E4701232C972}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{8AD10C31-2ADB-4296-A8F7-E4701232C972}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{8AD10C31-2ADB-4296-A8F7-E4701232C972}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{8AD10C31-2ADB-4296-A8F7-E4701232C972}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{8AD10C31-2ADB-4296-A8F7-E4701232C972}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{8AD10C31-2ADB-4296-A8F7-E4701232C972}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{8AD10C31-2ADB-4296-A8F7-E4701232C972}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{905E63B6-C1BF-494E-B29C-65B732D3D21A}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{905E63B6-C1BF-494E-B29C-65B732D3D21A}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{905E63B6-C1BF-494E-B29C-65B732D3D21A}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{905E63B6-C1BF-494E-B29C-65B732D3D21A}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{905E63B6-C1BF-494E-B29C-65B732D3D21A}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{905E63B6-C1BF-494E-B29C-65B732D3D21A}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{905E63B6-C1BF-494E-B29C-65B732D3D21A}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{905E63B6-C1BF-494E-B29C-65B732D3D21A}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{905E63B6-C1BF-494E-B29C-65B732D3D21A}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{905E63B6-C1BF-494E-B29C-65B732D3D21A}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{905E63B6-C1BF-494E-B29C-65B732D3D21A}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{905E63B6-C1BF-494E-B29C-65B732D3D21A}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{905E63B6-C1BF-494E-B29C-65B732D3D21A}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{905E63B6-C1BF-494E-B29C-65B732D3D21A}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{905E63B6-C1BF-494E-B29C-65B732D3D21A}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{905E63B6-C1BF-494E-B29C-65B732D3D21A}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{905E63B6-C1BF-494E-B29C-65B732D3D21A}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{905E63B6-C1BF-494E-B29C-65B732D3D21A}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{905E63B6-C1BF-494E-B29C-65B732D3D21A}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{905E63B6-C1BF-494E-B29C-65B732D3D21A}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{915221FB-9EFE-4BDA-8FD7-F78DCA774F87}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{915221FB-9EFE-4BDA-8FD7-F78DCA774F87}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{915221FB-9EFE-4BDA-8FD7-F78DCA774F87}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{915221FB-9EFE-4BDA-8FD7-F78DCA774F87}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{915221FB-9EFE-4BDA-8FD7-F78DCA774F87}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{915221FB-9EFE-4BDA-8FD7-F78DCA774F87}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{915221FB-9EFE-4BDA-8FD7-F78DCA774F87}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{915221FB-9EFE-4BDA-8FD7-F78DCA774F87}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{915221FB-9EFE-4BDA-8FD7-F78DCA774F87}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{915221FB-9EFE-4BDA-8FD7-F78DCA774F87}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{915221FB-9EFE-4BDA-8FD7-F78DCA774F87}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{915221FB-9EFE-4BDA-8FD7-F78DCA774F87}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{915221FB-9EFE-4BDA-8FD7-F78DCA774F87}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{915221FB-9EFE-4BDA-8FD7-F78DCA774F87}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{915221FB-9EFE-4BDA-8FD7-F78DCA774F87}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{915221FB-9EFE-4BDA-8FD7-F78DCA774F87}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{915221FB-9EFE-4BDA-8FD7-F78DCA774F87}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{915221FB-9EFE-4BDA-8FD7-F78DCA774F87}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{915221FB-9EFE-4BDA-8FD7-F78DCA774F87}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{915221FB-9EFE-4BDA-8FD7-F78DCA774F87}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9274BD8D-CFD1-41C3-B35E-B13F55A758F4}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9274BD8D-CFD1-41C3-B35E-B13F55A758F4}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9274BD8D-CFD1-41C3-B35E-B13F55A758F4}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9274BD8D-CFD1-41C3-B35E-B13F55A758F4}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9274BD8D-CFD1-41C3-B35E-B13F55A758F4}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9274BD8D-CFD1-41C3-B35E-B13F55A758F4}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9274BD8D-CFD1-41C3-B35E-B13F55A758F4}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9274BD8D-CFD1-41C3-B35E-B13F55A758F4}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9274BD8D-CFD1-41C3-B35E-B13F55A758F4}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9274BD8D-CFD1-41C3-B35E-B13F55A758F4}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9274BD8D-CFD1-41C3-B35E-B13F55A758F4}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9274BD8D-CFD1-41C3-B35E-B13F55A758F4}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9274BD8D-CFD1-41C3-B35E-B13F55A758F4}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9274BD8D-CFD1-41C3-B35E-B13F55A758F4}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9274BD8D-CFD1-41C3-B35E-B13F55A758F4}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9274BD8D-CFD1-41C3-B35E-B13F55A758F4}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9274BD8D-CFD1-41C3-B35E-B13F55A758F4}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9274BD8D-CFD1-41C3-B35E-B13F55A758F4}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9274BD8D-CFD1-41C3-B35E-B13F55A758F4}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9274BD8D-CFD1-41C3-B35E-B13F55A758F4}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{98EC0E18-2098-4D44-8644-66979315A281}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{98EC0E18-2098-4D44-8644-66979315A281}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{98EC0E18-2098-4D44-8644-66979315A281}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{98EC0E18-2098-4D44-8644-66979315A281}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{98EC0E18-2098-4D44-8644-66979315A281}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{98EC0E18-2098-4D44-8644-66979315A281}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{98EC0E18-2098-4D44-8644-66979315A281}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{98EC0E18-2098-4D44-8644-66979315A281}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{98EC0E18-2098-4D44-8644-66979315A281}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{98EC0E18-2098-4D44-8644-66979315A281}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{98EC0E18-2098-4D44-8644-66979315A281}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{98EC0E18-2098-4D44-8644-66979315A281}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{98EC0E18-2098-4D44-8644-66979315A281}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{98EC0E18-2098-4D44-8644-66979315A281}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{98EC0E18-2098-4D44-8644-66979315A281}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{98EC0E18-2098-4D44-8644-66979315A281}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{98EC0E18-2098-4D44-8644-66979315A281}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{98EC0E18-2098-4D44-8644-66979315A281}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{98EC0E18-2098-4D44-8644-66979315A281}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{98EC0E18-2098-4D44-8644-66979315A281}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9E3995AB-1F9C-4F13-B827-48B24B6C7174}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9E3995AB-1F9C-4F13-B827-48B24B6C7174}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9E3995AB-1F9C-4F13-B827-48B24B6C7174}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9E3995AB-1F9C-4F13-B827-48B24B6C7174}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9E3995AB-1F9C-4F13-B827-48B24B6C7174}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9E3995AB-1F9C-4F13-B827-48B24B6C7174}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9E3995AB-1F9C-4F13-B827-48B24B6C7174}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9E3995AB-1F9C-4F13-B827-48B24B6C7174}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9E3995AB-1F9C-4F13-B827-48B24B6C7174}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9E3995AB-1F9C-4F13-B827-48B24B6C7174}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9E3995AB-1F9C-4F13-B827-48B24B6C7174}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9E3995AB-1F9C-4F13-B827-48B24B6C7174}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9E3995AB-1F9C-4F13-B827-48B24B6C7174}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9E3995AB-1F9C-4F13-B827-48B24B6C7174}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9E3995AB-1F9C-4F13-B827-48B24B6C7174}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9E3995AB-1F9C-4F13-B827-48B24B6C7174}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9E3995AB-1F9C-4F13-B827-48B24B6C7174}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9E3995AB-1F9C-4F13-B827-48B24B6C7174}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9E3995AB-1F9C-4F13-B827-48B24B6C7174}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9E3995AB-1F9C-4F13-B827-48B24B6C7174}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9E52AB10-F80D-49DF-ACB8-4330F5687855}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9E52AB10-F80D-49DF-ACB8-4330F5687855}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9E52AB10-F80D-49DF-ACB8-4330F5687855}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9E52AB10-F80D-49DF-ACB8-4330F5687855}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9E52AB10-F80D-49DF-ACB8-4330F5687855}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9E52AB10-F80D-49DF-ACB8-4330F5687855}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9E52AB10-F80D-49DF-ACB8-4330F5687855}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9E52AB10-F80D-49DF-ACB8-4330F5687855}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9E52AB10-F80D-49DF-ACB8-4330F5687855}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9E52AB10-F80D-49DF-ACB8-4330F5687855}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9E52AB10-F80D-49DF-ACB8-4330F5687855}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9E52AB10-F80D-49DF-ACB8-4330F5687855}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9E52AB10-F80D-49DF-ACB8-4330F5687855}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9E52AB10-F80D-49DF-ACB8-4330F5687855}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9E52AB10-F80D-49DF-ACB8-4330F5687855}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9E52AB10-F80D-49DF-ACB8-4330F5687855}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9E52AB10-F80D-49DF-ACB8-4330F5687855}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9E52AB10-F80D-49DF-ACB8-4330F5687855}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9E52AB10-F80D-49DF-ACB8-4330F5687855}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{9E52AB10-F80D-49DF-ACB8-4330F5687855}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A302545D-DEFF-464B-ABE8-61C8648D939B}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A302545D-DEFF-464B-ABE8-61C8648D939B}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A302545D-DEFF-464B-ABE8-61C8648D939B}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A302545D-DEFF-464B-ABE8-61C8648D939B}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A302545D-DEFF-464B-ABE8-61C8648D939B}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A302545D-DEFF-464B-ABE8-61C8648D939B}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A302545D-DEFF-464B-ABE8-61C8648D939B}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A302545D-DEFF-464B-ABE8-61C8648D939B}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A302545D-DEFF-464B-ABE8-61C8648D939B}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A302545D-DEFF-464B-ABE8-61C8648D939B}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A302545D-DEFF-464B-ABE8-61C8648D939B}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A302545D-DEFF-464B-ABE8-61C8648D939B}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A302545D-DEFF-464B-ABE8-61C8648D939B}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A302545D-DEFF-464B-ABE8-61C8648D939B}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A302545D-DEFF-464B-ABE8-61C8648D939B}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A302545D-DEFF-464B-ABE8-61C8648D939B}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A302545D-DEFF-464B-ABE8-61C8648D939B}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A302545D-DEFF-464B-ABE8-61C8648D939B}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A302545D-DEFF-464B-ABE8-61C8648D939B}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A302545D-DEFF-464B-ABE8-61C8648D939B}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A305CE99-F527-492B-8B1A-7E76FA98D6E4}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A305CE99-F527-492B-8B1A-7E76FA98D6E4}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A305CE99-F527-492B-8B1A-7E76FA98D6E4}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A305CE99-F527-492B-8B1A-7E76FA98D6E4}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A305CE99-F527-492B-8B1A-7E76FA98D6E4}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A305CE99-F527-492B-8B1A-7E76FA98D6E4}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A305CE99-F527-492B-8B1A-7E76FA98D6E4}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A305CE99-F527-492B-8B1A-7E76FA98D6E4}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A305CE99-F527-492B-8B1A-7E76FA98D6E4}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A305CE99-F527-492B-8B1A-7E76FA98D6E4}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A305CE99-F527-492B-8B1A-7E76FA98D6E4}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A305CE99-F527-492B-8B1A-7E76FA98D6E4}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A305CE99-F527-492B-8B1A-7E76FA98D6E4}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A305CE99-F527-492B-8B1A-7E76FA98D6E4}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A305CE99-F527-492B-8B1A-7E76FA98D6E4}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A305CE99-F527-492B-8B1A-7E76FA98D6E4}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A305CE99-F527-492B-8B1A-7E76FA98D6E4}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A305CE99-F527-492B-8B1A-7E76FA98D6E4}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A305CE99-F527-492B-8B1A-7E76FA98D6E4}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A305CE99-F527-492B-8B1A-7E76FA98D6E4}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A520A1A4-1780-4FF6-BD18-167343C5AF16}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A520A1A4-1780-4FF6-BD18-167343C5AF16}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A520A1A4-1780-4FF6-BD18-167343C5AF16}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A520A1A4-1780-4FF6-BD18-167343C5AF16}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A520A1A4-1780-4FF6-BD18-167343C5AF16}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A520A1A4-1780-4FF6-BD18-167343C5AF16}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A520A1A4-1780-4FF6-BD18-167343C5AF16}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A520A1A4-1780-4FF6-BD18-167343C5AF16}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A520A1A4-1780-4FF6-BD18-167343C5AF16}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A520A1A4-1780-4FF6-BD18-167343C5AF16}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A520A1A4-1780-4FF6-BD18-167343C5AF16}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A520A1A4-1780-4FF6-BD18-167343C5AF16}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A520A1A4-1780-4FF6-BD18-167343C5AF16}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A520A1A4-1780-4FF6-BD18-167343C5AF16}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A520A1A4-1780-4FF6-BD18-167343C5AF16}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A520A1A4-1780-4FF6-BD18-167343C5AF16}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A520A1A4-1780-4FF6-BD18-167343C5AF16}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A520A1A4-1780-4FF6-BD18-167343C5AF16}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A520A1A4-1780-4FF6-BD18-167343C5AF16}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A520A1A4-1780-4FF6-BD18-167343C5AF16}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A63293E8-664E-48DB-A079-DF759E0509F7}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A63293E8-664E-48DB-A079-DF759E0509F7}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A63293E8-664E-48DB-A079-DF759E0509F7}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A63293E8-664E-48DB-A079-DF759E0509F7}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A63293E8-664E-48DB-A079-DF759E0509F7}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A63293E8-664E-48DB-A079-DF759E0509F7}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A63293E8-664E-48DB-A079-DF759E0509F7}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A63293E8-664E-48DB-A079-DF759E0509F7}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A63293E8-664E-48DB-A079-DF759E0509F7}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A63293E8-664E-48DB-A079-DF759E0509F7}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A63293E8-664E-48DB-A079-DF759E0509F7}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A63293E8-664E-48DB-A079-DF759E0509F7}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A63293E8-664E-48DB-A079-DF759E0509F7}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A63293E8-664E-48DB-A079-DF759E0509F7}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A63293E8-664E-48DB-A079-DF759E0509F7}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A63293E8-664E-48DB-A079-DF759E0509F7}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A63293E8-664E-48DB-A079-DF759E0509F7}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A63293E8-664E-48DB-A079-DF759E0509F7}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A63293E8-664E-48DB-A079-DF759E0509F7}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A63293E8-664E-48DB-A079-DF759E0509F7}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A75D362E-50FC-4FB7-AC2C-A8BEAA314493}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A75D362E-50FC-4FB7-AC2C-A8BEAA314493}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A75D362E-50FC-4FB7-AC2C-A8BEAA314493}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A75D362E-50FC-4FB7-AC2C-A8BEAA314493}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A75D362E-50FC-4FB7-AC2C-A8BEAA314493}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A75D362E-50FC-4FB7-AC2C-A8BEAA314493}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A75D362E-50FC-4FB7-AC2C-A8BEAA314493}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A75D362E-50FC-4FB7-AC2C-A8BEAA314493}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A75D362E-50FC-4FB7-AC2C-A8BEAA314493}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A75D362E-50FC-4FB7-AC2C-A8BEAA314493}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A75D362E-50FC-4FB7-AC2C-A8BEAA314493}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A75D362E-50FC-4FB7-AC2C-A8BEAA314493}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A75D362E-50FC-4FB7-AC2C-A8BEAA314493}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A75D362E-50FC-4FB7-AC2C-A8BEAA314493}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A75D362E-50FC-4FB7-AC2C-A8BEAA314493}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A75D362E-50FC-4FB7-AC2C-A8BEAA314493}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A75D362E-50FC-4FB7-AC2C-A8BEAA314493}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A75D362E-50FC-4FB7-AC2C-A8BEAA314493}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A75D362E-50FC-4FB7-AC2C-A8BEAA314493}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A75D362E-50FC-4FB7-AC2C-A8BEAA314493}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A77F5D77-2E2B-44C3-A6A2-ABA601054A51}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A77F5D77-2E2B-44C3-A6A2-ABA601054A51}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A77F5D77-2E2B-44C3-A6A2-ABA601054A51}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A77F5D77-2E2B-44C3-A6A2-ABA601054A51}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A77F5D77-2E2B-44C3-A6A2-ABA601054A51}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A77F5D77-2E2B-44C3-A6A2-ABA601054A51}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A77F5D77-2E2B-44C3-A6A2-ABA601054A51}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A77F5D77-2E2B-44C3-A6A2-ABA601054A51}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A77F5D77-2E2B-44C3-A6A2-ABA601054A51}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A77F5D77-2E2B-44C3-A6A2-ABA601054A51}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A77F5D77-2E2B-44C3-A6A2-ABA601054A51}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A77F5D77-2E2B-44C3-A6A2-ABA601054A51}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A77F5D77-2E2B-44C3-A6A2-ABA601054A51}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A77F5D77-2E2B-44C3-A6A2-ABA601054A51}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A77F5D77-2E2B-44C3-A6A2-ABA601054A51}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A77F5D77-2E2B-44C3-A6A2-ABA601054A51}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A77F5D77-2E2B-44C3-A6A2-ABA601054A51}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A77F5D77-2E2B-44C3-A6A2-ABA601054A51}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A77F5D77-2E2B-44C3-A6A2-ABA601054A51}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A77F5D77-2E2B-44C3-A6A2-ABA601054A51}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A990AE9F-A03B-4E80-94BC-9912D7504104}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A990AE9F-A03B-4E80-94BC-9912D7504104}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A990AE9F-A03B-4E80-94BC-9912D7504104}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A990AE9F-A03B-4E80-94BC-9912D7504104}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A990AE9F-A03B-4E80-94BC-9912D7504104}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A990AE9F-A03B-4E80-94BC-9912D7504104}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A990AE9F-A03B-4E80-94BC-9912D7504104}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A990AE9F-A03B-4E80-94BC-9912D7504104}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A990AE9F-A03B-4E80-94BC-9912D7504104}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A990AE9F-A03B-4E80-94BC-9912D7504104}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A990AE9F-A03B-4E80-94BC-9912D7504104}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A990AE9F-A03B-4E80-94BC-9912D7504104}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A990AE9F-A03B-4E80-94BC-9912D7504104}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A990AE9F-A03B-4E80-94BC-9912D7504104}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A990AE9F-A03B-4E80-94BC-9912D7504104}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A990AE9F-A03B-4E80-94BC-9912D7504104}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A990AE9F-A03B-4E80-94BC-9912D7504104}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A990AE9F-A03B-4E80-94BC-9912D7504104}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A990AE9F-A03B-4E80-94BC-9912D7504104}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{A990AE9F-A03B-4E80-94BC-9912D7504104}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B250C668-F57D-4EE1-A63C-290EE7D1AA1F}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B250C668-F57D-4EE1-A63C-290EE7D1AA1F}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B250C668-F57D-4EE1-A63C-290EE7D1AA1F}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B250C668-F57D-4EE1-A63C-290EE7D1AA1F}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B250C668-F57D-4EE1-A63C-290EE7D1AA1F}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B250C668-F57D-4EE1-A63C-290EE7D1AA1F}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B250C668-F57D-4EE1-A63C-290EE7D1AA1F}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B250C668-F57D-4EE1-A63C-290EE7D1AA1F}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B250C668-F57D-4EE1-A63C-290EE7D1AA1F}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B250C668-F57D-4EE1-A63C-290EE7D1AA1F}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B250C668-F57D-4EE1-A63C-290EE7D1AA1F}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B250C668-F57D-4EE1-A63C-290EE7D1AA1F}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B250C668-F57D-4EE1-A63C-290EE7D1AA1F}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B250C668-F57D-4EE1-A63C-290EE7D1AA1F}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B250C668-F57D-4EE1-A63C-290EE7D1AA1F}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B250C668-F57D-4EE1-A63C-290EE7D1AA1F}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B250C668-F57D-4EE1-A63C-290EE7D1AA1F}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B250C668-F57D-4EE1-A63C-290EE7D1AA1F}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B250C668-F57D-4EE1-A63C-290EE7D1AA1F}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B250C668-F57D-4EE1-A63C-290EE7D1AA1F}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B6EBFB86-6907-413C-9AF7-4FC2ABF07CC5}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B6EBFB86-6907-413C-9AF7-4FC2ABF07CC5}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B6EBFB86-6907-413C-9AF7-4FC2ABF07CC5}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B6EBFB86-6907-413C-9AF7-4FC2ABF07CC5}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B6EBFB86-6907-413C-9AF7-4FC2ABF07CC5}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B6EBFB86-6907-413C-9AF7-4FC2ABF07CC5}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B6EBFB86-6907-413C-9AF7-4FC2ABF07CC5}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B6EBFB86-6907-413C-9AF7-4FC2ABF07CC5}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B6EBFB86-6907-413C-9AF7-4FC2ABF07CC5}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B6EBFB86-6907-413C-9AF7-4FC2ABF07CC5}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B6EBFB86-6907-413C-9AF7-4FC2ABF07CC5}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B6EBFB86-6907-413C-9AF7-4FC2ABF07CC5}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B6EBFB86-6907-413C-9AF7-4FC2ABF07CC5}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B6EBFB86-6907-413C-9AF7-4FC2ABF07CC5}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B6EBFB86-6907-413C-9AF7-4FC2ABF07CC5}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B6EBFB86-6907-413C-9AF7-4FC2ABF07CC5}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B6EBFB86-6907-413C-9AF7-4FC2ABF07CC5}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B6EBFB86-6907-413C-9AF7-4FC2ABF07CC5}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B6EBFB86-6907-413C-9AF7-4FC2ABF07CC5}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B6EBFB86-6907-413C-9AF7-4FC2ABF07CC5}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B7534046-3ECB-4C18-BE4E-64CD4CB7D6AC}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B7534046-3ECB-4C18-BE4E-64CD4CB7D6AC}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B7534046-3ECB-4C18-BE4E-64CD4CB7D6AC}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B7534046-3ECB-4C18-BE4E-64CD4CB7D6AC}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B7534046-3ECB-4C18-BE4E-64CD4CB7D6AC}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B7534046-3ECB-4C18-BE4E-64CD4CB7D6AC}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B7534046-3ECB-4C18-BE4E-64CD4CB7D6AC}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B7534046-3ECB-4C18-BE4E-64CD4CB7D6AC}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B7534046-3ECB-4C18-BE4E-64CD4CB7D6AC}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B7534046-3ECB-4C18-BE4E-64CD4CB7D6AC}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B7534046-3ECB-4C18-BE4E-64CD4CB7D6AC}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B7534046-3ECB-4C18-BE4E-64CD4CB7D6AC}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B7534046-3ECB-4C18-BE4E-64CD4CB7D6AC}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B7534046-3ECB-4C18-BE4E-64CD4CB7D6AC}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B7534046-3ECB-4C18-BE4E-64CD4CB7D6AC}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B7534046-3ECB-4C18-BE4E-64CD4CB7D6AC}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B7534046-3ECB-4C18-BE4E-64CD4CB7D6AC}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B7534046-3ECB-4C18-BE4E-64CD4CB7D6AC}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B7534046-3ECB-4C18-BE4E-64CD4CB7D6AC}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B7534046-3ECB-4C18-BE4E-64CD4CB7D6AC}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B88F4DAA-E7BD-49A9-B74D-02885A5DC765}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B88F4DAA-E7BD-49A9-B74D-02885A5DC765}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B88F4DAA-E7BD-49A9-B74D-02885A5DC765}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B88F4DAA-E7BD-49A9-B74D-02885A5DC765}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B88F4DAA-E7BD-49A9-B74D-02885A5DC765}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B88F4DAA-E7BD-49A9-B74D-02885A5DC765}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B88F4DAA-E7BD-49A9-B74D-02885A5DC765}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B88F4DAA-E7BD-49A9-B74D-02885A5DC765}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B88F4DAA-E7BD-49A9-B74D-02885A5DC765}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B88F4DAA-E7BD-49A9-B74D-02885A5DC765}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B88F4DAA-E7BD-49A9-B74D-02885A5DC765}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B88F4DAA-E7BD-49A9-B74D-02885A5DC765}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B88F4DAA-E7BD-49A9-B74D-02885A5DC765}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B88F4DAA-E7BD-49A9-B74D-02885A5DC765}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B88F4DAA-E7BD-49A9-B74D-02885A5DC765}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B88F4DAA-E7BD-49A9-B74D-02885A5DC765}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B88F4DAA-E7BD-49A9-B74D-02885A5DC765}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B88F4DAA-E7BD-49A9-B74D-02885A5DC765}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B88F4DAA-E7BD-49A9-B74D-02885A5DC765}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B88F4DAA-E7BD-49A9-B74D-02885A5DC765}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B94237E7-57AC-4347-9151-B08C6C32D1F7}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B94237E7-57AC-4347-9151-B08C6C32D1F7}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B94237E7-57AC-4347-9151-B08C6C32D1F7}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B94237E7-57AC-4347-9151-B08C6C32D1F7}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B94237E7-57AC-4347-9151-B08C6C32D1F7}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B94237E7-57AC-4347-9151-B08C6C32D1F7}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B94237E7-57AC-4347-9151-B08C6C32D1F7}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B94237E7-57AC-4347-9151-B08C6C32D1F7}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B94237E7-57AC-4347-9151-B08C6C32D1F7}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B94237E7-57AC-4347-9151-B08C6C32D1F7}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B94237E7-57AC-4347-9151-B08C6C32D1F7}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B94237E7-57AC-4347-9151-B08C6C32D1F7}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B94237E7-57AC-4347-9151-B08C6C32D1F7}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B94237E7-57AC-4347-9151-B08C6C32D1F7}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B94237E7-57AC-4347-9151-B08C6C32D1F7}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B94237E7-57AC-4347-9151-B08C6C32D1F7}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B94237E7-57AC-4347-9151-B08C6C32D1F7}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B94237E7-57AC-4347-9151-B08C6C32D1F7}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B94237E7-57AC-4347-9151-B08C6C32D1F7}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B94237E7-57AC-4347-9151-B08C6C32D1F7}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{B97D20BB-F46A-4C97-BA10-5E3608430854}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BCB5256F-79F6-4CEE-B725-DC34E402FD46}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BCB5256F-79F6-4CEE-B725-DC34E402FD46}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BCB5256F-79F6-4CEE-B725-DC34E402FD46}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BCB5256F-79F6-4CEE-B725-DC34E402FD46}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BCB5256F-79F6-4CEE-B725-DC34E402FD46}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BCB5256F-79F6-4CEE-B725-DC34E402FD46}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BCB5256F-79F6-4CEE-B725-DC34E402FD46}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BCB5256F-79F6-4CEE-B725-DC34E402FD46}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BCB5256F-79F6-4CEE-B725-DC34E402FD46}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BCB5256F-79F6-4CEE-B725-DC34E402FD46}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BCB5256F-79F6-4CEE-B725-DC34E402FD46}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BCB5256F-79F6-4CEE-B725-DC34E402FD46}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BCB5256F-79F6-4CEE-B725-DC34E402FD46}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BCB5256F-79F6-4CEE-B725-DC34E402FD46}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BCB5256F-79F6-4CEE-B725-DC34E402FD46}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BCB5256F-79F6-4CEE-B725-DC34E402FD46}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BCB5256F-79F6-4CEE-B725-DC34E402FD46}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BCB5256F-79F6-4CEE-B725-DC34E402FD46}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BCB5256F-79F6-4CEE-B725-DC34E402FD46}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BCB5256F-79F6-4CEE-B725-DC34E402FD46}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BCBD3057-CA5C-4622-B42D-BC56DB0AE516}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BCBD3057-CA5C-4622-B42D-BC56DB0AE516}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BCBD3057-CA5C-4622-B42D-BC56DB0AE516}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BCBD3057-CA5C-4622-B42D-BC56DB0AE516}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BCBD3057-CA5C-4622-B42D-BC56DB0AE516}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BCBD3057-CA5C-4622-B42D-BC56DB0AE516}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BCBD3057-CA5C-4622-B42D-BC56DB0AE516}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BCBD3057-CA5C-4622-B42D-BC56DB0AE516}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BCBD3057-CA5C-4622-B42D-BC56DB0AE516}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BCBD3057-CA5C-4622-B42D-BC56DB0AE516}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BCBD3057-CA5C-4622-B42D-BC56DB0AE516}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BCBD3057-CA5C-4622-B42D-BC56DB0AE516}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BCBD3057-CA5C-4622-B42D-BC56DB0AE516}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BCBD3057-CA5C-4622-B42D-BC56DB0AE516}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BCBD3057-CA5C-4622-B42D-BC56DB0AE516}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BCBD3057-CA5C-4622-B42D-BC56DB0AE516}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BCBD3057-CA5C-4622-B42D-BC56DB0AE516}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BCBD3057-CA5C-4622-B42D-BC56DB0AE516}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BCBD3057-CA5C-4622-B42D-BC56DB0AE516}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BCBD3057-CA5C-4622-B42D-BC56DB0AE516}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BFB9D5E0-C6A9-404C-B2B2-AE6DB6AF4968}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BFB9D5E0-C6A9-404C-B2B2-AE6DB6AF4968}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BFB9D5E0-C6A9-404C-B2B2-AE6DB6AF4968}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BFB9D5E0-C6A9-404C-B2B2-AE6DB6AF4968}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BFB9D5E0-C6A9-404C-B2B2-AE6DB6AF4968}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BFB9D5E0-C6A9-404C-B2B2-AE6DB6AF4968}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BFB9D5E0-C6A9-404C-B2B2-AE6DB6AF4968}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BFB9D5E0-C6A9-404C-B2B2-AE6DB6AF4968}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BFB9D5E0-C6A9-404C-B2B2-AE6DB6AF4968}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BFB9D5E0-C6A9-404C-B2B2-AE6DB6AF4968}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BFB9D5E0-C6A9-404C-B2B2-AE6DB6AF4968}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BFB9D5E0-C6A9-404C-B2B2-AE6DB6AF4968}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BFB9D5E0-C6A9-404C-B2B2-AE6DB6AF4968}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BFB9D5E0-C6A9-404C-B2B2-AE6DB6AF4968}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BFB9D5E0-C6A9-404C-B2B2-AE6DB6AF4968}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BFB9D5E0-C6A9-404C-B2B2-AE6DB6AF4968}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BFB9D5E0-C6A9-404C-B2B2-AE6DB6AF4968}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BFB9D5E0-C6A9-404C-B2B2-AE6DB6AF4968}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BFB9D5E0-C6A9-404C-B2B2-AE6DB6AF4968}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{BFB9D5E0-C6A9-404C-B2B2-AE6DB6AF4968}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C1BAE2D0-10DF-4334-BEDD-7AA20B227A9D}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C1BAE2D0-10DF-4334-BEDD-7AA20B227A9D}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C1BAE2D0-10DF-4334-BEDD-7AA20B227A9D}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C1BAE2D0-10DF-4334-BEDD-7AA20B227A9D}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C1BAE2D0-10DF-4334-BEDD-7AA20B227A9D}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C1BAE2D0-10DF-4334-BEDD-7AA20B227A9D}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C1BAE2D0-10DF-4334-BEDD-7AA20B227A9D}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C1BAE2D0-10DF-4334-BEDD-7AA20B227A9D}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C1BAE2D0-10DF-4334-BEDD-7AA20B227A9D}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C1BAE2D0-10DF-4334-BEDD-7AA20B227A9D}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C1BAE2D0-10DF-4334-BEDD-7AA20B227A9D}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C1BAE2D0-10DF-4334-BEDD-7AA20B227A9D}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C1BAE2D0-10DF-4334-BEDD-7AA20B227A9D}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C1BAE2D0-10DF-4334-BEDD-7AA20B227A9D}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C1BAE2D0-10DF-4334-BEDD-7AA20B227A9D}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C1BAE2D0-10DF-4334-BEDD-7AA20B227A9D}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C1BAE2D0-10DF-4334-BEDD-7AA20B227A9D}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C1BAE2D0-10DF-4334-BEDD-7AA20B227A9D}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C1BAE2D0-10DF-4334-BEDD-7AA20B227A9D}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C1BAE2D0-10DF-4334-BEDD-7AA20B227A9D}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C4900540-2379-4C75-844B-64E6FAF8716B}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C4900540-2379-4C75-844B-64E6FAF8716B}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C4900540-2379-4C75-844B-64E6FAF8716B}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C4900540-2379-4C75-844B-64E6FAF8716B}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C4900540-2379-4C75-844B-64E6FAF8716B}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C4900540-2379-4C75-844B-64E6FAF8716B}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C4900540-2379-4C75-844B-64E6FAF8716B}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C4900540-2379-4C75-844B-64E6FAF8716B}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C4900540-2379-4C75-844B-64E6FAF8716B}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C4900540-2379-4C75-844B-64E6FAF8716B}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C4900540-2379-4C75-844B-64E6FAF8716B}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C4900540-2379-4C75-844B-64E6FAF8716B}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C4900540-2379-4C75-844B-64E6FAF8716B}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C4900540-2379-4C75-844B-64E6FAF8716B}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C4900540-2379-4C75-844B-64E6FAF8716B}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C4900540-2379-4C75-844B-64E6FAF8716B}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C4900540-2379-4C75-844B-64E6FAF8716B}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C4900540-2379-4C75-844B-64E6FAF8716B}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C4900540-2379-4C75-844B-64E6FAF8716B}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C4900540-2379-4C75-844B-64E6FAF8716B}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C4AA340D-F20F-4863-AFEF-F87EF2E6BA25}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C5ABBF53-E17F-4121-8900-86626FC2C973}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C5ABBF53-E17F-4121-8900-86626FC2C973}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C5ABBF53-E17F-4121-8900-86626FC2C973}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C5ABBF53-E17F-4121-8900-86626FC2C973}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C5ABBF53-E17F-4121-8900-86626FC2C973}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C5ABBF53-E17F-4121-8900-86626FC2C973}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C5ABBF53-E17F-4121-8900-86626FC2C973}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C5ABBF53-E17F-4121-8900-86626FC2C973}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C5ABBF53-E17F-4121-8900-86626FC2C973}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C5ABBF53-E17F-4121-8900-86626FC2C973}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C5ABBF53-E17F-4121-8900-86626FC2C973}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C5ABBF53-E17F-4121-8900-86626FC2C973}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C5ABBF53-E17F-4121-8900-86626FC2C973}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C5ABBF53-E17F-4121-8900-86626FC2C973}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C5ABBF53-E17F-4121-8900-86626FC2C973}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C5ABBF53-E17F-4121-8900-86626FC2C973}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C5ABBF53-E17F-4121-8900-86626FC2C973}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C5ABBF53-E17F-4121-8900-86626FC2C973}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C5ABBF53-E17F-4121-8900-86626FC2C973}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C5ABBF53-E17F-4121-8900-86626FC2C973}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C870044B-F49E-4126-A9C3-B52A1FF411E8}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C870044B-F49E-4126-A9C3-B52A1FF411E8}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C870044B-F49E-4126-A9C3-B52A1FF411E8}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C870044B-F49E-4126-A9C3-B52A1FF411E8}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C870044B-F49E-4126-A9C3-B52A1FF411E8}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C870044B-F49E-4126-A9C3-B52A1FF411E8}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C870044B-F49E-4126-A9C3-B52A1FF411E8}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C870044B-F49E-4126-A9C3-B52A1FF411E8}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C870044B-F49E-4126-A9C3-B52A1FF411E8}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C870044B-F49E-4126-A9C3-B52A1FF411E8}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C870044B-F49E-4126-A9C3-B52A1FF411E8}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C870044B-F49E-4126-A9C3-B52A1FF411E8}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C870044B-F49E-4126-A9C3-B52A1FF411E8}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C870044B-F49E-4126-A9C3-B52A1FF411E8}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C870044B-F49E-4126-A9C3-B52A1FF411E8}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C870044B-F49E-4126-A9C3-B52A1FF411E8}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C870044B-F49E-4126-A9C3-B52A1FF411E8}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C870044B-F49E-4126-A9C3-B52A1FF411E8}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C870044B-F49E-4126-A9C3-B52A1FF411E8}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{C870044B-F49E-4126-A9C3-B52A1FF411E8}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{CAC52C1A-B53D-4EDC-92D7-6B2E8AC19434}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{CAC52C1A-B53D-4EDC-92D7-6B2E8AC19434}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{CAC52C1A-B53D-4EDC-92D7-6B2E8AC19434}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{CAC52C1A-B53D-4EDC-92D7-6B2E8AC19434}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{CAC52C1A-B53D-4EDC-92D7-6B2E8AC19434}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{CAC52C1A-B53D-4EDC-92D7-6B2E8AC19434}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{CAC52C1A-B53D-4EDC-92D7-6B2E8AC19434}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{CAC52C1A-B53D-4EDC-92D7-6B2E8AC19434}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{CAC52C1A-B53D-4EDC-92D7-6B2E8AC19434}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{CAC52C1A-B53D-4EDC-92D7-6B2E8AC19434}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{CAC52C1A-B53D-4EDC-92D7-6B2E8AC19434}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{CAC52C1A-B53D-4EDC-92D7-6B2E8AC19434}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{CAC52C1A-B53D-4EDC-92D7-6B2E8AC19434}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{CAC52C1A-B53D-4EDC-92D7-6B2E8AC19434}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{CAC52C1A-B53D-4EDC-92D7-6B2E8AC19434}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{CAC52C1A-B53D-4EDC-92D7-6B2E8AC19434}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{CAC52C1A-B53D-4EDC-92D7-6B2E8AC19434}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{CAC52C1A-B53D-4EDC-92D7-6B2E8AC19434}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{CAC52C1A-B53D-4EDC-92D7-6B2E8AC19434}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{CAC52C1A-B53D-4EDC-92D7-6B2E8AC19434}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D0384E7D-BAC3-4797-8F14-CBA229B392B5}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D0384E7D-BAC3-4797-8F14-CBA229B392B5}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D0384E7D-BAC3-4797-8F14-CBA229B392B5}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D0384E7D-BAC3-4797-8F14-CBA229B392B5}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D0384E7D-BAC3-4797-8F14-CBA229B392B5}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D0384E7D-BAC3-4797-8F14-CBA229B392B5}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D0384E7D-BAC3-4797-8F14-CBA229B392B5}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D0384E7D-BAC3-4797-8F14-CBA229B392B5}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D0384E7D-BAC3-4797-8F14-CBA229B392B5}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D0384E7D-BAC3-4797-8F14-CBA229B392B5}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D0384E7D-BAC3-4797-8F14-CBA229B392B5}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D0384E7D-BAC3-4797-8F14-CBA229B392B5}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D0384E7D-BAC3-4797-8F14-CBA229B392B5}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D0384E7D-BAC3-4797-8F14-CBA229B392B5}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D0384E7D-BAC3-4797-8F14-CBA229B392B5}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D0384E7D-BAC3-4797-8F14-CBA229B392B5}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D0384E7D-BAC3-4797-8F14-CBA229B392B5}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D0384E7D-BAC3-4797-8F14-CBA229B392B5}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D0384E7D-BAC3-4797-8F14-CBA229B392B5}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D0384E7D-BAC3-4797-8F14-CBA229B392B5}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D20BEEC4-5CA8-4905-AE3B-BF251EA09B53}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D20BEEC4-5CA8-4905-AE3B-BF251EA09B53}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D20BEEC4-5CA8-4905-AE3B-BF251EA09B53}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D20BEEC4-5CA8-4905-AE3B-BF251EA09B53}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D20BEEC4-5CA8-4905-AE3B-BF251EA09B53}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D20BEEC4-5CA8-4905-AE3B-BF251EA09B53}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D20BEEC4-5CA8-4905-AE3B-BF251EA09B53}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D20BEEC4-5CA8-4905-AE3B-BF251EA09B53}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D20BEEC4-5CA8-4905-AE3B-BF251EA09B53}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D20BEEC4-5CA8-4905-AE3B-BF251EA09B53}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D20BEEC4-5CA8-4905-AE3B-BF251EA09B53}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D20BEEC4-5CA8-4905-AE3B-BF251EA09B53}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D20BEEC4-5CA8-4905-AE3B-BF251EA09B53}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D20BEEC4-5CA8-4905-AE3B-BF251EA09B53}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D20BEEC4-5CA8-4905-AE3B-BF251EA09B53}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D20BEEC4-5CA8-4905-AE3B-BF251EA09B53}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D20BEEC4-5CA8-4905-AE3B-BF251EA09B53}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D20BEEC4-5CA8-4905-AE3B-BF251EA09B53}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D20BEEC4-5CA8-4905-AE3B-BF251EA09B53}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D20BEEC4-5CA8-4905-AE3B-BF251EA09B53}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE61D971-5EBC-4F02-A3A9-6C82895E5C04}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE61D971-5EBC-4F02-A3A9-6C82895E5C04}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE61D971-5EBC-4F02-A3A9-6C82895E5C04}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE61D971-5EBC-4F02-A3A9-6C82895E5C04}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE61D971-5EBC-4F02-A3A9-6C82895E5C04}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE61D971-5EBC-4F02-A3A9-6C82895E5C04}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE61D971-5EBC-4F02-A3A9-6C82895E5C04}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE61D971-5EBC-4F02-A3A9-6C82895E5C04}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE61D971-5EBC-4F02-A3A9-6C82895E5C04}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE61D971-5EBC-4F02-A3A9-6C82895E5C04}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE61D971-5EBC-4F02-A3A9-6C82895E5C04}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE61D971-5EBC-4F02-A3A9-6C82895E5C04}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE61D971-5EBC-4F02-A3A9-6C82895E5C04}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE61D971-5EBC-4F02-A3A9-6C82895E5C04}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE61D971-5EBC-4F02-A3A9-6C82895E5C04}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE61D971-5EBC-4F02-A3A9-6C82895E5C04}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE61D971-5EBC-4F02-A3A9-6C82895E5C04}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE61D971-5EBC-4F02-A3A9-6C82895E5C04}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE61D971-5EBC-4F02-A3A9-6C82895E5C04}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE61D971-5EBC-4F02-A3A9-6C82895E5C04}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE92C1C7-837F-4F69-A3BB-86E631204A23}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE92C1C7-837F-4F69-A3BB-86E631204A23}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE92C1C7-837F-4F69-A3BB-86E631204A23}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE92C1C7-837F-4F69-A3BB-86E631204A23}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE92C1C7-837F-4F69-A3BB-86E631204A23}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE92C1C7-837F-4F69-A3BB-86E631204A23}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE92C1C7-837F-4F69-A3BB-86E631204A23}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE92C1C7-837F-4F69-A3BB-86E631204A23}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE92C1C7-837F-4F69-A3BB-86E631204A23}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE92C1C7-837F-4F69-A3BB-86E631204A23}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE92C1C7-837F-4F69-A3BB-86E631204A23}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE92C1C7-837F-4F69-A3BB-86E631204A23}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE92C1C7-837F-4F69-A3BB-86E631204A23}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE92C1C7-837F-4F69-A3BB-86E631204A23}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE92C1C7-837F-4F69-A3BB-86E631204A23}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE92C1C7-837F-4F69-A3BB-86E631204A23}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE92C1C7-837F-4F69-A3BB-86E631204A23}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE92C1C7-837F-4F69-A3BB-86E631204A23}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE92C1C7-837F-4F69-A3BB-86E631204A23}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE92C1C7-837F-4F69-A3BB-86E631204A23}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE974D24-D9C6-4D3E-BF91-F4455120B917}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE974D24-D9C6-4D3E-BF91-F4455120B917}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE974D24-D9C6-4D3E-BF91-F4455120B917}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE974D24-D9C6-4D3E-BF91-F4455120B917}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE974D24-D9C6-4D3E-BF91-F4455120B917}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE974D24-D9C6-4D3E-BF91-F4455120B917}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE974D24-D9C6-4D3E-BF91-F4455120B917}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE974D24-D9C6-4D3E-BF91-F4455120B917}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE974D24-D9C6-4D3E-BF91-F4455120B917}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE974D24-D9C6-4D3E-BF91-F4455120B917}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE974D24-D9C6-4D3E-BF91-F4455120B917}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE974D24-D9C6-4D3E-BF91-F4455120B917}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE974D24-D9C6-4D3E-BF91-F4455120B917}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE974D24-D9C6-4D3E-BF91-F4455120B917}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE974D24-D9C6-4D3E-BF91-F4455120B917}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE974D24-D9C6-4D3E-BF91-F4455120B917}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE974D24-D9C6-4D3E-BF91-F4455120B917}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE974D24-D9C6-4D3E-BF91-F4455120B917}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE974D24-D9C6-4D3E-BF91-F4455120B917}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DE974D24-D9C6-4D3E-BF91-F4455120B917}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DEBF2536-E1A8-4C59-B6A2-414586476AEA}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DEBF2536-E1A8-4C59-B6A2-414586476AEA}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DEBF2536-E1A8-4C59-B6A2-414586476AEA}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DEBF2536-E1A8-4C59-B6A2-414586476AEA}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DEBF2536-E1A8-4C59-B6A2-414586476AEA}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DEBF2536-E1A8-4C59-B6A2-414586476AEA}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DEBF2536-E1A8-4C59-B6A2-414586476AEA}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DEBF2536-E1A8-4C59-B6A2-414586476AEA}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DEBF2536-E1A8-4C59-B6A2-414586476AEA}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DEBF2536-E1A8-4C59-B6A2-414586476AEA}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DEBF2536-E1A8-4C59-B6A2-414586476AEA}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DEBF2536-E1A8-4C59-B6A2-414586476AEA}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DEBF2536-E1A8-4C59-B6A2-414586476AEA}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DEBF2536-E1A8-4C59-B6A2-414586476AEA}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DEBF2536-E1A8-4C59-B6A2-414586476AEA}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DEBF2536-E1A8-4C59-B6A2-414586476AEA}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DEBF2536-E1A8-4C59-B6A2-414586476AEA}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DEBF2536-E1A8-4C59-B6A2-414586476AEA}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DEBF2536-E1A8-4C59-B6A2-414586476AEA}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DEBF2536-E1A8-4C59-B6A2-414586476AEA}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DF7266AC-9274-4867-8D55-3BD661DE872D}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DF7266AC-9274-4867-8D55-3BD661DE872D}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DF7266AC-9274-4867-8D55-3BD661DE872D}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DF7266AC-9274-4867-8D55-3BD661DE872D}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DF7266AC-9274-4867-8D55-3BD661DE872D}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DF7266AC-9274-4867-8D55-3BD661DE872D}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DF7266AC-9274-4867-8D55-3BD661DE872D}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DF7266AC-9274-4867-8D55-3BD661DE872D}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DF7266AC-9274-4867-8D55-3BD661DE872D}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DF7266AC-9274-4867-8D55-3BD661DE872D}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DF7266AC-9274-4867-8D55-3BD661DE872D}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DF7266AC-9274-4867-8D55-3BD661DE872D}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DF7266AC-9274-4867-8D55-3BD661DE872D}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DF7266AC-9274-4867-8D55-3BD661DE872D}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DF7266AC-9274-4867-8D55-3BD661DE872D}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DF7266AC-9274-4867-8D55-3BD661DE872D}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DF7266AC-9274-4867-8D55-3BD661DE872D}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DF7266AC-9274-4867-8D55-3BD661DE872D}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DF7266AC-9274-4867-8D55-3BD661DE872D}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DF7266AC-9274-4867-8D55-3BD661DE872D}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DFDF76A2-C82A-4D63-906A-5644AC457385}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DFDF76A2-C82A-4D63-906A-5644AC457385}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DFDF76A2-C82A-4D63-906A-5644AC457385}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DFDF76A2-C82A-4D63-906A-5644AC457385}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DFDF76A2-C82A-4D63-906A-5644AC457385}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DFDF76A2-C82A-4D63-906A-5644AC457385}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DFDF76A2-C82A-4D63-906A-5644AC457385}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DFDF76A2-C82A-4D63-906A-5644AC457385}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DFDF76A2-C82A-4D63-906A-5644AC457385}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DFDF76A2-C82A-4D63-906A-5644AC457385}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DFDF76A2-C82A-4D63-906A-5644AC457385}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DFDF76A2-C82A-4D63-906A-5644AC457385}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DFDF76A2-C82A-4D63-906A-5644AC457385}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DFDF76A2-C82A-4D63-906A-5644AC457385}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DFDF76A2-C82A-4D63-906A-5644AC457385}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DFDF76A2-C82A-4D63-906A-5644AC457385}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DFDF76A2-C82A-4D63-906A-5644AC457385}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DFDF76A2-C82A-4D63-906A-5644AC457385}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DFDF76A2-C82A-4D63-906A-5644AC457385}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{DFDF76A2-C82A-4D63-906A-5644AC457385}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{E555AB60-153B-4D17-9F04-A5FE99FC15EC}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{E555AB60-153B-4D17-9F04-A5FE99FC15EC}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{E555AB60-153B-4D17-9F04-A5FE99FC15EC}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{E555AB60-153B-4D17-9F04-A5FE99FC15EC}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{E555AB60-153B-4D17-9F04-A5FE99FC15EC}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{E555AB60-153B-4D17-9F04-A5FE99FC15EC}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{E555AB60-153B-4D17-9F04-A5FE99FC15EC}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{E555AB60-153B-4D17-9F04-A5FE99FC15EC}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{E555AB60-153B-4D17-9F04-A5FE99FC15EC}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{E555AB60-153B-4D17-9F04-A5FE99FC15EC}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{E555AB60-153B-4D17-9F04-A5FE99FC15EC}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{E555AB60-153B-4D17-9F04-A5FE99FC15EC}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{E555AB60-153B-4D17-9F04-A5FE99FC15EC}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{E555AB60-153B-4D17-9F04-A5FE99FC15EC}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{E555AB60-153B-4D17-9F04-A5FE99FC15EC}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{E555AB60-153B-4D17-9F04-A5FE99FC15EC}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{E555AB60-153B-4D17-9F04-A5FE99FC15EC}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{E555AB60-153B-4D17-9F04-A5FE99FC15EC}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{E555AB60-153B-4D17-9F04-A5FE99FC15EC}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{E555AB60-153B-4D17-9F04-A5FE99FC15EC}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{ED4824AF-DCE4-45A8-81E2-FC7965083634}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{ED4824AF-DCE4-45A8-81E2-FC7965083634}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{ED4824AF-DCE4-45A8-81E2-FC7965083634}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{ED4824AF-DCE4-45A8-81E2-FC7965083634}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{ED4824AF-DCE4-45A8-81E2-FC7965083634}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{ED4824AF-DCE4-45A8-81E2-FC7965083634}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{ED4824AF-DCE4-45A8-81E2-FC7965083634}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{ED4824AF-DCE4-45A8-81E2-FC7965083634}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{ED4824AF-DCE4-45A8-81E2-FC7965083634}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{ED4824AF-DCE4-45A8-81E2-FC7965083634}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{ED4824AF-DCE4-45A8-81E2-FC7965083634}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{ED4824AF-DCE4-45A8-81E2-FC7965083634}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{ED4824AF-DCE4-45A8-81E2-FC7965083634}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{ED4824AF-DCE4-45A8-81E2-FC7965083634}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{ED4824AF-DCE4-45A8-81E2-FC7965083634}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{ED4824AF-DCE4-45A8-81E2-FC7965083634}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{ED4824AF-DCE4-45A8-81E2-FC7965083634}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{ED4824AF-DCE4-45A8-81E2-FC7965083634}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{ED4824AF-DCE4-45A8-81E2-FC7965083634}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{ED4824AF-DCE4-45A8-81E2-FC7965083634}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{EE32E446-31CA-4ABA-814F-A5EBD2FD6D5E}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{EE32E446-31CA-4ABA-814F-A5EBD2FD6D5E}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{EE32E446-31CA-4ABA-814F-A5EBD2FD6D5E}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{EE32E446-31CA-4ABA-814F-A5EBD2FD6D5E}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{EE32E446-31CA-4ABA-814F-A5EBD2FD6D5E}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{EE32E446-31CA-4ABA-814F-A5EBD2FD6D5E}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{EE32E446-31CA-4ABA-814F-A5EBD2FD6D5E}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{EE32E446-31CA-4ABA-814F-A5EBD2FD6D5E}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{EE32E446-31CA-4ABA-814F-A5EBD2FD6D5E}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{EE32E446-31CA-4ABA-814F-A5EBD2FD6D5E}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{EE32E446-31CA-4ABA-814F-A5EBD2FD6D5E}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{EE32E446-31CA-4ABA-814F-A5EBD2FD6D5E}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{EE32E446-31CA-4ABA-814F-A5EBD2FD6D5E}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{EE32E446-31CA-4ABA-814F-A5EBD2FD6D5E}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{EE32E446-31CA-4ABA-814F-A5EBD2FD6D5E}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{EE32E446-31CA-4ABA-814F-A5EBD2FD6D5E}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{EE32E446-31CA-4ABA-814F-A5EBD2FD6D5E}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{EE32E446-31CA-4ABA-814F-A5EBD2FD6D5E}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{EE32E446-31CA-4ABA-814F-A5EBD2FD6D5E}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{EE32E446-31CA-4ABA-814F-A5EBD2FD6D5E}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F7F1ED05-9F6D-47A2-AAAE-29D317C6F066}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F7F1ED05-9F6D-47A2-AAAE-29D317C6F066}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F7F1ED05-9F6D-47A2-AAAE-29D317C6F066}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F7F1ED05-9F6D-47A2-AAAE-29D317C6F066}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F7F1ED05-9F6D-47A2-AAAE-29D317C6F066}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F7F1ED05-9F6D-47A2-AAAE-29D317C6F066}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F7F1ED05-9F6D-47A2-AAAE-29D317C6F066}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F7F1ED05-9F6D-47A2-AAAE-29D317C6F066}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F7F1ED05-9F6D-47A2-AAAE-29D317C6F066}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F7F1ED05-9F6D-47A2-AAAE-29D317C6F066}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F7F1ED05-9F6D-47A2-AAAE-29D317C6F066}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F7F1ED05-9F6D-47A2-AAAE-29D317C6F066}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F7F1ED05-9F6D-47A2-AAAE-29D317C6F066}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F7F1ED05-9F6D-47A2-AAAE-29D317C6F066}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F7F1ED05-9F6D-47A2-AAAE-29D317C6F066}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F7F1ED05-9F6D-47A2-AAAE-29D317C6F066}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F7F1ED05-9F6D-47A2-AAAE-29D317C6F066}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F7F1ED05-9F6D-47A2-AAAE-29D317C6F066}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F7F1ED05-9F6D-47A2-AAAE-29D317C6F066}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{F7F1ED05-9F6D-47A2-AAAE-29D317C6F066}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions\{FDD39AD0-238F-46AF-ADB4-6C85480369C7}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\MultipleInvokePromptMinimum
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\NoPreviousVersionsPage
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\StartPage\FavoritesRemovedChanges
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\User Shell Folders\Common Desktop
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\User Shell Folders\Common Programs
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\User Shell Folders\Common Start Menu
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\UsersFiles\NameSpace\DelegateFolders\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\UsersFiles\NameSpace\DelegateFolders\SuppressionPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\UsersFiles\NameSpace\DelegateFolders\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\SuppressionPolicy
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\MUI\StringCacheSettings\StringCacheGeneration
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Language Groups\1
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Locale\00000409
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SESSION MANAGER\SafeProcessSearchMode
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\TimeZoneInformation\Bias
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\TimeZoneInformation\DaylightBias
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\TimeZoneInformation\DaylightName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\TimeZoneInformation\DaylightStart
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\TimeZoneInformation\StandardBias
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\TimeZoneInformation\StandardName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\TimeZoneInformation\StandardStart
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetBT\Linkage\Export
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TCPIP6\Parameters\Winsock\Mapping
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\DatabasePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Domain
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Hostname
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Winsock\HelperDllName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Winsock\Mapping
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Winsock\MaxSockaddrLength
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Winsock\MinSockaddrLength
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Winsock\UseDelayedAcceptance
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinSock2\Parameters\AutodialDLL
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinSock2\Parameters\WinSock_Registry_Version
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Winsock\Parameters\Transports
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Winsock\Setup Migration\Providers\Tcpip\WinSock 2.0 Provider ID
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\crypt32\DebugHeapFlags
HKEY_LOCAL_MACHINE\SYSTEM\Select\Current
HKEY_LOCAL_MACHINE\SYSTEM\Setup\SystemSetupInProgress
HKEY_LOCAL_MACHINE\SYSTEM\Setup\Upgrade

Registry Key-Written

HKEY_CURRENT_USER\.PML\(Default)
HKEY_CURRENT_USER\Local Settings\MuiCache\6E\52C64B7E\LanguageList
HKEY_CURRENT_USER\ProcMon.Logfile.1\(Default)
HKEY_CURRENT_USER\ProcMon.Logfile.1\DefaultIcon\(Default)
HKEY_CURRENT_USER\ProcMon.Logfile.1\shell\open\command\(Default)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{01979c6a-42fa-414c-b8aa-eee2c8202018}.check.100\CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{11CD958A-C507-4EF3-B3F2-5FD9DFBD2C78}.check.101\CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{852FB1F8-5CC6-4567-9C0E-7C330F8807C2}.check.100\CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{852FB1F8-5CC6-4567-9C0E-7C330F8807C2}.check.101\CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{C8E6F269-B90A-4053-A3BE-499AFCEC98C4}.check.0\CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\P:\Hfref\Iveghny\NccQngn\Ybpny\Grzc\17r826sn0s6297s80o459948no12rsoqrsp06s3po999184n5po1rqqps7o7q55064.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-ae-97-44\WpadDecision
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-ae-97-44\WpadDecisionReason
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-ae-97-44\WpadDecisionTime
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-f4-9a-ee\WpadDecision
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-f4-9a-ee\WpadDecisionReason
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-f4-9a-ee\WpadDecisionTime
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\WpadLastNetwork
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{74306E05-02D8-40D6-B925-AFF78A888B42}\WpadDecision
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{74306E05-02D8-40D6-B925-AFF78A888B42}\WpadDecisionReason
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{74306E05-02D8-40D6-B925-AFF78A888B42}\WpadDecisionTime
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{74306E05-02D8-40D6-B925-AFF78A888B42}\WpadNetworkName
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\UNCAsIntranet
HKEY_CURRENT_USER\Software\Sysinternals\Process Monitor\EulaAccepted
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\GlobalAssocChangedCounter
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RASAPI32\ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RASAPI32\EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RASAPI32\EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RASAPI32\FileDirectory
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RASAPI32\FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RASAPI32\MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RASMANCS\ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RASMANCS\EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RASMANCS\EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RASMANCS\FileDirectory
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RASMANCS\FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\RASMANCS\MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\LoadAppInit_DLLs
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\RequireSignedAppInit_DLLs
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PROCMON24\ErrorControl
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PROCMON24\ImagePath
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PROCMON24\Instances\DefaultInstance
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PROCMON24\Instances\Process Monitor 24 Instance\Altitude
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PROCMON24\Instances\Process Monitor 24 Instance\Flags
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PROCMON24\Start
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PROCMON24\SupportedFeatures
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PROCMON24\Type

Mutex-Accessed

Global\C::Users:Virtual:AppData:Local:Microsoft:Windows:Explorer:thumbcache_1024.db!dfMaintainer
Global\C::Users:Virtual:AppData:Local:Microsoft:Windows:Explorer:thumbcache_256.db!dfMaintainer
Global\C::Users:Virtual:AppData:Local:Microsoft:Windows:Explorer:thumbcache_32.db!dfMaintainer
Global\C::Users:Virtual:AppData:Local:Microsoft:Windows:Explorer:thumbcache_96.db!dfMaintainer
Global\C::Users:Virtual:AppData:Local:Microsoft:Windows:Explorer:thumbcache_idx.db!ThumbnailCacheInit
Global\C::Users:Virtual:AppData:Local:Microsoft:Windows:Explorer:thumbcache_idx.db!rwReaderRefs
Global\C::Users:Virtual:AppData:Local:Microsoft:Windows:Explorer:thumbcache_idx.db!rwWriterMutex
Global\C::Users:Virtual:AppData:Local:Microsoft:Windows:Explorer:thumbcache_sr.db!dfMaintainer
IESQMMUTEX_0_208
Local\ZoneAttributeCacheCounterMutex
Local\ZonesCacheCounterMutex
Local\ZonesLockedCacheCounterMutex

Classification

Indicators

Yara

Static Analysis

Version Infos

Sections

Resources

Imports

Library WS2_32.dll:

Library VERSION.dll:

Library COMCTL32.dll:

Library FLTLIB.DLL:

Library KERNEL32.dll:

Library USER32.dll:

Library GDI32.dll:

Library COMDLG32.dll:

Library ADVAPI32.dll:

Library SHELL32.dll:

Library ole32.dll:

Library OLEAUT32.dll:

Library SHLWAPI.dll:

Strings

Dropped Files

14dc422082f96f5c_reader_sl.exe.dat

60aa70dedb7a7be8_dvasion_exp.dll.dat

881ce21c2380064e_dvasion_exp.exe.dat

9bc7b75bb7f8b0af_drconfiglib.dll.dat

de055a89de246e62_symsrv.dll

eeb9eee57fc9198c_17e826fa0f6297f80b459948ab12efbdefc06f3cb999184a5cb1eddcf7b7d55064.exe

Network

DNS Requests

HTTP Requests

http://www.aieov.com/logo.gif

http://www.aieov.com/so.gif

Hosts Involved

Geolocation

Destination Country

File

Screenshots

Behavior Summary

File-Read

File-Written

File-Deleted

File-Opened

Network-Resolves URL

Network-Fetches URL

Directory-Created

Directory-Enumerated

Registry Key-Opened

Registry Key-Deleted

Registry Key-Read

Registry Key-Written

Mutex-Accessed

Processes